Package org.opensaml.saml.saml2.profile.impl

Class DecryptNameIDs

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
org.opensaml.saml.saml2.profile.impl.DecryptNameIDs
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction
public class DecryptNameIDs extends AbstractDecryptAction
Action to decrypt an EncryptedID element and replace it with the decrypted NameID in situ.

All of the built-in SAML message types that may include an EncryptedID are potentially handled, but the actual message to handle is obtained via strategy function, by default the inbound message.

Event:
EventIds.PROCEED_EVENT_ID, SAMLEventIds.DECRYPT_NAMEID_FAILED

  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.

  • Constructor Details

    • DecryptNameIDs

      public DecryptNameIDs()

  • Method Details

    • doExecute

      protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Performs this action. Actions must override this method to perform their work.
      Overrides:
      doExecute in class AbstractProfileAction
      Parameters:
      profileRequestContext - the current IdP profile request context

    • processEncryptedID

      @Nullable private NameID processEncryptedID(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull EncryptedID encID) throws DecryptionException
      Decrypt an EncryptedID and return the result.
      Parameters:
      profileRequestContext - current profile request context
      encID - the encrypted object
      Returns:
      the decrypted name, or null if the object did not need decryption
      Throws:
      DecryptionException - if an error occurs during decryption

    • processNewEncryptedID

      @Nullable private NewID processNewEncryptedID(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NewEncryptedID encID) throws DecryptionException
      Decrypt a NewEncryptedID and return the result.
      Parameters:
      profileRequestContext - current profile request context
      encID - the encrypted object
      Returns:
      the decrypted name, or null if the object did not need decryption
      Throws:
      DecryptionException - if an error occurs during decryption

    • processSubject

      private void processSubject(@Nonnull ProfileRequestContext profileRequestContext, @Nullable Subject subject) throws DecryptionException
      Decrypt any EncryptedID found in a subject and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      subject - subject to operate on
      Throws:
      DecryptionException - if an error occurs

    • processLogoutRequest

      private void processLogoutRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull LogoutRequest request) throws DecryptionException
      Decrypt any EncryptedID found in a LogoutRequest and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      request - request to operate on
      Throws:
      DecryptionException - if an error occurs

    • processManageNameIDRequest

      private void processManageNameIDRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull ManageNameIDRequest request) throws DecryptionException
      Decrypt any EncryptedID found in a ManageNameIDRequest and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      request - request to operate on
      Throws:
      DecryptionException - if an error occurs

    • processNameIDMappingRequest

      private void processNameIDMappingRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NameIDMappingRequest request) throws DecryptionException
      Decrypt any EncryptedID found in a NameIDMappingRequest and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      request - request to operate on
      Throws:
      DecryptionException - if an error occurs

    • processNameIDMappingResponse

      private void processNameIDMappingResponse(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NameIDMappingResponse response) throws DecryptionException
      Decrypt any EncryptedID found in a NameIDMappingResponse and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      response - response to operate on
      Throws:
      DecryptionException - if an error occurs

    • processAssertion

      private void processAssertion(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Assertion assertion) throws DecryptionException
      Decrypt any EncryptedID found in an assertion and replace it with the result.
      Parameters:
      profileRequestContext - current profile request context
      assertion - assertion to operate on
      Throws:
      DecryptionException - if an error occurs