List of usage examples for javax.xml.crypto.dsig.keyinfo KeyName getName
String getName();
KeyName
. From source file:org.keycloak.adapters.saml.rotation.SamlDescriptorPublicKeyLocator.java
private synchronized PublicKey refreshCertificateCacheAndGet(String kid) { if (this.descriptorUrl == null) { return null; }/*w ww. jav a 2s. c o m*/ this.lastRequestTime = Time.currentTime(); LOG.debugf("Refreshing public key cache from %s", this.descriptorUrl); List<KeyInfo> signingCerts; try { MultivaluedHashMap<String, KeyInfo> certs = HttpAdapterUtils.downloadKeysFromSamlDescriptor(client, this.descriptorUrl); signingCerts = certs.get(KeyTypes.SIGNING.value()); } catch (HttpClientAdapterException ex) { LOG.error("Could not refresh certificates from the server", ex); return null; } if (signingCerts == null) { return null; } LOG.debugf("Certificates retrieved from server, filling public key cache"); // Only clear cache after it is certain that the SAML descriptor has been read successfully this.publicKeyCache.clear(); for (KeyInfo ki : signingCerts) { KeyName keyName = KeyInfoTools.getKeyName(ki); X509Certificate x509certificate = KeyInfoTools.getX509Certificate(ki); try { x509certificate.checkValidity(); } catch (CertificateException ex) { x509certificate = null; } if (x509certificate != null && keyName != null) { LOG.tracef("Registering signing certificate %s", keyName.getName()); this.publicKeyCache.put(keyName.getName(), x509certificate.getPublicKey()); } else { LOG.tracef("Ignoring certificate %s: %s", keyName, x509certificate); } } return (kid == null ? null : this.publicKeyCache.get(kid)); }