Examples with PKIXParametersProvider uk.gov.ida.common.shared.security.verification.PKIXParametersProvider used on opensource projects

Search in sources :

Example 1 with PKIXParametersProvider

use of uk.gov.ida.common.shared.security.verification.PKIXParametersProvider in project verify-hub by alphagov.

the class SamlProxyModule method configure.

@Override
protected void configure() {
    bind(TrustStoreConfiguration.class).to(SamlProxyConfiguration.class);
    bind(RestfulClientConfiguration.class).to(SamlProxyConfiguration.class);
    bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
    bind(SigningKeyStore.class).to(AuthnRequestKeyStore.class);
    bind(Client.class).toProvider(DefaultClientProvider.class).in(Scopes.SINGLETON);
    bind(EventSinkProxy.class).to(EventSinkHttpProxy.class);
    bind(KeyStore.class).toProvider(KeyStoreProvider.class).in(Scopes.SINGLETON);
    bind(ConfigServiceKeyStore.class).asEagerSingleton();
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(ResponseMaxSizeValidator.class);
    bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(StringSizeValidator.class).toInstance(new StringSizeValidator());
    bind(JsonResponseProcessor.class);
    bind(ObjectMapper.class).toInstance(new ObjectMapper());
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(RelayStateValidator.class).toInstance(new RelayStateValidator());
    bind(ProtectiveMonitoringLogFormatter.class).toInstance(new ProtectiveMonitoringLogFormatter());
    bind(KeyStoreCache.class);
    bind(EventSinkMessageSender.class);
    bind(ExceptionAuditor.class);
    bind(ProtectiveMonitoringLogger.class);
    bind(SessionProxy.class);
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxySamlTransformationErrorExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<NoKeyConfiguredForEntityExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxyApplicationExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxyExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(SamlMessageSenderHandler.class);
    bind(ExternalCommunicationEventLogger.class);
    bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
}
Also used : RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration) TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) ClientTrustStoreConfiguration(uk.gov.ida.truststore.ClientTrustStoreConfiguration) SamlProxyExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyExceptionMapper) KeyStoreProvider(uk.gov.ida.truststore.KeyStoreProvider) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter) DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider) PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) StringSizeValidator(uk.gov.ida.saml.hub.validators.StringSizeValidator) NoKeyConfiguredForEntityExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.NoKeyConfiguredForEntityExceptionMapper) IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) RelayStateValidator(uk.gov.ida.saml.core.security.RelayStateValidator) ProtectiveMonitoringLogFormatter(uk.gov.ida.hub.samlproxy.logging.ProtectiveMonitoringLogFormatter) PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory) TypeLiteral(com.google.inject.TypeLiteral) SamlProxyApplicationExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyApplicationExceptionMapper) HubSigningKeyStore(uk.gov.ida.hub.samlproxy.security.HubSigningKeyStore) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) EventSinkProxy(uk.gov.ida.eventsink.EventSinkProxy) ConfigServiceKeyStore(uk.gov.ida.hub.samlproxy.config.ConfigServiceKeyStore) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) SamlProxySamlTransformationErrorExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxySamlTransformationErrorExceptionMapper)

Example 2 with PKIXParametersProvider

use of uk.gov.ida.common.shared.security.verification.PKIXParametersProvider in project verify-hub by alphagov.

the class CryptoModule method configure.

@Override
protected void configure() {
    bind(EncryptionKeyStore.class).to(HubEncryptionKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("authnRequestKeyStore")).to(AuthnRequestKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("samlResponseFromMatchingServiceKeyStore")).to(SamlResponseFromMatchingServiceKeyStore.class).asEagerSingleton();
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(EncryptionCredentialFactory.class);
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(SignatureFactory.class);
    bind(IdaKeyStoreCredentialRetriever.class);
    bind(SamlResponseAssertionEncrypter.class);
    bind(AssertionBlobEncrypter.class);
    bind(EncrypterFactory.class).toInstance(new EncrypterFactory());
    bind(SignatureAlgorithm.class).toInstance(new SignatureRSASHA1());
    bind(DigestAlgorithm.class).toInstance(new DigestSHA256());
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) AuthnRequestKeyStore(uk.gov.ida.hub.samlengine.security.AuthnRequestKeyStore) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) EncrypterFactory(uk.gov.ida.saml.security.EncrypterFactory) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SamlResponseFromMatchingServiceKeyStore(uk.gov.ida.hub.samlengine.security.SamlResponseFromMatchingServiceKeyStore) HubEncryptionKeyStore(uk.gov.ida.hub.samlengine.security.HubEncryptionKeyStore) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm)

Example 3 with PKIXParametersProvider

use of uk.gov.ida.common.shared.security.verification.PKIXParametersProvider in project verify-hub by alphagov.

the class ConfigModule method configure.

@Override
protected void configure() {
    bind(ConfigHealthCheck.class).asEagerSingleton();
    bind(ConfigDataBootstrap.class).asEagerSingleton();
    bind(CertificateChainConfigValidator.class).annotatedWith(CertificateConfigValidator.class).to(LoggingCertificateChainConfigValidator.class);
    bind(TrustStoreConfiguration.class).to(ConfigConfiguration.class);
    bind(new TypeLiteral<ConfigurationFactoryFactory<IdentityProviderConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<IdentityProviderConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<TransactionConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<TransactionConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<MatchingServiceConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<MatchingServiceConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<CountriesConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<CountriesConfigEntityData>());
    bind(new TypeLiteral<ConfigDataSource<TransactionConfigEntityData>>() {
    }).to(FileBackedTransactionConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<MatchingServiceConfigEntityData>>() {
    }).to(FileBackedMatchingServiceConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<IdentityProviderConfigEntityData>>() {
    }).to(FileBackedIdentityProviderConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<CountriesConfigEntityData>>() {
    }).to(FileBackedCountriesConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<TransactionConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<CountriesConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<MatchingServiceConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<IdentityProviderConfigEntityData>>() {
    }).asEagerSingleton();
    bind(ObjectMapper.class).toInstance(new ObjectMapper().registerModule(new GuavaModule()));
    bind(LevelsOfAssuranceConfigValidator.class).toInstance(new LevelsOfAssuranceConfigValidator());
    bind(CertificateChainValidator.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(KeyStoreCache.class);
    bind(ExceptionFactory.class);
    bind(OCSPCertificateChainValidityChecker.class);
    bind(EntityConfigDataToCertificateDtoTransformer.class);
    bind(OCSPCertificateChainValidator.class);
    bind(IdpPredicateFactory.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(OCSPPKIXParametersProvider.class).toInstance(new OCSPPKIXParametersProvider());
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificateService.class);
}
Also used : TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) TypeLiteral(com.google.inject.TypeLiteral) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) LevelsOfAssuranceConfigValidator(uk.gov.ida.hub.config.data.LevelsOfAssuranceConfigValidator) MatchingServiceConfigEntityData(uk.gov.ida.hub.config.domain.MatchingServiceConfigEntityData) FileBackedCountriesConfigDataSource(uk.gov.ida.hub.config.data.FileBackedCountriesConfigDataSource) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) CountriesConfigEntityData(uk.gov.ida.hub.config.domain.CountriesConfigEntityData) IdentityProviderConfigEntityData(uk.gov.ida.hub.config.domain.IdentityProviderConfigEntityData) TransactionConfigEntityData(uk.gov.ida.hub.config.domain.TransactionConfigEntityData) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) GuavaModule(com.fasterxml.jackson.datatype.guava.GuavaModule) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) CertificateConfigValidator(uk.gov.ida.hub.config.annotations.CertificateConfigValidator) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataBootstrap(uk.gov.ida.hub.config.data.ConfigDataBootstrap) FileBackedCountriesConfigDataSource(uk.gov.ida.hub.config.data.FileBackedCountriesConfigDataSource) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataSource(uk.gov.ida.hub.config.data.ConfigDataSource) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) ConfigHealthCheck(uk.gov.ida.hub.config.healthcheck.ConfigHealthCheck)

Example 4 with PKIXParametersProvider

use of uk.gov.ida.common.shared.security.verification.PKIXParametersProvider in project verify-hub by alphagov.

the class SamlSoapProxyModule method configure.

@Override
protected void configure() {
    bind(TrustStoreConfiguration.class).to(SamlSoapProxyConfiguration.class);
    bind(EventSinkProxy.class).to(EventSinkHttpProxy.class);
    bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
    bind(InternalPublicKeyStore.class).to(HubMetadataPublicKeyStore.class);
    bind(RestfulClientConfiguration.class).to(SamlSoapProxyConfiguration.class);
    bind(Client.class).toProvider(DefaultClientProvider.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigurationFactoryFactory<SupportedMsaVersions>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<SupportedMsaVersions>() {
    });
    bind(new TypeLiteral<SupportedMsaVersionsRepository>() {
    }).asEagerSingleton();
    bind(SupportedMsaVersionsBootstrap.class).asEagerSingleton();
    bind(SupportedMsaVersionsLoader.class).asEagerSingleton();
    bind(MetadataRefreshTask.class).asEagerSingleton();
    bind(ConfigServiceKeyStore.class).asEagerSingleton();
    bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
    bind(UrlConfigurationSourceProvider.class).toInstance(new UrlConfigurationSourceProvider());
    bind(TrustStoreForCertificateProvider.class);
    bind(JsonResponseProcessor.class);
    bind(ObjectMapper.class).toInstance(new ObjectMapper());
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(CertificatesConfigProxy.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(MatchingServiceHealthCheckHandler.class);
    bind(MatchingServiceHealthChecker.class);
    bind(MatchingServiceConfigProxy.class);
    bind(MatchingServiceHealthCheckClient.class);
    bind(HealthCheckEventLogger.class);
    bind(SamlEngineProxy.class);
    bind(HealthCheckSoapRequestClient.class);
    bind(AttributeQueryRequestRunnableFactory.class);
    bind(ExecuteAttributeQueryRequest.class);
    bind(AttributeQueryRequestClient.class);
    bind(ProtectiveMonitoringLogger.class).toInstance(new ProtectiveMonitoringLogger());
    bind(SoapRequestClient.class);
    bind(HubMatchingServiceResponseReceiverProxy.class);
    bind(ExternalCommunicationEventLogger.class);
    bind(SoapMessageManager.class).toInstance(new SoapMessageManager());
    bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
    bind(TimeoutEvaluator.class).toInstance(new TimeoutEvaluator());
    bind(MetadataHealthCheckRegistry.class).asEagerSingleton();
}
Also used : MetadataRefreshTask(uk.gov.ida.saml.metadata.MetadataRefreshTask) TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter) SupportedMsaVersions(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersions) PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory) InternalPublicKeyStore(uk.gov.ida.saml.core.InternalPublicKeyStore) IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver) MetadataHealthCheckRegistry(uk.gov.ida.hub.samlsoapproxy.health.MetadataHealthCheckRegistry) TypeLiteral(com.google.inject.TypeLiteral) ConfigServiceKeyStore(uk.gov.ida.hub.samlsoapproxy.config.ConfigServiceKeyStore) TimeoutEvaluator(uk.gov.ida.hub.samlsoapproxy.domain.TimeoutEvaluator) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration) DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider) SupportedMsaVersionsBootstrap(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsBootstrap) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SoapMessageManager(uk.gov.ida.hub.samlsoapproxy.soap.SoapMessageManager) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) ProtectiveMonitoringLogger(uk.gov.ida.hub.samlsoapproxy.logging.ProtectiveMonitoringLogger) PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory) SupportedMsaVersionsLoader(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsLoader) UrlConfigurationSourceProvider(io.dropwizard.configuration.UrlConfigurationSourceProvider) EventSinkProxy(uk.gov.ida.eventsink.EventSinkProxy)

Aggregations

X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)4 PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)4 KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 TypeLiteral (com.google.inject.TypeLiteral)3 TrustStoreConfiguration (uk.gov.ida.truststore.TrustStoreConfiguration)3 PublicKeyFileInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)2 PublicKeyInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)2 EventSinkProxy (uk.gov.ida.eventsink.EventSinkProxy)2 GuavaModule (com.fasterxml.jackson.datatype.guava.GuavaModule)1 UrlConfigurationSourceProvider (io.dropwizard.configuration.UrlConfigurationSourceProvider)1 DigestAlgorithm (org.opensaml.xmlsec.algorithm.DigestAlgorithm)1 SignatureAlgorithm (org.opensaml.xmlsec.algorithm.SignatureAlgorithm)1 DigestSHA256 (org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256)1 SignatureRSASHA1 (org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1)1 OCSPPKIXParametersProvider (uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider)1 CertificateConfigValidator (uk.gov.ida.hub.config.annotations.CertificateConfigValidator)1 ConfigDataBootstrap (uk.gov.ida.hub.config.data.ConfigDataBootstrap)1 ConfigDataSource (uk.gov.ida.hub.config.data.ConfigDataSource)1 FileBackedCountriesConfigDataSource (uk.gov.ida.hub.config.data.FileBackedCountriesConfigDataSource)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial