当前位置: 首页>>代码示例>>Java>>正文

Java UsageType类代码示例

本文整理汇总了Java中org.opensaml.security.credential.UsageType的典型用法代码示例。如果您正苦于以下问题:Java UsageType类的具体用法?Java UsageType怎么用?Java UsageType使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


UsageType类属于org.opensaml.security.credential包,在下文中一共展示了UsageType类的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getSigningCredential

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private Credential getSigningCredential(final RoleDescriptorResolver resolver, final RequestAbstractType profileRequest) {
    try {
        final MetadataCredentialResolver kekCredentialResolver = new MetadataCredentialResolver();
        final SignatureValidationConfiguration config = getSignatureValidationConfiguration();
        kekCredentialResolver.setRoleDescriptorResolver(resolver);
        kekCredentialResolver.setKeyInfoCredentialResolver(
                DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver());
        kekCredentialResolver.initialize();
        final CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new SignatureValidationConfigurationCriterion(config));
        criteriaSet.add(new UsageCriterion(UsageType.SIGNING));

        buildEntityCriteriaForSigningCredential(profileRequest, criteriaSet);

        return kekCredentialResolver.resolveSingle(criteriaSet);
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:20,代码来源:SamlObjectSignatureValidator.java

示例2: getUsageType

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
/**
 * Convert jwk key usage type to shibboleth usage type.
 * 
 * @param jwk
 *            containing usage type.
 * @return usage type.
 */
private UsageType getUsageType(JWK jwk) {
    switch (jwk.getKeyUse()) {
    case ENCRYPTION:
        return UsageType.ENCRYPTION;
    case SIGNATURE:
        return UsageType.SIGNING;
    default:
        return UsageType.UNSPECIFIED;
    }
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:18,代码来源:BasicJWKCredentialFactoryBean.java

示例3: extractSigningCerts

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private List<Certificate> extractSigningCerts(List<KeyDescriptor> keyDescriptors, String entityId) {
    return keyDescriptors
            .stream()
            .filter(keyDescriptor -> keyDescriptor.getUse() == UsageType.SIGNING)
            .map(keyDescriptor -> keyDescriptor.getKeyInfo().getX509Datas())
            .flatMap(List::stream)
            .map(X509Data::getX509Certificates)
            .flatMap(List::stream)
            .map(x509Certificate -> new Certificate(entityId, x509Certificate.getValue(), Certificate.KeyUse.Signing))
            .collect(Collectors.toList());
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:12,代码来源:HubAsIdpMetadataHandler.java

示例4: getHubEncryptionCertificate

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private Certificate getHubEncryptionCertificate(EntityDescriptor entityDescriptor) {
    KeyDescriptor hubEncryptionKey = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS).getKeyDescriptors()
            .stream()
            .filter(input1 -> input1.getUse() == UsageType.ENCRYPTION) //there should only be one and only one hub encryption key
            .findFirst()
            .get();
    X509Certificate x509Certificate = hubEncryptionKey.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0);
    return new Certificate(entityDescriptor.getEntityID(), x509Certificate.getValue(), Certificate.KeyUse.Encryption);
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:10,代码来源:HubAsIdpMetadataHandler.java

示例5: getPublicKeys

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private Optional<PublicKey> getPublicKeys(EntityDescriptor entityDescriptor) {
    return entityDescriptor
        .getSPSSODescriptor(SAMLConstants.SAML20P_NS)
        .getKeyDescriptors()
        .stream()
        .filter(keyDescriptor -> keyDescriptor.getUse() == UsageType.ENCRYPTION)
        .flatMap(this::getCertificateFromKeyDescriptor)
        .map(publicKeyFactory::create)
        .findFirst();
}
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:11,代码来源:MetadataPublicKeyExtractor.java

示例6: getKeyDescriptor

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
protected final KeyDescriptor getKeyDescriptor(final UsageType type, final KeyInfo key) {
    final SAMLObjectBuilder<KeyDescriptor> builder = (SAMLObjectBuilder<KeyDescriptor>)
            Configuration.getBuilderFactory()
            .getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME);
    final KeyDescriptor descriptor = builder.buildObject();
    descriptor.setUse(type);
    descriptor.setKeyInfo(key);
    return descriptor;
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:10,代码来源:SAML2MetadataGenerator.java

示例7: transformUsageType

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private Certificate.KeyUse transformUsageType(UsageType usageType) {

        switch (usageType) {
            case ENCRYPTION:
                return Certificate.KeyUse.Encryption;
            case SIGNING:
                return Certificate.KeyUse.Signing;
            case UNSPECIFIED:
                SamlValidationSpecificationFailure failure = SamlTransformationErrorFactory.unsupportedKey(usageType.toString());
                throw new SamlTransformationErrorException(failure.getErrorMessage(), failure.getLogLevel());
            default:
                throw new IllegalArgumentException("SamlObjectParser will have failed before reaching here.");
        }
    }
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:15,代码来源:CertificateExtractor.java

示例8: shouldGenerateValidMetadataFromLocalConfiguration

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
@Test
public void shouldGenerateValidMetadataFromLocalConfiguration() throws Exception {
    HTTPMetadataResolver httpMetadataResolver = new HTTPMetadataResolver(new Timer(), HttpClientBuilder.create().build(),
            "http://localhost:" + applicationRule.getLocalPort() + "/matching-service/SAML2/metadata");
    BasicParserPool basicParserPool = new BasicParserPool();
    basicParserPool.initialize();
    httpMetadataResolver.setParserPool(basicParserPool);
    httpMetadataResolver.setId("test id");
    httpMetadataResolver.initialize();

    httpMetadataResolver.refresh();

    EntityDescriptor descriptor = httpMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TEST_RP_MS)));
    AttributeAuthorityDescriptor attributeAuthorityDescriptor = descriptor.getAttributeAuthorityDescriptor(SAMLConstants.SAML20P_NS);
    Map<UsageType, List<KeyDescriptor>> keysByUsage = attributeAuthorityDescriptor.getKeyDescriptors().stream()
            .collect(groupingBy(KeyDescriptor::getUse));


    assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
    assertThat(keysByUsage.get(UsageType.ENCRYPTION)).hasSize(1);

    assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
    assertThat(getCertificateNames(keysByUsage, UsageType.ENCRYPTION)).contains(MSA_ENCRYPTION_PRIMARY);

    IDPSSODescriptor idpssoDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
    assertThat(idpssoDescriptor).isNotNull();
    assertThat(idpssoDescriptor.getSingleSignOnServices()).hasSize(1);

    keysByUsage = idpssoDescriptor.getKeyDescriptors().stream().collect(groupingBy(KeyDescriptor::getUse));
    assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
    assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:33,代码来源:MatchingServiceAdapterMetadataAppRuleTest.java

示例9: getUsageType

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
@Override
public UsageType getUsageType() {
    return null;
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:5,代码来源:BaseOIDCResponseActionTest.java

示例10: getKeyEncryptionCredential

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
/**
 * Gets key encryption credential.
 *
 * @param peerEntityId the peer entity id
 * @param adaptor      the adaptor
 * @param service      the service
 * @return the key encryption credential
 * @throws Exception the exception
 */
protected Credential getKeyEncryptionCredential(final String peerEntityId,
                                                final SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                                final SamlRegisteredService service) throws Exception {
    final SamlIdPProperties idp = casProperties.getAuthn().getSamlIdp();
    final BasicEncryptionConfiguration config =
            DefaultSecurityConfigurationBootstrap.buildDefaultEncryptionConfiguration();

    if (this.overrideBlackListedEncryptionAlgorithms != null && !this.overrideBlackListedEncryptionAlgorithms.isEmpty()) {
        config.setBlacklistedAlgorithms(this.overrideBlackListedEncryptionAlgorithms);
    }

    if (this.overrideWhiteListedAlgorithms != null && !this.overrideWhiteListedAlgorithms.isEmpty()) {
        config.setWhitelistedAlgorithms(this.overrideWhiteListedAlgorithms);
    }

    if (this.overrideDataEncryptionAlgorithms != null && !this.overrideDataEncryptionAlgorithms.isEmpty()) {
        config.setDataEncryptionAlgorithms(this.overrideDataEncryptionAlgorithms);
    }

    if (this.overrideKeyEncryptionAlgorithms != null && !this.overrideKeyEncryptionAlgorithms.isEmpty()) {
        config.setKeyTransportEncryptionAlgorithms(this.overrideKeyEncryptionAlgorithms);
    }

    LOGGER.debug("Encryption blacklisted algorithms: [{}]", config.getBlacklistedAlgorithms());
    LOGGER.debug("Encryption key algorithms: [{}]", config.getKeyTransportEncryptionAlgorithms());
    LOGGER.debug("Signature data algorithms: [{}]", config.getDataEncryptionAlgorithms());
    LOGGER.debug("Encryption whitelisted algorithms: [{}]", config.getWhitelistedAlgorithms());

    final MetadataCredentialResolver kekCredentialResolver = new MetadataCredentialResolver();

    final List<KeyInfoProvider> providers = new ArrayList<>();
    providers.add(new RSAKeyValueProvider());
    providers.add(new DSAKeyValueProvider());
    providers.add(new InlineX509DataProvider());
    providers.add(new DEREncodedKeyValueProvider());
    providers.add(new KeyInfoReferenceProvider());

    final BasicProviderKeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(providers);
    kekCredentialResolver.setKeyInfoCredentialResolver(keyInfoResolver);

    final PredicateRoleDescriptorResolver roleDescriptorResolver = new PredicateRoleDescriptorResolver(adaptor.getMetadataResolver());
    roleDescriptorResolver.setSatisfyAnyPredicates(true);
    roleDescriptorResolver.setUseDefaultPredicateRegistry(true);
    roleDescriptorResolver.setRequireValidMetadata(idp.getMetadata().isRequireValidMetadata());
    roleDescriptorResolver.initialize();

    kekCredentialResolver.setRoleDescriptorResolver(roleDescriptorResolver);
    kekCredentialResolver.initialize();

    final CriteriaSet criteriaSet = new CriteriaSet();
    criteriaSet.add(new EncryptionConfigurationCriterion(config));
    criteriaSet.add(new EntityIdCriterion(peerEntityId));
    criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
    criteriaSet.add(new UsageCriterion(UsageType.ENCRYPTION));

    LOGGER.debug("Attempting to resolve the encryption key for entity id [{}]", peerEntityId);
    return kekCredentialResolver.resolveSingle(criteriaSet);
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:68,代码来源:SamlObjectEncrypter.java

示例11: buildSPSSODescriptor

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
protected final SPSSODescriptor buildSPSSODescriptor() {
    final SAMLObjectBuilder<SPSSODescriptor> builder = (SAMLObjectBuilder<SPSSODescriptor>) this.builderFactory
            .getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    final SPSSODescriptor spDescriptor = builder.buildObject();

    spDescriptor.setAuthnRequestsSigned(this.authnRequestSigned);
    spDescriptor.setWantAssertionsSigned(this.wantAssertionSigned);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML10P_NS);
    spDescriptor.addSupportedProtocol(SAMLConstants.SAML11P_NS);

    final SAMLObjectBuilder<Extensions> builderExt =
            (SAMLObjectBuilder<Extensions>) this.builderFactory
                    .getBuilder(Extensions.DEFAULT_ELEMENT_NAME);

    final Extensions extensions = builderExt.buildObject();
    extensions.getNamespaceManager().registerAttributeName(RequestInitiator.DEFAULT_ELEMENT_NAME);

    final SAMLObjectBuilder<RequestInitiator> builderReq =
            (SAMLObjectBuilder<RequestInitiator>) this.builderFactory
                    .getBuilder(RequestInitiator.DEFAULT_ELEMENT_NAME);

    final RequestInitiator requestInitiator = builderReq.buildObject();
    requestInitiator.setLocation(this.requestInitiatorLocation);
    requestInitiator.setBinding(RequestInitiator.DEFAULT_ELEMENT_NAME.getNamespaceURI());

    extensions.getUnknownXMLObjects().add(requestInitiator);
    spDescriptor.setExtensions(extensions);

    spDescriptor.getNameIDFormats().addAll(buildNameIDFormat());

    int index = 0;
    spDescriptor.getAssertionConsumerServices().add(
            getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, index++,
                    this.defaultACSIndex == index));

    if (credentialProvider != null) {
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING,
                this.credentialProvider.getKeyInfo()));
        spDescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION,
                this.credentialProvider.getKeyInfo()));
    }

    return spDescriptor;

}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:47,代码来源:SAML2MetadataGenerator.java

示例12: getCertificateNames

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private List<String> getCertificateNames(Map<UsageType, List<KeyDescriptor>> keysByUsage, UsageType keyUsage) {
    return keysByUsage.get(keyUsage).stream()
                .flatMap(kd -> kd.getKeyInfo().getKeyNames().stream())
                .map(XSString::getValue)
                .collect(Collectors.toList());
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:7,代码来源:MatchingServiceAdapterMetadataAppRuleTest.java

示例13: getUsageType

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
@Nullable
@Override
public UsageType getUsageType() {
    return null;
}
开发者ID:wso2-extensions,项目名称:tomcat-extension-samlsso,代码行数:6,代码来源:X509CredentialImplementation.java

示例14: importMetaData

import org.opensaml.security.credential.UsageType; //导入依赖的package包/类
private static void importMetaData(KeyStore ks, EntityDescriptor ed,
		IDPSSODescriptor idp, AuthMechType currentMechanism,
		HashMap<String, ParamType> params) throws Base64DecodingException,
		CertificateException, KeyStoreException {
	setProperty("entityID",ed.getEntityID(),params,currentMechanism);
	setProperty("entityID",ed.getEntityID(),params,currentMechanism);
	
	for (SingleSignOnService sso : idp.getSingleSignOnServices() ) {
		if (sso.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")) {
			setProperty("idpURL",sso.getLocation(),params,currentMechanism);
			
		} else if (sso.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")) {
			
			setProperty("idpRedirURL",sso.getLocation(),params,currentMechanism);
		}
	}
	
	for (SingleLogoutService slo : idp.getSingleLogoutServices()) {
		if (slo.getBinding().equalsIgnoreCase("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")) {
			
			setProperty("idpRedirLogoutURL",slo.getLocation(),params,currentMechanism);
		}
	}
	
	for (KeyDescriptor kd : idp.getKeyDescriptors()) {
		
		if (kd.getUse().equals(UsageType.SIGNING)) {
			String base64 = kd.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0).getValue();
			String name = "verify-" + ed.getEntityID() + "-idp-sig";

			
			ByteArrayInputStream bais = new ByteArrayInputStream(Base64.decode(base64));
			CertificateFactory cf = CertificateFactory.getInstance("X.509");
			Collection<? extends Certificate> c = cf.generateCertificates(bais);
			
			if (c.size() > 1) {
				int j = 0;
				Iterator<? extends Certificate> i = c.iterator();
				while (i.hasNext()) {
					Certificate certificate = (Certificate) i.next();
					ks.setCertificateEntry(name + "-" + j, certificate);
				}
			} else {
				ks.setCertificateEntry(name, c.iterator().next());
			}
			
			
			setProperty("idpSigKeyName",name,params,currentMechanism);
			
		}
		
		
	}
}
开发者ID:TremoloSecurity,项目名称:OpenUnison,代码行数:55,代码来源:OpenUnisonUtils.java


注:本文中的org.opensaml.security.credential.UsageType类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。