本文整理汇总了Java中net.shibboleth.utilities.java.support.resolver.CriteriaSet类的典型用法代码示例。如果您正苦于以下问题:Java CriteriaSet类的具体用法?Java CriteriaSet怎么用?Java CriteriaSet使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
CriteriaSet类属于net.shibboleth.utilities.java.support.resolver包,在下文中一共展示了CriteriaSet类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doInvoke
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
// Resolve client id from inbound message
final ClientID clientId = RequestFieldResolver.getClientID((AbstractRequest) messageContext.getMessage());
// Resolve metadata for client id
final ClientIDCriterion clientCriterion = new ClientIDCriterion(clientId);
final CriteriaSet criteria = new CriteriaSet(clientCriterion);
try {
final OIDCClientInformation clientInformation = clientResolver.resolveSingle(criteria);
if (clientInformation == null) {
log.warn("{} No client information returned for {}", getLogPrefix(), clientId);
return;
}
final OIDCMetadataContext oidcCtx = new OIDCMetadataContext();
oidcCtx.setClientInformation(clientInformation);
messageContext.addSubcontext(oidcCtx);
// Based on that info we know 1) client is valid 2) we know valid
// redirect uris
log.debug("{} {} added to MessageContext as child of {}", getLogPrefix(),
OIDCMetadataContext.class.getName(), messageContext.getClass().getName());
} catch (ResolverException e) {
log.error("{} ResolverException thrown during client information lookup", getLogPrefix(), e);
}
}
示例2: resolve
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override @Nonnull public Iterable<OIDCClientInformation> resolve(final CriteriaSet criteria)
throws ResolverException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
ServiceableComponent<ClientInformationResolver> component = null;
try {
component = service.getServiceableComponent();
if (null == component) {
log.error("RelyingPartyClientInformationProvider '{}': Error accessing underlying source: "
+ "Invalid configuration.", getId());
} else {
final ClientInformationResolver resolver = component.getComponent();
return resolver.resolve(criteria);
}
} catch (final ResolverException e) {
log.error("RelyingPartyClientInformationProvider '{}': Error during resolution", getId(), e);
} finally {
if (null != component) {
component.unpinComponent();
}
}
return Collections.EMPTY_SET;
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:25,代码来源:ReloadingRelyingPartyClientInformationProvider.java
示例3: resolveSingle
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override @Nullable public OIDCClientInformation resolveSingle(final CriteriaSet criteria)
throws ResolverException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
ServiceableComponent<ClientInformationResolver> component = null;
try {
component = service.getServiceableComponent();
if (null == component) {
log.error("RelyingPartyClientInformationProvider '{}': Error accessing underlying source: "
+ "Invalid configuration.", getId());
} else {
final ClientInformationResolver resolver = component.getComponent();
return resolver.resolveSingle(criteria);
}
} catch (final ResolverException e) {
log.error("RelyingPartyResolver '{}': Error during resolution", getId(), e);
} finally {
if (null != component) {
component.unpinComponent();
}
}
return null;
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:25,代码来源:ReloadingRelyingPartyClientInformationProvider.java
示例4: resolve
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
@Nonnull public Iterable<OIDCClientInformation> resolve(@Nullable final CriteriaSet criteria)
throws ResolverException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
for (final ClientInformationResolver resolver : resolvers) {
try {
final Iterable<OIDCClientInformation> clientInformations = resolver.resolve(criteria);
if (clientInformations != null && clientInformations.iterator().hasNext()) {
return clientInformations;
}
} catch (final ResolverException e) {
log.warn("Error retrieving client information from resolver of type {}, proceeding to next resolver",
resolver.getClass().getName(), e);
continue;
}
}
return Collections.emptyList();
}
示例5: testSuccess
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void testSuccess() throws Exception {
final ClientIDCriterion criterion = new ClientIDCriterion(new ClientID(clientId));
final OIDCClientInformation clientInfo = resolver.resolveSingle(new CriteriaSet(criterion));
Assert.assertNotNull(clientInfo);
Assert.assertEquals(clientInfo.getID().getValue(), clientId);
final Set<URI> redirectUris = clientInfo.getOIDCMetadata().getRedirectionURIs();
Assert.assertEquals(redirectUris.size(), 1);
Assert.assertTrue(redirectUris.contains(redirectUri));
final Scope scope = clientInfo.getOIDCMetadata().getScope();
Assert.assertEquals(scope.size(), 6);
Assert.assertTrue(scope.contains(OIDCScopeValue.OPENID));
Assert.assertTrue(scope.contains(OIDCScopeValue.ADDRESS));
Assert.assertTrue(scope.contains(OIDCScopeValue.EMAIL));
Assert.assertTrue(scope.contains(OIDCScopeValue.PHONE));
Assert.assertTrue(scope.contains(OIDCScopeValue.PROFILE));
Assert.assertTrue(scope.contains("info"));
final Set<ResponseType> responseTypes = clientInfo.getOIDCMetadata().getResponseTypes();
Assert.assertEquals(responseTypes.size(), 2);
Assert.assertTrue(responseTypes.contains(new ResponseType(OIDCResponseTypeValue.ID_TOKEN)));
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:22,代码来源:FilesystemClientInformationResolverTest.java
示例6: buildSignatureSigningParameters
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/**
* Build signature signing parameters signature signing parameters.
*
* @param descriptor the descriptor
* @return the signature signing parameters
* @throws SAMLException the saml exception
*/
protected SignatureSigningParameters buildSignatureSigningParameters(final RoleDescriptor descriptor) throws SAMLException {
try {
final CriteriaSet criteria = new CriteriaSet();
criteria.add(new SignatureSigningConfigurationCriterion(getSignatureSigningConfiguration()));
criteria.add(new RoleDescriptorCriterion(descriptor));
final SAMLMetadataSignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
LOGGER.debug("Resolving signature signing parameters for [{}]", descriptor.getElementQName().getLocalPart());
final SignatureSigningParameters params = resolver.resolveSingle(criteria);
if (params == null) {
throw new SAMLException("No signature signing parameter is available");
}
LOGGER.debug("Created signature signing parameters."
+ "\nSignature algorithm: [{}]"
+ "\nSignature canonicalization algorithm: [{}]"
+ "\nSignature reference digest methods: [{}]",
params.getSignatureAlgorithm(), params.getSignatureCanonicalizationAlgorithm(),
params.getSignatureReferenceDigestMethod());
return params;
} catch (final Exception e) {
throw new SAMLException(e.getMessage(), e);
}
}
示例7: getSigningCredential
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
private Credential getSigningCredential(final RoleDescriptorResolver resolver, final RequestAbstractType profileRequest) {
try {
final MetadataCredentialResolver kekCredentialResolver = new MetadataCredentialResolver();
final SignatureValidationConfiguration config = getSignatureValidationConfiguration();
kekCredentialResolver.setRoleDescriptorResolver(resolver);
kekCredentialResolver.setKeyInfoCredentialResolver(
DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver());
kekCredentialResolver.initialize();
final CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.add(new SignatureValidationConfigurationCriterion(config));
criteriaSet.add(new UsageCriterion(UsageType.SIGNING));
buildEntityCriteriaForSigningCredential(profileRequest, criteriaSet);
return kekCredentialResolver.resolveSingle(criteriaSet);
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例8: getSingleSignOn
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
public URI getSingleSignOn(String entityId) {
EntityDescriptor idpEntityDescriptor;
try {
CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
} catch (ResolverException e) {
LOG.error(format("Exception when accessing metadata: {0}", e));
throw propagate(e);
}
if(idpEntityDescriptor!=null) {
final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
if (singleSignOnServices.isEmpty()) {
LOG.error(format("No singleSignOnServices present for IDP entityId: {0}", entityId));
} else {
if (singleSignOnServices.size() > 1) {
LOG.warn(format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
}
return URI.create(singleSignOnServices.get(0).getLocation());
}
}
throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}
示例9: getSingleSignOn
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void getSingleSignOn() throws Exception {
// Given
SingleSignOnServiceBuilder singleSignOnServiceBuilder = new SingleSignOnServiceBuilder();
SingleSignOnService singleSignOnService = singleSignOnServiceBuilder.buildObject();
singleSignOnService.setLocation("http://the-sso-location");
IDPSSODescriptorBuilder idpssoDescriptorBuilder = new IDPSSODescriptorBuilder();
IDPSSODescriptor idpssoDescriptor = idpssoDescriptorBuilder.buildObject();
idpssoDescriptor.getSingleSignOnServices().add(singleSignOnService);
idpssoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
EntityDescriptorBuilder entityDescriptorBuilder = new EntityDescriptorBuilder();
EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
entityDescriptor.setEntityID("the-entity-id");
entityDescriptor.getRoleDescriptors().add(idpssoDescriptor);
when(metadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityDescriptor.getEntityID())))).thenReturn(entityDescriptor);
// When
URI singleSignOnUri = service.getSingleSignOn(entityDescriptor.getEntityID());
// Then
assertThat(singleSignOnUri.toString(), equalTo(singleSignOnService.getLocation()));
verify(metadataResolver).resolveSingle(any(CriteriaSet.class));
}
示例10: validateAll
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
public void validateAll() {
try {
Iterable<EntityDescriptor> entityDescriptors = metadataResolver.resolve(new CriteriaSet(new EntityIdCriterion(hubFederationId)));
entityDescriptors.forEach(entityDescriptor -> {
String entityID = entityDescriptor.getEntityID();
if (hubEntityId.equals(entityDescriptor.getEntityID())) {
metadataCertificatesRepository.getHubEncryptionCertificates(entityID);
metadataCertificatesRepository.getHubSigningCertificates(entityID);
} else {
metadataCertificatesRepository.getIdpSigningCertificates(entityID);
}
});
} catch (ResolverException e) {
throw new InvalidSamlMetadataException("Metadata could not be read from the metadata service", e);
}
}
示例11: setUp
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Before
public void setUp() throws Exception {
entityId = "http://issuer";
when(msaConfiguration.getEntityId()).thenReturn(entityId);
when(msaConfiguration.getMatchingServiceAdapterExternalUrl()).thenReturn(URI.create("http://localhost"));
when(certificateStore.getEncryptionCertificates()).thenReturn(asList());
when(msaMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TestEntityIds.HUB_ENTITY_ID)))).thenReturn(new EntityDescriptorFactory().hubEntityDescriptor());
when(matchingServiceAdapterConfiguration.getHubSSOUri()).thenReturn(URI.create(hubSsoEndPoint));
when(matchingServiceAdapterConfiguration.shouldRepublishHubCertificates()).thenReturn(false);
entityDescriptorElementTransformer = new CoreTransformersFactory().getXmlObjectToElementTransformer();
keyDescriptorsUnmarshaller = new KeyDescriptorsUnmarshaller(new OpenSamlXmlObjectFactory());
matchingServiceAdapterMetadataRepository = new MatchingServiceAdapterMetadataRepository(
msaConfiguration,
keyDescriptorsUnmarshaller,
entityDescriptorElementTransformer,
certificateStore,
msaMetadataResolver,
matchingServiceAdapterConfiguration,
TestEntityIds.HUB_ENTITY_ID);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:23,代码来源:MatchingServiceAdapterMetadataRepositoryTest.java
示例12: shouldBeAbleToLoadMSAMetadataUsingMetadataResolver
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void shouldBeAbleToLoadMSAMetadataUsingMetadataResolver() throws Exception {
when(matchingServiceAdapterConfiguration.shouldRepublishHubCertificates()).thenReturn(true);
Document matchingServiceAdapterMetadata = matchingServiceAdapterMetadataRepository.getMatchingServiceAdapterMetadata();
String metadata = XmlUtils.writeToString(matchingServiceAdapterMetadata);
StringBackedMetadataResolver stringBackedMetadataResolver = new StringBackedMetadataResolver(metadata);
BasicParserPool pool = new BasicParserPool();
pool.initialize();
stringBackedMetadataResolver.setParserPool(pool);
stringBackedMetadataResolver.setId("Some ID");
stringBackedMetadataResolver.initialize();
assertThat(stringBackedMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityId))).getEntityID()).isEqualTo(entityId);
assertThat(stringBackedMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TestEntityIds.HUB_ENTITY_ID))).getEntityID()).isEqualTo(TestEntityIds.HUB_ENTITY_ID);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:18,代码来源:MatchingServiceAdapterMetadataRepositoryTest.java
示例13: setUp
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Before
public void setUp() throws Exception {
validator = new EidasAttributeQueryValidator(
verifyMetadataResolver,
countryMetadataResolver,
verifyCertificateValidator,
countryCertificateValidator,
certificateExtractor,
x509CertificateFactory,
new DateTimeComparator(Duration.ZERO),
assertionDecrypter,
HUB_CONNECTOR_ENTITY_ID);
when(verifyMetadataResolver.resolveSingle(any(CriteriaSet.class))).thenReturn(entityDescriptor);
when(countryMetadataResolver.resolveSingle(any(CriteriaSet.class))).thenReturn((entityDescriptor));
when(certificateExtractor.extractHubSigningCertificates(entityDescriptor))
.thenReturn(Arrays.asList(new Certificate(HUB_ENTITY_ID, TestCertificateStrings.HUB_TEST_PUBLIC_SIGNING_CERT, Certificate.KeyUse.Signing)));
when(certificateExtractor.extractIdpSigningCertificates(entityDescriptor))
.thenReturn(Arrays.asList(new Certificate(TEST_ENTITY_ID, TestCertificateStrings.TEST_PUBLIC_CERT, Certificate.KeyUse.Signing)));
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:21,代码来源:EidasAttributeQueryValidatorTest.java
示例14: isTrusted
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Override
public boolean isTrusted(final X509Certificate[] certificates, final String authType)
throws CertificateException {
if (certificates == null || certificates.length < 1) {
return false;
}
// Assume the first certificate is the end-entity cert
try {
log.debug("Validating cert {} issued by {}",
certificates[0].getSubjectDN().getName(),
certificates[0].getIssuerDN().getName());
return trustEngine.validate(new BasicX509Credential(certificates[0]), new CriteriaSet());
} catch (SecurityException e) {
throw new CertificateException("X509 validation error", e);
}
}
示例15: resolve
import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
public Iterable<OIDCClientInformation> resolve(CriteriaSet criteria) throws ResolverException {
ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
final ClientIDCriterion clientIdCriterion = criteria.get(ClientIDCriterion.class);
if (clientIdCriterion == null || clientIdCriterion.getClientID() == null) {
log.warn("No client ID criteria found, returning empty set.");
return Collections.emptyList();
}
//TODO: support other criterion
final String clientId = clientIdCriterion.getClientID().getValue();
final List<OIDCClientInformation> result = new ArrayList<>();
try {
final StorageRecord record = getStorageService().read(CONTEXT_NAME, clientId);
if (record == null) {
log.error("Could not find any records with clientId {}", clientId);
} else {
final OIDCClientInformation clientInformation =
OIDCClientInformation.parse(JSONObjectUtils.parse(record.getValue()));
log.debug("Found a record with clientId {}", clientId);
result.add(clientInformation);
}
} catch (IOException | ParseException e) {
log.error("Could not read the storage data", e);
}
return result;
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:30,代码来源:StorageServiceClientInformationResolver.java