protected Crypto getCrypto(RequestData data) { return data.getSigVerCrypto(); }
wsDocInfo.setCrypto(requestData.getSigVerCrypto()); wsDocInfo.setSecurityHeader(securityHeader); final WSSConfig wssConfig = requestData.getWssConfig();
wsDocInfo.setCrypto(requestData.getSigVerCrypto()); wsDocInfo.setSecurityHeader(securityHeader); requestData.setWsDocInfo(wsDocInfo);
public Credential handleSAMLToken( SamlAssertionWrapper samlAssertion, RequestData data, Validator validator ) throws WSSecurityException { // Parse the subject if it exists samlAssertion.parseSubject( new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() ); // Now delegate the rest of the verification to the Validator Credential credential = new Credential(); credential.setSamlAssertion(samlAssertion); if (validator != null) { return validator.validate(credential, data); } return credential; }
/** * Get a SecretKey from a SAML Assertion */ private byte[] getSecretKeyFromAssertion( SamlAssertionWrapper samlAssertion, SecurityTokenReference secRef, RequestData data ) throws WSSecurityException { STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer()); SAMLKeyInfo samlKi = SAMLUtil.getCredentialFromSubject(samlAssertion, new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler()); if (samlKi == null) { throw new WSSecurityException( WSSecurityException.ErrorCode.FAILED_CHECK, "invalidSAMLToken", new Object[] {"No Secret Key"}); } return samlKi.getSecret(); }
data.getSigVerCrypto(), data.getCallbackHandler());
elem.getLocalName())); if (data.getSigVerCrypto() == null) { certs = getCertificatesTokenReference(token, data.getDecCrypto()); } else { certs = getCertificatesTokenReference(token, data.getSigVerCrypto());
samlKeyInfo = SAMLUtil.getCredentialFromKeyInfo( keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto() ); } else if (!keyInfoMustBeAvailable) { samlKeyInfo = createKeyInfoFromDefaultAlias(data.getSigVerCrypto()); new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() );
samlAssertion.parseSubject( new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() ); } else if (secRef.containsX509Data() || secRef.containsX509IssuerSerial()) { parserResult.setReferenceType(REFERENCE_TYPE.ISSUER_SERIAL); Crypto crypto = data.getSigVerCrypto(); X509Certificate[] foundCerts = secRef.getX509IssuerSerial(crypto); if (foundCerts != null && foundCerts.length > 0) { parseSAMLKeyIdentifier(secRef, data, parserResult); } else { Crypto crypto = data.getSigVerCrypto(); parseBSTKeyIdentifier(secRef, crypto, data, parserResult);
samlKeyInfo = SAMLUtil.getCredentialFromKeyInfo( keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto() ); } else if (!keyInfoMustBeAvailable) { samlKeyInfo = createKeyInfoFromDefaultAlias(data.getSigVerCrypto()); new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() );
SAMLUtil.getCredentialFromKeyInfo( keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto() ); assertion.verifySignature(samlKeyInfo); assertion.parseSubject( new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() );
data.getSigVerCrypto(), data.getCallbackHandler()); parserResult.setCerts(keyInfo.getCerts()); parserResult.setPublicKey(keyInfo.getPublicKey());
SAMLUtil.getCredentialFromKeyInfo( keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto() ); assertion.verifySignature(samlKeyInfo); assertion.parseSubject( new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler() );
@SuppressWarnings("deprecation") protected void decodeSignatureParameter2(RequestData reqData) throws WSSecurityException { if (reqData.getSigVerCrypto() == null) { reqData.setSigVerCrypto(loadSignatureVerificationCrypto(reqData)); if (reqData.getSigVerCrypto() == null) { reqData.setSigVerCrypto(loadSignatureCrypto(reqData));
Validator validator = data.getValidator(WSConstants.SIGNATURE); if (keyInfoElement == null) { certs = getDefaultCerts(data.getSigVerCrypto()); principal = certs[0].getSubjectX500Principal(); } else {
SAMLUtil.getCredentialFromSubject(samlAssertion, new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler()); parserResult.setCerts(samlKi.getCerts()); parserResult.setPublicKey(samlKi.getPublicKey());
requestData.getSigVerCrypto(), requestData.getCallbackHandler() );
SAMLUtil.getCredentialFromSubject(samlAssertion, new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler()); X509Certificate[] foundCerts = samlKi.getCerts(); if (foundCerts != null && foundCerts.length > 0) {
keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto() );