Example 6 with X509CertificateFactory
use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.
the class SamlSoapProxyModule method configure.
@Override
protected void configure() {
bind(TrustStoreConfiguration.class).to(SamlSoapProxyConfiguration.class);
bind(EventSinkProxy.class).to(EventSinkHttpProxy.class);
bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
bind(InternalPublicKeyStore.class).to(HubMetadataPublicKeyStore.class);
bind(RestfulClientConfiguration.class).to(SamlSoapProxyConfiguration.class);
bind(Client.class).toProvider(DefaultClientProvider.class).asEagerSingleton();
bind(new TypeLiteral<ConfigurationFactoryFactory<SupportedMsaVersions>>() {
}).toInstance(new DefaultConfigurationFactoryFactory<SupportedMsaVersions>() {
});
bind(new TypeLiteral<SupportedMsaVersionsRepository>() {
}).asEagerSingleton();
bind(SupportedMsaVersionsBootstrap.class).asEagerSingleton();
bind(SupportedMsaVersionsLoader.class).asEagerSingleton();
bind(MetadataRefreshTask.class).asEagerSingleton();
bind(ConfigServiceKeyStore.class).asEagerSingleton();
bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
bind(UrlConfigurationSourceProvider.class).toInstance(new UrlConfigurationSourceProvider());
bind(TrustStoreForCertificateProvider.class);
bind(JsonResponseProcessor.class);
bind(ObjectMapper.class).toInstance(new ObjectMapper());
bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
bind(CertificateChainValidator.class);
bind(CertificatesConfigProxy.class);
bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
bind(KeyStoreCache.class);
bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
bind(MatchingServiceHealthCheckHandler.class);
bind(MatchingServiceHealthChecker.class);
bind(MatchingServiceConfigProxy.class);
bind(MatchingServiceHealthCheckClient.class);
bind(HealthCheckEventLogger.class);
bind(SamlEngineProxy.class);
bind(HealthCheckSoapRequestClient.class);
bind(AttributeQueryRequestRunnableFactory.class);
bind(ExecuteAttributeQueryRequest.class);
bind(AttributeQueryRequestClient.class);
bind(ProtectiveMonitoringLogger.class).toInstance(new ProtectiveMonitoringLogger());
bind(SoapRequestClient.class);
bind(HubMatchingServiceResponseReceiverProxy.class);
bind(ExternalCommunicationEventLogger.class);
bind(SoapMessageManager.class).toInstance(new SoapMessageManager());
bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
bind(TimeoutEvaluator.class).toInstance(new TimeoutEvaluator());
bind(MetadataHealthCheckRegistry.class).asEagerSingleton();
}
Also used :
MetadataRefreshTask(uk.gov.ida.saml.metadata.MetadataRefreshTask)
TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration)
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter)
SupportedMsaVersions(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersions)
PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)
InternalPublicKeyStore(uk.gov.ida.saml.core.InternalPublicKeyStore)
IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver)
MetadataHealthCheckRegistry(uk.gov.ida.hub.samlsoapproxy.health.MetadataHealthCheckRegistry)
TypeLiteral(com.google.inject.TypeLiteral)
ConfigServiceKeyStore(uk.gov.ida.hub.samlsoapproxy.config.ConfigServiceKeyStore)
TimeoutEvaluator(uk.gov.ida.hub.samlsoapproxy.domain.TimeoutEvaluator)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration)
DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider)
SupportedMsaVersionsBootstrap(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsBootstrap)
PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)
SoapMessageManager(uk.gov.ida.hub.samlsoapproxy.soap.SoapMessageManager)
X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory)
ProtectiveMonitoringLogger(uk.gov.ida.hub.samlsoapproxy.logging.ProtectiveMonitoringLogger)
PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)
SupportedMsaVersionsLoader(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsLoader)
UrlConfigurationSourceProvider(io.dropwizard.configuration.UrlConfigurationSourceProvider)
EventSinkProxy(uk.gov.ida.eventsink.EventSinkProxy)
Example 7 with X509CertificateFactory
use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.
the class ExecuteAttributeQueryRequestTest method run_shouldThrowCertChainValidationExceptionOnResponse.
@Test
public void run_shouldThrowCertChainValidationExceptionOnResponse() throws Exception {
when(attributeQueryRequestClient.sendQuery(any(Element.class), anyString(), any(SessionId.class), any(URI.class))).thenReturn(matchingServiceResponse);
final BasicX509Credential x509Credential = new BasicX509Credential(new X509CertificateFactory().createCertificate(UNCHAINED_PUBLIC_CERT), new PrivateKeyFactory().createPrivateKey(Base64.decode(UNCHAINED_PRIVATE_KEY.getBytes())));
Response response = aResponse().withSigningCredential(x509Credential).withIssuer(anIssuer().withIssuerId("issuer-id").build()).build();
when(elementToResponseTransformer.apply(matchingServiceResponse)).thenReturn(response);
executeAttributeQueryRequest.execute(sessionId, attributeQueryContainerDto);
verify(matchingResponseSignatureValidator).validate(response, AttributeAuthorityDescriptor.DEFAULT_ELEMENT_NAME);
}
Also used :
X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory)
Response(org.opensaml.saml.saml2.core.Response)
ResponseBuilder.aResponse(uk.gov.ida.saml.core.test.builders.ResponseBuilder.aResponse)
SamlValidationResponse(uk.gov.ida.saml.core.validation.SamlValidationResponse)
BasicX509Credential(org.opensaml.security.x509.BasicX509Credential)
PrivateKeyFactory(uk.gov.ida.common.shared.security.PrivateKeyFactory)
Element(org.w3c.dom.Element)
SessionId(uk.gov.ida.common.SessionId)
URI(java.net.URI)
Test(org.junit.Test)
Aggregations
X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)7
PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)4
KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)4
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
TypeLiteral (com.google.inject.TypeLiteral)3
PrivateKeyFactory (uk.gov.ida.common.shared.security.PrivateKeyFactory)3
TrustStoreConfiguration (uk.gov.ida.truststore.TrustStoreConfiguration)3
KeyPair (java.security.KeyPair)2
PrivateKey (java.security.PrivateKey)2
PublicKey (java.security.PublicKey)2
ArrayList (java.util.ArrayList)2
PublicKeyFactory (uk.gov.ida.common.shared.security.PublicKeyFactory)2
PublicKeyFileInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)2
PublicKeyInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)2
EventSinkProxy (uk.gov.ida.eventsink.EventSinkProxy)2
GuavaModule (com.fasterxml.jackson.datatype.guava.GuavaModule)1
UrlConfigurationSourceProvider (io.dropwizard.configuration.UrlConfigurationSourceProvider)1
URI (java.net.URI)1
Test (org.junit.Test)1
Response (org.opensaml.saml.saml2.core.Response)1
