Commit 950188a0 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

865: Simplify installation

Task-Url: https://minfba.de.dariah.eu/mantisbt/view.php?id=865
parent 1b51d08f
package eu.dariah.de.dariahsp.saml;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.Set;
import org.opensaml.xml.security.CriteriaSet;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.credential.Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.Resource;
import org.springframework.security.saml.key.JKSKeyManager;
import org.springframework.security.saml.key.KeyManager;
public class KeyManagerWrapper implements KeyManager {
protected static final Logger logger = LoggerFactory.getLogger(KeyManagerWrapper.class);
private JKSKeyManager innerKeyManager;
public KeyManagerWrapper(KeyStore keyStore, Map<String, String> passwords, String defaultKey) {
innerKeyManager = new JKSKeyManager(keyStore, passwords, defaultKey);
}
public KeyManagerWrapper(Resource storeFile, String storePass, Map<String, String> passwords, String defaultKey) {
KeyStore jks = initialize(storeFile, storePass, "JKS");
if (jks!=null) {
innerKeyManager = new JKSKeyManager(jks, passwords, defaultKey);
}
}
@Override
public Iterable<Credential> resolve(CriteriaSet criteriaSet) throws SecurityException {
return !this.isInitialized() ? null : innerKeyManager.resolve(criteriaSet);
}
@Override
public Credential resolveSingle(CriteriaSet criteriaSet) throws SecurityException {
return !this.isInitialized() ? null : innerKeyManager.resolveSingle(criteriaSet);
}
@Override
public Credential getCredential(String keyName) {
return !this.isInitialized() ? null : innerKeyManager.getCredential(keyName);
}
@Override
public Credential getDefaultCredential() {
return !this.isInitialized() ? null : innerKeyManager.getDefaultCredential();
}
@Override
public String getDefaultCredentialName() {
return !this.isInitialized() ? null : innerKeyManager.getDefaultCredentialName();
}
@Override
public Set<String> getAvailableCredentials() {
return !this.isInitialized() ? null : innerKeyManager.getAvailableCredentials();
}
@Override
public X509Certificate getCertificate(String alias) {
return !this.isInitialized() ? null : innerKeyManager.getCertificate(alias);
}
private boolean isInitialized() {
return this.innerKeyManager!=null;
}
private KeyStore initialize(Resource storeFile, String storePass, String storeType) {
InputStream inputStream = null;
// No keystore available might be desired in local installations
try {
inputStream = storeFile.getInputStream();
} catch (Exception e) {
logger.warn("No keystore file specified or file not available. No SAML functionality will be available.");
return null;
}
// If configured, however, it must be correctly configured
try {
KeyStore ks = KeyStore.getInstance(storeType);
ks.load(inputStream, storePass == null ? null : storePass.toCharArray());
return ks;
} catch (Exception e) {
logger.error("Error initializing key store", e);
throw new RuntimeException("Error initializing keystore", e);
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
logger.debug("Error closing input stream for keystore.", e);
}
}
}
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment