1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.common.config.security;
18
19 import java.util.ArrayList;
20 import java.util.List;
21
22 import org.opensaml.saml2.metadata.provider.MetadataProvider;
23 import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
24 import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
25 import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
26 import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
27 import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
28 import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
29 import org.opensaml.xml.signature.impl.PKIXSignatureTrustEngine;
30 import org.springframework.beans.factory.config.AbstractFactoryBean;
31
32 import edu.internet2.middleware.shibboleth.common.security.MetadataPKIXValidationInformationResolver;
33
34
35
36
37 public class MetadataPKIXSignatureTrustEngineFactoryBean extends AbstractFactoryBean {
38
39
40 private MetadataProvider metadataProvider;
41
42
43
44
45
46
47 public MetadataProvider getMetadataProvider() {
48 return metadataProvider;
49 }
50
51
52
53
54
55
56 public void setMetadataProvider(MetadataProvider provider) {
57 metadataProvider = provider;
58 }
59
60
61 public Class getObjectType() {
62 return PKIXSignatureTrustEngine.class;
63 }
64
65
66 protected Object createInstance() throws Exception {
67 MetadataPKIXValidationInformationResolver pviResolver = new MetadataPKIXValidationInformationResolver(
68 getMetadataProvider());
69
70 List<KeyInfoProvider> keyInfoProviders = new ArrayList<KeyInfoProvider>();
71 keyInfoProviders.add(new DSAKeyValueProvider());
72 keyInfoProviders.add(new RSAKeyValueProvider());
73 keyInfoProviders.add(new InlineX509DataProvider());
74 KeyInfoCredentialResolver keyInfoCredResolver = new BasicProviderKeyInfoCredentialResolver(keyInfoProviders);
75
76 return new PKIXSignatureTrustEngine(pviResolver, keyInfoCredResolver);
77 }
78 }