DecryptNameIDs (OpenSAML :: SAML Provider Implementations 3.4.2 API)

java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.profile.action.AbstractProfileAction
  - - org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
    - - org.opensaml.saml.saml2.profile.impl.DecryptNameIDs

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction
```
public class DecryptNameIDs
extends AbstractDecryptAction
```
Action to decrypt an EncryptedID element and replace it with the decrypted NameID in situ.
All of the built-in SAML message types that may include an EncryptedID are potentially handled, but the actual message to handle is obtained via strategy function, by default the inbound message.

Event:

EventIds.PROCEED_EVENT_ID, SAMLEventIds.DECRYPT_NAMEID_FAILED

Field Summary

Fields
Modifier and Type Field and Description

private org.slf4j.Logger log
Class logger.

Fields
Modifier and Type	Field and Description
`private org.slf4j.Logger`	`log` Class logger.

Constructor Summary

Constructors
Constructor and Description

DecryptNameIDs()

Constructors
Constructor and Description
`DecryptNameIDs()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`doExecute(ProfileRequestContext profileRequestContext)`
`private void`	`processAssertion(ProfileRequestContext profileRequestContext, Assertion assertion)` Decrypt any `EncryptedID` found in an assertion and replace it with the result.
`private NameID`	`processEncryptedID(ProfileRequestContext profileRequestContext, EncryptedID encID)` Decrypt an `EncryptedID` and return the result.
`private void`	`processLogoutRequest(ProfileRequestContext profileRequestContext, LogoutRequest request)` Decrypt any `EncryptedID` found in a LogoutRequest and replace it with the result.
`private void`	`processManageNameIDRequest(ProfileRequestContext profileRequestContext, ManageNameIDRequest request)` Decrypt any `EncryptedID` found in a ManageNameIDRequest and replace it with the result.
`private void`	`processNameIDMappingRequest(ProfileRequestContext profileRequestContext, NameIDMappingRequest request)` Decrypt any `EncryptedID` found in a NameIDMappingRequest and replace it with the result.
`private void`	`processNameIDMappingResponse(ProfileRequestContext profileRequestContext, NameIDMappingResponse response)` Decrypt any `EncryptedID` found in a NameIDMappingResponse and replace it with the result.
`private NewID`	`processNewEncryptedID(ProfileRequestContext profileRequestContext, NewEncryptedID encID)` Decrypt a `NewEncryptedID` and return the result.
`private void`	`processSubject(ProfileRequestContext profileRequestContext, Subject subject)` Decrypt any `EncryptedID` found in a subject and replace it with the result.

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction
doPreExecute, getDecrypter, getDecryptionPredicate, getSAMLObject, isErrorFatal, setDecryptionPredicate, setErrorFatal, setMessageLookupStrategy, setSecurityParametersContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Detail
- DecryptNameIDs
```
public DecryptNameIDs()
```

Method Detail

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Overrides:: doExecute in class AbstractProfileAction

processEncryptedID

@Nullable
private NameID processEncryptedID(@Nonnull
                                            ProfileRequestContext profileRequestContext,
                                            @Nonnull
                                            EncryptedID encID)
                                     throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt an EncryptedID and return the result.

Parameters:: profileRequestContext - current profile request context; encID - the encrypted object
Returns:: the decrypted name, or null if the object did not need decryption
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs during decryption

processNewEncryptedID

@Nullable
private NewID processNewEncryptedID(@Nonnull
                                              ProfileRequestContext profileRequestContext,
                                              @Nonnull
                                              NewEncryptedID encID)
                                       throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt a NewEncryptedID and return the result.

Parameters:: profileRequestContext - current profile request context; encID - the encrypted object
Returns:: the decrypted name, or null if the object did not need decryption
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs during decryption

processSubject

private void processSubject(@Nonnull
                            ProfileRequestContext profileRequestContext,
                            @Nullable
                            Subject subject)
                     throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a subject and replace it with the result.

Parameters:: profileRequestContext - current profile request context; subject - subject to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processLogoutRequest

private void processLogoutRequest(@Nonnull
                                  ProfileRequestContext profileRequestContext,
                                  @Nonnull
                                  LogoutRequest request)
                           throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a LogoutRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processManageNameIDRequest

private void processManageNameIDRequest(@Nonnull
                                        ProfileRequestContext profileRequestContext,
                                        @Nonnull
                                        ManageNameIDRequest request)
                                 throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a ManageNameIDRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processNameIDMappingRequest

private void processNameIDMappingRequest(@Nonnull
                                         ProfileRequestContext profileRequestContext,
                                         @Nonnull
                                         NameIDMappingRequest request)
                                  throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a NameIDMappingRequest and replace it with the result.

Parameters:: profileRequestContext - current profile request context; request - request to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processNameIDMappingResponse

private void processNameIDMappingResponse(@Nonnull
                                          ProfileRequestContext profileRequestContext,
                                          @Nonnull
                                          NameIDMappingResponse response)
                                   throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in a NameIDMappingResponse and replace it with the result.

Parameters:: profileRequestContext - current profile request context; response - response to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

processAssertion

private void processAssertion(@Nonnull
                              ProfileRequestContext profileRequestContext,
                              @Nonnull
                              Assertion assertion)
                       throws org.opensaml.xmlsec.encryption.support.DecryptionException

Decrypt any EncryptedID found in an assertion and replace it with the result.

Parameters:: profileRequestContext - current profile request context; assertion - assertion to operate on
Throws:: org.opensaml.xmlsec.encryption.support.DecryptionException - if an error occurs

Class DecryptNameIDs

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent