当前位置: 首页>>代码示例>>Java>>正文


Java KeyDescriptor类代码示例

本文整理汇总了Java中org.opensaml.saml.saml2.metadata.KeyDescriptor的典型用法代码示例。如果您正苦于以下问题:Java KeyDescriptor类的具体用法?Java KeyDescriptor怎么用?Java KeyDescriptor使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


KeyDescriptor类属于org.opensaml.saml.saml2.metadata包,在下文中一共展示了KeyDescriptor类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getAttributeAuthorityDescriptor

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private RoleDescriptor getAttributeAuthorityDescriptor(OpenSamlXmlObjectFactory openSamlXmlObjectFactory) {
    final AttributeAuthorityDescriptor attributeAuthorityDescriptor = openSamlXmlObjectFactory.createAttributeAuthorityDescriptor();
    attributeAuthorityDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);

    final AttributeService attributeService = openSamlXmlObjectFactory.createAttributeService();
    attributeService.setLocation(msaConfiguration.getMatchingServiceAdapterExternalUrl().toASCIIString());
    attributeService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
    attributeAuthorityDescriptor.getAttributeServices().add(attributeService);

    Collection<Certificate> certificates = new ArrayList<>();
    certificates.addAll(certificateStore.getSigningCertificates());
    certificates.addAll(certificateStore.getEncryptionCertificates());
    final List<KeyDescriptor> keyDescriptors = keyDescriptorsUnmarshaller.fromCertificates(certificates);
    attributeAuthorityDescriptor.getKeyDescriptors().addAll(keyDescriptors);

    return attributeAuthorityDescriptor;
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:18,代码来源:MatchingServiceAdapterMetadataRepository.java

示例2: badHubEntityDescriptor

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private EntityDescriptor badHubEntityDescriptor() {
    X509Certificate x509CertificateOne = X509CertificateBuilder.aX509Certificate().withCert(TestCertificateStrings.UNCHAINED_PUBLIC_CERT).build();
    X509Data x509DataOne = X509DataBuilder.aX509Data().withX509Certificate(x509CertificateOne).build();
    KeyInfo signingOne = KeyInfoBuilder.aKeyInfo().withKeyName("signing_one").withX509Data(x509DataOne).build();
    KeyDescriptor keyDescriptorOne = KeyDescriptorBuilder.aKeyDescriptor().withKeyInfo(signingOne).build();
    SPSSODescriptor spssoDescriptor = SPSSODescriptorBuilder.anSpServiceDescriptor()
            .addKeyDescriptor(keyDescriptorOne)
            .withoutDefaultSigningKey()
            .withoutDefaultEncryptionKey().build();
    try {
        return EntityDescriptorBuilder.anEntityDescriptor()
                .withEntityId(HUB_ENTITY_ID)
                .addSpServiceDescriptor(spssoDescriptor)
                .withIdpSsoDescriptor(null)
                .withValidUntil(DateTime.now().plusHours(1))
                .withSignature(null)
                .withoutSigning()
                .build();
    } catch (MarshallingException | SignatureException e) {
        throw propagate(e);
    }
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:23,代码来源:MatchingServiceAdapterFailingMetadataAppRuleTest.java

示例3: extractSigningCerts

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private List<Certificate> extractSigningCerts(List<KeyDescriptor> keyDescriptors, String entityId) {
    return keyDescriptors
            .stream()
            .filter(keyDescriptor -> keyDescriptor.getUse() == UsageType.SIGNING)
            .map(keyDescriptor -> keyDescriptor.getKeyInfo().getX509Datas())
            .flatMap(List::stream)
            .map(X509Data::getX509Certificates)
            .flatMap(List::stream)
            .map(x509Certificate -> new Certificate(entityId, x509Certificate.getValue(), Certificate.KeyUse.Signing))
            .collect(Collectors.toList());
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:12,代码来源:HubAsIdpMetadataHandler.java

示例4: getHubEncryptionCertificate

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private Certificate getHubEncryptionCertificate(EntityDescriptor entityDescriptor) {
    KeyDescriptor hubEncryptionKey = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS).getKeyDescriptors()
            .stream()
            .filter(input1 -> input1.getUse() == UsageType.ENCRYPTION) //there should only be one and only one hub encryption key
            .findFirst()
            .get();
    X509Certificate x509Certificate = hubEncryptionKey.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0);
    return new Certificate(entityDescriptor.getEntityID(), x509Certificate.getValue(), Certificate.KeyUse.Encryption);
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:10,代码来源:HubAsIdpMetadataHandler.java

示例5: createCountryEntityDescriptor

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
    Signature entityDescriptorSignature = createSignature();
    KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
    IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder
            .anIdpSsoDescriptor()
            .addKeyDescriptor(keyDescriptor)
            .build();
    try {
        return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
    } catch (MarshallingException | SignatureException e) {
        throw Throwables.propagate(e);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:14,代码来源:NodeMetadataFactory.java

示例6: getKeyDescriptor

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
protected final KeyDescriptor getKeyDescriptor(final UsageType type, final KeyInfo key) {
    final SAMLObjectBuilder<KeyDescriptor> builder = (SAMLObjectBuilder<KeyDescriptor>)
            Configuration.getBuilderFactory()
            .getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME);
    final KeyDescriptor descriptor = builder.buildObject();
    descriptor.setUse(type);
    descriptor.setKeyInfo(key);
    return descriptor;
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:10,代码来源:SAML2MetadataGenerator.java

示例7: toCertificate

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private Certificate toCertificate(KeyDescriptor keyDescriptor) {
    String entityId = null;
    if (!keyDescriptor.getKeyInfo().getKeyNames().isEmpty()) {
        entityId = keyDescriptor.getKeyInfo().getKeyNames().get(0).getValue();
    }
    return transformCertificate(entityId, keyDescriptor);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:8,代码来源:CertificateExtractor.java

示例8: shouldGenerateValidMetadataFromLocalConfiguration

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
@Test
public void shouldGenerateValidMetadataFromLocalConfiguration() throws Exception {
    HTTPMetadataResolver httpMetadataResolver = new HTTPMetadataResolver(new Timer(), HttpClientBuilder.create().build(),
            "http://localhost:" + applicationRule.getLocalPort() + "/matching-service/SAML2/metadata");
    BasicParserPool basicParserPool = new BasicParserPool();
    basicParserPool.initialize();
    httpMetadataResolver.setParserPool(basicParserPool);
    httpMetadataResolver.setId("test id");
    httpMetadataResolver.initialize();

    httpMetadataResolver.refresh();

    EntityDescriptor descriptor = httpMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TEST_RP_MS)));
    AttributeAuthorityDescriptor attributeAuthorityDescriptor = descriptor.getAttributeAuthorityDescriptor(SAMLConstants.SAML20P_NS);
    Map<UsageType, List<KeyDescriptor>> keysByUsage = attributeAuthorityDescriptor.getKeyDescriptors().stream()
            .collect(groupingBy(KeyDescriptor::getUse));


    assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
    assertThat(keysByUsage.get(UsageType.ENCRYPTION)).hasSize(1);

    assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
    assertThat(getCertificateNames(keysByUsage, UsageType.ENCRYPTION)).contains(MSA_ENCRYPTION_PRIMARY);

    IDPSSODescriptor idpssoDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
    assertThat(idpssoDescriptor).isNotNull();
    assertThat(idpssoDescriptor.getSingleSignOnServices()).hasSize(1);

    keysByUsage = idpssoDescriptor.getKeyDescriptors().stream().collect(groupingBy(KeyDescriptor::getUse));
    assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
    assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:33,代码来源:MatchingServiceAdapterMetadataAppRuleTest.java

示例9: getKeyDescriptors

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
public List<KeyDescriptor> getKeyDescriptors() {
    return this.ssoDescriptor.getKeyDescriptors();
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:4,代码来源:SamlRegisteredServiceServiceProviderMetadataFacade.java

示例10: getCertificateFromKeyDescriptor

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private Stream<X509Certificate> getCertificateFromKeyDescriptor(KeyDescriptor keyDescriptor) {
    return keyDescriptor.getKeyInfo()
        .getX509Datas()
        .stream()
        .flatMap(x509Data -> x509Data.getX509Certificates().stream());
}
 
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:7,代码来源:MetadataPublicKeyExtractor.java

示例11: transformCertificate

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private Certificate transformCertificate(String entityId, KeyDescriptor keyDescriptor) {
    String x509Certificate = keyDescriptor.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0).getValue();
    final Certificate.KeyUse keyUse = transformUsageType(keyDescriptor.getUse());
    return new Certificate(entityId, x509Certificate, keyUse);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:6,代码来源:CertificateExtractor.java

示例12: getKeyDescriptors

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private Collection<? extends KeyDescriptor> getKeyDescriptors() {
    Collection<Certificate> certificates = new ArrayList<>();
    certificates.addAll(certificateStore.getSigningCertificates());
    return keyDescriptorsUnmarshaller.fromCertificates(certificates);
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:6,代码来源:MatchingServiceAdapterMetadataRepository.java

示例13: getCertificateNames

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private List<String> getCertificateNames(Map<UsageType, List<KeyDescriptor>> keysByUsage, UsageType keyUsage) {
    return keysByUsage.get(keyUsage).stream()
                .flatMap(kd -> kd.getKeyInfo().getKeyNames().stream())
                .map(XSString::getValue)
                .collect(Collectors.toList());
}
 
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:7,代码来源:MatchingServiceAdapterMetadataAppRuleTest.java

示例14: importMetaData

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
private static void importMetaData(KeyStore ks, EntityDescriptor ed,
		IDPSSODescriptor idp, AuthMechType currentMechanism,
		HashMap<String, ParamType> params) throws Base64DecodingException,
		CertificateException, KeyStoreException {
	setProperty("entityID",ed.getEntityID(),params,currentMechanism);
	setProperty("entityID",ed.getEntityID(),params,currentMechanism);
	
	for (SingleSignOnService sso : idp.getSingleSignOnServices() ) {
		if (sso.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")) {
			setProperty("idpURL",sso.getLocation(),params,currentMechanism);
			
		} else if (sso.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")) {
			
			setProperty("idpRedirURL",sso.getLocation(),params,currentMechanism);
		}
	}
	
	for (SingleLogoutService slo : idp.getSingleLogoutServices()) {
		if (slo.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")) {
			
			setProperty("idpRedirLogoutURL",slo.getLocation(),params,currentMechanism);
		}
	}
	
	for (KeyDescriptor kd : idp.getKeyDescriptors()) {
		
		if (kd.getUse().equals(UsageType.SIGNING)) {
			String base64 = kd.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0).getValue();
			String name = "verify-" + ed.getEntityID() + "-idp-sig";

			
			ByteArrayInputStream bais = new ByteArrayInputStream(Base64.decode(base64));
			CertificateFactory cf = CertificateFactory.getInstance("X.509");
			Collection<? extends Certificate> c = cf.generateCertificates(bais);
			
			if (c.size() > 1) {
				int j = 0;
				Iterator<? extends Certificate> i = c.iterator();
				while (i.hasNext()) {
					Certificate certificate = (Certificate) i.next();
					ks.setCertificateEntry(name + "-" + j, certificate);
				}
			} else {
				ks.setCertificateEntry(name, c.iterator().next());
			}
			
			
			setProperty("idpSigKeyName",name,params,currentMechanism);
			
		}
		
		
	}
}
 
开发者ID:TremoloSecurity,项目名称:OpenUnison,代码行数:55,代码来源:OpenUnisonUtils.java

示例15: getMetadata

import org.opensaml.saml.saml2.metadata.KeyDescriptor; //导入依赖的package包/类
@PreAuthorize("isAuthenticated()")
public void getMetadata(final String spEntityID, final String urlContext, final OutputStream os) {
    check();

    try {
        EntityDescriptor spEntityDescriptor = new EntityDescriptorBuilder().buildObject();
        spEntityDescriptor.setEntityID(spEntityID);

        SPSSODescriptor spSSODescriptor = new SPSSODescriptorBuilder().buildObject();
        spSSODescriptor.setWantAssertionsSigned(true);
        spSSODescriptor.setAuthnRequestsSigned(true);
        spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);

        X509KeyInfoGeneratorFactory keyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        keyInfoGeneratorFactory.setEmitEntityCertificate(true);
        KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance();
        keyInfoGenerator.generate(loader.getCredential());

        KeyDescriptor keyDescriptor = new KeyDescriptorBuilder().buildObject();
        keyDescriptor.setKeyInfo(keyInfoGenerator.generate(loader.getCredential()));
        spSSODescriptor.getKeyDescriptors().add(keyDescriptor);

        NameIDFormat nameIDFormat = new NameIDFormatBuilder().buildObject();
        nameIDFormat.setFormat(NameIDType.PERSISTENT);
        spSSODescriptor.getNameIDFormats().add(nameIDFormat);
        nameIDFormat = new NameIDFormatBuilder().buildObject();
        nameIDFormat.setFormat(NameIDType.TRANSIENT);
        spSSODescriptor.getNameIDFormats().add(nameIDFormat);

        for (SAML2BindingType bindingType : SAML2BindingType.values()) {
            AssertionConsumerService assertionConsumerService = new AssertionConsumerServiceBuilder().buildObject();
            assertionConsumerService.setIndex(bindingType.ordinal());
            assertionConsumerService.setBinding(bindingType.getUri());
            assertionConsumerService.setLocation(getAssertionConsumerURL(spEntityID, urlContext));
            spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService);
            spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);

            String sloUrl = spEntityID + urlContext + "/logout";
            validateUrl(sloUrl);

            SingleLogoutService singleLogoutService = new SingleLogoutServiceBuilder().buildObject();
            singleLogoutService.setBinding(bindingType.getUri());
            singleLogoutService.setLocation(sloUrl);
            singleLogoutService.setResponseLocation(sloUrl);
            spSSODescriptor.getSingleLogoutServices().add(singleLogoutService);
        }

        spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
        saml2rw.sign(spEntityDescriptor);

        saml2rw.write(new OutputStreamWriter(os), spEntityDescriptor, true);
    } catch (Exception e) {
        LOG.error("While getting SP metadata", e);
        SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.Unknown);
        sce.getElements().add(e.getMessage());
        throw sce;
    }
}
 
开发者ID:apache,项目名称:syncope,代码行数:59,代码来源:SAML2SPLogic.java


注:本文中的org.opensaml.saml.saml2.metadata.KeyDescriptor类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。