Package net.shibboleth.idp.saml.profile.impl

Class BaseAddAttributeStatementToAssertion<T extends SAMLObject>

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.AbstractConditionalProfileAction

net.shibboleth.idp.profile.AbstractProfileAction

net.shibboleth.idp.saml.profile.impl.BaseAddAttributeStatementToAssertion<T>

Type Parameters:

T - type of objects being encoded

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action

Direct Known Subclasses:

AddAttributeStatementToAssertion, AddAttributeStatementToAssertion

public abstract class BaseAddAttributeStatementToAssertion<T extends SAMLObject>
extends AbstractProfileAction

Base class for actions that encode an AttributeContext into a SAML attribute statement.

The IdPAttribute set to be encoded is drawn from an AttributeContext returned from a lookup strategy, by default located on the RelyingPartyContext beneath the profile request context.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX, EventIds.INVALID_PROFILE_CTX

Field Summary

Fields

Modifier and Type	Field	Description
private Function<ProfileRequestContext,AttributeContext>	attributeContextLookupStrategy	Strategy used to locate the AttributeContext associated with a given ProfileRequestContext.
private AttributeContext	attributeCtx	AttributeContext to use.
private IdentifierGenerationStrategy	idGenerator	The generator to use.
private Function<ProfileRequestContext,IdentifierGenerationStrategy>	idGeneratorLookupStrategy	Strategy used to locate the IdentifierGenerationStrategy to use.
private boolean	ignoringUnencodableAttributes	Whether attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.
private String	issuerId	EntityID to populate as assertion issuer.
private Function<ProfileRequestContext,String>	issuerLookupStrategy	Strategy used to obtain the assertion issuer value.
private org.slf4j.Logger	log	Class logger.
private boolean	statementInOwnAssertion	Whether the generated attribute statement should be placed in its own assertion or added to one if it exists.
private ReloadableService<AttributeTranscoderRegistry>	transcoderRegistry	Transcoder registry service object.

Constructor Summary

Constructors

Constructor	Description
BaseAddAttributeStatementToAssertion()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doInitialize()
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext)
protected int	encodeAttribute(AttributeTranscoderRegistry registry, ProfileRequestContext profileRequestContext, IdPAttribute attribute, Class<T> to, Collection<T> results)	Access the registry of transcoding rules to transform the input attribute into a target type.
AttributeContext	getAttributeContext()	Get the AttributeContext to encode.
IdentifierGenerationStrategy	getIdGenerator()	Get the IdentifierGenerationStrategy to use if an assertion must be created.
String	getIssuerId()	Get the issuer name to use if an assertion must be created.
ReloadableService<AttributeTranscoderRegistry>	getTranscoderRegistry()	Gets the registry of transcoding rules to apply to encode attributes.
boolean	isIgnoringUnencodableAttributes()	Get whether the attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.
boolean	isStatementInOwnAssertion()	Set whether the generated attribute statement should be placed in its own assertion or added to one if it exists.
void	setAttributeContextLookupStrategy(Function<ProfileRequestContext,AttributeContext> strategy)	Set the strategy used to locate the AttributeContext associated with a given ProfileRequestContext.
void	setIdentifierGeneratorLookupStrategy(Function<ProfileRequestContext,IdentifierGenerationStrategy> strategy)	Set the strategy used to locate the IdentifierGenerationStrategy to use.
void	setIgnoringUnencodableAttributes(boolean flag)	Set whether the attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.
void	setIssuerLookupStrategy(Function<ProfileRequestContext,String> strategy)	Set the strategy used to locate the issuer value to use.
void	setStatementInOwnAssertion(boolean flag)	Set whether the generated attribute statement should be placed in its own assertion or added to one if it exists.
void	setTranscoderRegistry(ReloadableService<AttributeTranscoderRegistry> registry)	Sets the registry of transcoding rules to apply to encode attributes.

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doExecute, doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

statementInOwnAssertion

private boolean statementInOwnAssertion

Whether the generated attribute statement should be placed in its own assertion or added to one if it exists.

ignoringUnencodableAttributes

private boolean ignoringUnencodableAttributes

Whether attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.

idGeneratorLookupStrategy

@NonnullAfterInit
private Function<ProfileRequestContext,IdentifierGenerationStrategy> idGeneratorLookupStrategy

Strategy used to locate the IdentifierGenerationStrategy to use.

issuerLookupStrategy

@Nonnull
private Function<ProfileRequestContext,String> issuerLookupStrategy

Strategy used to obtain the assertion issuer value.

attributeContextLookupStrategy

@Nonnull
private Function<ProfileRequestContext,AttributeContext> attributeContextLookupStrategy

Strategy used to locate the AttributeContext associated with a given ProfileRequestContext.

transcoderRegistry

@NonnullAfterInit
private ReloadableService<AttributeTranscoderRegistry> transcoderRegistry

Transcoder registry service object.

attributeCtx

@Nullable
private AttributeContext attributeCtx

AttributeContext to use.

idGenerator

@Nullable
private IdentifierGenerationStrategy idGenerator

The generator to use.

issuerId

@Nullable
private String issuerId

EntityID to populate as assertion issuer.

Constructor Detail

BaseAddAttributeStatementToAssertion

public BaseAddAttributeStatementToAssertion()

Constructor.

Method Detail

isStatementInOwnAssertion

public boolean isStatementInOwnAssertion()

Set whether the generated attribute statement should be placed in its own assertion or added to one if it exists.

Returns:

whether the generated attribute statement should be placed in its own assertion or added to one if it exists

setStatementInOwnAssertion

public void setStatementInOwnAssertion(boolean flag)

Set whether the generated attribute statement should be placed in its own assertion or added to one if it exists.

Parameters:

flag - whether the generated attribute statement should be placed in its own assertion or added to one if it exists

isIgnoringUnencodableAttributes

public boolean isIgnoringUnencodableAttributes()

Get whether the attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.

Returns:

whether the attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition

setIgnoringUnencodableAttributes

public void setIgnoringUnencodableAttributes(boolean flag)

Set whether the attributes that result in an AttributeEncodingException when being encoded should be ignored or result in an IdPEventIds.UNABLE_ENCODE_ATTRIBUTE transition.

Parameters:

flag - flag to set

setAttributeContextLookupStrategy

public void setAttributeContextLookupStrategy(@Nonnull
                                              Function<ProfileRequestContext,AttributeContext> strategy)

Set the strategy used to locate the AttributeContext associated with a given ProfileRequestContext.

Parameters:

strategy - strategy used to locate the AttributeContext associated with a given ProfileRequestContext

setIdentifierGeneratorLookupStrategy

public void setIdentifierGeneratorLookupStrategy(@Nonnull
                                                 Function<ProfileRequestContext,IdentifierGenerationStrategy> strategy)

Set the strategy used to locate the IdentifierGenerationStrategy to use.

Parameters:

strategy - lookup strategy

setIssuerLookupStrategy

public void setIssuerLookupStrategy(@Nonnull
                                    Function<ProfileRequestContext,String> strategy)

Set the strategy used to locate the issuer value to use.

Parameters:

strategy - lookup strategy

getTranscoderRegistry

@NonnullAfterInit
public ReloadableService<AttributeTranscoderRegistry> getTranscoderRegistry()

Gets the registry of transcoding rules to apply to encode attributes.

Returns:

registry

setTranscoderRegistry

public void setTranscoderRegistry(@Nonnull
                                  ReloadableService<AttributeTranscoderRegistry> registry)

Sets the registry of transcoding rules to apply to encode attributes.

Parameters:

registry - registry service interface

getAttributeContext

@Nonnull
public AttributeContext getAttributeContext()

Get the AttributeContext to encode.

Returns:

the context to encode

getIdGenerator

@Nonnull
public IdentifierGenerationStrategy getIdGenerator()

Get the IdentifierGenerationStrategy to use if an assertion must be created.

Returns:

the ID generation strategy

getIssuerId

@Nonnull
@NotEmpty
public String getIssuerId()

Get the issuer name to use if an assertion must be created.

Returns:

the issuer name

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doPreExecute

protected boolean doPreExecute(@Nonnull
                               ProfileRequestContext profileRequestContext)

Overrides:

doPreExecute in class AbstractConditionalProfileAction

encodeAttribute

protected int encodeAttribute(@Nonnull
                              AttributeTranscoderRegistry registry,
                              @Nonnull
                              ProfileRequestContext profileRequestContext,
                              @Nonnull
                              IdPAttribute attribute,
                              @Nonnull
                              Class<T> to,
                              @Nonnull @NonnullElements @Live
                              Collection<T> results)
                       throws AttributeEncodingException

Access the registry of transcoding rules to transform the input attribute into a target type.

Parameters:

registry - registry of transcoding rules

profileRequestContext - current profile request context

attribute - input attribute

to - target type

results - collection to add results to

Returns:

number of results added

Throws:

AttributeEncodingException - if a non-ignorable error occurs