Package org.keycloak.protocol.saml
Class SAMLDecryptionKeysLocator
java.lang.Object
org.keycloak.protocol.saml.SAMLDecryptionKeysLocator
- All Implemented Interfaces:
XMLEncryptionUtil.DecryptionKeyLocator
public class SAMLDecryptionKeysLocator
extends Object
implements XMLEncryptionUtil.DecryptionKeyLocator
This implementation locates the decryption keys within realm keys.
It filters realm keys based on algorithm provided within
EncryptedData
Example of encrypted data:
<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<ds:KeyInfo>
<xenc:EncryptedKey>
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<xenc:CipherData>
<xenc:CipherValue>
.....
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
...
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
-
Constructor Summary
ConstructorsConstructorDescriptionSAMLDecryptionKeysLocator(KeycloakSession session, RealmModel realm, String requestedAlgorithm) -
Method Summary
Modifier and TypeMethodDescriptiongetKeys(org.apache.xml.security.encryption.EncryptedData encryptedData) Provides a list of private keys that are suitable for decrypting the givenencryptedData.
-
Constructor Details
-
SAMLDecryptionKeysLocator
public SAMLDecryptionKeysLocator(KeycloakSession session, RealmModel realm, String requestedAlgorithm)
-
-
Method Details
-
getKeys
Description copied from interface:XMLEncryptionUtil.DecryptionKeyLocatorProvides a list of private keys that are suitable for decrypting the givenencryptedData.- Specified by:
getKeysin interfaceXMLEncryptionUtil.DecryptionKeyLocator- Parameters:
encryptedData- data that need to be decrypted- Returns:
- a list of private keys
-