Package org.opensaml.saml.saml2.binding.decoding.impl

Class HTTPArtifactDecoder

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.messaging.decoder.AbstractMessageDecoder
org.opensaml.messaging.decoder.servlet.AbstractHttpServletRequestMessageDecoder
org.opensaml.messaging.decoder.servlet.BaseHttpServletRequestXMLMessageDecoder
org.opensaml.saml.common.binding.impl.BaseSAMLHttpServletRequestDecoder
org.opensaml.saml.saml2.binding.decoding.impl.HTTPArtifactDecoder
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, UnmodifiableComponent, MessageDecoder, HttpServletRequestMessageDecoder, SAMLMessageDecoder
public class HTTPArtifactDecoder extends BaseSAMLHttpServletRequestDecoder implements SAMLMessageDecoder
SAML 2 Artifact Binding decoder, support both HTTP GET and POST.

  • Field Details

  • Constructor Details

    • HTTPArtifactDecoder

      public HTTPArtifactDecoder()

  • Method Details

    • doInitialize

      protected void doInitialize() throws ComponentInitializationException
      Overrides:
      doInitialize in class BaseHttpServletRequestXMLMessageDecoder
      Throws:
      ComponentInitializationException

    • getIdentifierGenerationStrategy

      @NonnullAfterInit public IdentifierGenerationStrategy getIdentifierGenerationStrategy()
      Get the identifier generation strategy.
      Returns:
      Returns the identifier generation strategy

    • setIdentifierGenerationStrategy

      public void setIdentifierGenerationStrategy(@Nonnull IdentifierGenerationStrategy strategy)
      Set the identifier generation strategy.
      Parameters:
      strategy - the identifier generation strategy

    • getSelfEntityIDResolver

      @NonnullAfterInit public Resolver<String,CriteriaSet> getSelfEntityIDResolver()
      Get the resolver for the self entityID.
      Returns:
      the resolver

    • setSelfEntityIDResolver

      public void setSelfEntityIDResolver(@Nullable Resolver<String,CriteriaSet> resolver)
      Set the resolver for the self entityID.
      Parameters:
      resolver - the resolver instance

    • getPeerEntityRole

      @NonnullAfterInit public QName getPeerEntityRole()
      Get the peer entity role QName.
      Returns:
      the peer entity role

    • setPeerEntityRole

      public void setPeerEntityRole(@Nullable QName role)
      Set the peer entity role QName.
      Parameters:
      role - the peer entity role

    • getArtifactEndpointResolver

      @NonnullAfterInit public EndpointResolver<ArtifactResolutionService> getArtifactEndpointResolver()
      Get the artifact endpoint resolver.
      Returns:
      the endpoint resolver

    • setArtifactEndpointResolver

      public void setArtifactEndpointResolver(@Nullable EndpointResolver<ArtifactResolutionService> resolver)
      Set the artifact endpoint resolver.
      Parameters:
      resolver - the new resolver

    • getRoleDescriptorResolver

      @NonnullAfterInit public RoleDescriptorResolver getRoleDescriptorResolver()
      Get the role descriptor resolver.

      Must be capable of resolving descriptors based on ArtifactCriterion.

      Returns:
      the role descriptor resolver

    • setRoleDescriptorResolver

      public void setRoleDescriptorResolver(@Nullable RoleDescriptorResolver resolver)
      Set the role descriptor resolver.

      Must be capable of resolving descriptors based on ArtifactCriterion.

      Parameters:
      resolver - the role descriptor resolver

    • getArtifactBuilderFactory

      @NonnullAfterInit public SAML2ArtifactBuilderFactory getArtifactBuilderFactory()
      Get the SAML 2 artifact builder factory.
      Returns:
      the artifact builder factory in use

    • setArtifactBuilderFactory

      public void setArtifactBuilderFactory(@Nullable SAML2ArtifactBuilderFactory factory)
      Set the SAML 2 artifact builder factory.
      Parameters:
      factory - the artifact builder factory

    • getSOAPClient

      @NonnullAfterInit public SOAPClient getSOAPClient()
      Get the SOAP client instance.
      Returns:
      the SOAP client

    • setSOAPClient

      public void setSOAPClient(@Nullable SOAPClient client)
      Set the SOAP client instance.
      Parameters:
      client - the SOAP client

    • getSOAPPipelineName

      @Nullable public String getSOAPPipelineName()
      Get the name of the specific SOAP client message pipeline to use, for example with PipelineFactoryHttpSOAPClient.
      Returns:
      the pipeline name, or null

    • setSOAPPipelineName

      public void setSOAPPipelineName(@Nullable String name)
      Set the name of the specific SOAP client message pipeline to use, for example with PipelineFactoryHttpSOAPClient.
      Parameters:
      name - the pipeline name, or null

    • getSOAPClientSecurityConfigurationProfileId

      @Nullable public String getSOAPClientSecurityConfigurationProfileId()
      Get the SOAP client security configuration profile ID to use.
      Returns:
      the client security configuration profile ID, or null

    • setSOAPClientSecurityConfigurationProfileId

      public void setSOAPClientSecurityConfigurationProfileId(@Nullable String profileId)
      Set the SOAP client security configuration profile ID to use.
      Parameters:
      profileId - the profile ID, or null

    • getBindingURI

      @Nonnull @NotEmpty public String getBindingURI()
      Specified by:
      getBindingURI in interface SAMLMessageDecoder

    • getBindingDescriptor

      @Nullable public BindingDescriptor getBindingDescriptor()
      Get an optional BindingDescriptor to inject into SAMLBindingContext created.
      Returns:
      binding descriptor

    • setBindingDescriptor

      public void setBindingDescriptor(@Nullable BindingDescriptor descriptor)
      Set an optional BindingDescriptor to inject into SAMLBindingContext created.
      Parameters:
      descriptor - a binding descriptor

    • doDecode

      protected void doDecode() throws MessageDecodingException
      Specified by:
      doDecode in class AbstractMessageDecoder
      Throws:
      MessageDecodingException

    • processArtifact

      private void processArtifact(@Nonnull MessageContext messageContext, @Nonnull HttpServletRequest request) throws MessageDecodingException
      Process the incoming artifact by decoding the artifacts, dereferencing it from the artifact issuer and storing the resulting protocol message in the message context.
      Parameters:
      messageContext - the message context being processed
      request - the HTTP servlet request
      Throws:
      MessageDecodingException - thrown if there is a problem decoding or dereferencing the artifact

    • dereferenceArtifact

      @Nonnull private SAMLObject dereferenceArtifact(@Nonnull SAML2Artifact artifact, @Nonnull RoleDescriptor peerRoleDescriptor, @Nonnull String endpoint) throws MessageDecodingException
      De-reference the supplied artifact into the corresponding SAML protocol message.
      Parameters:
      artifact - the artifact to de-reference
      peerRoleDescriptor - the peer RoleDescriptor
      endpoint - the peer's artifact resolution service endpoint
      Returns:
      the de-referenced artifact
      Throws:
      MessageDecodingException - if there is fatal error, or if the artifact was not successfully resolved

    • validateAndExtractResponseMessage

      @Nonnull private SAMLObject validateAndExtractResponseMessage(@Nonnull ArtifactResponse artifactResponse) throws MessageDecodingException
      Validate and extract the SAML protocol message from the artifact response.
      Parameters:
      artifactResponse - the response to process
      Returns:
      the SAML protocol message
      Throws:
      MessageDecodingException - if the protocol message was not sent or there was a non-success status response

    • buildArtifactResolveRequestMessage

      @Nonnull private ArtifactResolve buildArtifactResolveRequestMessage(@Nonnull SAML2Artifact artifact, @Nonnull String endpoint, @Nonnull RoleDescriptor peerRoleDescriptor, @Nonnull String selfEntityID) throws EncodingException
      Build the SAML protocol message for artifact resolution.
      Parameters:
      artifact - the artifact being de-referenced
      endpoint - the peer artifact resolution service endpoint
      peerRoleDescriptor - the peer RoleDescriptor
      selfEntityID - the entityID of this party, the issuer of the protocol request message
      Returns:
      the SAML protocol message for artifact resolution
      Throws:
      EncodingException - if the artifact can not be base64 encoded.

    • resolveSelfEntityID

      @Nonnull private String resolveSelfEntityID(@Nonnull RoleDescriptor peerRoleDescriptor) throws MessageDecodingException
      Resolve the self entityID, used as the issuer of the protocol message by this entity.
      Parameters:
      peerRoleDescriptor - the peer RoleDescriptor
      Returns:
      the resolved self entityID
      Throws:
      MessageDecodingException - if there was a fatal error during resolution, or the entityID could not be resolved

    • buildIssuer

      @Nonnull private Issuer buildIssuer(@Nonnull String selfEntityID)
      Build the SAML protocol message Issuer element.
      Parameters:
      selfEntityID - the entity ID of the protocol message issuer (this entity)
      Returns:
      the Issuer element

    • resolveArtifactEndpoint

      @Nonnull private String resolveArtifactEndpoint(@Nonnull SAML2Artifact artifact, @Nonnull RoleDescriptor peerRoleDescriptor) throws MessageDecodingException
      Resolve the artifact resolution endpoint of the peer who issued the artifact.
      Parameters:
      artifact - the artifact
      peerRoleDescriptor - the peer RoleDescriptor
      Returns:
      the peer artifact resolution service endpoint
      Throws:
      MessageDecodingException - if there is a fatal error resolving the endpoint, or the endpoint could not be resolved

    • resolvePeerRoleDescriptor

      @Nonnull private RoleDescriptor resolvePeerRoleDescriptor(@Nonnull SAML2Artifact artifact) throws MessageDecodingException
      Resolve the role descriptor of the SAML peer who issued the supplied artifact.
      Parameters:
      artifact - the artifact to process
      Returns:
      the peer RoleDescriptor
      Throws:
      MessageDecodingException - if there was a fatal error resolving the role descriptor, or the descriptor could not be resolved

    • parseArtifact

      @Nonnull private SAML2Artifact parseArtifact(@Nonnull String encodedArtifact) throws MessageDecodingException
      Parse and decode the supplied encoded artifact string into a SAML2Artifact instance.
      Parameters:
      encodedArtifact - the encoded artifact which was received
      Returns:
      the decoded artifact instance
      Throws:
      MessageDecodingException - if the encoded artifact could not be decoded

    • populateBindingContext

      protected void populateBindingContext(@Nonnull MessageContext messageContext)
      Populate the context which carries information specific to this binding.
      Parameters:
      messageContext - the current message context