a lot of more OpenSAML3 refactoring staff

This version is also NOT stable!

1 files changed, 17 insertions, 19 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
index 6497ce06..1591198c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
@@ -22,41 +22,39 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
 import java.util.ArrayList;
 import java.util.List;
 
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.security.MetadataCredentialResolver;
-import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
-import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
-import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
-import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
-import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
-import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
-import org.opensaml.xml.signature.SignatureTrustEngine;
-import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+
+import org.opensaml.saml.metadata.resolver.impl.PredicateRoleDescriptorResolver;
+import org.opensaml.saml.security.impl.MetadataCredentialResolver;
+import org.opensaml.xmlsec.keyinfo.impl.BasicProviderKeyInfoCredentialResolver;
+import org.opensaml.xmlsec.keyinfo.impl.KeyInfoProvider;
+import org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider;
+import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider;
+import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider;
+import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
+import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngine;
 
 public class TrustEngineFactory {
 
   /**
    * Get OpenSAML2 TrustEngine.
    *
-   * @param provider Metadata provider
+   * @param mdResolver Metadata provider
    * @return
    */
   public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(
-      final MetadataProvider provider) {
-    MetadataCredentialResolver resolver;
-
-    resolver = new MetadataCredentialResolver(provider);
+      final IPvp2MetadataProvider mdResolver) {
+    final MetadataCredentialResolver resolver = new MetadataCredentialResolver();
+    resolver.setRoleDescriptorResolver(new PredicateRoleDescriptorResolver(mdResolver));
 
     final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>();
     keyInfoProvider.add(new DSAKeyValueProvider());
     keyInfoProvider.add(new RSAKeyValueProvider());
     keyInfoProvider.add(new InlineX509DataProvider());
 
-    final KeyInfoCredentialResolver keyInfoResolver =
-        new BasicProviderKeyInfoCredentialResolver(keyInfoProvider);
-
     final ExplicitKeySignatureTrustEngine engine =
-        new ExplicitKeySignatureTrustEngine(resolver, keyInfoResolver);
+        new ExplicitKeySignatureTrustEngine(resolver,
+            new BasicProviderKeyInfoCredentialResolver(keyInfoProvider));
 
     return engine;