aboutsummaryrefslogtreecommitdiff
path: root/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java')
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java128
1 files changed, 60 insertions, 68 deletions
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
index 26635e337..1dcaf4c95 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java
@@ -64,10 +64,8 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException;
/**
- * Class that wraps the operations over SAML tokens, both generation and
- * validation of SAML requests and SAML responses. Compliant with "OASIS Secure
- * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account
- * STORK specific requirements.
+ * Class that wraps the operations over SAML tokens, both generation and validation of SAML requests and SAML responses. Compliant with "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005",
+ * but taking into account STORK specific requirements.
*
* @author fjquevedo
* @author iinigo
@@ -85,8 +83,7 @@ public class SAMLEngine {
private static Map<String, Map<String, Object>> instances;
/** The logger. */
- private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class
- .getName());
+ private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class.getName());
/** The Constant MODULE_SIGN_CONF. */
private static final String MODULE_SIGN_CONF = "SignatureConf";
@@ -100,7 +97,14 @@ public class SAMLEngine {
/** The Constant SAML_ENGINE_FILE_CONF. */
private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration";
- /** The codification of characters. */
+ /**
+ * Additional trust store for HW signing
+ */
+ private static final String HW_TRUST_STORE_CONF = "softTrustStoreConfig";
+
+ /**
+ * The codification of characters.
+ */
private static final String CHARACTER_ENCODING = "UTF-8";
/** The SAML core. */
@@ -109,7 +113,6 @@ public class SAMLEngine {
/** The Module of Signature. */
private SAMLEngineSignI signer;
-
/** Initializes the SAML engine. */
/** Configure Document Builder Factory. */
@@ -134,23 +137,16 @@ public class SAMLEngine {
}
/**
- * Method that initializes the basic services for the SAML Engine, like the
- * OpenSAML library and the BouncyCastle provider.
+ * Method that initializes the basic services for the SAML Engine, like the OpenSAML library and the BouncyCastle provider.
*/
private static void startUp() {
LOG.info("SAMLEngine: Initialize OpenSAML");
-
-
-/* Commented because it makes a problems with PVP2 MOA-ID
- try {
- DefaultBootstrap.bootstrap();
- } catch (ConfigurationException e) {
- LOG.error("Problem initializing the OpenSAML library.");
- throw new STORKSAMLEngineRuntimeException(e);
- }
-*/
+ /*
+ * Commented because it makes a problems with PVP2 MOA-ID try { DefaultBootstrap.bootstrap(); } catch (ConfigurationException e) { LOG.error("Problem initializing the OpenSAML library.");
+ * throw new STORKSAMLEngineRuntimeException(e); }
+ */
LOG.debug("Read all file configurations. (instances of SAMLEngine)");
try {
@@ -162,8 +158,7 @@ public class SAMLEngine {
LOG.debug("Create all instances of saml engine. (instances of SAMLEngine)");
try {
- instances = ConfigurationCreator
- .createConfiguration(instanceConfigs);
+ instances = ConfigurationCreator.createConfiguration(instanceConfigs);
} catch (STORKSAMLEngineException e) {
LOG.error("Error initializing instances from Stork SAML engine.");
throw new STORKSAMLEngineRuntimeException(e);
@@ -173,12 +168,13 @@ public class SAMLEngine {
/**
* Instantiates a new SAML engine.
*
- * @param nameInstance the name instance
+ * @param nameInstance
+ * the name instance
*
- * @throws STORKSAMLEngineException the STORKSAML engine exception
+ * @throws STORKSAMLEngineException
+ * the STORKSAML engine exception
*/
- protected SAMLEngine(final String nameInstance)
- throws STORKSAMLEngineException {
+ protected SAMLEngine(final String nameInstance) throws STORKSAMLEngineException {
LOG.info("Loading Specific Configuration.");
LOG.debug("Create intance of saml messages.");
@@ -187,8 +183,7 @@ public class SAMLEngine {
if (instance == null || instance.isEmpty()) {
LOG.error("Instance: " + nameInstance + " not exist.");
- throw new STORKSAMLEngineException("Instance: " + nameInstance
- + " not exist.");
+ throw new STORKSAMLEngineException("Instance: " + nameInstance + " not exist.");
}
Properties properties = (Properties) instance.get(SAML_ENGINE_CONF);
@@ -200,12 +195,10 @@ public class SAMLEngine {
samlCore = new STORKSAMLCore(properties);
- final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance
- .get(MODULE_SIGN_CONF);
+ final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance.get(MODULE_SIGN_CONF);
LOG.debug("Loading Module of sign.");
- signer = SignModuleFactory.getInstance(propertiesSign
- .get(SAML_ENGINE_SIGN_CLASS));
+ signer = SignModuleFactory.getInstance(propertiesSign.get(SAML_ENGINE_SIGN_CLASS));
try {
LOG.info("Initialize module of sign.");
@@ -213,8 +206,7 @@ public class SAMLEngine {
LOG.info("Load cryptographic service provider of module of sign.");
signer.loadCryptServiceProvider();
} catch (SAMLEngineException e) {
- LOG.error("Error create signature module: "
- + propertiesSign.get(SAML_ENGINE_FILE_CONF));
+ LOG.error("Error create signature module: " + propertiesSign.get(SAML_ENGINE_FILE_CONF));
LOG.info("Exception" + e);
throw new STORKSAMLEngineException(e);
}
@@ -239,30 +231,28 @@ public class SAMLEngine {
}
/**
- * Method that transform the received SAML object into a byte array
- * representation.
+ * Method that transform the received SAML object into a byte array representation.
*
- * @param samlToken the SAML token.
+ * @param samlToken
+ * the SAML token.
*
* @return the byte[] of the SAML token.
*
- * @throws SAMLEngineException the SAML engine exception
+ * @throws SAMLEngineException
+ * the SAML engine exception
*/
- private byte[] marshall(final XMLObject samlToken)
- throws SAMLEngineException {
+ private byte[] marshall(final XMLObject samlToken) throws SAMLEngineException {
try {
javax.xml.parsers.DocumentBuilder docBuilder = null;
- final MarshallerFactory marshallerFactory = Configuration
- .getMarshallerFactory();
+ final MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory();
final Marshaller marshaller;
if (samlToken.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
marshaller = new CustomAttributeQueryMarshaller();
else
- marshaller = marshallerFactory
- .getMarshaller(samlToken);
+ marshaller = marshallerFactory.getMarshaller(samlToken);
docBuilder = dbf.newDocumentBuilder();
@@ -274,13 +264,12 @@ public class SAMLEngine {
final DOMSource domSource = new DOMSource(doc);
final StringWriter writer = new StringWriter();
final StreamResult result = new StreamResult(writer);
- final TransformerFactory transFactory = TransformerFactory
- .newInstance();
+ final TransformerFactory transFactory = TransformerFactory.newInstance();
Transformer transformer;
transformer = transFactory.newTransformer();
transformer.transform(domSource, result);
- LOG.debug("SAML request \n"+ writer.toString());
+ LOG.debug("SAML request \n" + writer.toString());
return writer.toString().getBytes(CHARACTER_ENCODING);
} catch (ParserConfigurationException e) {
@@ -304,14 +293,15 @@ public class SAMLEngine {
/**
* Method that signs a SAML Token.
*
- * @param tokenSaml the token SAML
+ * @param tokenSaml
+ * the token SAML
*
* @return the SAML object sign
*
- * @throws SAMLEngineException the SAML engine exception
+ * @throws SAMLEngineException
+ * the SAML engine exception
*/
- private SignableSAMLObject sign(final SignableSAMLObject tokenSaml)
- throws SAMLEngineException {
+ private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException {
LOG.debug("Sign SamlToken.");
signer.sign(tokenSaml);
return tokenSaml;
@@ -320,31 +310,32 @@ public class SAMLEngine {
/**
* Sign and transform to byte array.
*
- * @param samlToken the SAML token
+ * @param samlToken
+ * the SAML token
*
* @return the byte[] of the SAML token
*
- * @throws SAMLEngineException the SAML engine exception
+ * @throws SAMLEngineException
+ * the SAML engine exception
*/
- protected final byte[] signAndMarshall(final SignableSAMLObject samlToken)
- throws SAMLEngineException {
+ protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) throws SAMLEngineException {
LOG.debug("Marshall Saml Token.");
SignableSAMLObject signElement = sign(samlToken);
return marshall(signElement);
}
/**
- * Method that unmarshalls a SAML Object from a byte array representation to
- * an XML Object.
+ * Method that unmarshalls a SAML Object from a byte array representation to an XML Object.
*
- * @param samlToken Byte array representation of a SAML Object
+ * @param samlToken
+ * Byte array representation of a SAML Object
*
* @return XML Object (superclass of SAMLObject)
*
- * @throws SAMLEngineException the SAML engine exception
+ * @throws SAMLEngineException
+ * the SAML engine exception
*/
- protected final XMLObject unmarshall(final byte[] samlToken)
- throws SAMLEngineException {
+ protected final XMLObject unmarshall(final byte[] samlToken) throws SAMLEngineException {
try {
// Get parser pool manager
final BasicParserPool ppMgr = new BasicParserPool();
@@ -358,12 +349,12 @@ public class SAMLEngine {
// Parse SAMLToken
Document document = ppMgr.parse(new ByteArrayInputStream(samlToken));
- if (document != null){
+ if (document != null) {
final Element root = document.getDocumentElement();
// Get appropriate unmarshaller
final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory();
// Unmarshall using the SAML Token root element
- if (unmarshallerFact != null && root != null){
+ if (unmarshallerFact != null && root != null) {
final Unmarshaller unmarshaller;
if (root.getLocalName().equals(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME))
unmarshaller = new CustomAttributeQueryUnmarshaller();
@@ -371,7 +362,7 @@ public class SAMLEngine {
unmarshaller = unmarshallerFact.getUnmarshaller(root);
try {
return unmarshaller.unmarshall(root);
- } catch (NullPointerException e){
+ } catch (NullPointerException e) {
LOG.error("Error element tag incomplet or null.");
throw new SAMLEngineException("NullPointerException", e);
}
@@ -398,14 +389,15 @@ public class SAMLEngine {
/**
* Method that validates an XML Signature contained in a SAML Token.
*
- * @param samlToken the SAML token
+ * @param samlToken
+ * the SAML token
*
* @return the SAML object
*
- * @throws SAMLEngineException the SAML engine exception
+ * @throws SAMLEngineException
+ * the SAML engine exception
*/
- protected final SAMLObject validateSignature(
- final SignableSAMLObject samlToken) throws SAMLEngineException {
+ protected final SAMLObject validateSignature(final SignableSAMLObject samlToken) throws SAMLEngineException {
LOG.info("Validate Signature");
signer.validateSignature(samlToken);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 23:48:18 +0000