本文整理汇总了Java中org.opensaml.xml.signature.Signer类的典型用法代码示例。如果您正苦于以下问题:Java Signer类的具体用法?Java Signer怎么用?Java Signer使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Signer类属于org.opensaml.xml.signature包,在下文中一共展示了Signer类的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createAuthnRequest
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
private String createAuthnRequest(String surl,
boolean fdeflate, String referer)
throws MarshallingException, IOException, SignatureException {
AuthnRequest ar = createAuthnRequest(surl + "/saml2/consumer",
false, false, SAMLConstants.SAML2_POST_BINDING_URI, null, null);
// Create signature and add to auth Request
Signature sig = getSignature();
ar.setSignature(sig);
AuthnRequestMarshaller marshaller = new AuthnRequestMarshaller();
Element arn = marshaller.marshall(ar);
Signer.signObject(sig);
byte[] res = XMLHelper.nodeToString(arn).getBytes();
// System.out.println(new String(res));
// Remember authentication request been sent
String rid = ar.getID();
SamlAbstractRequest sar = new SamlAbstractRequest(rid, referer);
_rmap.put(rid, sar);
return fdeflate ? deflate(res) : encode(res);
}
示例2: createLogoutRequest
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
public LogoutRequest createLogoutRequest(Session session)
throws IOException, SignatureException, MarshallingException {
if (_logout == null)
return null;
// Retrieve initial authn response
Response resp = (Response)session.getCustomParams();
LogoutRequest lr = createLogoutRequest(resp);
// Create signature and add to auth Request
LogoutRequestMarshaller marshaller = new LogoutRequestMarshaller();
Signature sig = getSignature();
lr.setSignature(sig);
// Marshall object to prepare for signature
marshaller.marshall(lr);
Signer.signObject(sig);
return lr;
}
示例3: setSignature
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
/**
* Sign the SAML AuthnRequest message
*
* @param logoutRequest
* @param signatureAlgorithm
* @param cred
* @return
* @throws SSOAgentException
*/
public static LogoutRequest setSignature(LogoutRequest logoutRequest, String signatureAlgorithm,
X509Credential cred) throws SSOAgentException {
try {
Signature signature = setSignatureRaw(signatureAlgorithm,cred);
logoutRequest.setSignature(signature);
List<Signature> signatureList = new ArrayList<Signature>();
signatureList.add(signature);
// Marshall and Sign
MarshallerFactory marshallerFactory =
org.opensaml.xml.Configuration.getMarshallerFactory();
Marshaller marshaller = marshallerFactory.getMarshaller(logoutRequest);
marshaller.marshall(logoutRequest);
org.apache.xml.security.Init.init();
Signer.signObjects(signatureList);
return logoutRequest;
} catch (Exception e) {
throw new SSOAgentException("Error while signing the Logout Request message", e);
}
}
示例4: setSignatureValue
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
/**
* Add signature to any singable XML object.
* @param xmlObject Singable xml object.
* @param signatureAlgorithm Signature algorithm to be used.
* @param cred X509 Credentials.
* @param <T> Singable XML object with signature.
* @return Singable XML object with signature.
* @throws SSOAgentException If error occurred.
*/
public static <T extends SignableXMLObject> T setSignatureValue(T xmlObject, String signatureAlgorithm,
X509Credential cred)
throws SSOAgentException {
try {
Signature signature = setSignatureRaw(signatureAlgorithm, cred);
xmlObject.setSignature(signature);
List<Signature> signatureList = new ArrayList<>();
signatureList.add(signature);
// Marshall and Sign
MarshallerFactory marshallerFactory =
org.opensaml.xml.Configuration.getMarshallerFactory();
Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
marshaller.marshall(xmlObject);
org.apache.xml.security.Init.init();
Signer.signObjects(signatureList);
return xmlObject;
} catch (Exception e) {
throw new SSOAgentException("Error while signing the SAML Request message", e);
}
}
示例5: marshallSignableSamlObject
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
/**
* Marshall an opensaml SignableSAMLObject.
*
* @param signableSamlObject the SignableSAMLObject
* @return the marshalled XML.
* @throws MarshallingException
*
* @throws SignatureException
*/
public static String marshallSignableSamlObject(final SignableSAMLObject signableSamlObject)
throws MarshallingException, SignatureException {
String xmlMessage = null;
try {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(signableSamlObject);
Element element = marshaller.marshall(signableSamlObject);
// Sign the saml object
Signature signature = signableSamlObject.getSignature();
Assert.notNull(signature, "The request is not signed !");
Signer.signObject(signature);
StringWriter rspWrt = new StringWriter();
XMLHelper.writeNode(element, rspWrt);
xmlMessage = rspWrt.toString();
// Logging XML Authn Response
OpenSamlHelper.LOGGER.debug("Marshalled SAML Object: {}", xmlMessage);
} catch (MarshallingException e) {
OpenSamlHelper.LOGGER.warn("Error while marshalling SAML 2.0 Object !", e);
throw e;
}
return xmlMessage;
}
示例6: sign
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
/**
* Signs the given metadata document root.
*
* @param metadata metadata document
* @param signingCredential credential used to sign the document
*/
private static void sign(SignableSAMLObject metadata, Credential signingCredential) {
XMLObjectBuilder<Signature> sigBuilder = Configuration.getBuilderFactory().getBuilder(
Signature.DEFAULT_ELEMENT_NAME);
Signature signature = sigBuilder.buildObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(signingCredential);
metadata.setSignature(signature);
try {
Signer.signObject(signature);
} catch (SignatureException e) {
log.error("Error when attempting to sign object", e);
System.exit(1);
}
}
示例7: testAssertionSignature
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
/**
* Creates a simple Assertion, signs it and then verifies the signature.
*
* @throws MarshallingException thrown if the Assertion can not be marshalled into a DOM
* @throws ValidationException thrown if the Signature does not validate
* @throws SignatureException
* @throws UnmarshallingException
* @throws SecurityException
*/
public void testAssertionSignature()
throws MarshallingException, ValidationException, SignatureException, UnmarshallingException, SecurityException{
DateTime now = new DateTime();
Assertion assertion = assertionBuilder.buildObject();
assertion.setVersion(SAMLVersion.VERSION_20);
assertion.setID(idGenerator.generateIdentifier());
assertion.setIssueInstant(now);
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue("urn:example.org:issuer");
assertion.setIssuer(issuer);
AuthnStatement authnStmt = authnStatementBuilder.buildObject();
authnStmt.setAuthnInstant(now);
assertion.getAuthnStatements().add(authnStmt);
Signature signature = signatureBuilder.buildObject();
signature.setSigningCredential(goodCredential);
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA);
assertion.setSignature(signature);
Marshaller marshaller = marshallerFactory.getMarshaller(assertion);
marshaller.marshall(assertion);
Signer.signObject(signature);
// Unmarshall new tree around DOM to avoid side effects and Apache xmlsec bug.
Assertion signedAssertion =
(Assertion) unmarshallerFactory.getUnmarshaller(assertion.getDOM()).unmarshall(assertion.getDOM());
StaticCredentialResolver credResolver = new StaticCredentialResolver(goodCredential);
KeyInfoCredentialResolver kiResolver = SecurityTestHelper.buildBasicInlineKeyInfoResolver();
ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credResolver, kiResolver);
CriteriaSet criteriaSet = new CriteriaSet( new EntityIDCriteria("urn:example.org:issuer") );
assertTrue("Assertion signature was not valid",
trustEngine.validate(signedAssertion.getSignature(), criteriaSet));
}
示例8: createAssertion
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
private static Assertion createAssertion() throws Exception {
Assertion assertion = create(Assertion.DEFAULT_ELEMENT_NAME);
assertion.setID(GENERATOR.generateIdentifier());
assertion.setIssuer(createIssuer(samlResponseData.getAssertionIssuer()));
if (samlResponseData.getIssueInstant() != null) {
assertion.setIssueInstant(startTime.plusMinutes(samlResponseData
.getIssueInstant()));
}
Signature signature = createSignature();
assertion.setSignature(signature);
assertion.setSubject(createSubject());
assertion.setConditions(createCondition());
assertion.getAuthnStatements().add(createAuthnStatement());
if (samlResponseData.getAttributes() != null
&& !samlResponseData.getAttributes().isEmpty()) {
assertion.getAttributeStatements().add(createAttributeStatement());
}
if (samlResponseData.getSign() != null
&& samlResponseData.getSign() == true
&& samlResponseData.getCertificateAlias() != null
&& signature.getCanonicalizationAlgorithm() != null
&& signature.getSignatureAlgorithm() != null) {
Configuration.getMarshallerFactory().getMarshaller(assertion)
.marshall(assertion);
try {
Signer.signObject(signature);
} catch (Exception e) {
}
}
return assertion;
}
示例9: generateSAMLAssertion
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
public static Element generateSAMLAssertion(PrivateKey privateKey, X509Certificate certificate, String issuerName,
String subjectName, byte[] document)
throws MarshallingException, SecurityException, SignatureException, NoSuchAlgorithmException {
Assertion assertion = buildXMLObject(Assertion.class, Assertion.DEFAULT_ELEMENT_NAME);
assertion.setVersion(SAMLVersion.VERSION_20);
String assertionId = "assertion-" + UUID.randomUUID().toString();
assertion.setID(assertionId);
DateTime issueInstant = new DateTime();
assertion.setIssueInstant(issueInstant);
Issuer issuer = buildXMLObject(Issuer.class, Issuer.DEFAULT_ELEMENT_NAME);
assertion.setIssuer(issuer);
issuer.setValue(issuerName);
Subject subject = buildXMLObject(Subject.class, Subject.DEFAULT_ELEMENT_NAME);
assertion.setSubject(subject);
NameID subjectNameId = buildXMLObject(NameID.class, NameID.DEFAULT_ELEMENT_NAME);
subject.setNameID(subjectNameId);
subjectNameId.setValue(subjectName);
SubjectConfirmation subjectConfirmation = buildXMLObject(SubjectConfirmation.class,
SubjectConfirmation.DEFAULT_ELEMENT_NAME);
subject.getSubjectConfirmations().add(subjectConfirmation);
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
if (null != document) {
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
messageDigest.update(document);
byte[] documentDigest = messageDigest.digest();
String encodedDocumentDigest = new String(Hex.encodeHex(documentDigest));
String resourceUri = DigitalSignatureServiceConstants.DOCUMENT_AUTHORIZATION_RESOURCE_SHA256_URI
+ encodedDocumentDigest;
AuthzDecisionStatement authzDecisionStatement = buildXMLObject(AuthzDecisionStatement.class,
AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
assertion.getAuthzDecisionStatements().add(authzDecisionStatement);
authzDecisionStatement.setDecision(DecisionTypeEnumeration.PERMIT);
authzDecisionStatement.setResource(resourceUri);
Action action = buildXMLObject(Action.class, Action.DEFAULT_ELEMENT_NAME);
action.setNamespace(DigitalSignatureServiceConstants.DOCUMENT_AUTHORIZATION_ACTION_NAMESPACE);
action.setAction(DigitalSignatureServiceConstants.DOCUMENT_AUTHORIZATION_ACTION_ACTION_SIGN);
authzDecisionStatement.getActions().add(action);
}
BasicX509Credential credential = new BasicX509Credential();
credential.setPrivateKey(privateKey);
credential.setEntityCertificate(certificate);
Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME)
.buildObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(credential);
SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration();
SecurityHelper.prepareSignatureParams(signature, credential, secConfig, null);
assertion.setSignature(signature);
Element element = Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
Signer.signObject(signature);
return element;
}
示例10: generateHOKSAMLAssertion
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
public static Element generateHOKSAMLAssertion(PrivateKey issuerPrivateKey, X509Certificate issuerCertificate,
String issuerName, String subjectName, PublicKey hokPublicKey)
throws MarshallingException, SecurityException, SignatureException {
Assertion assertion = buildXMLObject(Assertion.class, Assertion.DEFAULT_ELEMENT_NAME);
assertion.setVersion(SAMLVersion.VERSION_20);
String assertionId = "assertion-" + UUID.randomUUID().toString();
assertion.setID(assertionId);
DateTime issueInstant = new DateTime();
assertion.setIssueInstant(issueInstant);
Issuer issuer = buildXMLObject(Issuer.class, Issuer.DEFAULT_ELEMENT_NAME);
assertion.setIssuer(issuer);
issuer.setValue(issuerName);
Subject subject = buildXMLObject(Subject.class, Subject.DEFAULT_ELEMENT_NAME);
assertion.setSubject(subject);
NameID subjectNameId = buildXMLObject(NameID.class, NameID.DEFAULT_ELEMENT_NAME);
subject.setNameID(subjectNameId);
subjectNameId.setValue(subjectName);
SubjectConfirmation subjectConfirmation = buildXMLObject(SubjectConfirmation.class,
SubjectConfirmation.DEFAULT_ELEMENT_NAME);
subject.getSubjectConfirmations().add(subjectConfirmation);
subjectConfirmation.setMethod(SubjectConfirmation.METHOD_HOLDER_OF_KEY);
KeyInfoConfirmationDataType keyInfoConfirmationData = new KeyInfoConfirmationDataTypeBuilder()
.buildObject(KeyInfoConfirmationDataType.DEFAULT_ELEMENT_NAME, KeyInfoConfirmationDataType.TYPE_NAME);
subjectConfirmation.setSubjectConfirmationData(keyInfoConfirmationData);
BasicKeyInfoGeneratorFactory keyInfoGeneratorFactory = new BasicKeyInfoGeneratorFactory();
keyInfoGeneratorFactory.setEmitPublicKeyValue(true);
BasicX509Credential keyInfoCredential = new BasicX509Credential();
keyInfoCredential.setPublicKey(hokPublicKey);
KeyInfo keyInfo = keyInfoGeneratorFactory.newInstance().generate(keyInfoCredential);
keyInfoConfirmationData.getKeyInfos().add(keyInfo);
BasicX509Credential credential = new BasicX509Credential();
credential.setPrivateKey(issuerPrivateKey);
credential.setEntityCertificate(issuerCertificate);
Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME)
.buildObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(credential);
SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration();
SecurityHelper.prepareSignatureParams(signature, credential, secConfig, null);
assertion.setSignature(signature);
Element element = Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
Signer.signObject(signature);
return element;
}
示例11: getSamlAssertion
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
@Override
public String getSamlAssertion(Properties _cfg) throws SAMLException {
try {
Assertion assertion = createAssertion(_cfg);
AssertionMarshaller marshaller = new AssertionMarshaller();
Element plaintextElement = marshaller.marshall(assertion);
String originalAssertionString = XMLHelper.nodeToString(plaintextElement);
Credential signingCredential = getSigningCredential(_cfg);
Signature signature = (Signature) getSAMLBuilder().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(signingCredential);
signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
KeyInfoBuilder keyInfoBuilder = (KeyInfoBuilder) getSAMLBuilder().getBuilder(KeyInfo.DEFAULT_ELEMENT_NAME);
KeyInfo keyInfo = keyInfoBuilder.buildObject();
X509DataBuilder x509databuilder = (X509DataBuilder) getSAMLBuilder().getBuilder(X509Data.DEFAULT_ELEMENT_NAME);
X509Data x509Data = x509databuilder.buildObject();
X509CertificateBuilder x509CertificateBuilder = (X509CertificateBuilder) getSAMLBuilder().getBuilder(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
org.opensaml.xml.signature.X509Certificate certXMLAssertion = x509CertificateBuilder.buildObject();
certXMLAssertion.setValue(Base64.encodeBytes(signingCredential.getPublicKey().getEncoded()));
x509Data.getX509Certificates().add(certXMLAssertion);
keyInfo.getX509Datas().add(x509Data);
signature.setKeyInfo(keyInfo);
assertion.setSignature(signature);
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
Signer.signObject(signature);
plaintextElement = marshaller.marshall(assertion);
originalAssertionString = XMLHelper.nodeToString(plaintextElement);
OAuthTracer.trace(OAuthTracer.XML_TYPE, "SAML Assertion", originalAssertionString.getBytes());
return originalAssertionString;
} catch (Exception ex) {
throw new SAMLException(ex);
}
}
示例12: createSAMLResponse
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
public Response createSAMLResponse(final String subjectId, final DateTime authenticationTime,
final String credentialType, final HashMap<String, List<String>> attributes, String issuer, Integer samlAssertionDays) {
try {
DefaultBootstrap.bootstrap();
Signature signature = createSignature();
Status status = createStatus();
Issuer responseIssuer = null;
Issuer assertionIssuer = null;
Subject subject = null;
AttributeStatement attributeStatement = null;
if (issuer != null) {
responseIssuer = createIssuer(issuer);
assertionIssuer = createIssuer(issuer);
}
if (subjectId != null) {
subject = createSubject(subjectId, samlAssertionDays);
}
if (attributes != null && attributes.size() != 0) {
attributeStatement = createAttributeStatement(attributes);
}
AuthnStatement authnStatement = createAuthnStatement(authenticationTime);
Assertion assertion = createAssertion(new DateTime(), subject, assertionIssuer, authnStatement, attributeStatement);
Response response = createResponse(new DateTime(), responseIssuer, status, assertion);
response.setSignature(signature);
ResponseMarshaller marshaller = new ResponseMarshaller();
Element element = marshaller.marshall(response);
if (signature != null) {
Signer.signObject(signature);
}
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLHelper.writeNode(element, baos);
return response;
} catch (Throwable t) {
t.printStackTrace();
return null;
}
}
示例13: testVerifySignature
import org.opensaml.xml.signature.Signer; //导入依赖的package包/类
@Test
public void testVerifySignature() throws Exception {
Assertion a = (Assertion) SAMLUtil.unmarshallElementFromString("<saml:Assertion Version=\"2.0\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"></saml:Assertion>");
Credential cred = TestHelper.getCredential();
assertFalse(new OIOSamlObject(a).verifySignature(cred.getPublicKey()));
Signature signature = SAMLUtil.createSignature("test");
signature.setSigningCredential(cred);
signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
a.setSignature(signature);
Configuration.getMarshallerFactory().getMarshaller(a).marshall(a);
Signer.signObject(signature);
assertTrue(new OIOSamlObject(a).verifySignature(cred.getPublicKey()));
Credential cred2 = TestHelper.getCredential();
assertFalse(new OIOSamlObject(a).verifySignature(cred2.getPublicKey()));
a.setSubject(SAMLUtil.createSubject("test", "test", new DateTime()));
Configuration.getMarshallerFactory().getMarshaller(a).marshall(a);
assertFalse(new OIOSamlObject(a).verifySignature(cred.getPublicKey()));
}