Examples with Saml2X509Credential org.springframework.security.saml2.core.Saml2X509Credential used on opensource projects

Search in sources :

Example 6 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class RelyingPartyRegistration method fromDeprecated.

private static Saml2X509Credential fromDeprecated(org.springframework.security.saml2.credentials.Saml2X509Credential credential) {
    PrivateKey privateKey = credential.getPrivateKey();
    X509Certificate certificate = credential.getCertificate();
    Set<Saml2X509Credential.Saml2X509CredentialType> credentialTypes = new HashSet<>();
    if (credential.isSigningCredential()) {
        credentialTypes.add(Saml2X509Credential.Saml2X509CredentialType.SIGNING);
    }
    if (credential.isSignatureVerficationCredential()) {
        credentialTypes.add(Saml2X509Credential.Saml2X509CredentialType.VERIFICATION);
    }
    if (credential.isEncryptionCredential()) {
        credentialTypes.add(Saml2X509Credential.Saml2X509CredentialType.ENCRYPTION);
    }
    if (credential.isDecryptionCredential()) {
        credentialTypes.add(Saml2X509Credential.Saml2X509CredentialType.DECRYPTION);
    }
    return new Saml2X509Credential(privateKey, certificate, credentialTypes);
}
Also used : PrivateKey(java.security.PrivateKey) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate) HashSet(java.util.HashSet)

Example 7 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class LogoutRequestEncryptedIdUtils method decrypter.

private static Decrypter decrypter(RelyingPartyRegistration registration) {
    Collection<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential key : registration.getDecryptionX509Credentials()) {
        Credential cred = CredentialSupport.getSimpleCredential(key.getCertificate(), key.getPrivateKey());
        credentials.add(cred);
    }
    KeyInfoCredentialResolver resolver = new CollectionKeyInfoCredentialResolver(credentials);
    Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver);
    decrypter.setRootInNewDocument(true);
    return decrypter;
}
Also used : Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) ArrayList(java.util.ArrayList) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Decrypter(org.opensaml.saml.saml2.encryption.Decrypter) CollectionKeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver) KeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver) CollectionKeyInfoCredentialResolver(org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver)

Example 8 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningCredentials.

private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
        X509Certificate certificate = x509Credential.getCertificate();
        PrivateKey privateKey = x509Credential.getPrivateKey();
        BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
        credential.setEntityId(relyingPartyRegistration.getEntityId());
        credential.setUsageType(UsageType.SIGNING);
        credentials.add(credential);
    }
    return credentials;
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate) BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 9 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSignedThenCredentialIsRequired.

@Test
public void resolveAuthenticationRequestWhenSignedThenCredentialIsRequired() {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setPathInfo("/saml2/authenticate/registration-id");
    Saml2X509Credential credential = TestSaml2X509Credentials.relyingPartyVerifyingCredential();
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
    OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
    assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> resolver.resolve(request, null));
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.Test) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Before(org.junit.Before) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Saml2Exception(org.springframework.security.saml2.Saml2Exception) Test(org.junit.Test)

Example 10 with Saml2X509Credential

use of org.springframework.security.saml2.core.Saml2X509Credential in project spring-security by spring-projects.

the class TestSaml2Credentials method signingCredential.

static Saml2X509Credential signingCredential() {
    // @formatter:off
    String key = "-----BEGIN PRIVATE KEY-----\n" + "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANG7v8QjQGU3MwQE\n" + "VUBxvH6Uuiy/MhZT7TV0ZNjyAF2ExA1gpn3aUxx6jYK5UnrpxRRE/KbeLucYbOhK\n" + "cDECt77Rggz5TStrOta0BQTvfluRyoQtmQ5Nkt6Vqg7O2ZapFt7k64Sal7AftzH6\n" + "Q2BxWN1y04bLdDrH4jipqRj/2qEFAgMBAAECgYEAj4ExY1jjdN3iEDuOwXuRB+Nn\n" + "x7pC4TgntE2huzdKvLJdGvIouTArce8A6JM5NlTBvm69mMepvAHgcsiMH1zGr5J5\n" + "wJz23mGOyhM1veON41/DJTVG+cxq4soUZhdYy3bpOuXGMAaJ8QLMbQQoivllNihd\n" + "vwH0rNSK8LTYWWPZYIECQQDxct+TFX1VsQ1eo41K0T4fu2rWUaxlvjUGhK6HxTmY\n" + "8OMJptunGRJL1CUjIb45Uz7SP8TPz5FwhXWsLfS182kRAkEA3l+Qd9C9gdpUh1uX\n" + "oPSNIxn5hFUrSTW1EwP9QH9vhwb5Vr8Jrd5ei678WYDLjUcx648RjkjhU9jSMzIx\n" + "EGvYtQJBAMm/i9NR7IVyyNIgZUpz5q4LI21rl1r4gUQuD8vA36zM81i4ROeuCly0\n" + "KkfdxR4PUfnKcQCX11YnHjk9uTFj75ECQEFY/gBnxDjzqyF35hAzrYIiMPQVfznt\n" + "YX/sDTE2AdVBVGaMj1Cb51bPHnNC6Q5kXKQnj/YrLqRQND09Q7ParX0CQQC5NxZr\n" + "9jKqhHj8yQD6PlXTsY4Occ7DH6/IoDenfdEVD5qlet0zmd50HatN2Jiqm5ubN7CM\n" + "INrtuLp4YHbgk1mi\n" + "-----END PRIVATE KEY-----";
    // @formatter:on
    // @formatter:off
    String certificate = "-----BEGIN CERTIFICATE-----\n" + "MIICgTCCAeoCCQCuVzyqFgMSyDANBgkqhkiG9w0BAQsFADCBhDELMAkGA1UEBhMC\n" + "VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEjAQBgNVBAcMCVZhbmNvdXZlcjEdMBsG\n" + "A1UECgwUU3ByaW5nIFNlY3VyaXR5IFNBTUwxCzAJBgNVBAsMAnNwMSAwHgYDVQQD\n" + "DBdzcC5zcHJpbmcuc2VjdXJpdHkuc2FtbDAeFw0xODA1MTQxNDMwNDRaFw0yODA1\n" + "MTExNDMwNDRaMIGEMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjES\n" + "MBAGA1UEBwwJVmFuY291dmVyMR0wGwYDVQQKDBRTcHJpbmcgU2VjdXJpdHkgU0FN\n" + "TDELMAkGA1UECwwCc3AxIDAeBgNVBAMMF3NwLnNwcmluZy5zZWN1cml0eS5zYW1s\n" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRu7/EI0BlNzMEBFVAcbx+lLos\n" + "vzIWU+01dGTY8gBdhMQNYKZ92lMceo2CuVJ66cUURPym3i7nGGzoSnAxAre+0YIM\n" + "+U0razrWtAUE735bkcqELZkOTZLelaoOztmWqRbe5OuEmpewH7cx+kNgcVjdctOG\n" + "y3Q6x+I4qakY/9qhBQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAAeViTvHOyQopWEi\n" + "XOfI2Z9eukwrSknDwq/zscR0YxwwqDBMt/QdAODfSwAfnciiYLkmEjlozWRtOeN+\n" + "qK7UFgP1bRl5qksrYX5S0z2iGJh0GvonLUt3e20Ssfl5tTEDDnAEUMLfBkyaxEHD\n" + "RZ/nbTJ7VTeZOSyRoVn5XHhpuJ0B\n" + "-----END CERTIFICATE-----";
    // @formatter:on
    PrivateKey pk = RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes()));
    X509Certificate cert = x509Certificate(certificate);
    return new Saml2X509Credential(pk, cert, Saml2X509CredentialType.SIGNING, Saml2X509CredentialType.DECRYPTION);
}
Also used : PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) Saml2X509Credential(org.springframework.security.saml2.credentials.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate)

Aggregations

Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)24 X509Certificate (java.security.cert.X509Certificate)17 Saml2Exception (org.springframework.security.saml2.Saml2Exception)14 ArrayList (java.util.ArrayList)10 Credential (org.opensaml.security.credential.Credential)8 PrivateKey (java.security.PrivateKey)7 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)7 SAMLConstants (org.opensaml.saml.common.xml.SAMLConstants)6 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)6 Document (org.w3c.dom.Document)6 Element (org.w3c.dom.Element)6 ByteArrayInputStream (java.io.ByteArrayInputStream)5 CertificateException (java.security.cert.CertificateException)5 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)5 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)5 BasicCredential (org.opensaml.security.credential.BasicCredential)5 SignatureConstants (org.opensaml.xmlsec.signature.support.SignatureConstants)5 TestSaml2X509Credentials (org.springframework.security.saml2.credentials.TestSaml2X509Credentials)5 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)5 StandardCharsets (java.nio.charset.StandardCharsets)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial