diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2021-01-25 19:03:25 +0100 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2021-01-25 19:03:38 +0100 |
| commit | b3caa532978b6337b6015b08c17ec0466d6f9670 (patch) | |
| tree | f8f4c1e6ee4395bd99e4cc59f7f00411d037b74f /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java | |
| parent | 6116a5aeea9fbf519c6f28fd17c65007cd0cbf64 (diff) | |
| download | EAAF-Components-b3caa532978b6337b6015b08c17ec0466d6f9670.tar.gz EAAF-Components-b3caa532978b6337b6015b08c17ec0466d6f9670.tar.bz2 EAAF-Components-b3caa532978b6337b6015b08c17ec0466d6f9670.zip | |
refactor PVP2 IDP module to support more than one IPvpMetadataProvider in one application
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java')
| -rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java index f0758706..fe941f74 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java @@ -22,9 +22,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation; import java.util.ArrayList; import java.util.List; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException; - import org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver; import org.opensaml.saml.security.impl.MetadataCredentialResolver; import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; @@ -33,9 +30,10 @@ import org.opensaml.xmlsec.keyinfo.impl.KeyInfoProvider; import org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider; import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider; import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider; -import org.opensaml.xmlsec.signature.support.SignatureTrustEngine; import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngine; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException; import lombok.extern.slf4j.Slf4j; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @@ -50,7 +48,7 @@ public class TrustEngineFactory { * @throws Pvp2InternalErrorException In case of a TrustEngine initialization * error */ - public static SignatureTrustEngine getSignatureKnownKeysTrustEngine( + public static SignatureTrustEngineDecorator getSignatureKnownKeysTrustEngine( final IPvp2MetadataProvider mdResolver) throws Pvp2InternalErrorException { try { final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>(); @@ -70,10 +68,9 @@ public class TrustEngineFactory { resolver.setKeyInfoCredentialResolver(keyInfoCredentialResolver); resolver.initialize(); - final ExplicitKeySignatureTrustEngine engine = - new ExplicitKeySignatureTrustEngine(resolver, keyInfoCredentialResolver); - - return engine; + return new SignatureTrustEngineDecorator( + new ExplicitKeySignatureTrustEngine(resolver, keyInfoCredentialResolver), + mdResolver); } catch (final ComponentInitializationException e) { log.warn("Initialization of SignatureTrustEngine FAILED.", e); |