Examples of SAMLKeyInfo

Examples of org.apache.ws.security.saml.SAMLKeyInfo

597
598
599
600
601
602
603
604
605
606
607
608
609
610
        private SecurityToken createSecurityToken(
            AssertionWrapper assertionWrapper
        ) {
            SecurityToken token = new SecurityToken(assertionWrapper.getId());

            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
            if (subjectKeyInfo != null) {
                token.setSecret(subjectKeyInfo.getSecret());
                X509Certificate[] certs = subjectKeyInfo.getCerts();
                if (certs != null && certs.length > 0) {
                    token.setX509Certificate(certs[0], null);
                }
            }
            if (assertionWrapper.getSaml1() != null) {
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

103
104
105
106
107
108
109
110
111
112
113
114
115
            assertion.verifySignature(requestData,
                    new WSDocInfo(token.getOwnerDocument()));

            // Now verify trust on the signature
            Credential trustCredential = new Credential();
            SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
            trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
            trustCredential.setCertificates(samlKeyInfo.getCerts());
            trustCredential.setAssertion(assertion);

            SamlAssertionValidator trustValidator = new SamlAssertionValidator();
            trustValidator.setFutureTTL(config.getMaximumClockSkew().intValue());
           
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

284
285
286
287
288
289
290
291
292
293
294
295
296
297
        boolean bspCompliant
    ) throws WSSecurityException {
        if (bspCompliant) {
            BSPEnforcer.checkSamlTokenBSPCompliance(secRef, assertion);
        }
        SAMLKeyInfo samlKi =
            SAMLUtil.getCredentialFromSubject(assertion, data, wsDocInfo, bspCompliant);
        if (samlKi == null) {
            throw new WSSecurityException(
                WSSecurityException.FAILED_CHECK, "invalidSAMLToken", new Object[] {"No Secret Key"}
            );
        }
        return samlKi.getSecret();
    }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
                throw new WSSecurityException(
                    WSSecurityException.FAILURE, "invalidSAMLsecurity",
                    new Object[]{"cannot get certificate or key"}
                );
            }
            SAMLKeyInfo samlKeyInfo =
                SAMLUtil.getCredentialFromKeyInfo(
                    keyInfo.getDOM(), data, docInfo, data.getWssConfig().isWsiBSPCompliant()
                );
           
            if (algorithmSuite != null) {
                AlgorithmSuiteValidator algorithmSuiteValidator = new
                    AlgorithmSuiteValidator(algorithmSuite);

                PublicKey key = null;
                if (samlKeyInfo.getCerts() != null && samlKeyInfo.getCerts()[0] != null) {
                    key = samlKeyInfo.getCerts()[0].getPublicKey();
                } else if (samlKeyInfo.getPublicKey() != null) {
                    key = samlKeyInfo.getPublicKey();
                } else {
                    throw new WSSecurityException(
                        WSSecurityException.FAILURE, "invalidSAMLsecurity",
                        new Object[]{"cannot get certificate or key"}
                    );
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

537
538
539
540
541
542
543
544
545
546
547
                throw new WSSecurityException(
                    WSSecurityException.FAILURE, "invalidSAMLsecurity",
                    new Object[]{"cannot get certificate or key"}
                );
            }
            SAMLKeyInfo samlKeyInfo =
                SAMLUtil.getCredentialFromKeyInfo(keyInfo.getDOM(), data, docInfo, data.getWssConfig().isWsiBSPCompliant());
            verifySignature(samlKeyInfo);
        } else {
            LOG.debug("AssertionWrapper: no signature to validate");
        }
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

161
162
163
164
165
166
167
168
169
170
171
172
173
                    requestData, new WSDocInfo(validateTargetElement.getOwnerDocument())
                );

                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
   
                validator.validate(trustCredential, requestData);

                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

483
484
485
486
487
488
489
490
491
492
493
494
495
496
        private SecurityToken createSecurityToken(
            AssertionWrapper assertionWrapper
        ) {
            SecurityToken token = new SecurityToken(assertionWrapper.getId());

            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
            if (subjectKeyInfo != null) {
                token.setSecret(subjectKeyInfo.getSecret());
                X509Certificate[] certs = subjectKeyInfo.getCerts();
                if (certs != null && certs.length > 0) {
                    token.setX509Certificate(certs[0], null);
                }
            }
            if (assertionWrapper.getSaml1() != null) {
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

103
104
105
106
107
108
109
110
111
112
113
114
115
            assertion.verifySignature(requestData,
                    new WSDocInfo(token.getOwnerDocument()));

            // Now verify trust on the signature
            Credential trustCredential = new Credential();
            SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
            trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
            trustCredential.setCertificates(samlKeyInfo.getCerts());
            trustCredential.setAssertion(assertion);

            SamlAssertionValidator trustValidator = new SamlAssertionValidator();
            trustValidator.setFutureTTL(config.getMaximumClockSkew().intValue());
           
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
                    }

                    String id = assertion.getId();
                    Date created = assertion.getNotBefore();
                    Date expires = assertion.getNotOnOrAfter();
                    SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                            signatureCrypto, tokenCallbackHandler);
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
                            token.setSecret(samlKi.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
                                "errorInAddingTokenIntoStore", e);
View Full Code Here

Examples of org.apache.ws.security.saml.SAMLKeyInfo

318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
            } else if (p instanceof DerivedKeyTokenProcessor) {
                DerivedKeyTokenProcessor dkp = (DerivedKeyTokenProcessor) p;
                decryptedData = dkp.getKeyBytes(WSSecurityUtil.getKeyLength(algorithm));
            } else if (p instanceof SAMLTokenProcessor) {
                SAMLTokenProcessor samlp = (SAMLTokenProcessor) p;
                SAMLKeyInfo keyInfo =
                    SAMLUtil.getSAMLKeyInfo(samlp.getSamlTokenElement(), crypto, cb);
                // TODO Handle malformed SAML tokens where they don't have the
                // secret in them
                decryptedData = keyInfo.getSecret();
            } else {
                // Try custom token
                WSPasswordCallback pwcb = new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN);
                try {
                    Callback[] callbacks = new Callback[]{pwcb};
                    cb.handle(callbacks);
                } catch (Exception e) {
                    throw new WSSecurityException(
                        WSSecurityException.FAILURE,
                        "noPassword",
                        new Object[] {id},
                        e
                    );
                }
                decryptedData = pwcb.getKey();
               
                if (decryptedData == null) {
                    throw new WSSecurityException(
                        WSSecurityException.FAILED_CHECK, "unsupportedKeyId"
                    );
                }
            }
        } else if (secRef.containsKeyIdentifier()) {
            if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
                Element token =
                    secRef.getKeyIdentifierTokenElement(secRefToken.getOwnerDocument(), wsDocInfo, cb);
               
                if (crypto == null) {
                    throw new WSSecurityException(
                        WSSecurityException.FAILURE, "noSigCryptoFile"
                    );
                }
                SAMLKeyInfo keyInfo = SAMLUtil.getSAMLKeyInfo(token, crypto, cb);
                // TODO Handle malformed SAML tokens where they don't have the
                // secret in them
                decryptedData = keyInfo.getSecret();
            } else {
                String sha = secRef.getKeyIdentifierValue();
               
                WSPasswordCallback pwcb =
                    new WSPasswordCallback(
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.