/** {@inheritDoc} */ protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException { KeyDescriptor keyDescriptor = (KeyDescriptor) xmlObject; if (keyDescriptor.getUse() != null) { UsageType use = keyDescriptor.getUse(); // UsageType enum contains more values than are allowed by SAML 2 schema if (use.equals(UsageType.SIGNING) || use.equals(UsageType.ENCRYPTION)) { domElement.setAttribute(KeyDescriptor.USE_ATTRIB_NAME, use.toString().toLowerCase()); } else if (use.equals(UsageType.UNSPECIFIED)) { // emit nothing for unspecified - this is semantically equivalent to non-existent attribute } else { // Just in case values are unknowingly added to UsageType in the future... throw new MarshallingException("KeyDescriptor had illegal value for use attribute: " + use.toString()); } } } }
private void setX509Certificate(EntityDescriptor entityDescriptor, SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO) { List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors(); if (descriptors != null && descriptors.size() > 0) { KeyDescriptor descriptor = descriptors.get(0); if (descriptor != null) { if (descriptor.getUse().toString().equals("SIGNING")) { try { samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0)); samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID()); } catch (java.security.cert.CertificateException ex) { log.error("Error While setting Certificate and alias", ex); } catch (java.lang.Exception ex) { log.error("Error While setting Certificate and alias", ex); } } } } }
private void setX509Certificate(EntityDescriptor entityDescriptor,SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){ List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors(); if (descriptors != null && descriptors.size() > 0) { KeyDescriptor descriptor = descriptors.get(0); if (descriptor != null) { if (descriptor.getUse().toString().equals("SIGNING")) { try { samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0)); samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID()); } catch (java.security.cert.CertificateException ex) { log.error("Error While setting Certificate and alias", ex); }catch(java.lang.Exception ex){ log.error("Error While setting Certificate and alias", ex); } } } } } private void setSigningAlgorithmUri(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
/** * Checks that use attribute has only one of allowed values. * * @param keyDescriptor the key descriptor to validate * @throws ValidationException throw in use attribute does not have a legal value */ protected void validateUse(KeyDescriptor keyDescriptor) throws ValidationException { UsageType use = keyDescriptor.getUse(); if (use == null) { return; } if ( ! use.equals(UsageType.SIGNING) && ! use.equals(UsageType.ENCRYPTION) && ! use.equals(UsageType.UNSPECIFIED) ) { throw new ValidationException("Invalid value for use attribute: " + use.toString()); } } }
KeyDescriptor descriptor = descriptors.get(i); if (descriptor != null) { if (descriptor.getUse() != null && "SIGNING".equals(descriptor.getUse().toString())) { try { String cert = null;