List of usage examples for java.security KeyFactory getProvider
public final Provider getProvider()
From source file:com.vmware.demo.SamlService.java
public String validateSAMLResponse(String samlResponse, String samlCert) throws Exception { String decodedString = ""; try {/*from ww w . j a v a 2 s . co m*/ decodedString = decodeSAMLResponse(samlResponse); InputStream inputStream = new ByteArrayInputStream(decodedString.getBytes("UTF-8")); // Parse XML BasicParserPool parserPoolManager = new BasicParserPool(); parserPoolManager.setNamespaceAware(true); parserPoolManager.setIgnoreElementContentWhitespace(true); Document document = parserPoolManager.parse(inputStream); Element metadataRoot = document.getDocumentElement(); QName qName = new QName(metadataRoot.getNamespaceURI(), metadataRoot.getLocalName(), metadataRoot.getPrefix()); // Unmarshall document Unmarshaller unmarshaller = Configuration.getUnmarshallerFactory().getUnmarshaller(qName); Response response = (Response) unmarshaller.unmarshall(metadataRoot); Issuer issuer = response.getIssuer(); logger.info("Parsed response. Issued:" + response.getIssueInstant().toString() + ", issuer: " + issuer.getValue()); java.security.cert.X509Certificate jX509Cert = SamlUtils.parsePemCertificate(samlCert); if (null == jX509Cert) { logger.info("Failed to parse cert. " + samlCert); return ""; } PublicKey publicCert = jX509Cert.getPublicKey(); logger.info("Extracted cert. Cert:" + publicCert); X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicCert.getEncoded()); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicKey = keyFactory.generatePublic(publicKeySpec); logger.debug("Key created by provider: " + keyFactory.getProvider().toString()); // Setup validation BasicX509Credential publicCredential = new BasicX509Credential(); publicCredential.setPublicKey(publicKey); SignatureValidator signatureValidator = new SignatureValidator(publicCredential); Signature signature = response.getSignature(); // Validate try { signatureValidator.validate(signature); logger.info("Assertion signature validated."); } catch (ValidationException e) { logger.error("Failed to validate signature of assertion", e); throw e; } // Get decryption key RSAPrivateKey privateKey = null; BasicX509Credential decryptionCredential = new BasicX509Credential(); decryptionCredential.setPrivateKey(privateKey); StaticKeyInfoCredentialResolver skicr = new StaticKeyInfoCredentialResolver(decryptionCredential); // Decrypt assertion Decrypter decrypter = new Decrypter(null, skicr, new InlineEncryptedKeyResolver()); if (response.getEncryptedAssertions().isEmpty()) { logger.info("Nothing to decrypt in assertion."); } else { Assertion decryptedAssertion; try { decryptedAssertion = decrypter.decrypt(response.getEncryptedAssertions().get(0)); logger.info("Assertion decryption succeeded."); } catch (DecryptionException e) { logger.error("Failed to decrypt assertion", e); throw e; } // Extract attributes, log in output List<AttributeStatement> attributeStatements = decryptedAssertion.getAttributeStatements(); for (int i = 0; i < attributeStatements.size(); i++) { List<Attribute> attributes = attributeStatements.get(i).getAttributes(); for (int x = 0; x < attributes.size(); x++) { String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); List<XMLObject> attributeValues = attributes.get(x).getAttributeValues(); for (int y = 0; y < attributeValues.size(); y++) { String strAttributeValue = attributeValues.get(y).getDOM().getTextContent(); logger.info(strAttributeName + " = " + strAttributeValue); } } } } } catch (Exception ex) { logger.error("Failed to validate assertion", ex); throw ex; } return decodedString; }