Class ExplicitKeyTrustEngine

java.lang.Object
org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
All Implemented Interfaces:
TrustedCredentialTrustEngine<Credential>, TrustEngine<Credential>

public class ExplicitKeyTrustEngine extends Object implements TrustedCredentialTrustEngine<Credential>
Trust engine that evaluates a credential's key against key(s) expressed within a set of trusted credentials obtained from a trusted credential resolver. The credential being tested is valid if its public key or secret key matches the public key, or secret key respectively, contained within any of the trusted credentials produced by the given credential resolver.
  • Field Details

    • log

      private final org.slf4j.Logger log
      Class logger.
    • credentialResolver

      private final CredentialResolver credentialResolver
      Resolver used for resolving trusted credentials.
    • trustEvaluator

      private final ExplicitKeyTrustEvaluator trustEvaluator
      Trust evaluator.
  • Constructor Details

    • ExplicitKeyTrustEngine

      public ExplicitKeyTrustEngine(@Nonnull @ParameterName(name="resolver") CredentialResolver resolver)
      Constructor.
      Parameters:
      resolver - credential resolver which is used to resolve trusted credentials
  • Method Details

    • getCredentialResolver

      @Nonnull public CredentialResolver getCredentialResolver()
      Gets the credential resolver used to recover trusted credentials that may be used to validate tokens.
      Specified by:
      getCredentialResolver in interface TrustedCredentialTrustEngine<Credential>
      Returns:
      credential resolver used to recover trusted credentials that may be used to validate tokens
    • validate

      public boolean validate(@Nonnull Credential untrustedCredential, @Nullable CriteriaSet trustBasisCriteria) throws SecurityException
      Validates the token against trusted information obtained in an implementation-specific manner.
      Specified by:
      validate in interface TrustEngine<Credential>
      Parameters:
      untrustedCredential - security token to validate
      trustBasisCriteria - criteria used to describe and/or resolve the information which serves as the basis for trust evaluation
      Returns:
      true iff the token is trusted and valid
      Throws:
      SecurityException - thrown if there is a problem validating the security token