当前位置: 首页>>代码示例>>Java>>正文


Java CriteriaSet类代码示例

本文整理汇总了Java中net.shibboleth.utilities.java.support.resolver.CriteriaSet的典型用法代码示例。如果您正苦于以下问题:Java CriteriaSet类的具体用法?Java CriteriaSet怎么用?Java CriteriaSet使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


CriteriaSet类属于net.shibboleth.utilities.java.support.resolver包,在下文中一共展示了CriteriaSet类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: doInvoke

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doInvoke(@Nonnull final MessageContext messageContext) throws MessageHandlerException {
    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
    // Resolve client id from inbound message
    final ClientID clientId = RequestFieldResolver.getClientID((AbstractRequest) messageContext.getMessage());
    // Resolve metadata for client id
    final ClientIDCriterion clientCriterion = new ClientIDCriterion(clientId);
    final CriteriaSet criteria = new CriteriaSet(clientCriterion);
    try {
        final OIDCClientInformation clientInformation = clientResolver.resolveSingle(criteria);
        if (clientInformation == null) {
            log.warn("{} No client information returned for {}", getLogPrefix(), clientId);
            return;
        }
        final OIDCMetadataContext oidcCtx = new OIDCMetadataContext();
        oidcCtx.setClientInformation(clientInformation);
        messageContext.addSubcontext(oidcCtx);
        // Based on that info we know 1) client is valid 2) we know valid
        // redirect uris
        log.debug("{} {} added to MessageContext as child of {}", getLogPrefix(),
                OIDCMetadataContext.class.getName(), messageContext.getClass().getName());
    } catch (ResolverException e) {
        log.error("{} ResolverException thrown during client information lookup", getLogPrefix(), e);
    }
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:27,代码来源:OIDCMetadataLookupHandler.java

示例2: resolve

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override @Nonnull public Iterable<OIDCClientInformation> resolve(final CriteriaSet criteria) 
        throws ResolverException {

    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
    ServiceableComponent<ClientInformationResolver> component = null;
    try {
        component = service.getServiceableComponent();
        if (null == component) {
            log.error("RelyingPartyClientInformationProvider '{}': Error accessing underlying source: "
                    + "Invalid configuration.", getId());
        } else {
            final ClientInformationResolver resolver = component.getComponent();
            return resolver.resolve(criteria);
        }
    } catch (final ResolverException e) {
        log.error("RelyingPartyClientInformationProvider '{}': Error during resolution", getId(), e);
    } finally {
        if (null != component) {
            component.unpinComponent();
        }
    }
    return Collections.EMPTY_SET;
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:25,代码来源:ReloadingRelyingPartyClientInformationProvider.java

示例3: resolveSingle

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override @Nullable public OIDCClientInformation resolveSingle(final CriteriaSet criteria) 
        throws ResolverException {

    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
    ServiceableComponent<ClientInformationResolver> component = null;
    try {
        component = service.getServiceableComponent();
        if (null == component) {
            log.error("RelyingPartyClientInformationProvider '{}': Error accessing underlying source: "
                    + "Invalid configuration.", getId());
        } else {
            final ClientInformationResolver resolver = component.getComponent();
            return resolver.resolveSingle(criteria);
        }
    } catch (final ResolverException e) {
        log.error("RelyingPartyResolver '{}': Error during resolution", getId(), e);
    } finally {
        if (null != component) {
            component.unpinComponent();
        }
    }
    return null;
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:25,代码来源:ReloadingRelyingPartyClientInformationProvider.java

示例4: resolve

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
@Nonnull public Iterable<OIDCClientInformation> resolve(@Nullable final CriteriaSet criteria) 
        throws ResolverException {
    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);

    for (final ClientInformationResolver resolver : resolvers) {
        try {
            final Iterable<OIDCClientInformation> clientInformations = resolver.resolve(criteria);
            if (clientInformations != null && clientInformations.iterator().hasNext()) {
                return clientInformations;
            }
        } catch (final ResolverException e) {
            log.warn("Error retrieving client information from resolver of type {}, proceeding to next resolver",
                    resolver.getClass().getName(), e);
            continue;
        }
    }

    return Collections.emptyList();
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:22,代码来源:ChainingClientInformationResolver.java

示例5: testSuccess

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void testSuccess() throws Exception {
    final ClientIDCriterion criterion = new ClientIDCriterion(new ClientID(clientId));
    final OIDCClientInformation clientInfo = resolver.resolveSingle(new CriteriaSet(criterion));
    Assert.assertNotNull(clientInfo);
    Assert.assertEquals(clientInfo.getID().getValue(), clientId);
    final Set<URI> redirectUris = clientInfo.getOIDCMetadata().getRedirectionURIs();
    Assert.assertEquals(redirectUris.size(), 1);
    Assert.assertTrue(redirectUris.contains(redirectUri));
    final Scope scope = clientInfo.getOIDCMetadata().getScope();
    Assert.assertEquals(scope.size(), 6);
    Assert.assertTrue(scope.contains(OIDCScopeValue.OPENID));
    Assert.assertTrue(scope.contains(OIDCScopeValue.ADDRESS));
    Assert.assertTrue(scope.contains(OIDCScopeValue.EMAIL));
    Assert.assertTrue(scope.contains(OIDCScopeValue.PHONE));
    Assert.assertTrue(scope.contains(OIDCScopeValue.PROFILE));
    Assert.assertTrue(scope.contains("info"));
    final Set<ResponseType> responseTypes = clientInfo.getOIDCMetadata().getResponseTypes();
    Assert.assertEquals(responseTypes.size(), 2);
    Assert.assertTrue(responseTypes.contains(new ResponseType(OIDCResponseTypeValue.ID_TOKEN)));
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:22,代码来源:FilesystemClientInformationResolverTest.java

示例6: buildSignatureSigningParameters

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/**
 * Build signature signing parameters signature signing parameters.
 *
 * @param descriptor the descriptor
 * @return the signature signing parameters
 * @throws SAMLException the saml exception
 */
protected SignatureSigningParameters buildSignatureSigningParameters(final RoleDescriptor descriptor) throws SAMLException {
    try {
        final CriteriaSet criteria = new CriteriaSet();
        criteria.add(new SignatureSigningConfigurationCriterion(getSignatureSigningConfiguration()));
        criteria.add(new RoleDescriptorCriterion(descriptor));
        final SAMLMetadataSignatureSigningParametersResolver resolver = new SAMLMetadataSignatureSigningParametersResolver();
        LOGGER.debug("Resolving signature signing parameters for [{}]", descriptor.getElementQName().getLocalPart());

        final SignatureSigningParameters params = resolver.resolveSingle(criteria);
        if (params == null) {
            throw new SAMLException("No signature signing parameter is available");
        }

        LOGGER.debug("Created signature signing parameters."
                        + "\nSignature algorithm: [{}]"
                        + "\nSignature canonicalization algorithm: [{}]"
                        + "\nSignature reference digest methods: [{}]",
                params.getSignatureAlgorithm(), params.getSignatureCanonicalizationAlgorithm(),
                params.getSignatureReferenceDigestMethod());

        return params;
    } catch (final Exception e) {
        throw new SAMLException(e.getMessage(), e);
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:33,代码来源:BaseSamlObjectSigner.java

示例7: getSigningCredential

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
private Credential getSigningCredential(final RoleDescriptorResolver resolver, final RequestAbstractType profileRequest) {
    try {
        final MetadataCredentialResolver kekCredentialResolver = new MetadataCredentialResolver();
        final SignatureValidationConfiguration config = getSignatureValidationConfiguration();
        kekCredentialResolver.setRoleDescriptorResolver(resolver);
        kekCredentialResolver.setKeyInfoCredentialResolver(
                DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver());
        kekCredentialResolver.initialize();
        final CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new SignatureValidationConfigurationCriterion(config));
        criteriaSet.add(new UsageCriterion(UsageType.SIGNING));

        buildEntityCriteriaForSigningCredential(profileRequest, criteriaSet);

        return kekCredentialResolver.resolveSingle(criteriaSet);
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:20,代码来源:SamlObjectSignatureValidator.java

示例8: getSingleSignOn

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
public URI getSingleSignOn(String entityId) {
    EntityDescriptor idpEntityDescriptor;
    try {
        CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
        idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
    } catch (ResolverException e) {
        LOG.error(format("Exception when accessing metadata: {0}", e));
        throw propagate(e);
    }

    if(idpEntityDescriptor!=null) {
        final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
        final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
        if (singleSignOnServices.isEmpty()) {
            LOG.error(format("No singleSignOnServices present for IDP entityId: {0}", entityId));
        } else {
            if (singleSignOnServices.size() > 1) {
                LOG.warn(format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
            }
            return URI.create(singleSignOnServices.get(0).getLocation());
        }
    }

    throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));

}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:27,代码来源:IdpSingleSignOnServiceHelper.java

示例9: getSingleSignOn

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void getSingleSignOn() throws Exception {
    // Given
    SingleSignOnServiceBuilder singleSignOnServiceBuilder = new SingleSignOnServiceBuilder();
    SingleSignOnService singleSignOnService = singleSignOnServiceBuilder.buildObject();
    singleSignOnService.setLocation("http://the-sso-location");

    IDPSSODescriptorBuilder idpssoDescriptorBuilder = new IDPSSODescriptorBuilder();
    IDPSSODescriptor idpssoDescriptor = idpssoDescriptorBuilder.buildObject();
    idpssoDescriptor.getSingleSignOnServices().add(singleSignOnService);
    idpssoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);

    EntityDescriptorBuilder entityDescriptorBuilder = new EntityDescriptorBuilder();
    EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
    entityDescriptor.setEntityID("the-entity-id");
    entityDescriptor.getRoleDescriptors().add(idpssoDescriptor);

    when(metadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityDescriptor.getEntityID())))).thenReturn(entityDescriptor);

    // When
    URI singleSignOnUri = service.getSingleSignOn(entityDescriptor.getEntityID());

    // Then
    assertThat(singleSignOnUri.toString(), equalTo(singleSignOnService.getLocation()));
    verify(metadataResolver).resolveSingle(any(CriteriaSet.class));
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:27,代码来源:CountrySingleSignOnServiceHelperTest.java

示例10: validateAll

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
public void validateAll() {
    try {
        Iterable<EntityDescriptor> entityDescriptors = metadataResolver.resolve(new CriteriaSet(new EntityIdCriterion(hubFederationId)));
        entityDescriptors.forEach(entityDescriptor -> {
            String entityID = entityDescriptor.getEntityID();
            if (hubEntityId.equals(entityDescriptor.getEntityID())) {
                metadataCertificatesRepository.getHubEncryptionCertificates(entityID);
                metadataCertificatesRepository.getHubSigningCertificates(entityID);
            } else {
                metadataCertificatesRepository.getIdpSigningCertificates(entityID);
            }
        });
    } catch (ResolverException e) {
        throw new InvalidSamlMetadataException("Metadata could not be read from the metadata service", e);
    }
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:17,代码来源:MetadataCertificateValidator.java

示例11: setUp

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Before
public void setUp() throws Exception {
    entityId = "http://issuer";
    when(msaConfiguration.getEntityId()).thenReturn(entityId);
    when(msaConfiguration.getMatchingServiceAdapterExternalUrl()).thenReturn(URI.create("http://localhost"));
    when(certificateStore.getEncryptionCertificates()).thenReturn(asList());
    when(msaMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TestEntityIds.HUB_ENTITY_ID)))).thenReturn(new EntityDescriptorFactory().hubEntityDescriptor());
    when(matchingServiceAdapterConfiguration.getHubSSOUri()).thenReturn(URI.create(hubSsoEndPoint));
    when(matchingServiceAdapterConfiguration.shouldRepublishHubCertificates()).thenReturn(false);

    entityDescriptorElementTransformer = new CoreTransformersFactory().getXmlObjectToElementTransformer();
    keyDescriptorsUnmarshaller = new KeyDescriptorsUnmarshaller(new OpenSamlXmlObjectFactory());

    matchingServiceAdapterMetadataRepository = new MatchingServiceAdapterMetadataRepository(
            msaConfiguration,
            keyDescriptorsUnmarshaller,
            entityDescriptorElementTransformer,
            certificateStore,
            msaMetadataResolver,
            matchingServiceAdapterConfiguration,
            TestEntityIds.HUB_ENTITY_ID);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:23,代码来源:MatchingServiceAdapterMetadataRepositoryTest.java

示例12: shouldBeAbleToLoadMSAMetadataUsingMetadataResolver

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Test
public void shouldBeAbleToLoadMSAMetadataUsingMetadataResolver() throws Exception {
    when(matchingServiceAdapterConfiguration.shouldRepublishHubCertificates()).thenReturn(true);

    Document matchingServiceAdapterMetadata = matchingServiceAdapterMetadataRepository.getMatchingServiceAdapterMetadata();
    String metadata = XmlUtils.writeToString(matchingServiceAdapterMetadata);

    StringBackedMetadataResolver stringBackedMetadataResolver = new StringBackedMetadataResolver(metadata);
    BasicParserPool pool = new BasicParserPool();
    pool.initialize();
    stringBackedMetadataResolver.setParserPool(pool);
    stringBackedMetadataResolver.setId("Some ID");
    stringBackedMetadataResolver.initialize();

    assertThat(stringBackedMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityId))).getEntityID()).isEqualTo(entityId);
    assertThat(stringBackedMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TestEntityIds.HUB_ENTITY_ID))).getEntityID()).isEqualTo(TestEntityIds.HUB_ENTITY_ID);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:18,代码来源:MatchingServiceAdapterMetadataRepositoryTest.java

示例13: setUp

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Before
public void setUp() throws Exception {
    validator = new EidasAttributeQueryValidator(
        verifyMetadataResolver,
        countryMetadataResolver,
        verifyCertificateValidator,
        countryCertificateValidator,
        certificateExtractor,
        x509CertificateFactory,
        new DateTimeComparator(Duration.ZERO),
        assertionDecrypter,
        HUB_CONNECTOR_ENTITY_ID);

    when(verifyMetadataResolver.resolveSingle(any(CriteriaSet.class))).thenReturn(entityDescriptor);
    when(countryMetadataResolver.resolveSingle(any(CriteriaSet.class))).thenReturn((entityDescriptor));
    when(certificateExtractor.extractHubSigningCertificates(entityDescriptor))
        .thenReturn(Arrays.asList(new Certificate(HUB_ENTITY_ID, TestCertificateStrings.HUB_TEST_PUBLIC_SIGNING_CERT, Certificate.KeyUse.Signing)));
    when(certificateExtractor.extractIdpSigningCertificates(entityDescriptor))
        .thenReturn(Arrays.asList(new Certificate(TEST_ENTITY_ID, TestCertificateStrings.TEST_PUBLIC_CERT, Certificate.KeyUse.Signing)));
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:21,代码来源:EidasAttributeQueryValidatorTest.java

示例14: isTrusted

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
@Override
public boolean isTrusted(final X509Certificate[] certificates, final String authType)
        throws CertificateException {
    if (certificates == null || certificates.length < 1) {
        return false;
    }
    // Assume the first certificate is the end-entity cert
    try {
        log.debug("Validating cert {} issued by {}",
                certificates[0].getSubjectDN().getName(),
                certificates[0].getIssuerDN().getName());
        return trustEngine.validate(new BasicX509Credential(certificates[0]), new CriteriaSet());
    } catch (SecurityException e) {
        throw new CertificateException("X509 validation error", e);
    }
}
 
开发者ID:serac,项目名称:shibboleth-idp-ext-cas,代码行数:17,代码来源:PkixProxyAuthenticator.java

示例15: resolve

import net.shibboleth.utilities.java.support.resolver.CriteriaSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
public Iterable<OIDCClientInformation> resolve(CriteriaSet criteria) throws ResolverException {
    ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
    ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);

    final ClientIDCriterion clientIdCriterion = criteria.get(ClientIDCriterion.class);
    if (clientIdCriterion == null || clientIdCriterion.getClientID() == null) {
        log.warn("No client ID criteria found, returning empty set.");
        return Collections.emptyList();
    }
    //TODO: support other criterion
    final String clientId = clientIdCriterion.getClientID().getValue();
    final List<OIDCClientInformation> result = new ArrayList<>();
    try {
        final StorageRecord record = getStorageService().read(CONTEXT_NAME, clientId);
        if (record == null) {
            log.error("Could not find any records with clientId {}", clientId);
        } else {
            final OIDCClientInformation clientInformation = 
                    OIDCClientInformation.parse(JSONObjectUtils.parse(record.getValue()));
            log.debug("Found a record with clientId {}", clientId);
            result.add(clientInformation);
        }
    } catch (IOException | ParseException e) {
        log.error("Could not read the storage data", e);
    }
    return result;
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:30,代码来源:StorageServiceClientInformationResolver.java


注:本文中的net.shibboleth.utilities.java.support.resolver.CriteriaSet类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。