java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.profile.action.AbstractProfileAction
  - - org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
    - - org.opensaml.saml.saml2.profile.impl.DecryptNameIDs

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.profile.action.ProfileAction
```
public class DecryptNameIDs
extends AbstractDecryptAction
```
Action to decrypt an EncryptedID element and replace it with the decrypted NameID in situ.
All of the built-in SAML message types that may include an EncryptedID are potentially handled, but the actual message to handle is obtained via strategy function, by default the inbound message.

Event:

EventIds.PROCEED_EVENT_ID, SAMLEventIds.DECRYPT_NAMEID_FAILED

Field Summary

Fields
Modifier and Type Field Description

private org.slf4j.Logger log
Class logger.

Constructor Summary

Constructors
Constructor Description

DecryptNameIDs()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected void`	`doExecute(org.opensaml.profile.context.ProfileRequestContext profileRequestContext)`
`private void`	`processAssertion(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.Assertion assertion)`	Decrypt any `EncryptedID` found in an assertion and replace it with the result.
`private org.opensaml.saml.saml2.core.NameID`	`processEncryptedID(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.EncryptedID encID)`	Decrypt an `EncryptedID` and return the result.
`private void`	`processLogoutRequest(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.LogoutRequest request)`	Decrypt any `EncryptedID` found in a LogoutRequest and replace it with the result.
`private void`	`processManageNameIDRequest(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.ManageNameIDRequest request)`	Decrypt any `EncryptedID` found in a ManageNameIDRequest and replace it with the result.
`private void`	`processNameIDMappingRequest(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.NameIDMappingRequest request)`	Decrypt any `EncryptedID` found in a NameIDMappingRequest and replace it with the result.
`private void`	`processNameIDMappingResponse(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.NameIDMappingResponse response)`	Decrypt any `EncryptedID` found in a NameIDMappingResponse and replace it with the result.
`private org.opensaml.saml.saml2.core.NewID`	`processNewEncryptedID(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.NewEncryptedID encID)`	Decrypt a `NewEncryptedID` and return the result.
`private void`	`processSubject(org.opensaml.profile.context.ProfileRequestContext profileRequestContext, org.opensaml.saml.saml2.core.Subject subject)`	Decrypt any `EncryptedID` found in a subject and replace it with the result.

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
doPreExecute, getDecrypter, getDecryptionPredicate, getSAMLObject, isErrorFatal, setDecryptionPredicate, setErrorFatal, setMessageLookupStrategy, setSecurityParametersContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Detail
- DecryptNameIDs
```
public DecryptNameIDs()
```

Method Detail

doExecute

protected void doExecute(@Nonnull
                         org.opensaml.profile.context.ProfileRequestContext profileRequestContext)

Overrides:: doExecute in class org.opensaml.profile.action.AbstractProfileAction

processEncryptedID

@Nullable
private org.opensaml.saml.saml2.core.NameID processEncryptedID(@Nonnull
                                                               org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                                               @Nonnull
                                                               org.opensaml.saml.saml2.core.EncryptedID encID)
                                                        throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt an EncryptedID and return the result.

Parameters:: profileRequestContext - current profile request context; encID - the encrypted object
Returns:: the decrypted name, or null if the object did not need decryption
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs during decryption

processNewEncryptedID

@Nullable
private org.opensaml.saml.saml2.core.NewID processNewEncryptedID(@Nonnull
                                                                 org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                                                 @Nonnull
                                                                 org.opensaml.saml.saml2.core.NewEncryptedID encID)
                                                          throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt a NewEncryptedID and return the result.

Parameters:: profileRequestContext - current profile request context; encID - the encrypted object
Returns:: the decrypted name, or null if the object did not need decryption
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs during decryption

processSubject

private void processSubject(@Nonnull
                            org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                            @Nullable
                            org.opensaml.saml.saml2.core.Subject subject)
                     throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a subject and replace it with the result.

Parameters:: profileRequestContext - current profile request context; subject - subject to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processLogoutRequest

private void processLogoutRequest(@Nonnull
                                  org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                  @Nonnull
                                  org.opensaml.saml.saml2.core.LogoutRequest request)
                           throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a LogoutRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processManageNameIDRequest

private void processManageNameIDRequest(@Nonnull
                                        org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                        @Nonnull
                                        org.opensaml.saml.saml2.core.ManageNameIDRequest request)
                                 throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a ManageNameIDRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processNameIDMappingRequest

private void processNameIDMappingRequest(@Nonnull
                                         org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                         @Nonnull
                                         org.opensaml.saml.saml2.core.NameIDMappingRequest request)
                                  throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a NameIDMappingRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processNameIDMappingResponse

private void processNameIDMappingResponse(@Nonnull
                                          org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                                          @Nonnull
                                          org.opensaml.saml.saml2.core.NameIDMappingResponse response)
                                   throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a NameIDMappingResponse and replace it with the result.

Parameters:: profileRequestContext - current profile request context; response - response to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processAssertion

private void processAssertion(@Nonnull
                              org.opensaml.profile.context.ProfileRequestContext profileRequestContext,
                              @Nonnull
                              org.opensaml.saml.saml2.core.Assertion assertion)
                       throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in an assertion and replace it with the result.

Parameters:: profileRequestContext - current profile request context; assertion - assertion to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

Class DecryptNameIDs

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent