Package org.opensaml.saml.saml2.profile.impl

Class AbstractDecryptAction

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.profile.action.ProfileAction

Direct Known Subclasses:

DecryptAssertions, DecryptAttributes, DecryptNameIDs

public abstract class AbstractDecryptAction
extends org.opensaml.profile.action.AbstractProfileAction

Abstract base class for actions that perform SAML decryption.

The actual message to handle is obtained via strategy function, by default the inbound message.

The SecurityParametersContext governing the decryption process is located by a lookup strategy, by default a child of the inbound message context.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

Field Summary

Fields

Modifier and Type	Field	Description
private org.opensaml.saml.saml2.encryption.Decrypter	decrypter	The decryption object.
private Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>>	decryptionPredicate	Predicate determining whether to attempt decryption.
private boolean	errorFatal	Are decryption failures a fatal condition?
private org.slf4j.Logger	log	Class logger.
private org.opensaml.saml.common.SAMLObject	message	Message to operate on.
private Function<org.opensaml.profile.context.ProfileRequestContext,Object>	messageLookupStrategy	Strategy used to locate the SAML message to operate on.
private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.xmlsec.context.SecurityParametersContext>	securityParamsLookupStrategy	Strategy used to locate the SecurityParametersContext.

Constructor Summary

Constructors

Constructor	Description
AbstractDecryptAction()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected boolean	doPreExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)
org.opensaml.saml.saml2.encryption.Decrypter	getDecrypter()	Get the decrypter.
Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>>	getDecryptionPredicate()	Get the predicate used to determine whether to attempt decryption.
org.opensaml.saml.common.SAMLObject	getSAMLObject()	Get the object to act on.
boolean	isErrorFatal()	Get whether decryption failure should be treated as an error or ignored.
void	setDecryptionPredicate(Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>> predicate)	Set the predicate used to determine whether to attempt decryption.
void	setErrorFatal(boolean flag)	Set whether decryption failure should be treated as an error or ignored.
void	setMessageLookupStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,Object> strategy)	Set the strategy used to locate the SAMLObject to operate on.
void	setSecurityParametersContextLookupStrategy(Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.xmlsec.context.SecurityParametersContext> strategy)	Set the strategy used to locate the SecurityParametersContext associated with a given ProfileRequestContext.

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doExecute, doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

errorFatal

private boolean errorFatal

Are decryption failures a fatal condition?

securityParamsLookupStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.xmlsec.context.SecurityParametersContext> securityParamsLookupStrategy

Strategy used to locate the SecurityParametersContext.

messageLookupStrategy

@Nonnull
private Function<org.opensaml.profile.context.ProfileRequestContext,Object> messageLookupStrategy

Strategy used to locate the SAML message to operate on.

decryptionPredicate

@Nonnull
private Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>> decryptionPredicate

Predicate determining whether to attempt decryption.

decrypter

@Nullable
private org.opensaml.saml.saml2.encryption.Decrypter decrypter

The decryption object.

message

@Nullable
private org.opensaml.saml.common.SAMLObject message

Message to operate on.

Constructor Detail

AbstractDecryptAction

public AbstractDecryptAction()

Constructor.

Method Detail

isErrorFatal

public boolean isErrorFatal()

Get whether decryption failure should be treated as an error or ignored.

Returns:

whether decryption failure should be treated as an error or ignored

setErrorFatal

public void setErrorFatal(boolean flag)

Set whether decryption failure should be treated as an error or ignored.

Parameters:

flag - true iff decryption failure should be fatal

setSecurityParametersContextLookupStrategy

public void setSecurityParametersContextLookupStrategy(@Nonnull
                                                       Function<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.xmlsec.context.SecurityParametersContext> strategy)

Set the strategy used to locate the SecurityParametersContext associated with a given ProfileRequestContext.

Parameters:

strategy - strategy used to locate the SecurityParametersContext associated with a given ProfileRequestContext

setMessageLookupStrategy

public void setMessageLookupStrategy(@Nonnull
                                     Function<org.opensaml.profile.context.ProfileRequestContext,Object> strategy)

Set the strategy used to locate the SAMLObject to operate on.

Parameters:

strategy - strategy used to locate the SAMLObject to operate on

getDecryptionPredicate

@Nonnull
public Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>> getDecryptionPredicate()

Get the predicate used to determine whether to attempt decryption.

Returns:

the predicate

setDecryptionPredicate

public void setDecryptionPredicate(@Nonnull
                                   Predicate<net.shibboleth.utilities.java.support.collection.Pair<org.opensaml.profile.context.ProfileRequestContext,org.opensaml.saml.saml2.core.EncryptedElementType>> predicate)

Set the predicate used to determine whether to attempt decryption.

Parameters:

predicate - predicate to use

getDecrypter

@Nullable
public org.opensaml.saml.saml2.encryption.Decrypter getDecrypter()

Get the decrypter.

Returns:

the decrypter

getSAMLObject

@Nullable
public org.opensaml.saml.common.SAMLObject getSAMLObject()

Get the object to act on.

Returns:

the object to act on

doPreExecute

protected boolean doPreExecute(@Nonnull
                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext)

Overrides:

doPreExecute in class org.opensaml.profile.action.AbstractProfileAction