Package org.opensaml.saml.saml2.profile.impl

Class AbstractDecryptAction

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction
Direct Known Subclasses:
DecryptAssertions, DecryptAttributes, DecryptNameIDs
public abstract class AbstractDecryptAction extends AbstractProfileAction
Abstract base class for actions that perform SAML decryption.

The actual message to handle is obtained via strategy function, by default the inbound message.

The SecurityParametersContext governing the decryption process is located by a lookup strategy, by default a child of the inbound message context.

Event:
EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

  • Field Details

  • Constructor Details

    • AbstractDecryptAction

      public AbstractDecryptAction()
      Constructor.

  • Method Details

    • isErrorFatal

      public boolean isErrorFatal()
      Get whether decryption failure should be treated as an error or ignored.
      Returns:
      whether decryption failure should be treated as an error or ignored

    • setErrorFatal

      public void setErrorFatal(boolean flag)
      Set whether decryption failure should be treated as an error or ignored.
      Parameters:
      flag - true iff decryption failure should be fatal

    • setSecurityParametersContextLookupStrategy

      public void setSecurityParametersContextLookupStrategy(@Nonnull Function<ProfileRequestContext,SecurityParametersContext> strategy)
      Set the strategy used to locate the SecurityParametersContext associated with a given ProfileRequestContext.
      Parameters:
      strategy - strategy used to locate the SecurityParametersContext associated with a given ProfileRequestContext

    • setMessageLookupStrategy

      public void setMessageLookupStrategy(@Nonnull Function<ProfileRequestContext,Object> strategy)
      Set the strategy used to locate the SAMLObject to operate on.
      Parameters:
      strategy - strategy used to locate the SAMLObject to operate on

    • getDecryptionPredicate

      @Nonnull public Predicate<Pair<ProfileRequestContext,EncryptedElementType>> getDecryptionPredicate()
      Get the predicate used to determine whether to attempt decryption.
      Returns:
      the predicate

    • setDecryptionPredicate

      public void setDecryptionPredicate(@Nonnull Predicate<Pair<ProfileRequestContext,EncryptedElementType>> predicate)
      Set the predicate used to determine whether to attempt decryption.
      Parameters:
      predicate - predicate to use

    • getDecrypter

      @Nullable public Decrypter getDecrypter()
      Get the decrypter.
      Returns:
      the decrypter

    • getSAMLObject

      @NonnullBeforeExec public SAMLObject getSAMLObject()
      Get the object to act on.
      Returns:
      the object to act on

    • doPreExecute

      protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Called prior to execution, actions may override this method to perform pre-processing for a request.

      If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

      If returning successfully, the last step should be to return the result of the superclass version of this method.

      Overrides:
      doPreExecute in class AbstractProfileAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      Returns:
      true iff execution should proceed