org.opensaml.xmlsec.encryption.support.DecryptionException Java Examples

The following examples show how to use org.opensaml.xmlsec.encryption.support.DecryptionException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ConsumerServlet.java    From OpenSAML-ref-project-demo-v3 with Apache License 2.0 6 votes vote down vote up
/**
 * 解密断言
 * @param encryptedAssertion 加密的断言
 */
private Assertion decryptAssertion(EncryptedAssertion encryptedAssertion) {
    StaticKeyInfoCredentialResolver keyInfoCredentialResolver
            = new StaticKeyInfoCredentialResolver(SPCredentials.getCredential());

    Decrypter decrypter = new Decrypter(null,
            keyInfoCredentialResolver,
            new InlineEncryptedKeyResolver());
    decrypter.setRootInNewDocument(true);

    try {
        return decrypter.decrypt(encryptedAssertion);
    } catch (DecryptionException e) {
        throw new RuntimeException(e);
    }
}
 
Example #2
Source File: SamlClient.java    From saml-client with MIT License 6 votes vote down vote up
/**
 * Decodes and validates an SAML response returned by an identity provider.
 *
 * @param encodedResponse the encoded response returned by the identity provider.
 * @param method The HTTP method used by the request
 *
 * @return An {@link SamlResponse} object containing information decoded from the SAML response.
 * @throws SamlException if the signature is invalid, or if any other error occurs.
 */
public SamlResponse decodeAndValidateSamlResponse(String encodedResponse, String method)
    throws SamlException {
  //Decode and parse the response
  Response response = (Response) parseResponse(encodedResponse, method);

  // Decode and add the assertion
  try {
    decodeEncryptedAssertion(response);
  } catch (DecryptionException e) {
    throw new SamlException("Cannot decrypt the assertion", e);
  }
  //Validate  the response (Assertion / Signature / Schema)
  ValidatorUtils.validate(response, responseIssuer, credentials, this.now, notBeforeSkew);

  Assertion assertion = response.getAssertions().get(0);
  return new SamlResponse(assertion);
}
 
Example #3
Source File: AuthenticationHandlerSAML2.java    From sling-whiteboard with Apache License 2.0 5 votes vote down vote up
private Assertion decryptAssertion(final EncryptedAssertion encryptedAssertion) {
    // Use SP Private Key to decrypt
    StaticKeyInfoCredentialResolver keyInfoCredentialResolver = new StaticKeyInfoCredentialResolver(this.spKeypair);
    Decrypter decrypter = new Decrypter(null, keyInfoCredentialResolver, new InlineEncryptedKeyResolver());
    decrypter.setRootInNewDocument(true);
    try {
        return decrypter.decrypt(encryptedAssertion);
    } catch (DecryptionException e) {
        throw new RuntimeException(e);
    }
}
 
Example #4
Source File: SamlClient.java    From saml-client with MIT License 5 votes vote down vote up
/**
 * Decode the encrypted assertion.
 *
 * @param response the response
 * @throws DecryptionException the decryption exception
 */
private void decodeEncryptedAssertion(Response response) throws DecryptionException {
  if (response.getEncryptedAssertions().size() == 0) {
    return;
  }
  for (EncryptedAssertion encryptedAssertion : response.getEncryptedAssertions()) {
    // Create a decrypter.
    List<KeyInfoCredentialResolver> resolverChain = new ArrayList<>();

    if(spCredential != null) {
      resolverChain.add(new StaticKeyInfoCredentialResolver(spCredential));
    }

    if(!additionalSpCredentials.isEmpty()) {
      resolverChain.add(new CollectionKeyInfoCredentialResolver(additionalSpCredentials));
    }

    Decrypter decrypter =
        new Decrypter(
            null,
            new ChainingKeyInfoCredentialResolver(resolverChain),
            new InlineEncryptedKeyResolver());

    decrypter.setRootInNewDocument(true);

    // Decrypt the assertion.
    Assertion decryptedAssertion = decrypter.decrypt(encryptedAssertion);
    // Add the assertion
    response.getAssertions().add(decryptedAssertion);
  }
}
 
Example #5
Source File: SamlAssertionConsumerFunction.java    From armeria with Apache License 2.0 5 votes vote down vote up
private static Assertion decryptAssertion(EncryptedAssertion encryptedAssertion,
                                          Credential decryptionCredential) {
    final StaticKeyInfoCredentialResolver keyInfoCredentialResolver =
            new StaticKeyInfoCredentialResolver(decryptionCredential);
    final Decrypter decrypter =
            new Decrypter(null, keyInfoCredentialResolver, new InlineEncryptedKeyResolver());
    decrypter.setRootInNewDocument(true);
    try {
        return decrypter.decrypt(encryptedAssertion);
    } catch (DecryptionException e) {
        throw new InvalidSamlRequestException("failed to decrypt an assertion", e);
    }
}