Example 1 with KeyStoreLoader
use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.
the class SamlSoapProxyApplication method run.
@Override
public void run(SamlSoapProxyConfiguration configuration, Environment environment) {
IdaSamlBootstrap.bootstrap();
environment.getObjectMapper().setDateFormat(new StdDateFormat());
registerResources(environment);
// calling .get() here is safe because the Optional is never empty
MetadataResolverConfiguration metadataConfiguration = configuration.getMetadataConfiguration().get();
ClientTrustStoreConfiguration rpTrustStoreConfiguration = configuration.getRpTrustStoreConfiguration();
KeyStore rpTrustStore = new KeyStoreLoader().load(rpTrustStoreConfiguration.getPath(), rpTrustStoreConfiguration.getPassword());
TrustStoreMetrics trustStoreMetrics = new TrustStoreMetrics();
metadataConfiguration.getHubTrustStore().ifPresent(hubTrustStore -> trustStoreMetrics.registerTrustStore("hub", hubTrustStore));
metadataConfiguration.getIdpTrustStore().ifPresent(idpTrustStore -> trustStoreMetrics.registerTrustStore("idp", idpTrustStore));
trustStoreMetrics.registerTrustStore("rp", rpTrustStore);
environment.servlets().addFilter("Logging SessionId registration Filter", SessionIdQueryParamLoggingFilter.class).addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
}
Also used :
SessionIdQueryParamLoggingFilter(uk.gov.ida.hub.samlsoapproxy.filters.SessionIdQueryParamLoggingFilter)
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
TrustStoreMetrics(uk.gov.ida.common.shared.security.TrustStoreMetrics)
ClientTrustStoreConfiguration(uk.gov.ida.truststore.ClientTrustStoreConfiguration)
StdDateFormat(com.fasterxml.jackson.databind.util.StdDateFormat)
DispatcherType(javax.servlet.DispatcherType)
KeyStore(java.security.KeyStore)
MetadataResolverConfiguration(uk.gov.ida.saml.metadata.MetadataResolverConfiguration)
Example 2 with KeyStoreLoader
use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.
the class ConfigApplication method registerMetrics.
private void registerMetrics(TrustStoreMetrics metrics, String trustStoreName, ClientTrustStoreConfiguration trustStoreConfiguration) {
KeyStore trustStore = new KeyStoreLoader().load(trustStoreConfiguration.getPath(), trustStoreConfiguration.getPassword());
metrics.registerTrustStore(trustStoreName, trustStore);
}
Also used :
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
KeyStore(java.security.KeyStore)
Example 3 with KeyStoreLoader
use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.
the class PolicyModule method configure.
@Override
protected void configure() {
bind(RestfulClientConfiguration.class).to(PolicyConfiguration.class).in(Scopes.SINGLETON);
bind(AssertionLifetimeConfiguration.class).to(PolicyConfiguration.class).in(Scopes.SINGLETON);
bind(Client.class).toProvider(DefaultClientProvider.class).in(Scopes.SINGLETON);
bind(KeyStore.class).toProvider(KeyStoreProvider.class).in(Scopes.SINGLETON);
bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
bind(SessionStoreStartupTasks.class).asEagerSingleton();
bind(JsonResponseProcessor.class);
bind(HubEventLogger.class);
bind(SessionService.class);
bind(AuthnRequestFromTransactionHandler.class);
bind(SessionRepository.class);
bind(StateControllerFactory.class);
bind(SamlEngineProxy.class);
bind(TransactionsConfigProxy.class);
bind(IdentityProvidersConfigProxy.class);
bind(AuthnResponseFromIdpService.class);
bind(SamlAuthnResponseTranslatorDtoFactory.class).toInstance(new SamlAuthnResponseTranslatorDtoFactory());
bind(IdGenerator.class).toInstance(new IdGenerator());
bind(AttributeQueryService.class);
bind(SamlSoapProxyProxy.class);
bind(ResponseFromHubFactory.class);
bind(AssertionRestrictionsFactory.class);
bind(MatchingServiceConfigProxy.class);
bind(Cycle3Service.class);
bind(MatchingServiceResponseService.class);
bind(ResponseFromIdpHandler.class);
}
Also used :
KeyStoreProvider(uk.gov.ida.truststore.KeyStoreProvider)
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
SamlAuthnResponseTranslatorDtoFactory(uk.gov.ida.hub.policy.factories.SamlAuthnResponseTranslatorDtoFactory)
DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider)
PolicyConfiguration(uk.gov.ida.hub.policy.configuration.PolicyConfiguration)
IdGenerator(uk.gov.ida.common.shared.security.IdGenerator)
Example 4 with KeyStoreLoader
use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.
the class SamlProxyApplication method run.
@Override
public void run(SamlProxyConfiguration configuration, Environment environment) {
environment.getObjectMapper().setDateFormat(new StdDateFormat());
IdaSamlBootstrap.bootstrap();
for (Class klass : getResources()) {
environment.jersey().register(klass);
}
for (Class klass : getExceptionMappers()) {
environment.jersey().register(klass);
}
MetadataResolverConfiguration metadataConfiguration = configuration.getMetadataConfiguration();
ClientTrustStoreConfiguration rpTrustStoreConfiguration = configuration.getRpTrustStoreConfiguration();
KeyStore rpTrustStore = new KeyStoreLoader().load(rpTrustStoreConfiguration.getPath(), rpTrustStoreConfiguration.getPassword());
TrustStoreMetrics trustStoreMetrics = new TrustStoreMetrics();
metadataConfiguration.getHubTrustStore().ifPresent(hubTrustStore -> trustStoreMetrics.registerTrustStore("hub", hubTrustStore));
metadataConfiguration.getIdpTrustStore().ifPresent(idpTrustStore -> trustStoreMetrics.registerTrustStore("idp", idpTrustStore));
trustStoreMetrics.registerTrustStore("rp", rpTrustStore);
environment.servlets().addFilter("Logging SessionId registration Filter", SessionIdQueryParamLoggingFilter.class).addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
}
Also used :
SessionIdQueryParamLoggingFilter(uk.gov.ida.hub.samlproxy.filters.SessionIdQueryParamLoggingFilter)
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
TrustStoreMetrics(uk.gov.ida.common.shared.security.TrustStoreMetrics)
ClientTrustStoreConfiguration(uk.gov.ida.truststore.ClientTrustStoreConfiguration)
StdDateFormat(com.fasterxml.jackson.databind.util.StdDateFormat)
DispatcherType(javax.servlet.DispatcherType)
KeyStore(java.security.KeyStore)
MetadataResolverConfiguration(uk.gov.ida.saml.metadata.MetadataResolverConfiguration)
Example 5 with KeyStoreLoader
use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.
the class SamlProxyModule method configure.
@Override
protected void configure() {
bind(TrustStoreConfiguration.class).to(SamlProxyConfiguration.class);
bind(RestfulClientConfiguration.class).to(SamlProxyConfiguration.class);
bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
bind(SigningKeyStore.class).to(AuthnRequestKeyStore.class);
bind(Client.class).toProvider(DefaultClientProvider.class).in(Scopes.SINGLETON);
bind(ConfigServiceKeyStore.class).asEagerSingleton();
bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
bind(ResponseMaxSizeValidator.class);
bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
bind(CertificateChainValidator.class);
bind(CertificatesConfigProxy.class);
bind(TrustStoreForCertificateProvider.class);
bind(StringSizeValidator.class).toInstance(new StringSizeValidator());
bind(JsonResponseProcessor.class);
bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
bind(RelayStateValidator.class).toInstance(new RelayStateValidator());
bind(ProtectiveMonitoringLogFormatter.class).toInstance(new ProtectiveMonitoringLogFormatter());
bind(KeyStoreCache.class);
bind(EventSinkMessageSender.class);
bind(ExceptionAuditor.class);
bind(ProtectiveMonitoringLogger.class);
bind(SessionProxy.class);
bind(new TypeLiteral<LevelLoggerFactory<SamlProxySamlTransformationErrorExceptionMapper>>() {
}).toInstance(new LevelLoggerFactory<>());
bind(new TypeLiteral<LevelLoggerFactory<SamlProxyDuplicateRequestExceptionMapper>>() {
}).toInstance(new LevelLoggerFactory<>());
bind(new TypeLiteral<LevelLoggerFactory<NoKeyConfiguredForEntityExceptionMapper>>() {
}).toInstance(new LevelLoggerFactory<>());
bind(new TypeLiteral<LevelLoggerFactory<SamlProxyApplicationExceptionMapper>>() {
}).toInstance(new LevelLoggerFactory<>());
bind(new TypeLiteral<LevelLoggerFactory<SamlProxyExceptionMapper>>() {
}).toInstance(new LevelLoggerFactory<>());
bind(SamlMessageSenderHandler.class);
bind(ExternalCommunicationEventLogger.class);
bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
}
Also used :
RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration)
TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration)
SamlProxyExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyExceptionMapper)
KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader)
ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter)
DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider)
PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)
PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)
StringSizeValidator(uk.gov.ida.saml.hub.validators.StringSizeValidator)
NoKeyConfiguredForEntityExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.NoKeyConfiguredForEntityExceptionMapper)
IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver)
X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory)
RelayStateValidator(uk.gov.ida.saml.core.security.RelayStateValidator)
ProtectiveMonitoringLogFormatter(uk.gov.ida.hub.samlproxy.logging.ProtectiveMonitoringLogFormatter)
PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)
TypeLiteral(com.google.inject.TypeLiteral)
SamlProxyDuplicateRequestExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyDuplicateRequestExceptionMapper)
SamlProxyApplicationExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyApplicationExceptionMapper)
HubSigningKeyStore(uk.gov.ida.hub.samlproxy.security.HubSigningKeyStore)
SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore)
ConfigServiceKeyStore(uk.gov.ida.hub.samlproxy.config.ConfigServiceKeyStore)
SamlProxySamlTransformationErrorExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxySamlTransformationErrorExceptionMapper)
Aggregations
KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)9
KeyStore (java.security.KeyStore)4
X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)4
PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)4
StdDateFormat (com.fasterxml.jackson.databind.util.StdDateFormat)3
TypeLiteral (com.google.inject.TypeLiteral)3
DispatcherType (javax.servlet.DispatcherType)3
TrustStoreMetrics (uk.gov.ida.common.shared.security.TrustStoreMetrics)3
TrustStoreConfiguration (uk.gov.ida.truststore.TrustStoreConfiguration)3
PublicKeyFileInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)2
PublicKeyInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)2
DefaultClientProvider (uk.gov.ida.jerseyclient.DefaultClientProvider)2
MetadataResolverConfiguration (uk.gov.ida.saml.metadata.MetadataResolverConfiguration)2
ClientTrustStoreConfiguration (uk.gov.ida.truststore.ClientTrustStoreConfiguration)2
GuavaModule (com.fasterxml.jackson.datatype.guava.GuavaModule)1
UrlConfigurationSourceProvider (io.dropwizard.configuration.UrlConfigurationSourceProvider)1
DigestAlgorithm (org.opensaml.xmlsec.algorithm.DigestAlgorithm)1
SignatureAlgorithm (org.opensaml.xmlsec.algorithm.SignatureAlgorithm)1
DigestSHA256 (org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256)1
SignatureRSASHA1 (org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1)1
