本文整理汇总了Java中org.opensaml.xmlsec.signature.Signature类的典型用法代码示例。如果您正苦于以下问题:Java Signature类的具体用法?Java Signature怎么用?Java Signature使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Signature类属于org.opensaml.xmlsec.signature包,在下文中一共展示了Signature类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: setSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Applies the XML Digital Signature to the SAML 2.0 based Request.
*
* @param request the SAML 2.0 based Request
* @param signatureAlgorithm the algorithm used to compute the signature
* @param credential the signature signing credential
* @return the SAML 2.0 based Request with XML Digital Signature set
* @throws SSOException if an error occurs while signing the SAML 2.0 based Request message
*/
public static RequestAbstractType setSignature(RequestAbstractType request, String signatureAlgorithm,
X509Credential credential) throws SSOException {
try {
Signature signature = setSignatureRaw(signatureAlgorithm, credential);
request.setSignature(signature);
List<Signature> signatureList = new ArrayList<>();
signatureList.add(signature);
// marshall and sign
Marshaller marshaller = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(request);
if (marshaller != null) {
marshaller.marshall(request);
}
// initializes and configures the library
Init.init();
// signer is responsible for creating the digital signatures for the given XML Objects,
// signs the XML Objects based on the given order of the Signature list
Signer.signObjects(signatureList);
return request;
} catch (MarshallingException | SignatureException e) {
throw new SSOException("Error while signing the SAML 2.0 Request message", e);
}
}
开发者ID:wso2-extensions,项目名称:tomcat-extension-samlsso,代码行数:35,代码来源:SSOUtils.java
示例2: verifySamlProfileRequestIfNeeded
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Verify saml profile request if needed.
*
* @param profileRequest the profile request
* @param resolver the resolver
* @param request the request
* @param context the context
* @throws Exception the exception
*/
public void verifySamlProfileRequestIfNeeded(final RequestAbstractType profileRequest,
final MetadataResolver resolver,
final HttpServletRequest request,
final MessageContext context) throws Exception {
final RoleDescriptorResolver roleDescriptorResolver = getRoleDescriptorResolver(resolver, context, profileRequest);
LOGGER.debug("Validating signature for [{}]", profileRequest.getClass().getName());
final Signature signature = profileRequest.getSignature();
if (signature != null) {
validateSignatureOnProfileRequest(profileRequest, signature, roleDescriptorResolver);
} else {
validateSignatureOnAuthenticationRequest(profileRequest, request, context, roleDescriptorResolver);
}
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:26,代码来源:SamlObjectSignatureValidator.java
示例3: validateSignatureOnProfileRequest
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private void validateSignatureOnProfileRequest(final RequestAbstractType profileRequest,
final Signature signature,
final RoleDescriptorResolver roleDescriptorResolver) throws Exception {
final SAMLSignatureProfileValidator validator = new SAMLSignatureProfileValidator();
LOGGER.debug("Validating profile signature for [{}] via [{}]...", profileRequest.getIssuer(),
validator.getClass().getSimpleName());
validator.validate(signature);
LOGGER.debug("Successfully validated profile signature for [{}].", profileRequest.getIssuer());
final Credential credential = getSigningCredential(roleDescriptorResolver, profileRequest);
if (credential == null) {
throw new SamlException("Signing credential for validation could not be resolved");
}
LOGGER.debug("Validating signature using credentials for [{}]", credential.getEntityId());
SignatureValidator.validate(signature, credential);
LOGGER.info("Successfully validated the request signature.");
}
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:19,代码来源:SamlObjectSignatureValidator.java
示例4: getDigestMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static String getDigestMethodAlgorithm(final Optional<Signature> signature) {
if (signature.isPresent()) {
XMLSignature xmlSignature = ((SignatureImpl) signature.get()).getXMLSignature();
if (xmlSignature != null) {
SignedInfo signedInfo = xmlSignature.getSignedInfo();
try {
if (signedInfo != null && signedInfo.getLength() != 0 && signedInfo.item(0) != null) {
MessageDigestAlgorithm messageDigestAlgorithm = signedInfo.item(0).getMessageDigestAlgorithm();
if (messageDigestAlgorithm != null) {
return messageDigestAlgorithm.getJCEAlgorithmString();
}
}
} catch (XMLSecurityException e) {
LOG.debug(format("Error getting message digest algorithm: {0}", e));
}
}
}
return null;
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:20,代码来源:UnknownMethodAlgorithmLogger.java
示例5: setSignatureRaw
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Generates an XML Object representing a digital signature.
*
* @param signatureAlgorithm the algorithm used to compute the signature
* @param credential the signature signing credentials
* @return an XML Object representing an enveloped or detached XML Digital Signature
* @throws SSOException if an error occurs while getting the signature
*/
private static Signature setSignatureRaw(String signatureAlgorithm, X509Credential credential) throws SSOException {
Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(credential);
signature.setSignatureAlgorithm(signatureAlgorithm);
signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
try {
KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate cert = (X509Certificate) buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
String value = org.apache.xml.security.utils.Base64.encode(credential.getEntityCertificate().getEncoded());
cert.setValue(value);
data.getX509Certificates().add(cert);
keyInfo.getX509Datas().add(data);
signature.setKeyInfo(keyInfo);
return signature;
} catch (CertificateEncodingException e) {
throw new SSOException("Error getting certificate", e);
}
}
开发者ID:wso2-extensions,项目名称:tomcat-extension-samlsso,代码行数:29,代码来源:SSOUtils.java
示例6: addDeflateSignatureToHTTPQueryString
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Applies the XML Digital Signature to the HTTP query string specified.
*
* @param httpQueryString the primary HTTP query string which is to be digitally signed
* @param credential an entity credential associated with X.509 Public Key Infrastructure
* @throws SSOException if an error occurs while applying the SAML 2.0 Redirect binding signature
*/
public static void addDeflateSignatureToHTTPQueryString(StringBuilder httpQueryString, X509Credential credential)
throws SSOException {
try {
httpQueryString.append("&SigAlg=").
append(URLEncoder.encode(XMLSignature.ALGO_ID_SIGNATURE_RSA, StandardCharsets.UTF_8.name()).trim());
java.security.Signature signature = java.security.Signature.getInstance("SHA1withRSA");
signature.initSign(credential.getPrivateKey());
signature.update(httpQueryString.toString().getBytes(StandardCharsets.UTF_8));
byte[] signatureByteArray = signature.sign();
String signatureBase64EncodedString = Base64Support.encode(signatureByteArray, false);
httpQueryString.append("&Signature=").
append(URLEncoder.encode(signatureBase64EncodedString, StandardCharsets.UTF_8.name()).trim());
} catch (NoSuchAlgorithmException | InvalidKeyException |
java.security.SignatureException | UnsupportedEncodingException e) {
throw new SSOException("Error applying SAML 2.0 Redirect Binding signature", e);
}
}
开发者ID:wso2-extensions,项目名称:tomcat-extension-samlsso,代码行数:27,代码来源:SSOUtils.java
示例7: createCountryEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder
.anIdpSsoDescriptor()
.addKeyDescriptor(keyDescriptor)
.build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:14,代码来源:NodeMetadataFactory.java
示例8: getEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:9,代码来源:NodeMetadataFactory.java
示例9: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static Signature createSignature() {
String metadataSigningCert = METADATA_SIGNING_A_PUBLIC_CERT;
String metadataSigningKey = METADATA_SIGNING_A_PRIVATE_KEY;
TestCredentialFactory testCredentialFactory = new TestCredentialFactory(metadataSigningCert, metadataSigningKey);
Credential credential = testCredentialFactory.getSigningCredential();
return SignatureBuilder
.aSignature()
.withSigningCredential(credential)
.withX509Data(metadataSigningCert)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:12,代码来源:NodeMetadataFactory.java
示例10: probeResponseForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeResponseForMethodAlgorithm(final InboundResponseFromIdp response) {
if (response != null) {
final Optional<Signature> signature = response.getSignature();
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.IDP, signatureMethodAlgorithm, digestMethodAlgorithm, Response.DEFAULT_ELEMENT_LOCAL_NAME);
}
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:11,代码来源:UnknownMethodAlgorithmLogger.java
示例11: probeAssertionForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeAssertionForMethodAlgorithm(final Assertion assertion, final String typeOfAssertion) {
String prefixAssertion = typeOfAssertion + Assertion.DEFAULT_ELEMENT_LOCAL_NAME;
if (assertion != null) {
final Optional<Signature> signature = Optional.ofNullable(assertion.getSignature());
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.IDP, signatureMethodAlgorithm, digestMethodAlgorithm, prefixAssertion);
}
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:12,代码来源:UnknownMethodAlgorithmLogger.java
示例12: probeAuthnRequestForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeAuthnRequestForMethodAlgorithm(final AuthnRequestFromRelyingParty authnRequest) {
if (authnRequest != null) {
final Optional<Signature> signature = authnRequest.getSignature();
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.SP, signatureMethodAlgorithm, digestMethodAlgorithm, AuthnRequest.DEFAULT_ELEMENT_LOCAL_NAME);
}
}
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:11,代码来源:UnknownMethodAlgorithmLogger.java
示例13: getEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:9,代码来源:NodeMetadataFactory.java
示例14: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static Signature createSignature() {
TestCredentialFactory testCredentialFactory = new TestCredentialFactory(METADATA_SIGNING_A_PUBLIC_CERT, METADATA_SIGNING_A_PRIVATE_KEY);
Credential credential = testCredentialFactory.getSigningCredential();
return SignatureBuilder
.aSignature()
.withSigningCredential(credential)
.withX509Data(METADATA_SIGNING_A_PUBLIC_CERT)
.build();
}
开发者ID:alphagov,项目名称:verify-hub,代码行数:10,代码来源:NodeMetadataFactory.java
示例15: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private Signature createSignature() {
KeyPair signingKeyPair = new KeyPair(publicKeyFromPrivateKey(signingKey), signingKey);
IdaKeyStore keyStore = new IdaKeyStore(signingKeyPair, Collections.emptyList());
IdaKeyStoreCredentialRetriever keyStoreCredentialRetriever = new IdaKeyStoreCredentialRetriever(keyStore);
SignatureRSASHA256 signatureAlgorithm = new SignatureRSASHA256();
DigestSHA256 digestAlgorithm = new DigestSHA256();
SignatureFactory signatureFactory = new SignatureFactory(keyStoreCredentialRetriever, signatureAlgorithm, digestAlgorithm);
return signatureFactory.createSignature();
}
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:10,代码来源:AuthnRequestFactory.java
示例16: shouldFailHealthcheckWhenHubMetadataIsSignedWithMD5
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
@Test
public void shouldFailHealthcheckWhenHubMetadataIsSignedWithMD5() {
String id = UUID.randomUUID().toString();
Signature signature = SignatureBuilder.aSignature()
.withDigestAlgorithm(id, new DigestMD5())
.withX509Data(TestCertificateStrings.METADATA_SIGNING_A_PUBLIC_CERT)
.withSigningCredential(new TestCredentialFactory(TestCertificateStrings.METADATA_SIGNING_A_PUBLIC_CERT,
TestCertificateStrings.METADATA_SIGNING_A_PRIVATE_KEY).getSigningCredential()).build();
String metadata = new MetadataFactory().metadata(new EntitiesDescriptorFactory().signedEntitiesDescriptor(id, signature));
wireMockServer.stubFor(
get(urlEqualTo("/SAML2/metadata"))
.willReturn(
aResponse()
.withStatus(200)
.withBody(metadata)
)
);
applicationTestSupport.before();
Client client = new JerseyClientBuilder(applicationTestSupport.getEnvironment()).build("test client");
Response response = client
.target(URI.create(String.format(HEALTHCHECK_URL, applicationTestSupport.getLocalPort())))
.request()
.buildGet()
.invoke();
String expectedResult = "\"hubMetadata\":{\"healthy\":false";
wireMockServer.verify(getRequestedFor(urlEqualTo("/SAML2/metadata")));
assertThat(response.getStatus()).isEqualTo(INTERNAL_SERVER_ERROR.getStatusCode());
assertThat(response.readEntity(String.class)).contains(expectedResult);
}
开发者ID:alphagov,项目名称:verify-service-provider,代码行数:36,代码来源:HubMetadataFeatureTest.java
示例17: validateAssertionSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Validate assertion signature. If none is found and the SAML response did not have one and the SP requires
* the assertions to be signed, the validation fails.
*
* @param signature the signature
* @param context the context
* @param engine the engine
*/
protected final void validateAssertionSignature(final Signature signature, final SAML2MessageContext context,
final SignatureTrustEngine engine) {
final SAMLPeerEntityContext peerContext = context.getSAMLPeerEntityContext();
if (signature != null) {
final String entityId = peerContext.getEntityId();
validateSignature(signature, entityId, engine);
} else {
if (wantsAssertionsSigned(context) && !peerContext.isAuthenticated()) {
throw new SAMLException("Assertion or response must be signed");
}
}
}
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:23,代码来源:SAML2DefaultResponseValidator.java
示例18: createResponse
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public Element createResponse(String requestId, String issuerId, String message) throws MarshallingException, SignatureException {
org.opensaml.saml.saml2.core.Response response = factory.createResponse();
Issuer issuer = factory.createIssuer(issuerId);
response.setIssuer(issuer);
response.setInResponseTo(requestId);
response.setID(idGenerator.getId());
StatusCode statusCode = factory.createStatusCode();
statusCode.setValue(StatusCode.REQUESTER);
Status status = factory.createStatus();
status.setStatusCode(statusCode);
response.setStatus(status);
StatusMessage statusMessage = factory.createStatusMessage();
statusMessage.setMessage(message);
status.setStatusMessage(statusMessage);
Signature signature = factory.createSignature();
signature.setSigningCredential(credentialFactory.getSigningCredential());
response.setSignature(signature);
XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(response).marshall(response);
Signer.signObject(response.getSignature());
return response.getDOM();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:28,代码来源:ExceptionResponseFactory.java
示例19: aValidSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static Signature aValidSignature() {
return aSignature()
.withSigningCredential(
new TestCredentialFactory(
STUB_IDP_PUBLIC_PRIMARY_CERT,
STUB_IDP_PUBLIC_PRIMARY_PRIVATE_KEY
).getSigningCredential()
).build();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:10,代码来源:AssertionHelper.java
示例20: aMatchingDatasetAssertionWithSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static Assertion aMatchingDatasetAssertionWithSignature(List<Attribute> attributes, Signature signature, boolean shouldBeExpired, String requestId) {
return anAssertion()
.withId("mds-assertion")
.withIssuer(anIssuer().withIssuerId(STUB_IDP_ONE).build())
.withSubject(
anAssertionSubject(requestId, shouldBeExpired)
)
.withSignature(signature)
.addAttributeStatement(
anAttributeStatement()
.addAllAttributes(attributes)
.build()
).buildUnencrypted();
}
开发者ID:alphagov,项目名称:verify-matching-service-adapter,代码行数:15,代码来源:AssertionHelper.java
注:本文中的org.opensaml.xmlsec.signature.Signature类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论