本文整理汇总了Java中org.opensaml.saml.saml2.metadata.IDPSSODescriptor类的典型用法代码示例。如果您正苦于以下问题:Java IDPSSODescriptor类的具体用法?Java IDPSSODescriptor怎么用?Java IDPSSODescriptor使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
IDPSSODescriptor类属于org.opensaml.saml.saml2.metadata包,在下文中一共展示了IDPSSODescriptor类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: buildEntityRoleFilterIfNeeded
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private static void buildEntityRoleFilterIfNeeded(final SamlRegisteredService service, final List<MetadataFilter> metadataFilterList) {
if (StringUtils.isNotBlank(service.getMetadataCriteriaRoles())) {
final List<QName> roles = new ArrayList<>();
final Set<String> rolesSet = org.springframework.util.StringUtils.commaDelimitedListToSet(service.getMetadataCriteriaRoles());
rolesSet.stream().forEach(s -> {
if (s.equalsIgnoreCase(SPSSODescriptor.DEFAULT_ELEMENT_NAME.getLocalPart())) {
LOGGER.debug("Added entity role filter [{}]", SPSSODescriptor.DEFAULT_ELEMENT_NAME);
roles.add(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
}
if (s.equalsIgnoreCase(IDPSSODescriptor.DEFAULT_ELEMENT_NAME.getLocalPart())) {
LOGGER.debug("Added entity role filter [{}]", IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
roles.add(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
}
});
final EntityRoleFilter filter = new EntityRoleFilter(roles);
filter.setRemoveEmptyEntitiesDescriptors(service.isMetadataCriteriaRemoveEmptyEntitiesDescriptors());
filter.setRemoveRolelessEntityDescriptors(service.isMetadataCriteriaRemoveRolelessEntityDescriptors());
metadataFilterList.add(filter);
LOGGER.debug("Added entity role filter with roles [{}]", roles);
}
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:23,代码来源:ChainingMetadataResolverCacheLoader.java
示例2: getSingleSignOn
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
public URI getSingleSignOn(String entityId) {
EntityDescriptor idpEntityDescriptor;
try {
CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
} catch (ResolverException e) {
LOG.error(format("Exception when accessing metadata: {0}", e));
throw propagate(e);
}
if(idpEntityDescriptor!=null) {
final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
if (singleSignOnServices.isEmpty()) {
LOG.error(format("No singleSignOnServices present for IDP entityId: {0}", entityId));
} else {
if (singleSignOnServices.size() > 1) {
LOG.warn(format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
}
return URI.create(singleSignOnServices.get(0).getLocation());
}
}
throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:27,代码来源:IdpSingleSignOnServiceHelper.java
示例3: getSingleSignOn
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@Test
public void getSingleSignOn() throws Exception {
// Given
SingleSignOnServiceBuilder singleSignOnServiceBuilder = new SingleSignOnServiceBuilder();
SingleSignOnService singleSignOnService = singleSignOnServiceBuilder.buildObject();
singleSignOnService.setLocation("http://the-sso-location");
IDPSSODescriptorBuilder idpssoDescriptorBuilder = new IDPSSODescriptorBuilder();
IDPSSODescriptor idpssoDescriptor = idpssoDescriptorBuilder.buildObject();
idpssoDescriptor.getSingleSignOnServices().add(singleSignOnService);
idpssoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
EntityDescriptorBuilder entityDescriptorBuilder = new EntityDescriptorBuilder();
EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
entityDescriptor.setEntityID("the-entity-id");
entityDescriptor.getRoleDescriptors().add(idpssoDescriptor);
when(metadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityDescriptor.getEntityID())))).thenReturn(entityDescriptor);
// When
URI singleSignOnUri = service.getSingleSignOn(entityDescriptor.getEntityID());
// Then
assertThat(singleSignOnUri.toString(), equalTo(singleSignOnService.getLocation()));
verify(metadataResolver).resolveSingle(any(CriteriaSet.class));
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:27,代码来源:CountrySingleSignOnServiceHelperTest.java
示例4: apply
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
public InboundMatchingServiceRequest apply(final AttributeQuery attributeQuery) {
samlAttributeQueryValidator.validate(attributeQuery);
ValidatedAttributeQuery validatedAttributeQuery = attributeQuerySignatureValidator.validate(attributeQuery);
List<Assertion> assertions = assertionDecrypter.decryptAssertions(validatedAttributeQuery);
Map<Boolean, List<Assertion>> map = assertions.stream().collect(Collectors.groupingBy(this::isHubAssertion));
List<Assertion> hubAssertions = map.getOrDefault(true, Collections.emptyList());
List<Assertion> idpAssertions = map.getOrDefault(false, Collections.emptyList());
samlAttributeQueryAssertionsValidator.validateHubAssertions(validatedAttributeQuery, hubAssertions);
samlAttributeQueryAssertionsValidator.validateIdpAssertions(validatedAttributeQuery, idpAssertions);
ValidatedAssertions validatedHubAssertions = samlAssertionsSignatureValidator.validate(hubAssertions, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
ValidatedAssertions validatedIdpAssertions = samlAssertionsSignatureValidator.validate(idpAssertions, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
return inboundMatchingServiceRequestUnmarshaller.fromSaml(validatedAttributeQuery, validatedHubAssertions, validatedIdpAssertions);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:18,代码来源:VerifyAttributeQueryToInboundMatchingServiceRequestTransformer.java
示例5: shouldHaveAnIDPSSODescriptor
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@Test
public void shouldHaveAnIDPSSODescriptor() throws ResolverException, FederationMetadataLoadingException {
when(certificateStore.getSigningCertificates()).thenReturn(asList(getCertificate()));
Document matchingServiceAdapterMetadata = matchingServiceAdapterMetadataRepository.getMatchingServiceAdapterMetadata();
EntityDescriptor msa = getEntityDescriptor(matchingServiceAdapterMetadata, entityId);
assertThat(msa.getRoleDescriptors().size()).isEqualTo(2);
IDPSSODescriptor idpssoDescriptor = msa.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
assertThat(idpssoDescriptor).isNotNull();
assertThat(idpssoDescriptor.getSingleSignOnServices()).hasSize(1);
assertThat(idpssoDescriptor.getSingleSignOnServices().get(0).getLocation()).isEqualTo(hubSsoEndPoint);
// Shibboleth SP doesn't like the xsi:type="md:EndpointType" attribute on the SingleSignOnService element:
assertThat(idpssoDescriptor.getSingleSignOnServices().get(0).getSchemaType()).isNull();
assertThat(idpssoDescriptor.getKeyDescriptors()).hasSize(1);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:19,代码来源:MatchingServiceAdapterMetadataRepositoryTest.java
示例6: setDefaults
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private static void setDefaults(KeyStore ks, EntityDescriptor ed,
IDPSSODescriptor idp, AuthMechType currentMechanism,
HashMap<String, ParamType> params) {
if (params.get("assertionsSigned") == null || params.get("assertionsSigned").getValue().equalsIgnoreCase("false")) {
setProperty("responsesSigned","true",params,currentMechanism);
} else {
setProperty("responsesSigned","false",params,currentMechanism);
}
setProperty("jumpPage","",params,currentMechanism);
setProperty("sigAlg","RSA-SHA1",params,currentMechanism);
setProperty("authCtxRef","",params,currentMechanism);
setProperty("forceToSSL","false",params,currentMechanism);
setProperty("ldapAttribute","uid",params,currentMechanism);
setProperty("dnOU","SAML2",params,currentMechanism);
setProperty("defaultOC","inetOrgPerson",params,currentMechanism);
setProperty("dontLinkToLDAP","false",params,currentMechanism);
setProperty("responsesSigned","true",params,currentMechanism);
setProperty("assertionsSigned","false",params,currentMechanism);
}
开发者ID:TremoloSecurity,项目名称:OpenUnison,代码行数:25,代码来源:OpenUnisonUtils.java
示例7: handleResponsePost
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path(Urls.SamlProxyUrls.RESPONSE_POST_PATH)
@Timed
public Response handleResponsePost(SamlRequestDto samlRequestDto) {
final SessionId sessionId = new SessionId(samlRequestDto.getRelayState());
MDC.put("SessionId", sessionId);
relayStateValidator.validate(samlRequestDto.getRelayState());
org.opensaml.saml.saml2.core.Response samlResponse = stringSamlResponseTransformer.apply(samlRequestDto.getSamlRequest());
SamlValidationResponse signatureValidationResponse = authnResponseSignatureValidator.validate(samlResponse, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
protectiveMonitoringLogger.logAuthnResponse(
samlResponse,
Direction.INBOUND,
signatureValidationResponse.isOK());
if (!signatureValidationResponse.isOK()) {
SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
throw new SamlTransformationErrorException(failure.getErrorMessage(), signatureValidationResponse.getCause(), Level.ERROR);
}
final SamlAuthnResponseContainerDto authnResponseDto = new SamlAuthnResponseContainerDto(
samlRequestDto.getSamlRequest(),
sessionId,
samlRequestDto.getPrincipalIpAsSeenByFrontend()
);
return Response.ok(sessionProxy.receiveAuthnResponseFromIdp(authnResponseDto, sessionId)).build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:34,代码来源:SamlMessageReceiverApi.java
示例8: handleEidasResponsePost
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path(Urls.SamlProxyUrls.EIDAS_RESPONSE_POST_PATH)
@Timed
public Response handleEidasResponsePost(SamlRequestDto samlRequestDto) {
if (eidasAuthnResponseSignatureValidator.isPresent()) {
final SessionId sessionId = new SessionId(samlRequestDto.getRelayState());
MDC.put("SessionId", sessionId);
relayStateValidator.validate(samlRequestDto.getRelayState());
org.opensaml.saml.saml2.core.Response samlResponse = stringSamlResponseTransformer.apply(samlRequestDto.getSamlRequest());
SamlValidationResponse signatureValidationResponse = eidasAuthnResponseSignatureValidator.get().validate(samlResponse, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
protectiveMonitoringLogger.logAuthnResponse(
samlResponse,
Direction.INBOUND,
signatureValidationResponse.isOK());
if (!signatureValidationResponse.isOK()) {
SamlValidationSpecificationFailure failure = signatureValidationResponse.getSamlValidationSpecificationFailure();
throw new SamlTransformationErrorException(failure.getErrorMessage(), signatureValidationResponse.getCause(), Level.ERROR);
}
final SamlAuthnResponseContainerDto authnResponseDto = new SamlAuthnResponseContainerDto(
samlRequestDto.getSamlRequest(),
sessionId,
samlRequestDto.getPrincipalIpAsSeenByFrontend()
);
return Response.ok(sessionProxy.receiveAuthnResponseFromCountry(authnResponseDto, sessionId)).build();
}
return Response.status(Response.Status.NOT_FOUND).build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:37,代码来源:SamlMessageReceiverApi.java
示例9: createCountryEntityDescriptor
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder
.anIdpSsoDescriptor()
.addKeyDescriptor(keyDescriptor)
.build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:14,代码来源:NodeMetadataFactory.java
示例10: getEntityDescriptor
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:9,代码来源:NodeMetadataFactory.java
示例11: getSingleSignOn
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
public URI getSingleSignOn(String entityId) {
EidasMetadataResolver metadataResolver = new EidasMetadataResolver(new Timer(), client, URI.create(entityId));
try {
EntityDescriptor idpEntityDescriptor;
try {
CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
idpEntityDescriptor = metadataResolver.resolveSingle(criteria);
} catch (ResolverException e) {
LOG.error(format("Exception when accessing metadata: {0}", e));
throw propagate(e);
}
if (idpEntityDescriptor != null) {
final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
if (singleSignOnServices.isEmpty()) {
LOG.error(format("No singleSignOnServices present for IDP entityId: {0}", entityId));
} else {
if (singleSignOnServices.size() > 1) {
LOG.warn(format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
}
return URI.create(singleSignOnServices.get(0).getLocation());
}
}
throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
} finally {
if (metadataResolver != null) {
metadataResolver.destroy();
}
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:34,代码来源:CountrySingleSignOnServiceHelper.java
示例12: getEntityDescriptor
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:9,代码来源:NodeMetadataFactory.java
示例13: setup
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@Before
public void setup() throws Exception {
IdaSamlBootstrap.bootstrap();
service = new CountryAuthnResponseTranslatorService(
stringToOpenSamlResponseTransformer,
responseFromCountryValidator,
new IdpIdaStatusUnmarshaller(new IdpIdaStatus.IdpIdaStatusFactory(), new SamlStatusToIdpIdaStatusMappingsFactory()),
responseAssertionsFromCountryValidator,
validateSamlResponseIssuedByIdpDestination,
assertionDecrypter,
assertionBlobEncrypter,
samlResponseSignatureValidator,
samlAssertionsSignatureValidator,
new PassthroughAssertionUnmarshaller(new XmlObjectToBase64EncodedStringTransformer<>(), new AuthnContextFactory()));
Response eidasSAMLResponse = (Response) buildResponseFromFile();
ValidatedResponse validateEIDASSAMLResponse = new ValidatedResponse(eidasSAMLResponse);
List<Assertion> decryptedAssertions = eidasSAMLResponse.getAssertions();
when(samlAuthnResponseTranslatorDto.getSamlResponse()).thenReturn("eidas");
when(samlAuthnResponseTranslatorDto.getMatchingServiceEntityId()).thenReturn("mid");
when(stringToOpenSamlResponseTransformer.apply("eidas")).thenReturn(eidasSAMLResponse);
doNothing().when(responseFromCountryValidator).validate(eidasSAMLResponse);
when(samlResponseSignatureValidator.validate(eidasSAMLResponse, IDPSSODescriptor.DEFAULT_ELEMENT_NAME)).thenReturn(validateEIDASSAMLResponse);
when(assertionDecrypter.decryptAssertions(validateEIDASSAMLResponse)).thenReturn(decryptedAssertions);
when(assertionBlobEncrypter.encryptAssertionBlob(eq("mid"), any(String.class))).thenReturn(identityUnderlyingAssertionBlob);
when(samlAssertionsSignatureValidator.validate(decryptedAssertions, IDPSSODescriptor.DEFAULT_ELEMENT_NAME)).thenReturn(new ValidatedAssertions(decryptedAssertions));
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:29,代码来源:CountryAuthnResponseTranslatorServiceTest.java
示例14: translate
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
public TranslatedResponseBody translate(
List<Assertion> assertions,
String expectedInResponseTo,
LevelOfAssurance expectedLevelOfAssurance,
String entityId
) {
validateAssertions(assertions);
Assertion assertion = assertions.get(0);
assertionValidator.validate(assertion, expectedInResponseTo, entityId);
assertionsSignatureValidator.validate(assertions, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
AuthnStatement authnStatement = assertion.getAuthnStatements().get(0);
LevelOfAssurance levelOfAssurance = extractLevelOfAssurance(authnStatement);
LevelOfAssuranceValidator levelOfAssuranceValidator = new LevelOfAssuranceValidator();
levelOfAssuranceValidator.validate(levelOfAssurance, expectedLevelOfAssurance);
String nameID = assertion.getSubject().getNameID().getValue();
List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
if (isUserAccountCreation(attributeStatements)) {
return new TranslatedResponseBody(
ACCOUNT_CREATION,
nameID,
levelOfAssurance,
AttributeTranslationService.translateAttributes(attributeStatements.get(0))
);
}
return new TranslatedResponseBody(SUCCESS_MATCH, nameID, levelOfAssurance, null);
}
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:33,代码来源:AssertionTranslator.java
示例15: invokeOutboundMessageHandlers
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor,
final IDPSSODescriptor idpssoDescriptor,
final SAML2MessageContext outboundContext) {
try {
final EndpointURLSchemeSecurityHandler handlerEnd =
new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
final SAMLOutboundDestinationHandler handlerDest =
new SAMLOutboundDestinationHandler();
handlerDest.initialize();
handlerDest.invoke(outboundContext);
if (spDescriptor.isAuthnRequestsSigned()) {
final SAMLOutboundProtocolMessageSigningHandler handler = new
SAMLOutboundProtocolMessageSigningHandler();
handler.invoke(outboundContext);
} else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
logger.warn("IdP wants authn requests signed, it will perhaps reject your authn requests unless you provide a keystore");
}
} catch (final Exception e) {
throw new SAMLException(e);
}
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:29,代码来源:SAML2WebSSOMessageSender.java
示例16: getIdpSsoDescriptor
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private RoleDescriptor getIdpSsoDescriptor(OpenSamlXmlObjectFactory openSamlXmlObjectFactory) {
IDPSSODescriptor idpssoDescriptor = openSamlXmlObjectFactory.createIDPSSODescriptor();
idpssoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
idpssoDescriptor.getSingleSignOnServices().add(getSsoService());
idpssoDescriptor.getKeyDescriptors().addAll(getKeyDescriptors());
return idpssoDescriptor;
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:10,代码来源:MatchingServiceAdapterMetadataRepository.java
示例17: shouldGenerateValidMetadataFromLocalConfiguration
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@Test
public void shouldGenerateValidMetadataFromLocalConfiguration() throws Exception {
HTTPMetadataResolver httpMetadataResolver = new HTTPMetadataResolver(new Timer(), HttpClientBuilder.create().build(),
"http://localhost:" + applicationRule.getLocalPort() + "/matching-service/SAML2/metadata");
BasicParserPool basicParserPool = new BasicParserPool();
basicParserPool.initialize();
httpMetadataResolver.setParserPool(basicParserPool);
httpMetadataResolver.setId("test id");
httpMetadataResolver.initialize();
httpMetadataResolver.refresh();
EntityDescriptor descriptor = httpMetadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(TEST_RP_MS)));
AttributeAuthorityDescriptor attributeAuthorityDescriptor = descriptor.getAttributeAuthorityDescriptor(SAMLConstants.SAML20P_NS);
Map<UsageType, List<KeyDescriptor>> keysByUsage = attributeAuthorityDescriptor.getKeyDescriptors().stream()
.collect(groupingBy(KeyDescriptor::getUse));
assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
assertThat(keysByUsage.get(UsageType.ENCRYPTION)).hasSize(1);
assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
assertThat(getCertificateNames(keysByUsage, UsageType.ENCRYPTION)).contains(MSA_ENCRYPTION_PRIMARY);
IDPSSODescriptor idpssoDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
assertThat(idpssoDescriptor).isNotNull();
assertThat(idpssoDescriptor.getSingleSignOnServices()).hasSize(1);
keysByUsage = idpssoDescriptor.getKeyDescriptors().stream().collect(groupingBy(KeyDescriptor::getUse));
assertThat(keysByUsage.get(UsageType.SIGNING)).hasSize(2);
assertThat(getCertificateNames(keysByUsage, UsageType.SIGNING)).contains(MSA_SIGNING_PRIMARY, MSA_SIGNING_SECONDARY);
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:33,代码来源:MatchingServiceAdapterMetadataAppRuleTest.java
示例18: buildEntityCriteriaForSigningCredential
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
@Override
protected void buildEntityCriteriaForSigningCredential(final RequestAbstractType profileRequest, final CriteriaSet criteriaSet) {
criteriaSet.add(new EntityIdCriterion(casSamlIdPMetadataResolver.getId()));
criteriaSet.add(new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:6,代码来源:SamlIdPObjectSignatureValidator.java
示例19: validateResponse
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private ValidatedResponse validateResponse(Response response) {
responseFromCountryValidator.validate(response);
responseFromCountryDestinationValidator.validate(response);
return responseSignatureValidator.validate(response, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:6,代码来源:CountryAuthnResponseTranslatorService.java
示例20: validateAssertion
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; //导入依赖的package包/类
private Assertion validateAssertion(ValidatedResponse validatedResponse, List<Assertion> decryptedAssertions) {
assertionSignatureValidator.validate(decryptedAssertions, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
Assertion identityAssertion = decryptedAssertions.get(0);
responseAssertionFromCountryValidator.validate(validatedResponse, identityAssertion);
return identityAssertion;
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:7,代码来源:CountryAuthnResponseTranslatorService.java
注:本文中的org.opensaml.saml.saml2.metadata.IDPSSODescriptor类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论