1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.common.config.security;
18
19 import java.util.ArrayList;
20 import java.util.List;
21
22 import org.opensaml.saml2.metadata.provider.MetadataProvider;
23 import org.opensaml.security.MetadataCredentialResolver;
24 import org.opensaml.security.MetadataCredentialResolverFactory;
25 import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
26 import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
27 import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
28 import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
29 import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
30 import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
31 import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
32 import org.springframework.beans.factory.config.AbstractFactoryBean;
33
34
35
36
37 public class MetadataExplicitKeySignatureTrustEngineFactoryBean extends AbstractFactoryBean {
38
39
40 private MetadataProvider metadataProvider;
41
42
43
44
45
46
47 public MetadataProvider getMetadataProvider() {
48 return metadataProvider;
49 }
50
51
52
53
54
55
56 public void setMetadataProvider(MetadataProvider provider) {
57 metadataProvider = provider;
58 }
59
60
61 public Class getObjectType() {
62 return ExplicitKeySignatureTrustEngine.class;
63 }
64
65
66 protected Object createInstance() throws Exception {
67 MetadataCredentialResolverFactory mcrFactory = MetadataCredentialResolverFactory.getFactory();
68 MetadataCredentialResolver credResolver = mcrFactory.getInstance(getMetadataProvider());
69
70 List<KeyInfoProvider> keyInfoProviders = new ArrayList<KeyInfoProvider>();
71 keyInfoProviders.add(new DSAKeyValueProvider());
72 keyInfoProviders.add(new RSAKeyValueProvider());
73 keyInfoProviders.add(new InlineX509DataProvider());
74 KeyInfoCredentialResolver keyInfoCredResolver = new BasicProviderKeyInfoCredentialResolver(keyInfoProviders);
75
76 return new ExplicitKeySignatureTrustEngine(credResolver, keyInfoCredResolver);
77 }
78 }