SAMLMetadataSignatureSigningParametersResolver

java.lang.Object
- org.opensaml.xmlsec.impl.AbstractSecurityParametersResolver<SignatureSigningParameters>
- - org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver
  - - org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver

All Implemented Interfaces:

net.shibboleth.utilities.java.support.resolver.Resolver<SignatureSigningParameters,net.shibboleth.utilities.java.support.resolver.CriteriaSet>, SignatureSigningParametersResolver
```
public class SAMLMetadataSignatureSigningParametersResolver
extends BasicSignatureSigningParametersResolver
```
A specialization of BasicSignatureSigningParametersResolver which also supports input of SAML metadata, specifically the SigningMethod and DigestMethod extension elements.
In addition to the Criterion inputs documented in BasicSignatureSigningParametersResolver, the following inputs are also supported:
- RoleDescriptorCriterion - optional

Field Summary

Fields
Modifier and Type Field and Description

private org.slf4j.Logger log
Logger.

Fields
Modifier and Type	Field and Description
`private org.slf4j.Logger`	`log` Logger.

Constructor Summary

Constructors
Constructor and Description

SAMLMetadataSignatureSigningParametersResolver()

Constructors
Constructor and Description
`SAMLMetadataSignatureSigningParametersResolver()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected boolean`	`credentialSupportsSigningMethod(Credential credential, SigningMethod signingMethod)` Evaluate whether the specified credential is supported for use with the specified `SigningMethod`.
`protected java.util.List<XMLObject>`	`getExtensions(RoleDescriptor roleDescriptor, javax.xml.namespace.QName extensionName)` Get the extensions indicated by the passed QName.
`protected void`	`resolveAndPopulateCredentialAndSignatureAlgorithm(SignatureSigningParameters params, net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria, com.google.common.base.Predicate<java.lang.String> whitelistBlacklistPredicate)` Resolve and populate the signing credential and signature method algorithm URI on the supplied parameters instance.
`protected java.lang.String`	`resolveReferenceDigestMethod(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria, com.google.common.base.Predicate<java.lang.String> whitelistBlacklistPredicate)` Resolve and return the digest method algorithm URI to use, including application of whitelist/blacklist policy.

Methods inherited from class org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver
credentialSupportsAlgorithm, getAlgorithmRegistry, getAlgorithmRuntimeSupportedPredicate, getEffectiveSignatureAlgorithms, getEffectiveSigningCredentials, getWhitelistBlacklistPredicate, logResult, resolve, resolveCanonicalizationAlgorithm, resolveHMACOutputLength, resolveKeyInfoGenerator, resolveSingle, setAlgorithmRegistry, validate

Methods inherited from class org.opensaml.xmlsec.impl.AbstractSecurityParametersResolver
lookupKeyInfoGenerator, resolveAndPopulateWhiteAndBlacklists, resolveEffectiveBlacklist, resolveEffectiveWhitelist, resolveWhitelistBlacklistPrecedence, resolveWhitelistBlacklistPredicate

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- log
```
@Nonnull
private org.slf4j.Logger log
```
  Logger.

Constructor Detail
- SAMLMetadataSignatureSigningParametersResolver
```
public SAMLMetadataSignatureSigningParametersResolver()
```

Method Detail

resolveAndPopulateCredentialAndSignatureAlgorithm

protected void resolveAndPopulateCredentialAndSignatureAlgorithm(@Nonnull
                                                                 SignatureSigningParameters params,
                                                                 @Nonnull
                                                                 net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria,
                                                                 @Nonnull
                                                                 com.google.common.base.Predicate<java.lang.String> whitelistBlacklistPredicate)

Resolve and populate the signing credential and signature method algorithm URI on the supplied parameters instance.

Overrides:: resolveAndPopulateCredentialAndSignatureAlgorithm in class BasicSignatureSigningParametersResolver
Parameters:: params - the parameters instance being populated; criteria - the input criteria being evaluated; whitelistBlacklistPredicate - the whitelist/blacklist predicate with which to evaluate the candidate signing method algorithm URIs

credentialSupportsSigningMethod

protected boolean credentialSupportsSigningMethod(@Nonnull
                                                  Credential credential,
                                                  @Nonnull @NotEmpty
                                                  SigningMethod signingMethod)

Evaluate whether the specified credential is supported for use with the specified SigningMethod.

Parameters:: credential - the credential to evaluate; signingMethod - the signing method to evaluate
Returns:: true if credential may be used with the supplied algorithm URI, false otherwise

resolveReferenceDigestMethod

@Nullable
protected java.lang.String resolveReferenceDigestMethod(@Nonnull
                                                                  net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria,
                                                                  @Nonnull
                                                                  com.google.common.base.Predicate<java.lang.String> whitelistBlacklistPredicate)

Resolve and return the digest method algorithm URI to use, including application of whitelist/blacklist policy.

Overrides:: resolveReferenceDigestMethod in class BasicSignatureSigningParametersResolver
Parameters:: criteria - the input criteria being evaluated; whitelistBlacklistPredicate - the whitelist/blacklist predicate to use
Returns:: the resolved digest method algorithm URI

getExtensions
```
@Nullable
protected java.util.List<XMLObject> getExtensions(@Nonnull
                                                            RoleDescriptor roleDescriptor,
                                                            @Nonnull
                                                            javax.xml.namespace.QName extensionName)
```
Get the extensions indicated by the passed QName. The passed RoleDescriptor's Extensions element is examined first. If at least 1 such extension is found there, that list is returned. If no such extensions are found on the RoleDescriptor, then the RoleDescriptor's parent EntityDescriptor will be examined, if it exists.

Parameters:

roleDescriptor - the role descriptor instance to examine

extensionName - the extension name for which to search

Returns:

the list of extension XMLObjects found, or null

Class SAMLMetadataSignatureSigningParametersResolver

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver

Methods inherited from class org.opensaml.xmlsec.impl.AbstractSecurityParametersResolver

Methods inherited from class java.lang.Object

Field Detail

log

Constructor Detail

SAMLMetadataSignatureSigningParametersResolver

Method Detail

resolveAndPopulateCredentialAndSignatureAlgorithm

credentialSupportsSigningMethod

resolveReferenceDigestMethod

getExtensions