SAML2Signature (Keycloak Docs Distribution 14.0.0 API)

java.lang.Object
- org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature

```
public class SAML2Signature
extends Object
```
Class that deals with SAML2 Signature

Since:

May 26, 2009

Author:

Anil.Saldhana@redhat.com, alessio.soldano@jboss.com

Constructor Summary

Constructors
Constructor and Description

SAML2Signature()

Constructors
Constructor and Description
`SAML2Signature()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static void`	`configureIdAttribute(Document document)` Sets the IDness of the ID attribute.
`static void`	`configureIdAttribute(Element element)`
`String`	`getDigestMethod()`
`Node`	`getNextSiblingOfIssuer(Document doc)` Given a `Document`, find the `Node` which is the sibling of the Issuer element
`String`	`getSignatureMethod()`
`void`	`setDigestMethod(String digestMethod)`
`void`	`setNextSibling(Node sibling)`
`void`	`setSignatureIncludeKeyInfo(boolean val)` Set to false, if you do not want to include keyinfo in the signature
`void`	`setSignatureMethod(String signatureMethod)`
`void`	`setX509Certificate(X509Certificate x509Certificate)` Set the `X509Certificate` if you desire to have the SignedInfo have X509 Data This method needs to be called before any of the sign methods.
`Document`	`sign(Document doc, String referenceID, String keyName, KeyPair keyPair, String canonicalizationMethodType)` Sign an Document at the root
`void`	`signSAMLDocument(Document samlDocument, String keyName, KeyPair keypair, String canonicalizationMethodType)` Sign a SAML Document
`boolean`	`validate(Document signedDocument, KeyLocator keyLocator)` Validate the SAML2 Document

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- SAML2Signature
```
public SAML2Signature()
```

Method Detail

getSignatureMethod
```
public String getSignatureMethod()
```

setSignatureMethod

public void setSignatureMethod(String signatureMethod)

getDigestMethod
```
public String getDigestMethod()
```

setDigestMethod

public void setDigestMethod(String digestMethod)

setNextSibling

public void setNextSibling(Node sibling)

setSignatureIncludeKeyInfo
```
public void setSignatureIncludeKeyInfo(boolean val)
```
Set to false, if you do not want to include keyinfo in the signature

Parameters:

val -

Since:

v2.0.1

setX509Certificate
```
public void setX509Certificate(X509Certificate x509Certificate)
```
Set the X509Certificate if you desire to have the SignedInfo have X509 Data This method needs to be called before any of the sign methods.

Parameters:

x509Certificate -

Since:

v2.5.0

sign

public Document sign(Document doc,
                     String referenceID,
                     String keyName,
                     KeyPair keyPair,
                     String canonicalizationMethodType)
              throws ParserConfigurationException,
                     GeneralSecurityException,
                     MarshalException,
                     XMLSignatureException

Sign an Document at the root

Parameters:: keyPair - Key Pair
Returns:
Throws:: ParserConfigurationException; XMLSignatureException; MarshalException; GeneralSecurityException

signSAMLDocument

public void signSAMLDocument(Document samlDocument,
                             String keyName,
                             KeyPair keypair,
                             String canonicalizationMethodType)
                      throws ProcessingException

Sign a SAML Document

Parameters:: samlDocument -; keypair -
Throws:: ProcessingException

validate

public boolean validate(Document signedDocument,
                        KeyLocator keyLocator)
                 throws ProcessingException

Validate the SAML2 Document

Parameters:: signedDocument -; keyLocator -
Returns:
Throws:: ProcessingException

getNextSiblingOfIssuer
```
public Node getNextSiblingOfIssuer(Document doc)
```
Given a Document, find the Node which is the sibling of the Issuer element

Parameters:

doc -

Returns:

configureIdAttribute
```
public static void configureIdAttribute(Document document)
```
Sets the IDness of the ID attribute. Santuario 1.5.1 does not assumes IDness based on attribute names anymore. This method should be called before signing/validating a saml document.

Parameters:

document - SAML document to have its ID attribute configured.

configureIdAttribute

public static void configureIdAttribute(Element element)

Class SAML2Signature

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SAML2Signature

Method Detail

getSignatureMethod

setSignatureMethod

getDigestMethod

setDigestMethod

setNextSibling

setSignatureIncludeKeyInfo

setX509Certificate

sign

signSAMLDocument

validate

getNextSiblingOfIssuer

configureIdAttribute

configureIdAttribute