Java EntityDescriptor类代码示例

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/**
 * Populates the peer's entity metadata if a metadata provide is present in the message context. Populates the
 * peer's role descriptor if the entity metadata was available and the role name is present in the message context.
 * 
 * @param messageContext current message context
 * 
 * @throws MessageDecodingException thrown if there is a problem populating the message context
 */
protected void populateRelyingPartyMetadata(SAMLMessageContext messageContext) throws MessageDecodingException {
    MetadataProvider metadataProvider = messageContext.getMetadataProvider();
    try {
        if (metadataProvider != null) {
            EntityDescriptor relyingPartyMD = metadataProvider.getEntityDescriptor(messageContext
                    .getInboundMessageIssuer());
            messageContext.setPeerEntityMetadata(relyingPartyMD);

            QName relyingPartyRole = messageContext.getPeerEntityRole();
            if (relyingPartyMD != null && relyingPartyRole != null) {
                List<RoleDescriptor> roles = relyingPartyMD.getRoleDescriptors(relyingPartyRole,
                        SAMLConstants.SAML11P_NS);
                if (roles != null && roles.size() > 0) {
                    messageContext.setPeerEntityRoleMetadata(roles.get(0));
                }
            }
        }
    } catch (MetadataProviderException e) {
        log.error("Error retrieving metadata for relying party " + messageContext.getInboundMessageIssuer(), e);
        throw new MessageDecodingException("Error retrieving metadata for relying party "
                + messageContext.getInboundMessageIssuer(), e);
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
public void doFilter(XMLObject metadata) throws FilterException {
    SignableXMLObject signableMetadata = (SignableXMLObject) metadata;

    if (!signableMetadata.isSigned()){
        if (getRequireSignature()) {
            throw new FilterException("Metadata root element was unsigned and signatures are required.");
        }
    }
    
    if (signableMetadata instanceof EntityDescriptor) {
        processEntityDescriptor((EntityDescriptor) signableMetadata);
    } else if (signableMetadata instanceof EntitiesDescriptor) {
        processEntityGroup((EntitiesDescriptor) signableMetadata);
    } else {
        log.error("Internal error, metadata object was of an unsupported type: {}", metadata.getClass().getName());
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException {
    Lock readLock = providerLock.readLock();
    readLock.lock();

    EntityDescriptor descriptor = null;
    try {
        for (MetadataProvider provider : providers) {
            log.debug("Checking child metadata provider for entity descriptor with entity ID: {}", entityID);
            try {
                descriptor = provider.getEntityDescriptor(entityID);
                if (descriptor != null) {
                    break;
                }
            } catch (MetadataProviderException e) {
                log.warn("Error retrieving metadata from provider of type {}, proceeding to next provider",
                        provider.getClass().getName(), e);
                continue;
            }
        }
    } finally {
        readLock.unlock();
    }

    return descriptor;
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException {
    if (!isInitialized()) {
        throw new MetadataProviderException("Metadata provider has not been initialized");
    }

    if (DatatypeHelper.isEmpty(entityID)) {
        log.debug("EntityDescriptor entityID was null or empty, skipping search for it");
        return null;
    }

    EntityDescriptor descriptor = doGetEntityDescriptor(entityID);
    if (descriptor == null) {
        log.debug("Metadata document does not contain an EntityDescriptor with the ID {}", entityID);
        return null;
    } else if (!isValid(descriptor)) {
        log.debug("Metadata document contained an EntityDescriptor with the ID {}, but it was no longer valid",
                entityID);
        return null;
    }

    return descriptor;
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/**
 * Filters entity descriptor roles.
 * 
 * @param descriptor entity descriptor to filter
 * 
 * @throws FilterException thrown if an effective role name can not be determined
 */
protected void filterEntityDescriptor(EntityDescriptor descriptor) throws FilterException {
    List<RoleDescriptor> roles = descriptor.getRoleDescriptors();

    if (roles != null && !roles.isEmpty()) {
        Iterator<RoleDescriptor> rolesItr = roles.iterator();
        QName roleName;
        while (rolesItr.hasNext()) {
            roleName = getRoleName(rolesItr.next());
            if (!roleWhiteList.contains(roleName)) {
                log.trace("Filtering out role {} from entity {}", roleName, descriptor.getEntityID());
                rolesItr.remove();
            }
        }
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {
    EntityDescriptor entityDescriptor = (EntityDescriptor) parentSAMLObject;

    if (childSAMLObject instanceof Extensions) {
        entityDescriptor.setExtensions((Extensions) childSAMLObject);
    } else if (childSAMLObject instanceof Signature) {
        entityDescriptor.setSignature((Signature) childSAMLObject);
    } else if (childSAMLObject instanceof RoleDescriptor) {
        entityDescriptor.getRoleDescriptors().add((RoleDescriptor) childSAMLObject);
    } else if (childSAMLObject instanceof AffiliationDescriptor) {
        entityDescriptor.setAffiliationDescriptor((AffiliationDescriptor) childSAMLObject);
    } else if (childSAMLObject instanceof Organization) {
        entityDescriptor.setOrganization((Organization) childSAMLObject);
    } else if (childSAMLObject instanceof ContactPerson) {
        entityDescriptor.getContactPersons().add((ContactPerson) childSAMLObject);
    } else if (childSAMLObject instanceof AdditionalMetadataLocation) {
        entityDescriptor.getAdditionalMetadataLocations().add((AdditionalMetadataLocation) childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
    EntityDescriptor entityDescriptor = (EntityDescriptor) samlObject;

    if (attribute.getLocalName().equals(EntityDescriptor.ENTITY_ID_ATTRIB_NAME)) {
        entityDescriptor.setEntityID(attribute.getValue());
    } else if (attribute.getLocalName().equals(EntityDescriptor.ID_ATTRIB_NAME)) {
        entityDescriptor.setID(attribute.getValue());
        attribute.getOwnerElement().setIdAttributeNode(attribute, true);
    } else if (attribute.getLocalName().equals(TimeBoundSAMLObject.VALID_UNTIL_ATTRIB_NAME)
            && !DatatypeHelper.isEmpty(attribute.getValue())) {
        entityDescriptor.setValidUntil(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC()));
    } else if (attribute.getLocalName().equals(CacheableSAMLObject.CACHE_DURATION_ATTRIB_NAME)) {
        entityDescriptor.setCacheDuration(XMLHelper.durationToLong(attribute.getValue()));
    } else {
        QName attribQName = XMLHelper.getNodeQName(attribute);
        if (attribute.isId()) {
            entityDescriptor.getUnknownAttributes().registerID(attribQName);
        }
        entityDescriptor.getUnknownAttributes().put(attribQName, attribute.getValue());
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
        throws UnmarshallingException {
    EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) parentSAMLObject;

    if (childSAMLObject instanceof Extensions) {
        entitiesDescriptor.setExtensions((Extensions) childSAMLObject);
    } else if (childSAMLObject instanceof EntitiesDescriptor) {
        entitiesDescriptor.getEntitiesDescriptors().add((EntitiesDescriptor) childSAMLObject);
    } else if (childSAMLObject instanceof EntityDescriptor) {
        entitiesDescriptor.getEntityDescriptors().add((EntityDescriptor) childSAMLObject);
    } else if (childSAMLObject instanceof Signature) {
        entitiesDescriptor.setSignature((Signature) childSAMLObject);
    } else {
        super.processChildElement(parentSAMLObject, childSAMLObject);
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
@SuppressWarnings("unchecked")
public MetadataProvider generate(final SAMLConfig configuration) throws MetadataProviderException, ResourceException  {
	SAMLObjectBuilder<EntityDescriptor> builder = (SAMLObjectBuilder<EntityDescriptor>) builderFactory.getBuilder(EntityDescriptor.DEFAULT_ELEMENT_NAME);
       EntityDescriptor descriptor = builder.buildObject();
       descriptor.setID(configuration.getIdpEntityId());
       descriptor.setEntityID(configuration.getIdpEntityId());
       descriptor.getRoleDescriptors().add(buildIDPSSODescriptor(configuration));

       MetadataMemoryProvider memoryProvider = new MetadataMemoryProvider(descriptor);
       memoryProvider.initialize();

       ExtendedMetadata extendedMetadata = new ExtendedMetadata();
   	extendedMetadata.setSigningKey(configuration.getIdpEntityId());

   	ExtendedMetadataDelegate idpMetadataProvider = new ExtendedMetadataDelegate(memoryProvider, extendedMetadata);
   	idpMetadataProvider.setMetadataRequireSignature(false);
   	idpMetadataProvider.initialize();

   	return idpMetadataProvider;
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/**
 * Displays stored metadata.
 *
 * @param entityId entity ID of metadata to display
 * @return model and view
 * @throws MetadataProviderException in case metadata can't be located
 * @throws MarshallingException      in case de-serialization into string fails
 */
@RequestMapping( value = "/display" )
public ModelAndView displayMetadata(@RequestParam( "entityId" ) String entityId) throws
    MetadataProviderException, MarshallingException
{

    EntityDescriptor entityDescriptor = metadataManager.getEntityDescriptor( entityId );
    ExtendedMetadata extendedMetadata = metadataManager.getExtendedMetadata( entityId );

    if ( entityDescriptor == null )
    {
        throw new MetadataProviderException( "Metadata with ID " + entityId + " not found" );
    }

    return displayMetadata( entityDescriptor, extendedMetadata );

}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
protected String getFileName(EntityDescriptor entityDescriptor)
{
    StringBuilder fileName = new StringBuilder();
    for ( Character c : entityDescriptor.getEntityID().toCharArray() )
    {
        if ( Character.isJavaIdentifierPart( c ) )
        {
            fileName.append( c );
        }
    }
    if ( fileName.length() > 0 )
    {
        fileName.append( "_sp.xml" );
        return fileName.toString();
    }
    else
    {
        return "default_sp.xml";
    }
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
@Before
public final void onSetUp() throws Exception {
	req = mock(HttpServletRequest.class);
	res = mock(HttpServletResponse.class);
	when(res.getOutputStream()).thenReturn(new ServletOutputStream() {
		public void write(int b) throws IOException {}
	});
	
	session = mock(HttpSession.class);
	when(req.getSession()).thenReturn(session);
	when(session.getId()).thenReturn(UUID.randomUUID().toString());
	
	EntityDescriptor desc = (EntityDescriptor) SAMLUtil.unmarshallElement(getClass().getResourceAsStream("SPMetadata.xml"));
	
	sh = mock(SessionHandler.class);
	
	CredentialRepository rep = new CredentialRepository();
	BasicX509Credential credential = rep.getCredential("test/test.pkcs12", "Test1234");
	
	cfg = new MapConfiguration(new HashMap<String, Object>() {{
		put("oiosaml-sp.assertion.validator", Validator.class.getName());
		put(Constants.PROP_HOME, "/home");
	}});
	IdpMetadata idp = new IdpMetadata("http://schemas.xmlsoap.org/ws/2006/12/federation", (EntityDescriptor)SAMLUtil.unmarshallElement(getClass().getResourceAsStream("IdPMetadata.xml")));
	rc = new RequestContext(req, res, idp, new SPMetadata(desc, "http://schemas.xmlsoap.org/ws/2006/12/federation"), credential, cfg, sh, null);
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
/**
 * Get a string representation of the signed metadata.
 * 
 * This method replaces the KeyInfo elements in the SPMetadata.xml file with
 * the actual certificate passed in the credentials parameter.
 * 
 * @param signingCredential
 *            Credential to use for signing. If <code>null</code>, the
 *            metadata is not signed.
 * @return The signed metadata as a string.
 */
public String getMetadata(Credential signingCredential, boolean sign) {
	X509Credential c = (X509Credential) signingCredential;
	EntityDescriptor e = SAMLUtil.clone(entityDescriptor);
	for (RoleDescriptor rd : e.getRoleDescriptors()) {
		for (KeyDescriptor k : rd.getKeyDescriptors()) {
			for (X509Data data : k.getKeyInfo().getX509Datas()) {
				for (X509Certificate cert : data.getX509Certificates()) {
					try {
						cert.setValue(Base64.encodeBytes(c.getEntityCertificate().getEncoded()));
					} catch (CertificateEncodingException e1) {
						throw new RuntimeException(e1);
					}
				}
			}
		}
	}
	OIOSamlObject obj = new OIOSamlObject(e);
	if (sign) {
		obj.sign(signingCredential);
	}
	return obj.toXML();
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
public static EntityDescriptor buildEntityDescriptor(Credential cred) {
	EntityDescriptor data = (EntityDescriptor) SAMLUtil.unmarshallElement(TestHelper.class.getResourceAsStream("IdPMetadata.xml"));
       IDPSSODescriptor idpSSODescriptor = data.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
       
       org.opensaml.xml.signature.X509Certificate cert = SAMLUtil.buildXMLObject(org.opensaml.xml.signature.X509Certificate.class);
       try {
		cert.setValue(Base64.encodeBytes(getCertificate(cred).getEncoded()));
	} catch (Exception e) {
		throw new RuntimeException(e);
	}
       
	if (idpSSODescriptor.getKeyDescriptors().size() > 0) {
		KeyDescriptor keyDescriptor = (KeyDescriptor) idpSSODescriptor.getKeyDescriptors().get(0);
		if (keyDescriptor.getKeyInfo().getX509Datas().size() > 0) {
			X509Data x509Data = (X509Data) keyDescriptor.getKeyInfo().getX509Datas().get(0);
			x509Data.getX509Certificates().clear();
			x509Data.getX509Certificates().add(cert);
		}
	}
	return data;
}
 

import org.opensaml.saml2.metadata.EntityDescriptor; //导入依赖的package包/类
@Test
public void testGetMetadata() throws Exception {
	SPMetadata metadata = TestHelper.buildSPMetadata();
	
	BasicX509Credential credential = TestHelper.getCredential();
	String xml = metadata.getMetadata(credential, true);
	assertNotNull(xml);
	
	EntityDescriptor desc = (EntityDescriptor) SAMLUtil.unmarshallElementFromString(xml);
	assertNotNull(desc);
	
	assertEquals(metadata.getEntityID(), desc.getEntityID());
	assertNotNull(desc.getSignature());
	
	new OIOSamlObject(desc).verifySignature(credential.getPublicKey());
}