• Home
• uk.gov.ida
• saml-lib
• 3.4.6-273
• source code
• CredentialFactorySignatureValidator.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

uk.gov.ida.saml.security.CredentialFactorySignatureValidator Maven / Gradle / Ivy

package uk.gov.ida.saml.security;

import net.shibboleth.utilities.java.support.resolver.Criterion;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialResolver;
import org.opensaml.security.credential.impl.StaticCredentialResolver;
import org.opensaml.security.trust.TrustEngine;
import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.signature.Signature;
import uk.gov.ida.saml.security.signature.OutgoingKeySignatureTrustEngine;

import javax.xml.namespace.QName;
import java.util.Arrays;
import java.util.List;

public class CredentialFactorySignatureValidator extends SignatureValidator {
    private final SigningCredentialFactory credentialFactory;

    public CredentialFactorySignatureValidator(SigningCredentialFactory credentialFactory) {
        this.credentialFactory = credentialFactory;
    }

    @Override
    protected List getAdditionalCriteria(String entityId, QName role) {
        return Arrays.asList(new Criterion() {});
    }

    @Override
    protected TrustEngine getTrustEngine(String entityId) {
        List credentials = credentialFactory.getVerifyingCredentials(entityId);

        CredentialResolver credResolver = new StaticCredentialResolver(credentials);
        KeyInfoCredentialResolver kiResolver = DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver();
        return new OutgoingKeySignatureTrustEngine(credResolver, kiResolver);
    }
}