Package net.shibboleth.oidc.profile.impl
Class PopulateJWTDecryptionParameters
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.oidc.profile.impl.PopulateJWTDecryptionParameters
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class PopulateJWTDecryptionParameters extends net.shibboleth.idp.profile.AbstractProfileActionAction that resolves and populatesDecryptionParameterson anSecurityParametersContextcreated/accessed via a lookup function, by default on a child of the outbound message context.The default, per-RelyingParty, and default per-profile
EncryptionConfigurationobjects are input to the resolution process, along with any static, symmetric key credentials configured on the relying party i.e. the client_secret.- Since:
- 2.2.0
- Event:
EventIds.PROCEED_EVENT_ID,EventIds.INVALID_PROFILE_CTX,EventIds.INVALID_SEC_CFG- Postcondition:
- set the decryption parameters onto the security parameters context
-
-
Field Summary
Fields Modifier and Type Field Description private Function<ProfileRequestContext,List<DecryptionConfiguration>>configurationLookupStrategyStrategy used to lookup a per-requestDecryptionConfigurationlist.private org.slf4j.LoggerlogClass logger.private Function<ProfileRequestContext,OIDCMetadataContext>oidcClientMetadataContextLookupStrategyStrategy used to look up a OIDC client metadata context.private Function<ProfileRequestContext,net.shibboleth.idp.profile.context.RelyingPartyContext>relyingPartyContextLookupStrategyLookup function for relying party context.private DecryptionParametersResolverresolverResolver for parameters to store into context.private Function<ProfileRequestContext,SecurityParametersContext>securityParametersContextLookupStrategyStrategy used to look up theSecurityParametersContextto set the parameters for.
-
Constructor Summary
Constructors Constructor Description PopulateJWTDecryptionParameters()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private CriteriaSetbuildCriteriaSet(ProfileRequestContext profileRequestContext, List<DecryptionConfiguration> configs)Build the criteria used as input to theDecryptionParametersResolver.protected voiddoExecute(ProfileRequestContext profileRequestContext)protected voiddoInitialize()voidsetClientMetadataContextLookupStrategy(Function<ProfileRequestContext,OIDCMetadataContext> strategy)Set lookup strategy forOIDCMetadataContextfor input to resolution.voidsetConfigurationLookupStrategy(Function<ProfileRequestContext,List<DecryptionConfiguration>> strategy)Set the strategy used to look up a per-requestDecryptionConfigurationlist.voidsetDecryptionParametersResolver(DecryptionParametersResolver newResolver)Set the resolver to use for the parameters to store into the context.voidsetRelyingPartyContextLookupStrategy(Function<ProfileRequestContext,net.shibboleth.idp.profile.context.RelyingPartyContext> strategy)Set lookup strategy for relying party context.voidsetSecurityParametersContextLookupStrategy(Function<ProfileRequestContext,SecurityParametersContext> strategy)Set the strategy used to look up theSecurityParametersContextto set the parameters for.-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getBean, getBean, getMessage, getMessage, getMessage, getParameter, getParameter, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
doPreExecute, getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, setHttpServletRequest, setHttpServletRequestSupplier, setHttpServletResponse, setHttpServletResponseSupplier
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
securityParametersContextLookupStrategy
@Nonnull private Function<ProfileRequestContext,SecurityParametersContext> securityParametersContextLookupStrategy
Strategy used to look up theSecurityParametersContextto set the parameters for.
-
configurationLookupStrategy
@NonnullAfterInit private Function<ProfileRequestContext,List<DecryptionConfiguration>> configurationLookupStrategy
Strategy used to lookup a per-requestDecryptionConfigurationlist.
-
oidcClientMetadataContextLookupStrategy
@Nullable private Function<ProfileRequestContext,OIDCMetadataContext> oidcClientMetadataContextLookupStrategy
Strategy used to look up a OIDC client metadata context.
-
relyingPartyContextLookupStrategy
@Nonnull private Function<ProfileRequestContext,net.shibboleth.idp.profile.context.RelyingPartyContext> relyingPartyContextLookupStrategy
Lookup function for relying party context.
-
resolver
@NonnullAfterInit private DecryptionParametersResolver resolver
Resolver for parameters to store into context.
-
-
Method Detail
-
setRelyingPartyContextLookupStrategy
public void setRelyingPartyContextLookupStrategy(@Nonnull Function<ProfileRequestContext,net.shibboleth.idp.profile.context.RelyingPartyContext> strategy)Set lookup strategy for relying party context.- Parameters:
strategy- lookup strategy
-
setDecryptionParametersResolver
public void setDecryptionParametersResolver(@Nonnull DecryptionParametersResolver newResolver)Set the resolver to use for the parameters to store into the context.- Parameters:
newResolver- resolver to use
-
setConfigurationLookupStrategy
public void setConfigurationLookupStrategy(@Nonnull Function<ProfileRequestContext,List<DecryptionConfiguration>> strategy)Set the strategy used to look up a per-requestDecryptionConfigurationlist.- Parameters:
strategy- lookup strategy
-
setSecurityParametersContextLookupStrategy
public void setSecurityParametersContextLookupStrategy(@Nonnull Function<ProfileRequestContext,SecurityParametersContext> strategy)Set the strategy used to look up theSecurityParametersContextto set the parameters for.- Parameters:
strategy- lookup strategy
-
setClientMetadataContextLookupStrategy
public void setClientMetadataContextLookupStrategy(@Nullable Function<ProfileRequestContext,OIDCMetadataContext> strategy)Set lookup strategy forOIDCMetadataContextfor input to resolution.- Parameters:
strategy- lookup strategy
-
doInitialize
protected void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doExecutein classAbstractProfileAction
-
buildCriteriaSet
@Nonnull private CriteriaSet buildCriteriaSet(@Nonnull ProfileRequestContext profileRequestContext, List<DecryptionConfiguration> configs)
Build the criteria used as input to theDecryptionParametersResolver.- Parameters:
profileRequestContext- current profile request contextconfigs- a list ofDecryptionConfigurations to add to the criteria set.- Returns:
- the criteria set to use
-
-