View Javadoc

1   /*
2    * Licensed to the University Corporation for Advanced Internet Development, 
3    * Inc. (UCAID) under one or more contributor license agreements.  See the 
4    * NOTICE file distributed with this work for additional information regarding
5    * copyright ownership. The UCAID licenses this file to You under the Apache 
6    * License, Version 2.0 (the "License"); you may not use this file except in 
7    * compliance with the License.  You may obtain a copy of the License at
8    *
9    *    http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  
18  package edu.internet2.middleware.shibboleth.common.config.security;
19  
20  import java.util.ArrayList;
21  import java.util.List;
22  
23  import org.opensaml.xml.security.credential.Credential;
24  import org.opensaml.xml.security.credential.StaticCredentialResolver;
25  import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
26  import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
27  import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
28  import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
29  import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
30  import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
31  import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
32  import org.springframework.beans.factory.config.AbstractFactoryBean;
33  
34  /**
35   * Spring factory bean used to created {@link ExplicitKeySignatureTrustEngine}s based on a static credential resolver.
36   */
37  public class StaticExplicitKeySignatureTrustEngineFactoryBean extends AbstractFactoryBean {
38      
39      /** List of trusted credentials. */
40      private List<Credential> credentials;
41  
42      /**
43       * Gets the list of trusted credentials.
44       * 
45       * @return the list of trusted credentials
46       */
47      public List<Credential> getCredentials() {
48          return credentials;
49      }
50  
51      /**
52       * Sets the list of trusted credentials.
53       * 
54       * @param newCredentials the new list of trusted credentials
55       */
56      public void setCredentials(List<Credential> newCredentials) {
57          credentials = newCredentials;
58      }
59  
60      /** {@inheritDoc} */
61      public Class getObjectType() {
62          return ExplicitKeySignatureTrustEngine.class;
63      }
64      
65      /** {@inheritDoc} */
66      protected Object createInstance() throws Exception {
67          StaticCredentialResolver credResolver = new StaticCredentialResolver(getCredentials());
68          
69          List<KeyInfoProvider> keyInfoProviders = new ArrayList<KeyInfoProvider>();
70          keyInfoProviders.add(new DSAKeyValueProvider());
71          keyInfoProviders.add(new RSAKeyValueProvider());
72          keyInfoProviders.add(new InlineX509DataProvider());
73          KeyInfoCredentialResolver keyInfoCredResolver = new BasicProviderKeyInfoCredentialResolver(keyInfoProviders);
74          
75          return new ExplicitKeySignatureTrustEngine(credResolver, keyInfoCredResolver);
76      }
77  }