Example 41 with Saml2Exception
use of org.springframework.security.saml2.Saml2Exception in project spring-security by spring-projects.
the class TestOpenSamlObjects method encrypted.
static EncryptedAssertion encrypted(Assertion assertion, Saml2X509Credential credential) {
X509Certificate certificate = credential.getCertificate();
Encrypter encrypter = getEncrypter(certificate);
try {
return encrypter.encrypt(assertion);
} catch (EncryptionException ex) {
throw new Saml2Exception("Unable to encrypt assertion.", ex);
}
}
Also used :
Encrypter(org.opensaml.saml.saml2.encryption.Encrypter)
EncryptionException(org.opensaml.xmlsec.encryption.support.EncryptionException)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
X509Certificate(java.security.cert.X509Certificate)
Example 42 with Saml2Exception
use of org.springframework.security.saml2.Saml2Exception in project spring-security by spring-projects.
the class TestOpenSamlObjects method encrypted.
static EncryptedAttribute encrypted(String name, String value, Saml2X509Credential credential) {
Attribute attribute = attribute(name, value);
X509Certificate certificate = credential.getCertificate();
Encrypter encrypter = getEncrypter(certificate);
try {
return encrypter.encrypt(attribute);
} catch (EncryptionException ex) {
throw new Saml2Exception("Unable to encrypt nameID.", ex);
}
}
Also used :
Encrypter(org.opensaml.saml.saml2.encryption.Encrypter)
Attribute(org.opensaml.saml.saml2.core.Attribute)
EncryptedAttribute(org.opensaml.saml.saml2.core.EncryptedAttribute)
EncryptionException(org.opensaml.xmlsec.encryption.support.EncryptionException)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
X509Certificate(java.security.cert.X509Certificate)
Example 43 with Saml2Exception
use of org.springframework.security.saml2.Saml2Exception in project spring-security by spring-projects.
the class OpenSamlSigningUtils method resolveSigningParameters.
private static SignatureSigningParameters resolveSigningParameters(RelyingPartyRegistration relyingPartyRegistration) {
List<Credential> credentials = resolveSigningCredentials(relyingPartyRegistration);
List<String> algorithms = relyingPartyRegistration.getAssertingPartyDetails().getSigningAlgorithms();
List<String> digests = Collections.singletonList(SignatureConstants.ALGO_ID_DIGEST_SHA256);
String canonicalization = SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
SignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
CriteriaSet criteria = new CriteriaSet();
BasicSignatureSigningConfiguration signingConfiguration = new BasicSignatureSigningConfiguration();
signingConfiguration.setSigningCredentials(credentials);
signingConfiguration.setSignatureAlgorithms(algorithms);
signingConfiguration.setSignatureReferenceDigestMethods(digests);
signingConfiguration.setSignatureCanonicalizationAlgorithm(canonicalization);
signingConfiguration.setKeyInfoGeneratorManager(buildSignatureKeyInfoGeneratorManager());
criteria.add(new SignatureSigningConfigurationCriterion(signingConfiguration));
try {
SignatureSigningParameters parameters = resolver.resolveSingle(criteria);
Assert.notNull(parameters, "Failed to resolve any signing credential");
return parameters;
} catch (Exception ex) {
throw new Saml2Exception(ex);
}
}
Also used :
BasicCredential(org.opensaml.security.credential.BasicCredential)
Credential(org.opensaml.security.credential.Credential)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver)
SignatureSigningParametersResolver(org.opensaml.xmlsec.SignatureSigningParametersResolver)
SignatureSigningParameters(org.opensaml.xmlsec.SignatureSigningParameters)
SAMLMetadataSignatureSigningParametersResolver(org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
SignatureSigningConfigurationCriterion(org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
BasicSignatureSigningConfiguration(org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration)
MarshallingException(org.opensaml.core.xml.io.MarshallingException)
SecurityException(org.opensaml.security.SecurityException)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Example 44 with Saml2Exception
use of org.springframework.security.saml2.Saml2Exception in project spring-security by spring-projects.
the class OpenSamlSigningUtils method serialize.
static String serialize(XMLObject object) {
try {
Marshaller marshaller = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(object);
Element element = marshaller.marshall(object);
return SerializeSupport.nodeToString(element);
} catch (MarshallingException ex) {
throw new Saml2Exception(ex);
}
}
Also used :
Marshaller(org.opensaml.core.xml.io.Marshaller)
MarshallingException(org.opensaml.core.xml.io.MarshallingException)
Element(org.w3c.dom.Element)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Example 45 with Saml2Exception
use of org.springframework.security.saml2.Saml2Exception in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactoryTests method getAuthNRequest.
private AuthnRequest getAuthNRequest(Saml2MessageBinding binding) {
AbstractSaml2AuthenticationRequest result = (binding == Saml2MessageBinding.REDIRECT) ? this.factory.createRedirectAuthenticationRequest(this.context) : this.factory.createPostAuthenticationRequest(this.context);
String samlRequest = result.getSamlRequest();
assertThat(samlRequest).isNotEmpty();
if (result.getBinding() == Saml2MessageBinding.REDIRECT) {
samlRequest = Saml2Utils.samlInflate(Saml2Utils.samlDecode(samlRequest));
} else {
samlRequest = new String(Saml2Utils.samlDecode(samlRequest), StandardCharsets.UTF_8);
}
try {
Document document = XMLObjectProviderRegistrySupport.getParserPool().parse(new ByteArrayInputStream(samlRequest.getBytes(StandardCharsets.UTF_8)));
Element element = document.getDocumentElement();
return (AuthnRequest) this.unmarshaller.unmarshall(element);
} catch (Exception ex) {
throw new Saml2Exception(ex);
}
}
Also used :
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
Aggregations
Saml2Exception (org.springframework.security.saml2.Saml2Exception)46
Element (org.w3c.dom.Element)19
Document (org.w3c.dom.Document)13
MarshallingException (org.opensaml.core.xml.io.MarshallingException)12
ByteArrayOutputStream (java.io.ByteArrayOutputStream)10
IOException (java.io.IOException)10
ByteArrayInputStream (java.io.ByteArrayInputStream)9
Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)9
X509Certificate (java.security.cert.X509Certificate)7
CertificateException (java.security.cert.CertificateException)6
Marshaller (org.opensaml.core.xml.io.Marshaller)6
Deflater (java.util.zip.Deflater)5
DeflaterOutputStream (java.util.zip.DeflaterOutputStream)5
Inflater (java.util.zip.Inflater)5
InflaterOutputStream (java.util.zip.InflaterOutputStream)5
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)4
XMLObject (org.opensaml.core.xml.XMLObject)4
Unmarshaller (org.opensaml.core.xml.io.Unmarshaller)4
SAMLMetadataSignatureSigningParametersResolver (org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver)4
SecurityException (org.opensaml.security.SecurityException)4
