本文整理汇总了Java中org.opensaml.saml.saml2.core.EncryptedAssertion类的典型用法代码示例。如果您正苦于以下问题:Java EncryptedAssertion类的具体用法?Java EncryptedAssertion怎么用?Java EncryptedAssertion使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
EncryptedAssertion类属于org.opensaml.saml.saml2.core包,在下文中一共展示了EncryptedAssertion类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: encryptAssertion
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
/**
* Encrypt assertion.
*
* @param assertion the assertion
* @param request the request
* @param response the response
* @param service the service
* @param adaptor the adaptor
* @return the saml object
* @throws SamlException the saml exception
*/
protected SAMLObject encryptAssertion(final Assertion assertion,
final HttpServletRequest request, final HttpServletResponse response,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) throws SamlException {
try {
if (service.isEncryptAssertions()) {
LOGGER.info("SAML service [{}] requires assertions to be encrypted", adaptor.getEntityId());
final EncryptedAssertion encryptedAssertion =
this.samlObjectEncrypter.encode(assertion, service, adaptor, response, request);
return encryptedAssertion;
}
LOGGER.info("SAML registered service [{}] does not require assertions to be encrypted", adaptor.getEntityId());
return assertion;
} catch (final Exception e) {
throw new SamlException("Unable to marshall assertion for encryption", e);
}
}
示例2: encode
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
/**
* Encode a given saml object by invoking a number of outbound security handlers on the context.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @param response the response
* @param request the request
* @return the t
* @throws SamlException the saml exception
*/
public EncryptedAssertion encode(final Assertion samlObject,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final HttpServletResponse response,
final HttpServletRequest request) throws SamlException {
try {
LOGGER.debug("Attempting to encrypt [{}] for [{}]", samlObject.getClass().getName(), adaptor.getEntityId());
final Credential credential = getKeyEncryptionCredential(adaptor.getEntityId(), adaptor, service);
LOGGER.info("Found encryption public key: [{}]", EncodingUtils.encodeBase64(credential.getPublicKey().getEncoded()));
final KeyEncryptionParameters keyEncParams = getKeyEncryptionParameters(samlObject, service, adaptor, credential);
LOGGER.debug("Key encryption algorithm for [{}] is [{}]", keyEncParams.getRecipient(), keyEncParams.getAlgorithm());
final DataEncryptionParameters dataEncParams = getDataEncryptionParameters(samlObject, service, adaptor);
LOGGER.debug("Data encryption algorithm for [{}] is [{}]", adaptor.getEntityId(), dataEncParams.getAlgorithm());
final Encrypter encrypter = getEncrypter(samlObject, service, adaptor, keyEncParams, dataEncParams);
LOGGER.debug("Attempting to encrypt [{}] for [{}] with key placement of [{}]",
samlObject.getClass().getName(), adaptor.getEntityId(), encrypter.getKeyPlacement());
return encrypter.encrypt(samlObject);
} catch (final Exception e) {
throw new SamlException(e.getMessage(), e);
}
}
示例3: build
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
public AttributeQueryRequestDto build(String persistentIdName, String matchingDatasetAssertionId, String
authnStatementAssertionId, String requestId) {
XmlObjectToBase64EncodedStringTransformer<XMLObject> toBase64EncodedStringTransformer = new XmlObjectToBase64EncodedStringTransformer<>();
final PersistentId persistentId = aPersistentId().withNameId(persistentIdName).build();
Assertion authnStatementAssertion = AssertionBuilder.anAssertion().withId(authnStatementAssertionId).buildUnencrypted();
String authnStatementAssertionString = toBase64EncodedStringTransformer.apply(authnStatementAssertion);
EncryptedAssertion encryptedMdsAssertion = AssertionBuilder.anAssertion().withId(matchingDatasetAssertionId).build();
String encryptedMdsAssertionString = toBase64EncodedStringTransformer.apply(encryptedMdsAssertion);
return aHubMatchingServiceRequestDto()
.withId(requestId)
.withMatchingServiceEntityId(TestEntityIds.TEST_RP_MS)
.withPersistentId(persistentId)
.withEncryptedMatchingDatasetAssertion(encryptedMdsAssertionString)
.withAuthnStatementAssertion(authnStatementAssertionString)
.build();
}
示例4: anEidasEncryptedAssertion
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
public static EncryptedAssertion anEidasEncryptedAssertion(String issuerId) {
return anAssertion()
.addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().build())
.withIssuer(
anIssuer()
.withIssuerId(issuerId)
.build())
.withSignature(aValidSignature())
.withConditions(aConditions())
.buildWithEncrypterCredential(
new TestCredentialFactory(
TEST_RP_MS_PUBLIC_ENCRYPTION_CERT,
TEST_RP_MS_PRIVATE_ENCRYPTION_KEY
).getEncryptingCredential()
);
}
示例5: anEidasEncryptedAssertionWithInvalidSignature
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
public static EncryptedAssertion anEidasEncryptedAssertionWithInvalidSignature() {
return anAssertion()
.withIssuer(
anIssuer()
.withIssuerId(STUB_IDP_ONE)
.build())
.withSignature(aSignature()
.withSigningCredential(
new TestCredentialFactory(
TEST_RP_PUBLIC_SIGNING_CERT,
TEST_RP_PRIVATE_SIGNING_KEY
).getSigningCredential()
).build())
.buildWithEncrypterCredential(
new TestCredentialFactory(
TEST_RP_MS_PUBLIC_ENCRYPTION_CERT,
TEST_RP_MS_PRIVATE_ENCRYPTION_KEY
).getEncryptingCredential()
);
}
示例6: shouldValidateAttributeQuerySuccessfully
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Test
public void shouldValidateAttributeQuerySuccessfully() throws ResolverException {
final EncryptedAssertion encryptedAssertion = anAssertion().addAuthnStatement(anAuthnStatement().build()).withConditions(aConditions()).build();
final String requestId = "request-id";
final AttributeQuery attributeQuery = anAttributeQuery()
.withIssuer(anIssuer().withIssuerId(HUB_ENTITY_ID).build())
.withSignature(
aSignature()
.withSigningCredential(
new TestCredentialFactory(
HUB_TEST_PUBLIC_SIGNING_CERT,
HUB_TEST_PRIVATE_SIGNING_KEY
).getSigningCredential()
).build()
)
.withId(requestId)
.withSubject(aSubjectWithEncryptedAssertion(encryptedAssertion, requestId, HUB_ENTITY_ID))
.build();
when(assertionDecrypter.decryptAssertions(any())).thenReturn(Arrays.asList(anEidasAssertion().withConditions(aConditions()).buildUnencrypted()));
Messages messages = validator.validate(attributeQuery, messages());
assertThat(messages.size()).isEqualTo(0);
assertThat(messages.hasErrors()).isFalse();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:26,代码来源:EidasAttributeQueryValidatorTest.java
示例7: shouldReturnErrorWhenAttributeQueryIssuerValidationFails
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Test
public void shouldReturnErrorWhenAttributeQueryIssuerValidationFails() throws ResolverException {
final EncryptedAssertion encryptedAssertion = anAssertion().build();
final Assertion assertion = anAssertion().addAuthnStatement(anAuthnStatement().build()).buildUnencrypted();
final String requestId = "request-id";
final AttributeQuery attributeQuery = anAttributeQuery()
.withIssuer(anIssuer().withIssuerId("").build())
.withSignature(
aSignature()
.withSigningCredential(
new TestCredentialFactory(
HUB_TEST_PUBLIC_SIGNING_CERT,
HUB_TEST_PRIVATE_SIGNING_KEY
).getSigningCredential()
).build()
)
.withId(requestId)
.withSubject(aSubjectWithEncryptedAssertion(encryptedAssertion, requestId, HUB_ENTITY_ID))
.build();
when(assertionDecrypter.decryptAssertions(any())).thenReturn(Arrays.asList(assertion));
Messages messages = validator.validate(attributeQuery, messages());
assertThat(messages.hasErrorLike(DEFAULT_ISSUER_EMPTY_MESSAGE)).isTrue();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:26,代码来源:EidasAttributeQueryValidatorTest.java
示例8: shouldReturnErrorWhenAttributeQuerySignatureValidationFails
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Test
public void shouldReturnErrorWhenAttributeQuerySignatureValidationFails() throws ResolverException {
final EncryptedAssertion encryptedAssertion = anAssertion().withConditions(aConditions()).build();
final String requestId = "request-id";
final AttributeQuery attributeQuery = anAttributeQuery()
.withIssuer(anIssuer().withIssuerId(HUB_ENTITY_ID).build())
.withSignature(
aSignature()
.withSigningCredential(
new TestCredentialFactory(
TEST_RP_PUBLIC_SIGNING_CERT,
TEST_RP_PRIVATE_SIGNING_KEY
).getSigningCredential()
).build()
)
.withId(requestId)
.withSubject(aSubjectWithEncryptedAssertion(encryptedAssertion, requestId, HUB_ENTITY_ID))
.build();
when(assertionDecrypter.decryptAssertions(any())).thenReturn(Arrays.asList(anEidasAssertion().withConditions(aConditions()).buildUnencrypted()));
Messages messages = validator.validate(attributeQuery, messages());
assertThat(messages.hasErrorLike(DEFAULT_INVALID_SIGNATURE_MESSAGE)).isTrue();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:25,代码来源:EidasAttributeQueryValidatorTest.java
示例9: shouldReturnErrorWhenAnEncryptedAssertionValidationFails
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Test
public void shouldReturnErrorWhenAnEncryptedAssertionValidationFails() throws ResolverException {
final EncryptedAssertion encryptedAssertion = anAssertion().withIssuer(anIssuer().withIssuerId("").build()).build();
final Assertion assertion = anAssertion().addAuthnStatement(anAuthnStatement().build()).withIssuer(anIssuer().withIssuerId("").build()).buildUnencrypted();
final String requestId = "request-id";
final AttributeQuery attributeQuery = anAttributeQuery()
.withIssuer(anIssuer().withIssuerId(HUB_ENTITY_ID).build())
.withSignature(
aSignature()
.withSigningCredential(
new TestCredentialFactory(
HUB_TEST_PUBLIC_SIGNING_CERT,
HUB_TEST_PRIVATE_SIGNING_KEY
).getSigningCredential()
).build()
)
.withId(requestId)
.withSubject(aSubjectWithEncryptedAssertion(encryptedAssertion, requestId, HUB_ENTITY_ID))
.build();
when(assertionDecrypter.decryptAssertions(any())).thenReturn(Arrays.asList(assertion));
Messages messages = validator.validate(attributeQuery, messages());
assertThat(messages.hasErrorLike(generateEmptyIssuerMessage(IDENTITY_ASSERTION))).isTrue();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:27,代码来源:EidasAttributeQueryValidatorTest.java
示例10: buildResponse
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Override
protected Response buildResponse(final Assertion assertion,
final org.jasig.cas.client.validation.Assertion casAssertion,
final AuthnRequest authnRequest,
final SamlRegisteredService service,
final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
final HttpServletRequest request,
final HttpServletResponse response,
final String binding) throws SamlException {
final String id = '_' + String.valueOf(Math.abs(new SecureRandom().nextLong()));
Response samlResponse = newResponse(id, ZonedDateTime.now(ZoneOffset.UTC), authnRequest.getID(), null);
samlResponse.setVersion(SAMLVersion.VERSION_20);
samlResponse.setIssuer(buildEntityIssuer());
samlResponse.setConsent(RequestAbstractType.UNSPECIFIED_CONSENT);
final SAMLObject finalAssertion = encryptAssertion(assertion, request, response, service, adaptor);
if (finalAssertion instanceof EncryptedAssertion) {
LOGGER.debug("Built assertion is encrypted, so the response will add it to the encrypted assertions collection");
samlResponse.getEncryptedAssertions().add(EncryptedAssertion.class.cast(finalAssertion));
} else {
LOGGER.debug("Built assertion is not encrypted, so the response will add it to the assertions collection");
samlResponse.getAssertions().add(Assertion.class.cast(finalAssertion));
}
final Status status = newStatus(StatusCode.SUCCESS, StatusCode.SUCCESS);
samlResponse.setStatus(status);
SamlUtils.logSamlObject(this.configBean, samlResponse);
if (service.isSignResponses()) {
LOGGER.debug("SAML entity id [{}] indicates that SAML responses should be signed", adaptor.getEntityId());
samlResponse = this.samlObjectSigner.encode(samlResponse, service, adaptor,
response, request, binding);
}
return samlResponse;
}
示例11: unmarshall
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
private EncryptedAssertion unmarshall(Element element) {
UnmarshallerFactory unmarshallerFactory = XMLObjectProviderRegistrySupport.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
try {
return (EncryptedAssertion) unmarshaller.unmarshall(element);
} catch (UnmarshallingException e) {
throw new RuntimeException(e);
}
}
示例12: decrypt
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
private Assertion decrypt(EncryptedAssertion encryptedAssertion) {
Decrypter decrypter = new DecrypterFactory().createDecrypter(ImmutableList.of(new BasicCredential(publicKey, privateKey)));
decrypter.setRootInNewDocument(true);
try {
return decrypter.decrypt(encryptedAssertion);
} catch (DecryptionException e) {
throw new RuntimeException(e);
}
}
示例13: build
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
public EidasAttributeQueryRequestDto build() {
XmlObjectToBase64EncodedStringTransformer<XMLObject> toBase64EncodedStringTransformer = new XmlObjectToBase64EncodedStringTransformer<>();
EncryptedAssertion encryptedIdentityAssertion = AssertionBuilder.anAssertion().withId(UUID.randomUUID().toString()).build();
String encryptedIdentityAssertionString = toBase64EncodedStringTransformer.apply(encryptedIdentityAssertion);
return anEidasAttributeQueryRequestDto().withEncryptedIdentityAssertion(encryptedIdentityAssertionString).build();
}
示例14: decryptEncryptedAssertions
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
/**
* Decrypt encrypted assertions and add them to the assertions list of the response.
*
* @param response the response
* @param decrypter the decrypter
*/
protected final void decryptEncryptedAssertions(final Response response, final Decrypter decrypter) {
for (final EncryptedAssertion encryptedAssertion : response.getEncryptedAssertions()) {
try {
final Assertion decryptedAssertion = decrypter.decrypt(encryptedAssertion);
response.getAssertions().add(decryptedAssertion);
} catch (final DecryptionException e) {
logger.error("Decryption of assertion failed, continue with the next one", e);
}
}
}
示例15: getEncryptedAssertions
import org.opensaml.saml.saml2.core.EncryptedAssertion; //导入依赖的package包/类
@Override
public List<EncryptedAssertion> getEncryptedAssertions() {
return (List<EncryptedAssertion>) (List<?>) attributeQuery.getSubject()
.getSubjectConfirmations().stream()
.flatMap(
s -> s.getSubjectConfirmationData().getUnknownXMLObjects(EncryptedAssertion.DEFAULT_ELEMENT_NAME).stream()
)
.collect(Collectors.toList());
}