org.opensaml.saml.saml1.profile.impl

Class AddNameIdentifierToSubjects

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.saml1.profile.impl.AddNameIdentifierToSubjects

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, ProfileAction

public class AddNameIdentifierToSubjects
extends AbstractProfileAction

Action that builds a NameIdentifier and adds it to the Subject of all the statements in all the assertions found via a lookup strategy, by default from the outbound message context.

No assertions or statements will be created by this action, but if no Subject exists in the statements found, it will be created.

The source of the NameIdentifier is one of a set of candidate SAML1NameIdentifierGenerator plugins injected into the action. The plugin(s) to attempt to use are derived from the Format value, which is established by a lookup strategy.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
private class	AddNameIdentifierToSubjects.AssertionStrategy Default strategy for obtaining assertions to modify.

Field Summary

Fields

Modifier and Type	Field and Description
private java.util.List<Assertion>	assertions Assertions to modify.
private com.google.common.base.Function<ProfileRequestContext,java.util.List<Assertion>>	assertionsLookupStrategy Strategy used to locate the Assertions to operate on.
private com.google.common.base.Function<ProfileRequestContext,java.util.List<java.lang.String>>	formatLookupStrategy Strategy used to determine the formats to try.
private java.util.List<java.lang.String>	formats Formats to try.
private SAML1NameIdentifierGenerator	generator Generator to use.
private org.slf4j.Logger	log Class logger.
private SAMLObjectBuilder<NameIdentifier>	nameIdentifierBuilder Builder for NameIdentifier objects.
private boolean	overwriteExisting Flag controlling whether to overwrite an existing NameIdentifier.
private SAMLObjectBuilder<Subject>	subjectBuilder Builder for Subject objects.

Constructor Summary

Constructors

Constructor and Description
AddNameIdentifierToSubjects() Constructor.

Method Summary

Modifier and Type	Method and Description
private NameIdentifier	cloneNameIdentifier(NameIdentifier nameIdentifier) Create an efficient field-wise copy of a NameIdentifier.
protected void	doExecute(ProfileRequestContext profileRequestContext) Performs this action.
protected void	doInitialize()
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext) Called prior to execution, actions may override this method to perform pre-processing for a request.
private NameIdentifier	generateNameIdentifier(ProfileRequestContext profileRequestContext) Attempt to generate a NameIdentifier using each of the candidate Formats and plugins.
private Subject	getStatementSubject(SubjectStatement statement) Get the subject to which the name identifier will be added.
void	setAssertionsLookupStrategy(com.google.common.base.Function<ProfileRequestContext,java.util.List<Assertion>> strategy) Set the strategy used to locate the Assertions to operate on.
void	setFormatLookupStrategy(com.google.common.base.Function<ProfileRequestContext,java.util.List<java.lang.String>> strategy) Set the strategy function to use to obtain the formats to try.
void	setNameIdentifierGenerator(SAML1NameIdentifierGenerator theGenerator) Set the generator to use.
void	setOverwriteExisting(boolean flag) Set whether to overwrite any existing NameIdentifier objects found.

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

subjectBuilder

@Nonnull
private final SAMLObjectBuilder<Subject> subjectBuilder

Builder for Subject objects.

nameIdentifierBuilder

@Nonnull
private final SAMLObjectBuilder<NameIdentifier> nameIdentifierBuilder

Builder for NameIdentifier objects.

overwriteExisting

private boolean overwriteExisting

Flag controlling whether to overwrite an existing NameIdentifier.

assertionsLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,java.util.List<Assertion>> assertionsLookupStrategy

Strategy used to locate the Assertions to operate on.

formatLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,java.util.List<java.lang.String>> formatLookupStrategy

Strategy used to determine the formats to try.

generator

@NonnullAfterInit
private SAML1NameIdentifierGenerator generator

Generator to use.

formats

@Nonnull
 @NonnullElements
private java.util.List<java.lang.String> formats

Formats to try.

assertions

@Nonnull
 @NonnullElements
private java.util.List<Assertion> assertions

Assertions to modify.

Constructor Detail

AddNameIdentifierToSubjects

public AddNameIdentifierToSubjects()

Constructor.

Method Detail

setOverwriteExisting

public void setOverwriteExisting(boolean flag)

Set whether to overwrite any existing NameIdentifier objects found.

Parameters:

flag - true iff the action should overwrite any existing objects

setAssertionsLookupStrategy

public void setAssertionsLookupStrategy(@Nonnull
                                        com.google.common.base.Function<ProfileRequestContext,java.util.List<Assertion>> strategy)

Set the strategy used to locate the Assertions to operate on.

Parameters:

strategy - lookup strategy

setFormatLookupStrategy

public void setFormatLookupStrategy(@Nonnull
                                    com.google.common.base.Function<ProfileRequestContext,java.util.List<java.lang.String>> strategy)

Set the strategy function to use to obtain the formats to try.

Parameters:

strategy - format lookup strategy

setNameIdentifierGenerator

public void setNameIdentifierGenerator(@Nonnull
                                       SAML1NameIdentifierGenerator theGenerator)

Set the generator to use.

Parameters:

theGenerator - the generator to use

doInitialize

protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException

Overrides:

doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Throws:

net.shibboleth.utilities.java.support.component.ComponentInitializationException

doPreExecute

protected boolean doPreExecute(@Nonnull
                               ProfileRequestContext profileRequestContext)

Called prior to execution, actions may override this method to perform pre-processing for a request.

If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

If returning successfully, the last step should be to return the result of the superclass version of this method.

Overrides:

doPreExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

Returns:

true iff execution should proceed

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Performs this action. Actions must override this method to perform their work.

Overrides:

doExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

generateNameIdentifier

@Nullable
private NameIdentifier generateNameIdentifier(@Nonnull
                                                        ProfileRequestContext profileRequestContext)

Attempt to generate a NameIdentifier using each of the candidate Formats and plugins.

Parameters:

profileRequestContext - current profile request context

Returns:

a generated NameIdentifier or null

getStatementSubject

@Nonnull
private Subject getStatementSubject(@Nonnull
                                             SubjectStatement statement)

Get the subject to which the name identifier will be added.

Parameters:

statement - the statement being modified

Returns:

the subject to which the name identifier will be added

cloneNameIdentifier

@Nonnull
private NameIdentifier cloneNameIdentifier(@Nonnull
                                                    NameIdentifier nameIdentifier)

Create an efficient field-wise copy of a NameIdentifier.

Parameters:

nameIdentifier - the object to clone

Returns:

the copy