diff --git a/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java b/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java index f3bce0d147ba9c3edebd61307bed5f7a203daf0e..9159a5ff12f53c6745e4c9bad9dc32354a266a72 100644 --- a/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java +++ b/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java @@ -41,12 +41,16 @@ import org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyR import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver; import org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver; import org.springframework.security.converter.RsaKeyConverters; +import org.springframework.stereotype.Component; import de.ozgcloud.common.errorhandling.TechnicalException; import de.ozgcloud.token.TokenValidationProperties.TokenValidationProperty; +@Component class SamlDecrypterFactory { + private static final String X509_CERTIFICATE_TYPE = "X.509"; + public Decrypter buildDecrypter(TokenValidationProperty tokenValidationProperty) { return DecrypterBuilder.builder() .keyEncryptionKeyResolver(buildKeyInfoCredentialResolver(tokenValidationProperty)) @@ -61,7 +65,7 @@ class SamlDecrypterFactory { X509Certificate getCertificate(TokenValidationProperty tokenValidationProperty) { try (var inputStream = tokenValidationProperty.getCertificate().getInputStream()) { - return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream); + return (X509Certificate) CertificateFactory.getInstance(X509_CERTIFICATE_TYPE).generateCertificate(inputStream); } catch (IOException | CertificateException e) { throw new TechnicalException("Cannot read certificate", e); }