Package org.opensaml.saml.saml1.profile.impl

Class AddNameIdentifierToSubjects

  • All Implemented Interfaces:
    net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.profile.action.ProfileAction
    public class AddNameIdentifierToSubjects
extends org.opensaml.profile.action.AbstractProfileAction
    Action that builds a NameIdentifier and adds it to the Subject of all the statements in all the assertions found via a lookup strategy, by default from the outbound message context.

    No assertions or statements will be created by this action, but if no Subject exists in the statements found, it will be created.

    The source of the NameIdentifier is one of a set of candidate SAML1NameIdentifierGenerator plugins injected into the action. The plugin(s) to attempt to use are derived from the Format value, which is established by a lookup strategy.

    Event:
    EventIds.PROCEED_EVENT_ID

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private List<org.opensaml.saml.saml1.core.Assertion> assertions
      Assertions to modify.
      private Function<org.opensaml.profile.context.ProfileRequestContext,​List<org.opensaml.saml.saml1.core.Assertion>> assertionsLookupStrategy
      Strategy used to locate the Assertions to operate on.
      private Function<org.opensaml.profile.context.ProfileRequestContext,​List<String>> formatLookupStrategy
      Strategy used to determine the formats to try.
      private List<String> formats
      Formats to try.
      private org.opensaml.saml.saml1.profile.SAML1NameIdentifierGenerator generator
      Generator to use.
      private Logger log
      Class logger.
      private org.opensaml.saml.common.SAMLObjectBuilder<org.opensaml.saml.saml1.core.NameIdentifier> nameIdentifierBuilder
      Builder for NameIdentifier objects.
      private boolean overwriteExisting
      Flag controlling whether to overwrite an existing NameIdentifier.
      private org.opensaml.saml.common.SAMLObjectBuilder<org.opensaml.saml.saml1.core.Subject> subjectBuilder
      Builder for Subject objects.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private org.opensaml.saml.saml1.core.NameIdentifier cloneNameIdentifier​(org.opensaml.saml.saml1.core.NameIdentifier nameIdentifier)
      Create an efficient field-wise copy of a NameIdentifier.
      protected void doExecute​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      protected void doInitialize()
      protected boolean doPreExecute​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      private org.opensaml.saml.saml1.core.NameIdentifier generateNameIdentifier​(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
      Attempt to generate a NameIdentifier using each of the candidate Formats and plugins.
      private org.opensaml.saml.saml1.core.Subject getStatementSubject​(org.opensaml.saml.saml1.core.SubjectStatement statement)
      Get the subject to which the name identifier will be added.
      void setAssertionsLookupStrategy​(Function<org.opensaml.profile.context.ProfileRequestContext,​List<org.opensaml.saml.saml1.core.Assertion>> strategy)
      Set the strategy used to locate the Assertions to operate on.
      void setFormatLookupStrategy​(Function<org.opensaml.profile.context.ProfileRequestContext,​List<String>> strategy)
      Set the strategy function to use to obtain the formats to try.
      void setNameIdentifierGenerator​(org.opensaml.saml.saml1.profile.SAML1NameIdentifierGenerator theGenerator)
      Set the generator to use.
      void setOverwriteExisting​(boolean flag)
      Set whether to overwrite any existing NameIdentifier objects found.

      • Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

        doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

        destroy, doDestroy, initialize, isDestroyed, isInitialized

      • Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

        initialize, isInitialized

    • Field Detail

      • log

        @Nonnull
private final Logger log
        Class logger.

      • subjectBuilder

        @Nonnull
private final org.opensaml.saml.common.SAMLObjectBuilder<org.opensaml.saml.saml1.core.Subject> subjectBuilder
        Builder for Subject objects.

      • nameIdentifierBuilder

        @Nonnull
private final org.opensaml.saml.common.SAMLObjectBuilder<org.opensaml.saml.saml1.core.NameIdentifier> nameIdentifierBuilder
        Builder for NameIdentifier objects.

      • overwriteExisting

        private boolean overwriteExisting
        Flag controlling whether to overwrite an existing NameIdentifier.

      • assertionsLookupStrategy

        @Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,​List<org.opensaml.saml.saml1.core.Assertion>> assertionsLookupStrategy
        Strategy used to locate the Assertions to operate on.

      • formatLookupStrategy

        @Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,​List<String>> formatLookupStrategy
        Strategy used to determine the formats to try.

      • generator

        @NonnullAfterInit
private org.opensaml.saml.saml1.profile.SAML1NameIdentifierGenerator generator
        Generator to use.

      • formats

        @Nonnull
@NonnullElements
private List<String> formats
        Formats to try.

      • assertions

        @Nonnull
@NonnullElements
private List<org.opensaml.saml.saml1.core.Assertion> assertions
        Assertions to modify.

    • Constructor Detail

      • AddNameIdentifierToSubjects

        public AddNameIdentifierToSubjects()
        Constructor.

    • Method Detail

      • setOverwriteExisting

        public void setOverwriteExisting​(boolean flag)
        Set whether to overwrite any existing NameIdentifier objects found.
        Parameters:
        flag - true iff the action should overwrite any existing objects

      • setAssertionsLookupStrategy

        public void setAssertionsLookupStrategy​(@Nonnull
                                        Function<org.opensaml.profile.context.ProfileRequestContext,​List<org.opensaml.saml.saml1.core.Assertion>> strategy)
        Set the strategy used to locate the Assertions to operate on.
        Parameters:
        strategy - lookup strategy

      • setFormatLookupStrategy

        public void setFormatLookupStrategy​(@Nonnull
                                    Function<org.opensaml.profile.context.ProfileRequestContext,​List<String>> strategy)
        Set the strategy function to use to obtain the formats to try.
        Parameters:
        strategy - format lookup strategy

      • setNameIdentifierGenerator

        public void setNameIdentifierGenerator​(@Nonnull
                                       org.opensaml.saml.saml1.profile.SAML1NameIdentifierGenerator theGenerator)
        Set the generator to use.
        Parameters:
        theGenerator - the generator to use

      • doInitialize

        protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
        Overrides:
        doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
        Throws:
        net.shibboleth.utilities.java.support.component.ComponentInitializationException

      • doPreExecute

        protected boolean doPreExecute​(@Nonnull
                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Overrides:
        doPreExecute in class org.opensaml.profile.action.AbstractProfileAction

      • doExecute

        protected void doExecute​(@Nonnull
                         org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Overrides:
        doExecute in class org.opensaml.profile.action.AbstractProfileAction

      • generateNameIdentifier

        @Nullable
private org.opensaml.saml.saml1.core.NameIdentifier generateNameIdentifier​(@Nonnull
                                                                           org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
        Attempt to generate a NameIdentifier using each of the candidate Formats and plugins.
        Parameters:
        profileRequestContext - current profile request context
        Returns:
        a generated NameIdentifier or null

      • getStatementSubject

        @Nonnull
private org.opensaml.saml.saml1.core.Subject getStatementSubject​(@Nonnull
                                                                 org.opensaml.saml.saml1.core.SubjectStatement statement)
        Get the subject to which the name identifier will be added.
        Parameters:
        statement - the statement being modified
        Returns:
        the subject to which the name identifier will be added

      • cloneNameIdentifier

        @Nonnull
private org.opensaml.saml.saml1.core.NameIdentifier cloneNameIdentifier​(@Nonnull
                                                                        org.opensaml.saml.saml1.core.NameIdentifier nameIdentifier)
        Create an efficient field-wise copy of a NameIdentifier.
        Parameters:
        nameIdentifier - the object to clone
        Returns:
        the copy