Package net.shibboleth.idp.consent.flow.storage.impl

Class AbstractConsentIndexedStorageAction

  • All Implemented Interfaces:
    net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.profile.action.ProfileAction, Aware, MessageSource, MessageSourceAware, Action
    Direct Known Subclasses:
    CreateGlobalConsentResult, CreateResult, RevokeConsent
    public class AbstractConsentIndexedStorageAction
extends AbstractConsentStorageAction
    Base class for consent actions which write to a StorageService. To facilitate lookup of all storage keys for a storage context, an index record is maintained containing the storage keys for the context. Because storage records may expire, the index record may contain keys which no longer exist in the storage service.

    • Field Detail

      • DEFAULT_STORAGE_INDEX_KEY

        @Nonnull
@NotEmpty
public static final String DEFAULT_STORAGE_INDEX_KEY
        Default storage key for the storage index record.
        See Also:
        Constant Field Values

      • log

        @Nonnull
private final Logger log
        Class logger.

      • storageIndexKey

        @Nullable
private String storageIndexKey
        Storage key of index record.

      • storageIndexKeyLookupStrategy

        @Nullable
private Function<org.opensaml.profile.context.ProfileRequestContext,​String> storageIndexKeyLookupStrategy
        Strategy used to determine the storage key of the index record.

      • storageKeysStrategy

        @Nullable
private Function<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,​List<String>>,​List<String>> storageKeysStrategy
        Strategy used to manipulate the storage keys when pruning storage records.

      • storageKeysSerializer

        @Nonnull
private org.opensaml.storage.StorageSerializer<Collection<String>> storageKeysSerializer
        Storage keys serializer used to serialize the value of the storage key index record.

    • Constructor Detail

      • AbstractConsentIndexedStorageAction

        public AbstractConsentIndexedStorageAction()
        Constructor.

    • Method Detail

      • getStorageKeysSerializer

        @Nonnull
public org.opensaml.storage.StorageSerializer<Collection<String>> getStorageKeysSerializer()
        Get the storage keys serializer used to serialize the value of the storage key index record.
        Returns:
        the storage keys serializer

      • setStorageIndexKeyLookupStrategy

        public void setStorageIndexKeyLookupStrategy​(@Nonnull
                                             Function<org.opensaml.profile.context.ProfileRequestContext,​String> strategy)
        Set the storage index key lookup strategy.
        Parameters:
        strategy - the storage index key lookup strategy

      • setStorageKeysSerializer

        public void setStorageKeysSerializer​(@Nonnull
                                     org.opensaml.storage.StorageSerializer<Collection<String>> serializer)
        Set the storage keys serializer used to serialize the value of the storage key index record.
        Parameters:
        serializer - the storage keys serializer

      • setStorageKeysStrategy

        public void setStorageKeysStrategy​(@Nonnull
                                   Function<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,​List<String>>,​List<String>> strategy)
        Set the storage keys strategy used to manipulate the storage keys when pruning storage records.
        Parameters:
        strategy - the storage keys strategy

      • doInitialize

        protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
        Overrides:
        doInitialize in class AbstractConsentStorageAction
        Throws:
        net.shibboleth.utilities.java.support.component.ComponentInitializationException

      • doPreExecute

        protected boolean doPreExecute​(@Nonnull
                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                               @Nonnull
                               net.shibboleth.idp.profile.context.ProfileInterceptorContext interceptorContext)
        Overrides:
        doPreExecute in class AbstractConsentStorageAction

      • getStorageIndexKey

        @Nullable
protected String getStorageIndexKey()
        Get the storage key resulting from applying the storage key lookup strategy.
        Returns:
        the storage key

      • getStorageKeysFromIndex

        @Nonnull
@NonnullElements
protected List<String> getStorageKeysFromIndex()
                                        throws IOException
        Get the storage keys from the storage index record.
        Returns:
        the storage keys from the storage index record
        Throws:
        IOException - if errors occur in the read process

      • addKeyToStorageIndex

        protected boolean addKeyToStorageIndex​(@Nonnull
                                       String keyToAdd)
                                throws IOException
        Add a storage key to the index storage record.
        Parameters:
        keyToAdd - storage key to add to the index storage record
        Returns:
        true if key addition succeeded, false otherwise
        Throws:
        IOException - if an error occurs writing to the storage service

      • removeKeyFromStorageIndex

        protected boolean removeKeyFromStorageIndex​(@Nonnull
                                            String keyToRemove)
                                     throws IOException
        Remove a storage key from the index storage record.
        Parameters:
        keyToRemove - storage key to remove from the index storage record
        Returns:
        true if key removal succeeded, false otherwise
        Throws:
        IOException - if an error occurs writing to the storage service

      • pruneStorageRecords

        protected void pruneStorageRecords​(@Nonnull
                                   org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
                            throws IOException
        Storage records will be pruned based on the record maximums set on the flow descriptor, and the storage service value size. Below a defined threshold, the basic maximum is applied, while at that storage size, an expanded maximum is applied.

        The function used to determine the records to be deleted may be set by calling setStorageKeysStrategy(Function). By default, records are deleted on a first-in-first-out basis, meaning the oldest storage records are deleted first.

        Parameters:
        profileRequestContext - the profile request context
        Throws:
        IOException - if an error occurs writing to the storage service

      • storeResult

        protected boolean storeResult​(@Nonnull
                              net.shibboleth.idp.profile.interceptor.ProfileInterceptorResult result)
                       throws IOException
        Store a profile interceptor result.
        Parameters:
        result - the profile interceptor result to be stored
        Returns:
        boolean whether the record was stored successfully
        Throws:
        IOException - if an error occurs

      • storeResultWithIndex

        protected void storeResultWithIndex​(@Nonnull
                                    org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                    @Nonnull
                                    net.shibboleth.idp.profile.interceptor.ProfileInterceptorResult result)
                             throws IOException
        Store a profile interceptor result and maintain an index record containing the storage keys for the storage context. Storage records are pruned so that the number of records stored is less than or equal to ConsentFlowDescriptor.getMaximumNumberOfStoredRecords().
        Parameters:
        profileRequestContext - the profile request context
        result - the profile interceptor result to be stored
        Throws:
        IOException - if an error occurs