Package org.opensaml.saml.saml2.profile.impl

Class CopyNameIDFromRequest

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.saml.saml2.profile.impl.CopyNameIDFromRequest
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction
public class CopyNameIDFromRequest extends AbstractProfileAction
Action that builds a NameID and adds it to the Subject of all the statements in all the assertions found in a Response. The message to update is returned by a lookup strategy, by default the message returned by InOutOperationContext.getOutboundMessageContext().

No assertions or statements will be created by this action, but if no Subject exists in the statements found, it will be created.

The source of the NameID is a SAMLSubjectNameIdentifierContext returned by a lookup strategy.

Event:
EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

  • Field Details

  • Constructor Details

    • CopyNameIDFromRequest

      public CopyNameIDFromRequest()
      Constructor.

  • Method Details

    • setOverwriteExisting

      public void setOverwriteExisting(boolean flag)
      Set whether to overwrite any existing NameID objects found.
      Parameters:
      flag - true iff the action should overwrite any existing objects

    • setNameIDContextLookupStrategy

      public void setNameIDContextLookupStrategy(@Nonnull Function<ProfileRequestContext,SAMLSubjectNameIdentifierContext> strategy)
      Set the strategy used to locate the SAMLSubjectNameIdentifierContext to copy from.
      Parameters:
      strategy - lookup strategy

    • setResponseLookupStrategy

      public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext,Response> strategy)
      Set the strategy used to locate the Response to operate on.
      Parameters:
      strategy - lookup strategy

    • doPreExecute

      protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Called prior to execution, actions may override this method to perform pre-processing for a request.

      If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

      If returning successfully, the last step should be to return the result of the superclass version of this method.

      Overrides:
      doPreExecute in class AbstractProfileAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      Returns:
      true iff execution should proceed

    • doExecute

      protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Performs this action. Actions must override this method to perform their work.
      Overrides:
      doExecute in class AbstractProfileAction
      Parameters:
      profileRequestContext - the current IdP profile request context

    • getAssertionSubject

      @Nonnull private Subject getAssertionSubject(@Nonnull Assertion assertion)
      Get the subject to which the name identifier will be added.
      Parameters:
      assertion - the assertion being modified
      Returns:
      the assertion to which the name identifier will be added

    • cloneNameID

      @Nonnull private NameID cloneNameID()
      Create an efficient field-wise copy of a NameID.
      Returns:
      the copy