1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package edu.internet2.middleware.shibboleth.common.config.security;
19
20 import java.util.ArrayList;
21 import java.util.List;
22
23 import org.opensaml.saml2.metadata.provider.MetadataProvider;
24 import org.opensaml.security.MetadataCredentialResolver;
25 import org.opensaml.security.MetadataCredentialResolverFactory;
26 import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
27 import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
28 import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
29 import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
30 import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
31 import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
32 import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
33 import org.springframework.beans.factory.config.AbstractFactoryBean;
34
35
36
37
38 public class MetadataExplicitKeySignatureTrustEngineFactoryBean extends AbstractFactoryBean {
39
40
41 private MetadataProvider metadataProvider;
42
43
44
45
46
47
48 public MetadataProvider getMetadataProvider() {
49 return metadataProvider;
50 }
51
52
53
54
55
56
57 public void setMetadataProvider(MetadataProvider provider) {
58 metadataProvider = provider;
59 }
60
61
62 public Class getObjectType() {
63 return ExplicitKeySignatureTrustEngine.class;
64 }
65
66
67 protected Object createInstance() throws Exception {
68 MetadataCredentialResolverFactory mcrFactory = MetadataCredentialResolverFactory.getFactory();
69 MetadataCredentialResolver credResolver = mcrFactory.getInstance(getMetadataProvider());
70
71 List<KeyInfoProvider> keyInfoProviders = new ArrayList<KeyInfoProvider>();
72 keyInfoProviders.add(new DSAKeyValueProvider());
73 keyInfoProviders.add(new RSAKeyValueProvider());
74 keyInfoProviders.add(new InlineX509DataProvider());
75 KeyInfoCredentialResolver keyInfoCredResolver = new BasicProviderKeyInfoCredentialResolver(keyInfoProviders);
76
77 return new ExplicitKeySignatureTrustEngine(credResolver, keyInfoCredResolver);
78 }
79 }