Examples with KeyStoreLoader uk.gov.ida.truststore.KeyStoreLoader used on opensource projects

Search in sources :

Example 6 with KeyStoreLoader

use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.

the class CryptoModule method configure.

@Override
protected void configure() {
    bind(EncryptionKeyStore.class).to(HubEncryptionKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("authnRequestKeyStore")).to(AuthnRequestKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("samlResponseFromMatchingServiceKeyStore")).to(SamlResponseFromMatchingServiceKeyStore.class).asEagerSingleton();
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(AssertionBlobEncrypter.class);
    bind(EncrypterFactory.class).toInstance(new EncrypterFactory());
    bind(SignatureAlgorithm.class).toInstance(new SignatureRSASHA1());
    bind(DigestAlgorithm.class).toInstance(new DigestSHA256());
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) AuthnRequestKeyStore(uk.gov.ida.hub.samlengine.security.AuthnRequestKeyStore) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) EncrypterFactory(uk.gov.ida.saml.security.EncrypterFactory) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SamlResponseFromMatchingServiceKeyStore(uk.gov.ida.hub.samlengine.security.SamlResponseFromMatchingServiceKeyStore) HubEncryptionKeyStore(uk.gov.ida.hub.samlengine.security.HubEncryptionKeyStore) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm)

Example 7 with KeyStoreLoader

use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.

the class SamlEngineApplication method run.

@Override
public final void run(SamlEngineConfiguration configuration, Environment environment) {
    IdaSamlBootstrap.bootstrap();
    environment.getObjectMapper().registerModule(new GuavaModule());
    environment.getObjectMapper().setDateFormat(new StdDateFormat());
    // register resources
    registerResources(environment, configuration);
    // register exception mappers
    environment.jersey().register(SamlEngineExceptionMapper.class);
    // calling .get() here is safe because the Optional is never empty
    MetadataResolverConfiguration metadataConfiguration = configuration.getMetadataConfiguration().get();
    ClientTrustStoreConfiguration rpTrustStoreConfiguration = configuration.getRpTrustStoreConfiguration();
    KeyStore rpTrustStore = new KeyStoreLoader().load(rpTrustStoreConfiguration.getPath(), rpTrustStoreConfiguration.getPassword());
    TrustStoreMetrics trustStoreMetrics = new TrustStoreMetrics();
    metadataConfiguration.getHubTrustStore().ifPresent(hubTrustStore -> trustStoreMetrics.registerTrustStore("hub", hubTrustStore));
    metadataConfiguration.getIdpTrustStore().ifPresent(idpTrustStore -> trustStoreMetrics.registerTrustStore("idp", idpTrustStore));
    trustStoreMetrics.registerTrustStore("rp", rpTrustStore);
    environment.servlets().addFilter("Logging SessionId registration Filter", SessionIdQueryParamLoggingFilter.class).addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
}
Also used : SessionIdQueryParamLoggingFilter(uk.gov.ida.hub.samlengine.filters.SessionIdQueryParamLoggingFilter) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) TrustStoreMetrics(uk.gov.ida.common.shared.security.TrustStoreMetrics) ClientTrustStoreConfiguration(uk.gov.ida.truststore.ClientTrustStoreConfiguration) StdDateFormat(com.fasterxml.jackson.databind.util.StdDateFormat) DispatcherType(javax.servlet.DispatcherType) KeyStore(java.security.KeyStore) GuavaModule(com.fasterxml.jackson.datatype.guava.GuavaModule) MetadataResolverConfiguration(uk.gov.ida.saml.metadata.MetadataResolverConfiguration)

Example 8 with KeyStoreLoader

use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.

the class ConfigModule method configure.

@Override
protected void configure() {
    bind(ConfigHealthCheck.class).asEagerSingleton();
    bind(ConfigDataBootstrap.class).asEagerSingleton();
    bind(CertificateChainConfigValidator.class).asEagerSingleton();
    bind(TrustStoreConfiguration.class).to(ConfigConfiguration.class);
    bind(new TypeLiteral<ConfigurationFactoryFactory<IdentityProviderConfig>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<TransactionConfig>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<MatchingServiceConfig>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<TranslationData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<>());
    bind(new TypeLiteral<ConfigDataSource<TransactionConfig>>() {
    }).to(FileBackedTransactionConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<TranslationData>>() {
    }).to(FileBackedTranslationsDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<MatchingServiceConfig>>() {
    }).to(FileBackedMatchingServiceConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<IdentityProviderConfig>>() {
    }).to(FileBackedIdentityProviderConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<LocalConfigRepository<TransactionConfig>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<LocalConfigRepository<TranslationData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<LocalConfigRepository<MatchingServiceConfig>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<LocalConfigRepository<IdentityProviderConfig>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ManagedEntityConfigRepository<TransactionConfig>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ManagedEntityConfigRepository<MatchingServiceConfig>>() {
    }).asEagerSingleton();
    bind(LevelsOfAssuranceConfigValidator.class).toInstance(new LevelsOfAssuranceConfigValidator());
    bind(CertificateChainValidator.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(KeyStoreCache.class);
    bind(ExceptionFactory.class);
    bind(OCSPCertificateChainValidityChecker.class);
    bind(OCSPCertificateChainValidator.class);
    bind(IdpPredicateFactory.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(OCSPPKIXParametersProvider.class).toInstance(new OCSPPKIXParametersProvider());
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
}
Also used : TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) FileBackedTranslationsDataSource(uk.gov.ida.hub.config.data.FileBackedTranslationsDataSource) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) TranslationData(uk.gov.ida.hub.config.domain.TranslationData) IdentityProviderConfig(uk.gov.ida.hub.config.domain.IdentityProviderConfig) TransactionConfig(uk.gov.ida.hub.config.domain.TransactionConfig) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) TypeLiteral(com.google.inject.TypeLiteral) MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataBootstrap(uk.gov.ida.hub.config.data.ConfigDataBootstrap) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataSource(uk.gov.ida.hub.config.data.ConfigDataSource) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) ConfigHealthCheck(uk.gov.ida.hub.config.healthcheck.ConfigHealthCheck) CertificateChainConfigValidator(uk.gov.ida.hub.config.domain.CertificateChainConfigValidator) LevelsOfAssuranceConfigValidator(uk.gov.ida.hub.config.data.LevelsOfAssuranceConfigValidator)

Example 9 with KeyStoreLoader

use of uk.gov.ida.truststore.KeyStoreLoader in project verify-hub by alphagov.

the class SamlSoapProxyModule method configure.

@Override
protected void configure() {
    bind(TrustStoreConfiguration.class).to(SamlSoapProxyConfiguration.class);
    bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
    bind(RestfulClientConfiguration.class).to(SamlSoapProxyConfiguration.class);
    bind(Client.class).toProvider(DefaultClientProvider.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigurationFactoryFactory<SupportedMsaVersions>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<>() {
    });
    bind(new TypeLiteral<SupportedMsaVersionsRepository>() {
    }).asEagerSingleton();
    bind(SupportedMsaVersionsBootstrap.class).asEagerSingleton();
    bind(SupportedMsaVersionsLoader.class).asEagerSingleton();
    bind(MetadataRefreshTask.class).asEagerSingleton();
    bind(ConfigServiceKeyStore.class).asEagerSingleton();
    bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
    bind(UrlConfigurationSourceProvider.class).toInstance(new UrlConfigurationSourceProvider());
    bind(TrustStoreForCertificateProvider.class);
    bind(JsonResponseProcessor.class);
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(CertificatesConfigProxy.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(MatchingServiceHealthCheckHandler.class);
    bind(MatchingServiceHealthChecker.class);
    bind(MatchingServiceConfigProxy.class);
    bind(MatchingServiceHealthCheckClient.class);
    bind(HealthCheckEventLogger.class);
    bind(SamlEngineProxy.class);
    bind(HealthCheckSoapRequestClient.class);
    bind(AttributeQueryRequestRunnableFactory.class);
    bind(ExecuteAttributeQueryRequest.class);
    bind(AttributeQueryRequestClient.class);
    bind(ProtectiveMonitoringLogger.class).toInstance(new ProtectiveMonitoringLogger());
    bind(SoapRequestClient.class);
    bind(HubMatchingServiceResponseReceiverProxy.class);
    bind(ExternalCommunicationEventLogger.class);
    bind(SoapMessageManager.class).toInstance(new SoapMessageManager());
    bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
    bind(TimeoutEvaluator.class).toInstance(new TimeoutEvaluator());
}
Also used : MetadataRefreshTask(uk.gov.ida.saml.metadata.MetadataRefreshTask) RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration) TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter) DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider) SupportedMsaVersions(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersions) PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory) SupportedMsaVersionsBootstrap(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsBootstrap) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SoapMessageManager(uk.gov.ida.hub.samlsoapproxy.soap.SoapMessageManager) IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) ProtectiveMonitoringLogger(uk.gov.ida.hub.samlsoapproxy.logging.ProtectiveMonitoringLogger) PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory) TypeLiteral(com.google.inject.TypeLiteral) SupportedMsaVersionsLoader(uk.gov.ida.hub.samlsoapproxy.healthcheck.SupportedMsaVersionsLoader) UrlConfigurationSourceProvider(io.dropwizard.configuration.UrlConfigurationSourceProvider) ConfigServiceKeyStore(uk.gov.ida.hub.samlsoapproxy.config.ConfigServiceKeyStore) TimeoutEvaluator(uk.gov.ida.hub.samlsoapproxy.domain.TimeoutEvaluator)

Aggregations

KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)9 KeyStore (java.security.KeyStore)4 X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)4 PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)4 StdDateFormat (com.fasterxml.jackson.databind.util.StdDateFormat)3 TypeLiteral (com.google.inject.TypeLiteral)3 DispatcherType (javax.servlet.DispatcherType)3 TrustStoreMetrics (uk.gov.ida.common.shared.security.TrustStoreMetrics)3 TrustStoreConfiguration (uk.gov.ida.truststore.TrustStoreConfiguration)3 PublicKeyFileInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)2 PublicKeyInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)2 DefaultClientProvider (uk.gov.ida.jerseyclient.DefaultClientProvider)2 MetadataResolverConfiguration (uk.gov.ida.saml.metadata.MetadataResolverConfiguration)2 ClientTrustStoreConfiguration (uk.gov.ida.truststore.ClientTrustStoreConfiguration)2 GuavaModule (com.fasterxml.jackson.datatype.guava.GuavaModule)1 UrlConfigurationSourceProvider (io.dropwizard.configuration.UrlConfigurationSourceProvider)1 DigestAlgorithm (org.opensaml.xmlsec.algorithm.DigestAlgorithm)1 SignatureAlgorithm (org.opensaml.xmlsec.algorithm.SignatureAlgorithm)1 DigestSHA256 (org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256)1 SignatureRSASHA1 (org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial