• Home
• io.imunity
• unity-server-saml
• 3.15.0
• source code
• MetadataSigner.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

pl.edu.icm.unity.saml.metadata.MetadataSigner Maven / Gradle / Ivy

/*
 * Copyright (c) 2014 ICM Uniwersytet Warszawski All rights reserved.
 * See LICENCE.txt file for licensing information.
 */
package pl.edu.icm.unity.saml.metadata;

import java.util.Date;

import org.w3c.dom.Document;

import eu.emi.security.authn.x509.X509Credential;
import eu.unicore.samly2.SAMLUtils;
import eu.unicore.samly2.trust.SamlTrustChecker;
import eu.unicore.security.dsig.DigSignatureUtil;
import xmlbeans.org.oasis.saml2.metadata.EntityDescriptorDocument;


/**
 * Decorator: takes a {@link MetadataProvider} and signs the content. The ID attribute is also generated.
 * @author K. Benedyczak
 */
public class MetadataSigner implements MetadataProvider
{
	private MetadataProvider wrappedProvider;
	private X509Credential credential;
	private EntityDescriptorDocument metadata;
	private Date lastUpdate;
	
	public MetadataSigner(MetadataProvider wrappedProvider, X509Credential credential) throws Exception
	{
		this.wrappedProvider = wrappedProvider;
		this.credential = credential;
		update();
	}

	private void update() throws Exception
	{
		lastUpdate = wrappedProvider.getLastmodification();
		metadata = wrappedProvider.getMetadata();
		
		String id = SAMLUtils.genID("unity-");
		metadata.getEntityDescriptor().setID(id);
		Document docToSign = (Document) metadata.getDomNode();
		DigSignatureUtil signer = new DigSignatureUtil();
		signer.genEnvelopedSignature(credential.getKey(), credential.getCertificate().getPublicKey(), 
				credential.getCertificateChain(), docToSign, docToSign.getFirstChild().getFirstChild(), 
				SamlTrustChecker.PROTOCOL_ID_QNAME);
	}
	
	@Override
	public EntityDescriptorDocument getMetadata() throws Exception
	{
		if (lastUpdate.before(wrappedProvider.getLastmodification()))
			update();
		return EntityDescriptorDocument.Factory.parse(metadata.xmlText());
	}

	@Override
	public Date getLastmodification()
	{
		return wrappedProvider.getLastmodification();
	}

	@Override
	public void stop()
	{
		wrappedProvider.stop();
	}
}