diff options
Diffstat (limited to 'connector')
2 files changed, 3 insertions, 32 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java index 633559de..aa45c836 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java @@ -48,8 +48,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory; diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java index 43f1740f..651b7b78 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java @@ -25,10 +25,8 @@ package at.asitplus.eidas.specific.connector.provider; import java.io.IOException; import java.security.KeyStore; -import java.security.KeyStoreException; import java.security.Provider; import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Collections; @@ -38,7 +36,6 @@ import org.apache.commons.lang3.StringUtils; import org.opensaml.saml.metadata.resolver.MetadataResolver; import org.opensaml.saml.metadata.resolver.filter.MetadataFilter; import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain; -import org.opensaml.security.x509.BasicX509Credential; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -50,11 +47,10 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; +import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; @@ -131,7 +127,7 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider { final List<MetadataFilter> filterList = new ArrayList<>(); filterList.add(new SchemaValidationFilter(true)); filterList.add(new SimpleMetadataSignatureVerificationFilter( - getTrustedCertificates(keyStore.getFirst()), entityId)); + keyStore.getFirst(), entityId)); filterList.add(new PvpEntityCategoryFilter( basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES, true))); @@ -177,29 +173,4 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider { return "Service-provider chainging metadata provider"; } - - private List<BasicX509Credential> getTrustedCertificates(KeyStore trustStore) throws EaafConfigurationException { - try { - final List<X509Certificate> certs = - EaafKeyStoreUtils.readCertsFromKeyStore(trustStore); - if (certs.isEmpty()) { - log.warn("No trusted metadata-signing certificates in configuration"); - throw new EaafConfigurationException("module.eidasauth.02", - new Object[] { "No trusted metadata-signing certificates" }); - - } - - final List<BasicX509Credential> result = new ArrayList<>(); - for (final X509Certificate cert : certs) { - result.add(new BasicX509Credential(cert)); - - } - return result; - - } catch (final KeyStoreException e) { - throw new EaafConfigurationException("module.eidasauth.01", - new Object[] { "Trusted metadata-signing certificates", e.getMessage() }, e); - - } - } } |