org.opensaml.saml.saml1.profile.impl

Class CopyNameIdentifierFromRequest

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.saml1.profile.impl.CopyNameIdentifierFromRequest

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, ProfileAction

public class CopyNameIdentifierFromRequest
extends AbstractProfileAction

Action that builds a NameIdentifier and adds it to the Subject of all the statements in all the assertions found in a Response. The message to update is returned by a lookup strategy, by default the message returned by InOutOperationContext.getOutboundMessageContext().

No assertions or statements will be created by this action, but if no Subject exists in the statements found, it will be created.

The source of the NameIdentifier is a SAMLSubjectNameIdentifierContext returned by a lookup strategy.

Field Summary

Fields

Modifier and Type	Field and Description
private org.slf4j.Logger	log Class logger.
private NameIdentifier	nameIdentifier NameIdentifier to copy.
private SAMLObjectBuilder<NameIdentifier>	nameIdentifierBuilder Builder for NameIdentifier objects.
private com.google.common.base.Function<ProfileRequestContext,SAMLSubjectNameIdentifierContext>	nameIdentifierContextLookupStrategy Strategy used to locate the name identifier context to copy from.
private boolean	overwriteExisting Flag controlling whether to overwrite an existing NameIdentifier.
private Response	response Response to modify.
private com.google.common.base.Function<ProfileRequestContext,Response>	responseLookupStrategy Strategy used to locate the Response to operate on.
private SAMLObjectBuilder<Subject>	subjectBuilder Builder for Subject objects.

Constructor Summary

Constructors

Constructor and Description
CopyNameIdentifierFromRequest() Constructor.

Method Summary

Modifier and Type	Method and Description
private NameIdentifier	cloneNameIdentifier() Create an efficient field-wise copy of a NameIdentifier.
protected void	doExecute(ProfileRequestContext profileRequestContext) Performs this action.
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext) Called prior to execution, actions may override this method to perform pre-processing for a request.
private Subject	getStatementSubject(SubjectStatement statement) Get the subject to which the name identifier will be added.
void	setNameIdentifierContextLookupStrategy(com.google.common.base.Function<ProfileRequestContext,SAMLSubjectNameIdentifierContext> strategy) Set the strategy used to locate the SAMLSubjectNameIdentifierContext to copy from.
void	setOverwriteExisting(boolean flag) Set whether to overwrite any existing NameIdentifier objects found.
void	setResponseLookupStrategy(com.google.common.base.Function<ProfileRequestContext,Response> strategy) Set the strategy used to locate the Response to operate on.

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

subjectBuilder

@Nonnull
private final SAMLObjectBuilder<Subject> subjectBuilder

Builder for Subject objects.

nameIdentifierBuilder

@Nonnull
private final SAMLObjectBuilder<NameIdentifier> nameIdentifierBuilder

Builder for NameIdentifier objects.

overwriteExisting

private boolean overwriteExisting

Flag controlling whether to overwrite an existing NameIdentifier.

nameIdentifierContextLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,SAMLSubjectNameIdentifierContext> nameIdentifierContextLookupStrategy

Strategy used to locate the name identifier context to copy from.

responseLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,Response> responseLookupStrategy

Strategy used to locate the Response to operate on.

nameIdentifier

@Nullable
private NameIdentifier nameIdentifier

NameIdentifier to copy.

response

@Nullable
private Response response

Response to modify.

Constructor Detail

CopyNameIdentifierFromRequest

public CopyNameIdentifierFromRequest()

Constructor.

Method Detail

setOverwriteExisting

public void setOverwriteExisting(boolean flag)

Set whether to overwrite any existing NameIdentifier objects found.

Parameters:

flag - true iff the action should overwrite any existing objects

setNameIdentifierContextLookupStrategy

public void setNameIdentifierContextLookupStrategy(@Nonnull
                                                   com.google.common.base.Function<ProfileRequestContext,SAMLSubjectNameIdentifierContext> strategy)

Set the strategy used to locate the SAMLSubjectNameIdentifierContext to copy from.

Parameters:

strategy - lookup strategy

setResponseLookupStrategy

public void setResponseLookupStrategy(@Nonnull
                                      com.google.common.base.Function<ProfileRequestContext,Response> strategy)

Set the strategy used to locate the Response to operate on.

Parameters:

strategy - lookup strategy

doPreExecute

protected boolean doPreExecute(@Nonnull
                               ProfileRequestContext profileRequestContext)

Called prior to execution, actions may override this method to perform pre-processing for a request.

If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

If returning successfully, the last step should be to return the result of the superclass version of this method.

Overrides:

doPreExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

Returns:

true iff execution should proceed

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Performs this action. Actions must override this method to perform their work.

Overrides:

doExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

getStatementSubject

@Nonnull
private Subject getStatementSubject(@Nonnull
                                             SubjectStatement statement)

Get the subject to which the name identifier will be added.

Parameters:

statement - the statement being modified

Returns:

the subject to which the name identifier will be added

cloneNameIdentifier

@Nonnull
private NameIdentifier cloneNameIdentifier()

Create an efficient field-wise copy of a NameIdentifier.

Returns:

the copy