Tabnine Logo
KeyDescriptor
Code IndexAdd Tabnine to your IDE (free)

How to use
KeyDescriptor
in
org.opensaml.saml2.metadata

Best Java code snippets using org.opensaml.saml2.metadata.KeyDescriptor (Showing top 20 results out of 315)

origin: cloudfoundry/uaa

protected KeyDescriptor getKeyDescriptor(UsageType type, KeyInfo key) {
  @SuppressWarnings("unchecked")
  SAMLObjectBuilder<KeyDescriptor> builder = (SAMLObjectBuilder<KeyDescriptor>) Configuration.getBuilderFactory()
      .getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME);
  KeyDescriptor descriptor = builder.buildObject();
  descriptor.setUse(type);
  descriptor.setKeyInfo(key);
  return descriptor;
}
origin: apache/cloudstack

if (idpDescriptor.getKeyDescriptors() != null) {
  for (KeyDescriptor kd : idpDescriptor.getKeyDescriptors()) {
    if (kd.getUse() == UsageType.SIGNING) {
      try {
        idpMetadata.setSigningCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
      } catch (CertificateException ignored) {
        s_logger.info("[ignored] encountered invalid certificate signing.", ignored);
    if (kd.getUse() == UsageType.ENCRYPTION) {
      try {
        idpMetadata.setEncryptionCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
      } catch (CertificateException ignored) {
        s_logger.info("[ignored] encountered invalid certificate encryption.", ignored);
    if (kd.getUse() == UsageType.UNSPECIFIED) {
      try {
        unspecifiedKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0);
      } catch (CertificateException ignored) {
        s_logger.info("[ignored] encountered invalid certificate.", ignored);
origin: coveo/saml-client

private static List<X509Certificate> getCertificates(IDPSSODescriptor idpSsoDescriptor)
  throws SamlException {
 List<X509Certificate> certificates;
 try {
  certificates =
    idpSsoDescriptor
      .getKeyDescriptors()
      .stream()
      .filter(x -> x.getUse() == UsageType.SIGNING)
      .flatMap(SamlClient::getDatasWithCertificates)
      .map(SamlClient::getFirstCertificate)
      .collect(Collectors.toList());
 } catch (Exception e) {
  throw new SamlException("Exception in getCertificates", e);
 }
 return certificates;
}
origin: org.opensaml/opensaml

/**
 * Checks that KeyInfo is present.
 * 
 * @param keyDescriptor the key descriptor to validate
 * @throws ValidationException thrown if KeyInfo is not present
 */
protected void validateKeyInfo(KeyDescriptor keyDescriptor) throws ValidationException {
  if (keyDescriptor.getKeyInfo()==null) {
    throw new ValidationException("KeyInfo required");
  }
}
origin: org.opensaml/opensaml

/** {@inheritDoc} */
protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject)
    throws UnmarshallingException {
  KeyDescriptor keyDescriptor = (KeyDescriptor) parentSAMLObject;
  if (childSAMLObject instanceof KeyInfo) {
    keyDescriptor.setKeyInfo((KeyInfo) childSAMLObject);
  } else if (childSAMLObject instanceof EncryptionMethod) {
    keyDescriptor.getEncryptionMethods().add((EncryptionMethod) childSAMLObject);
  } else {
    super.processChildElement(parentSAMLObject, childSAMLObject);
  }
}
origin: org.opensaml/opensaml

  /** {@inheritDoc} */
  protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException {
    KeyDescriptor keyDescriptor = (KeyDescriptor) samlObject;

    if (attribute.getName().equals(KeyDescriptor.USE_ATTRIB_NAME)) {
      try {
        UsageType usageType = UsageType.valueOf(UsageType.class, attribute.getValue().toUpperCase());
        // Only allow the enum values specified in the schema.
        if (usageType != UsageType.SIGNING && usageType != UsageType.ENCRYPTION) {
          throw new UnmarshallingException("Invalid key usage type: " + attribute.getValue());
        }
        keyDescriptor.setUse(usageType);
      } catch (IllegalArgumentException e) {
        throw new UnmarshallingException("Invalid key usage type: " + attribute.getValue());
      }
    }

    super.processAttribute(samlObject, attribute);
  }
}
origin: org.opensaml/opensaml

/**
 * Constructor.
 * 
 * @param descriptor the KeyDescriptor context from which a credential was resolved
 */
public SAMLMDCredentialContext(KeyDescriptor descriptor) {
  keyDescriptor = descriptor;
  if (descriptor != null) {
    // KeyDescriptor / EncryptionMethod
    encMethods = descriptor.getEncryptionMethods();
    // KeyDescriptor -> RoleDescriptor
    role = (RoleDescriptor) descriptor.getParent();
  }
}
origin: org.wso2.carbon.identity.metadata.saml2/org.wso2.carbon.identity.inbound.metadata.saml2

private void  setX509Certificate(EntityDescriptor entityDescriptor,SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
  List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors();
  if (descriptors != null && descriptors.size() > 0) {
    KeyDescriptor descriptor = descriptors.get(0);
    if (descriptor != null) {
      if (descriptor.getUse().toString().equals("SIGNING")) {
        try {
          samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0));
          samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID());
        } catch (java.security.cert.CertificateException ex) {
          log.error("Error While setting Certificate and alias", ex);
        }catch(java.lang.Exception ex){
          log.error("Error While setting Certificate and alias", ex);
        }
      }
    }
  }
}
private void  setSigningAlgorithmUri(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
origin: org.opensaml/opensaml

  /** {@inheritDoc} */
  protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException {
    KeyDescriptor keyDescriptor = (KeyDescriptor) xmlObject;

    if (keyDescriptor.getUse() != null) {
      UsageType use = keyDescriptor.getUse();
      // UsageType enum contains more values than are allowed by SAML 2 schema
      if (use.equals(UsageType.SIGNING) || use.equals(UsageType.ENCRYPTION)) {
        domElement.setAttribute(KeyDescriptor.USE_ATTRIB_NAME, use.toString().toLowerCase());
      } else if (use.equals(UsageType.UNSPECIFIED)) {
        // emit nothing for unspecified - this is semantically equivalent to non-existent attribute
      } else {
        // Just in case values are unknowingly added to UsageType in the future...
        throw new MarshallingException("KeyDescriptor had illegal value for use attribute: " + use.toString());
      }
    }
  }
}
origin: coveo/saml-client

private static Stream<X509Data> getDatasWithCertificates(KeyDescriptor descriptor) {
 return descriptor
   .getKeyInfo()
   .getX509Datas()
   .stream()
   .filter(d -> d.getX509Certificates().size() > 0);
}
origin: org.wso2.carbon.identity.metadata.saml2/org.wso2.carbon.identity.sp.metadata.saml2

private void setX509Certificate(EntityDescriptor entityDescriptor, SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO) {
  List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors();
  if (descriptors != null && descriptors.size() > 0) {
    KeyDescriptor descriptor = descriptors.get(0);
    if (descriptor != null) {
      if (descriptor.getUse().toString().equals("SIGNING")) {
        try {
          samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0));
          samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID());
        } catch (java.security.cert.CertificateException ex) {
          log.error("Error While setting Certificate and alias", ex);
        } catch (java.lang.Exception ex) {
          log.error("Error While setting Certificate and alias", ex);
        }
      }
    }
  }
}
origin: apache/cloudstack

signKeyDescriptor.setUse(UsageType.SIGNING);
encKeyDescriptor.setUse(UsageType.ENCRYPTION);
  signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingCredential));
  encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(encryptionCredential));
  spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
  spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor);
origin: org.opensaml/opensaml

  /**
   * Checks that use attribute has only one of allowed values.
   * 
   * @param keyDescriptor the key descriptor to validate
   * @throws ValidationException throw in use attribute does not have a legal value
   */
  protected void validateUse(KeyDescriptor keyDescriptor) throws ValidationException {
    UsageType use = keyDescriptor.getUse();
    if (use == null) {
      return;
    }
    if (       ! use.equals(UsageType.SIGNING) 
        && ! use.equals(UsageType.ENCRYPTION) 
        && ! use.equals(UsageType.UNSPECIFIED) ) {
      throw new ValidationException("Invalid value for use attribute: " + use.toString());
    }
  }
}
origin: edu.internet2.middleware/shibboleth-common

UsageType mdUsage = keyDescriptor.getUse();
if (mdUsage == null) {
  mdUsage = UsageType.UNSPECIFIED;
  if (keyDescriptor.getKeyInfo() != null) {
    trustedNames.addAll(getTrustedNames(keyDescriptor.getKeyInfo()));
origin: org.wso2.carbon.identity.metadata.saml2/org.wso2.carbon.identity.outbound.metadata.saml2

/**
 * Creates the key descriptor element with new key info each time called.
 *
 * @return KeyDescriptor with a new KeyInfo element.
 * @throws MetadataException
 */
private KeyDescriptor createKeyDescriptor() throws MetadataException {
  if (log.isDebugEnabled()) {
    log.debug("Creating the KeyDescriptor element");
  }
  KeyDescriptor keyDescriptor = BuilderUtil.createSAMLObject(ConfigElements.FED_METADATA_NS, "KeyDescriptor", "");
  keyDescriptor.setUse(UsageType.SIGNING);
  keyDescriptor.setKeyInfo(createKeyInfo());
  return keyDescriptor;
}
origin: org.opensaml/opensaml

UsageType mdUsage = keyDescriptor.getUse();
if (mdUsage == null) {
  mdUsage = UsageType.UNSPECIFIED;
  if (keyDescriptor.getKeyInfo() != null) {
    CriteriaSet critSet = new CriteriaSet();
    critSet.add(new KeyInfoCriteria(keyDescriptor.getKeyInfo()));
origin: org.springframework.security.extensions/spring-security-saml2-core

protected KeyDescriptor getKeyDescriptor(UsageType type, KeyInfo key) {
  SAMLObjectBuilder<KeyDescriptor> builder = (SAMLObjectBuilder<KeyDescriptor>) Configuration.getBuilderFactory().getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME);
  KeyDescriptor descriptor = builder.buildObject();
  descriptor.setUse(type);
  descriptor.setKeyInfo(key);
  return descriptor;
}
origin: org.wso2.carbon.identity.metadata.saml2/org.wso2.carbon.identity.outbound.metadata.saml2

  String use = "";
  try {
    use = descriptor.getUse().name().toString();
  } catch (Exception ex) {
    log.error("Error !!!!", ex);
KeyDescriptor descriptor = descriptors.get(i);
if (descriptor != null) {
  if (descriptor.getUse() != null && "SIGNING".equals(descriptor.getUse().toString())) {
    try {
      String cert = null;
      if (descriptor.getKeyInfo() != null) {
        if (descriptor.getKeyInfo().getX509Datas() != null && descriptor.getKeyInfo().getX509Datas().size() > 0) {
          for (int k = 0; k < descriptor.getKeyInfo().getX509Datas().size(); k++) {
            if (descriptor.getKeyInfo().getX509Datas().get(k) != null) {
              if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates() != null &&
                  descriptor.getKeyInfo().getX509Datas().get(0).getX509Certificates().size() > 0) {
                for (int y = 0; y < descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().size(); y++) {
                  if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y) != null) {
                    if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y).
                        getValue() != null && descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().
                        get(y).getValue().length() > 0) {
                      cert = descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y).
                          getValue().toString();
origin: OpenConext/Mujina

encKeyDescriptor.setUse(UsageType.SIGNING);
encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
origin: org.adeptnet.auth/auth-saml

if (kdesc.getUse() != UsageType.SIGNING) {
  continue;
KeyInfo ki = kdesc.getKeyInfo();
if (ki == null) {
  continue;
org.opensaml.saml2.metadataKeyDescriptor

Most used methods

  • getKeyInfo
    Gets information about the key, including the key itself.
  • getUse
    Gets the use of this key.
  • setKeyInfo
    Sets information about the key, including the key itself.
  • setUse
    Sets the use of this key.
  • getEncryptionMethods
    Gets the encryption methods that are supported by the entity.
  • getParent

Popular in Java

  • Creating JSON documents from java classes using gson
  • requestLocationUpdates (LocationManager)
  • findViewById (Activity)
  • getSystemService (Context)
  • Rectangle (java.awt)
    A Rectangle specifies an area in a coordinate space that is enclosed by the Rectangle object's top-
  • BufferedReader (java.io)
    Wraps an existing Reader and buffers the input. Expensive interaction with the underlying reader is
  • Hashtable (java.util)
    A plug-in replacement for JDK1.5 java.util.Hashtable. This version is based on org.cliffc.high_scale
  • TimerTask (java.util)
    The TimerTask class represents a task to run at a specified time. The task may be run once or repeat
  • JComboBox (javax.swing)
  • Location (org.springframework.beans.factory.parsing)
    Class that models an arbitrary location in a Resource.Typically used to track the location of proble
  • Top Vim plugins
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now