Package com.google.step2.xmlsimplesign

Examples of com.google.step2.xmlsimplesign.CachedCertPathValidator


    // we're waiting at most 10 seconds for the two host-meta fetchers to find
    // a host-meta
    long hostMetatimeout = 10; // seconds.

    return new ParallelHostMetaFetcher(executor, hostMetatimeout,
        fetcher1, fetcher2);
  }
View Full Code Here


                    newThread.setName(getClass().getSimpleName()+"-"+newThread.getName());
                    newThread.setDaemon(true);
                    return newThread;
                }
            };
            HostMetaFetcher step2HostMetaFetcher = new ParallelHostMetaFetcher(Executors.newFixedThreadPool(10, parallelThreadFactory), OPEN_ID_DISCOVERY_TIMEOUT_SECONDS, step2GoogleHostMetaFetcher, step2DefaultHostMetaFetcher);
            TrustRootsProvider step2XrdsTrustProvider = new DefaultTrustRootsProvider();
            CachedCertPathValidator step2XrdsCertPathValidator = new CachedCertPathValidator(step2XrdsTrustProvider);
            Verifier step2XrdsVerifier = new Verifier(step2XrdsCertPathValidator, new DefaultHttpFetcher());
            CertValidator step2XrdsCertValidator = new DefaultCertValidator();
            XrdDiscoveryResolver step2XrdResolver = new LegacyXrdsResolver(new DefaultHttpFetcher(), step2XrdsVerifier, step2XrdsCertValidator);
View Full Code Here

    log.info("Receiving URL: " + receivingUrl);

    // we'll do discovery right now. This will prevent the consumerManager
    // from repeating discovery later, and will allow us to modify the
    // VerificationResult depending on whether the discovery was secure.
    SecureDiscoveryInformation d2 = getDiscoveryInfoForClaimedId(authResponse,
        discovered);

    VerificationResult verification =
      consumerManager.verify(receivingUrl, authResponse, d2);
View Full Code Here

    // perform discovery on the claimed identifier in the assertion
    @SuppressWarnings("unchecked")
    List<SecureDiscoveryInformation> discoveries =
        consumerManager.getDiscovery().discover(respClaimed);

    SecureDiscoveryInformation firstServiceMatch = null;

    // find the newly discovered service endpoint that matches the assertion
    // - OP endpoint, OP-specific ID and protocol version must match
    // - prefer (first = highest priority) endpoint with an association
    for (SecureDiscoveryInformation service : discoveries) {
View Full Code Here

                    {
                        log.debug("Step2 discovery for identity: "+responseClaimedId);
                    }

                    // get Step2 secure discovery information
                    SecureDiscoveryInformation secureDiscovered = null;
                   
                    // validate previously discovered secure discovery information
                    if (discovered instanceof SecureDiscoveryInformation)
                    {
                        // check for matching version, identifiers, and endpoints
                        if (discovered.isVersion2() && discovered.hasClaimedIdentifier() && discovered.getClaimedIdentifier().equals(responseClaimedId) && discovered.getOPEndpoint().equals(responseEndpoint))
                        {
                            String discoveredProviderId = (discovered.hasDelegateIdentifier() ? discovered.getDelegateIdentifier() : discovered.getClaimedIdentifier().getIdentifier());
                            if (discoveredProviderId.equals(providerId))
                            {
                                secureDiscovered = (SecureDiscoveryInformation)discovered;

                                if (log.isDebugEnabled())
                                {
                                    log.debug("Matched previously discovered Step2 secure discovery information for "+responseClaimedId+" identity: "+secureDiscovered.getOPEndpoint());
                                }
                            }
                        }
                    }

                    // discover secure discovery information if necessary
                    if (secureDiscovered == null)
                    {
                        // perform discovery on claimed identifier
                        List<SecureDiscoveryInformation> discoveredInfos = openIDStep2ConsumerManager.getDiscovery().discover(responseClaimedId);
                        // match secure discovered information: prefer previously associated matches
                        for (SecureDiscoveryInformation discoveredInfo : discoveredInfos)
                        {
                            // match secure discovered information
                            String version = discoveredInfo.getVersion();
                            if ((version != null) && version.equals(DiscoveryInformation.OPENID2_OP) && discoveredInfo.isVersion2() && discoveredInfo.getOPEndpoint().equals(responseEndpoint))
                            {
                                String discoveredProviderId = (discoveredInfo.hasDelegateIdentifier() ? discoveredInfo.getDelegateIdentifier() : discoveredInfo.getClaimedIdentifier().getIdentifier());
                                if (discoveredProviderId.equals(providerId))
                                {
                                    // match previously associated or first discovered
                                    if (openIDStep2ConsumerManager.getPrivateAssociationStore().load(discoveredInfo.getOPEndpoint().toString(), authResponse.getHandle()) != null)
                                    {
                                        secureDiscovered = discoveredInfo;
                                        break;
                                    }
                                    else if (secureDiscovered == null)
                                    {
                                        secureDiscovered = discoveredInfo;                                   
                                    }
                                }                           
                            }
                        }

                        if (log.isDebugEnabled() && (secureDiscovered != null))
                        {
                            log.debug("Discovered Step2 secure discovery information for "+responseClaimedId+" identity: "+secureDiscovered.getOPEndpoint());
                        }
                    }

                    if (log.isDebugEnabled() && (secureDiscovered != null))
                    {
                        log.debug("Verify Step2 OpenID authentication request using: "+secureDiscovered.getOPEndpoint());
                    }

                    // verify using secure discovery information
                    results.verification = openIDStep2ConsumerManager.verify(authRequestURL, authParams, secureDiscovered);

                    if (log.isDebugEnabled() && (results.verification != null))
                    {
                        log.debug("Verified Step2 OpenID authentication request: "+authRequestURL);
                    }
                   
                    // verify secure verified identifier
                    if ((results.verification.getAuthResponse() instanceof AuthSuccess) && (results.verification.getVerifiedId() != null))
                    {
                        // verify secure verification
                        boolean secureVerification = ((secureDiscovered != null) && (secureDiscovered.getClaimedIdentifier() != null) && secureDiscovered.isSecure());
                        if (secureVerification)
                        {
                            try
                            {
                                UrlIdentifier verifiedClaimedId = new UrlIdentifier(results.verification.getVerifiedId().getIdentifier(), true);
                                secureVerification = secureDiscovered.getClaimedIdentifier().getIdentifier().equals(verifiedClaimedId.getIdentifier());
                            }
                            catch (OpenIDException oide)
                            {
                                secureVerification = false;
                            }
View Full Code Here

      return null;
    }

    try {
      return isSecure
          ? new SecureUrlIdentifier(result.getVerifiedId())
          : result.getVerifiedId();
    } catch (DiscoveryException e) {
      log.log(Level.WARNING,
          "could not create SecureUrlIdentifier from UrlIdentifier", e);
      return null;
View Full Code Here

                            }
                        }
                       
                        // return verified identifier
                        Identifier verifiedId = results.verification.getVerifiedId();
                        results.verifiedIdentifier = (secureVerification ? new SecureUrlIdentifier(verifiedId) : verifiedId);

                        if (log.isDebugEnabled())
                        {
                            log.debug("Verified Step2 OpenID authentication request identity: "+results.verifiedIdentifier);
                        }
View Full Code Here

            HostMetaFetcher step2HostMetaFetcher = new ParallelHostMetaFetcher(Executors.newFixedThreadPool(10, parallelThreadFactory), OPEN_ID_DISCOVERY_TIMEOUT_SECONDS, step2GoogleHostMetaFetcher, step2DefaultHostMetaFetcher);
            TrustRootsProvider step2XrdsTrustProvider = new DefaultTrustRootsProvider();
            CachedCertPathValidator step2XrdsCertPathValidator = new CachedCertPathValidator(step2XrdsTrustProvider);
            Verifier step2XrdsVerifier = new Verifier(step2XrdsCertPathValidator, new DefaultHttpFetcher());
            CertValidator step2XrdsCertValidator = new DefaultCertValidator();
            XrdDiscoveryResolver step2XrdResolver = new LegacyXrdsResolver(new DefaultHttpFetcher(), step2XrdsVerifier, step2XrdsCertValidator);
            HtmlResolver step2HtmlResolver = new HtmlResolver();
            YadisResolver step2YadisResolver = new YadisResolver();
            XriResolver step2XriResolver = new XriDotNetProxyResolver();
            Discovery2 step2Discovery = new Discovery2(step2HostMetaFetcher, step2XrdResolver, step2HtmlResolver, step2YadisResolver, step2XriResolver);
            openIDStep2ConsumerManager = new ConsumerManager();
View Full Code Here

            // assemble Step2 OpenID implementation; TODO: utilize a more
            // robust HTTPFetcher implementation since the DefaultHttpFetcher
            // may not be entirely thread safe due to connection manager
            // configuration in HttpComponents, (this is why there are 4
            // discrete instances of DefaultHttpFetcher used below).
            HostMetaFetcher step2GoogleHostMetaFetcher = new GoogleHostMetaFetcher(new DefaultHttpFetcher());
            HostMetaFetcher step2DefaultHostMetaFetcher = new DefaultHostMetaFetcher(new DefaultHttpFetcher());
            ThreadFactory parallelThreadFactory = new ThreadFactory()
            {
                public Thread newThread(Runnable r)
                {
                    Thread newThread = Executors.defaultThreadFactory().newThread(r);
                    newThread.setName(getClass().getSimpleName()+"-"+newThread.getName());
                    newThread.setDaemon(true);
                    return newThread;
                }
            };
            HostMetaFetcher step2HostMetaFetcher = new ParallelHostMetaFetcher(Executors.newFixedThreadPool(10, parallelThreadFactory), OPEN_ID_DISCOVERY_TIMEOUT_SECONDS, step2GoogleHostMetaFetcher, step2DefaultHostMetaFetcher);
            TrustRootsProvider step2XrdsTrustProvider = new DefaultTrustRootsProvider();
            CachedCertPathValidator step2XrdsCertPathValidator = new CachedCertPathValidator(step2XrdsTrustProvider);
            Verifier step2XrdsVerifier = new Verifier(step2XrdsCertPathValidator, new DefaultHttpFetcher());
            CertValidator step2XrdsCertValidator = new DefaultCertValidator();
            XrdDiscoveryResolver step2XrdResolver = new LegacyXrdsResolver(new DefaultHttpFetcher(), step2XrdsVerifier, step2XrdsCertValidator);
            HtmlResolver step2HtmlResolver = new HtmlResolver();
            YadisResolver step2YadisResolver = new YadisResolver();
            XriResolver step2XriResolver = new XriDotNetProxyResolver();
            Discovery2 step2Discovery = new Discovery2(step2HostMetaFetcher, step2XrdResolver, step2HtmlResolver, step2YadisResolver, step2XriResolver);
            openIDStep2ConsumerManager = new ConsumerManager();
View Full Code Here

          XmlUtil.getDocument(new ByteArrayInputStream(documentBytes));

      xrds = new XRDS(document.getDocumentElement(), false);

    } catch (ParserConfigurationException e) {
      throw new FetchException(e);
    } catch (SAXException e) {
      throw new FetchException(e);
    } catch (IOException e) {
      throw new FetchException(e);
    } catch (URISyntaxException e) {
      throw new FetchException(e);
    } catch (ParseException e) {
      throw new FetchException(e);
    }

    return new XrdRepresentations(xrds.getFinalXRD(), uri.toASCIIString(),
        documentBytes, signature);
  }
View Full Code Here

TOP

Related Classes of com.google.step2.xmlsimplesign.CachedCertPathValidator

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.