use of org.springframework.security.saml2.credentials.Saml2X509Credential in project spring-security by spring-projects.
the class TestOpenSamlObjects method signed.
static <T extends SignableSAMLObject> T signed(T signable, Saml2X509Credential credential, String entityId, String signAlgorithmUri) {
SignatureSigningParameters parameters = new SignatureSigningParameters();
Credential signingCredential = getSigningCredential(credential, entityId);
parameters.setSigningCredential(signingCredential);
parameters.setSignatureAlgorithm(signAlgorithmUri);
parameters.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
parameters.setSignatureCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
try {
SignatureSupport.signObject(signable, parameters);
} catch (MarshallingException | SignatureException | SecurityException ex) {
throw new Saml2Exception(ex);
}
return signable;
}
use of org.springframework.security.saml2.credentials.Saml2X509Credential in project spring-security by spring-projects.
the class TestOpenSamlObjects method encrypted.
static EncryptedID encrypted(NameID nameId, Saml2X509Credential credential) {
X509Certificate certificate = credential.getCertificate();
Encrypter encrypter = getEncrypter(certificate);
try {
return encrypter.encrypt(nameId);
} catch (EncryptionException ex) {
throw new Saml2Exception("Unable to encrypt nameID.", ex);
}
}
use of org.springframework.security.saml2.credentials.Saml2X509Credential in project spring-security by spring-projects.
the class OpenSamlSigningUtils method resolveSigningCredentials.
private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
List<Credential> credentials = new ArrayList<>();
for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
X509Certificate certificate = x509Credential.getCertificate();
PrivateKey privateKey = x509Credential.getPrivateKey();
BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
credential.setEntityId(relyingPartyRegistration.getEntityId());
credential.setUsageType(UsageType.SIGNING);
credentials.add(credential);
}
return credentials;
}
use of org.springframework.security.saml2.credentials.Saml2X509Credential in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired.
@Test
public void createPostAuthenticationRequestWhenSignRequestThenCredentialIsRequired() {
Saml2X509Credential credential = org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartyVerifyingCredential();
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
this.context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(registration).build();
assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> this.factory.createPostAuthenticationRequest(this.context));
}
use of org.springframework.security.saml2.credentials.Saml2X509Credential in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactoryTests method createRedirectAuthenticationRequestWhenSignRequestThenCredentialIsRequired.
@Test
public void createRedirectAuthenticationRequestWhenSignRequestThenCredentialIsRequired() {
Saml2X509Credential credential = org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartyVerifyingCredential();
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials().assertingPartyDetails((party) -> party.verificationX509Credentials((c) -> c.add(credential))).build();
this.context = this.contextBuilder.relayState("Relay State Value").relyingPartyRegistration(registration).build();
assertThatExceptionOfType(Saml2Exception.class).isThrownBy(() -> this.factory.createPostAuthenticationRequest(this.context));
}
Aggregations