Class AddAudienceRestrictionToAssertions
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction
public class AddAudienceRestrictionToAssertions extends AbstractConditionalProfileAction
Action adds an audience restriction condition to every assertion contained in a SAML 1/2 response, with the audiences obtained from a lookup function. If the containing Conditions is not present, it will be created.
-
-
Field Summary
Fields Modifier and Type Field Description private booleanaddingAudiencesToExistingRestrictionWhether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.private Function<ProfileRequestContext,Collection<String>>audienceRestrictionsLookupStrategyStrategy used to obtain the audiences to add.private Collection<String>audiencesAudiences to add.private org.slf4j.LoggerlogClass logger.private SAMLObjectresponseResponse to modify.private Function<ProfileRequestContext,SAMLObject>responseLookupStrategyStrategy used to locate the Response to operate on.
-
Constructor Summary
Constructors Constructor Description AddAudienceRestrictionToAssertions()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private voidaddAudienceRestriction(ProfileRequestContext profileRequestContext, Conditions conditions)Add the audiences obtained from a lookup function to theAudienceRestrictionCondition.private voidaddAudienceRestriction(ProfileRequestContext profileRequestContext, Conditions conditions)Add the audiences obtained from a lookup function to theAudienceRestriction.protected voiddoExecute(ProfileRequestContext profileRequestContext)protected voiddoInitialize()protected booleandoPreExecute(ProfileRequestContext profileRequestContext)private AudienceRestrictiongetAudienceRestriction(Conditions conditions)Get theAudienceRestrictionto which audiences will be added.private AudienceRestrictionConditiongetAudienceRestrictionCondition(Conditions conditions)Get theAudienceRestrictionConditionto which audiences will be added.voidsetAddingAudiencesToExistingRestriction(boolean addingToExistingRestriction)Set whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.voidsetAudienceRestrictionsLookupStrategy(Function<ProfileRequestContext,Collection<String>> strategy)Set the strategy used to obtain the audience restrictions to apply.voidsetResponseLookupStrategy(Function<ProfileRequestContext,SAMLObject> strategy)Set the strategy used to locate the Response to operate on.-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, setHttpServletRequest, setHttpServletRequestSupplier, setHttpServletResponse, setHttpServletResponseSupplier
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
addingAudiencesToExistingRestriction
private boolean addingAudiencesToExistingRestriction
Whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.
-
responseLookupStrategy
@Nonnull private Function<ProfileRequestContext,SAMLObject> responseLookupStrategy
Strategy used to locate the Response to operate on.
-
audienceRestrictionsLookupStrategy
@Nullable private Function<ProfileRequestContext,Collection<String>> audienceRestrictionsLookupStrategy
Strategy used to obtain the audiences to add.
-
response
@Nullable private SAMLObject response
Response to modify.
-
audiences
@Nullable private Collection<String> audiences
Audiences to add.
-
-
Method Detail
-
setResponseLookupStrategy
public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext,SAMLObject> strategy)Set the strategy used to locate the Response to operate on.- Parameters:
strategy- lookup strategy
-
setAddingAudiencesToExistingRestriction
public void setAddingAudiencesToExistingRestriction(boolean addingToExistingRestriction)
Set whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.- Parameters:
addingToExistingRestriction- whether this action will add its audiences to that restriction or create another one
-
setAudienceRestrictionsLookupStrategy
public void setAudienceRestrictionsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<String>> strategy)Set the strategy used to obtain the audience restrictions to apply.- Parameters:
strategy- lookup strategy
-
doInitialize
protected void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doPreExecutein classAbstractConditionalProfileAction
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doExecutein classAbstractProfileAction
-
addAudienceRestriction
private void addAudienceRestriction(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Conditions conditions)Add the audiences obtained from a lookup function to theAudienceRestrictionCondition. If noAudienceRestrictionConditionexists on the given Conditions one is created and added.- Parameters:
profileRequestContext- current profile request contextconditions- condition that has, or will receive the created,AudienceRestrictionCondition
-
addAudienceRestriction
private void addAudienceRestriction(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Conditions conditions)Add the audiences obtained from a lookup function to theAudienceRestriction. If noAudienceRestrictionexists on the given Conditions one is created and added.- Parameters:
profileRequestContext- current profile request contextconditions- condition that has, or will receive the created,AudienceRestriction
-
getAudienceRestrictionCondition
@Nonnull private AudienceRestrictionCondition getAudienceRestrictionCondition(@Nonnull Conditions conditions)
Get theAudienceRestrictionConditionto which audiences will be added.- Parameters:
conditions- existing set of conditions- Returns:
- the condition to which audiences will be added
-
getAudienceRestriction
@Nonnull private AudienceRestriction getAudienceRestriction(@Nonnull Conditions conditions)
Get theAudienceRestrictionto which audiences will be added.- Parameters:
conditions- existing set of conditions- Returns:
- the condition to which audiences will be added
-
-