Class AddAudienceRestrictionToAssertions
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- org.opensaml.saml.common.profile.impl.AddAudienceRestrictionToAssertions
-
- All Implemented Interfaces:
Component
,DestructableComponent
,InitializableComponent
,ProfileAction
public class AddAudienceRestrictionToAssertions extends AbstractConditionalProfileAction
Action adds an audience restriction condition to every assertion contained in a SAML 1/2 response, with the audiences obtained from a lookup function. If the containing Conditions is not present, it will be created.
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
addingAudiencesToExistingRestriction
Whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.private Function<ProfileRequestContext,Collection<String>>
audienceRestrictionsLookupStrategy
Strategy used to obtain the audiences to add.private Collection<String>
audiences
Audiences to add.private org.slf4j.Logger
log
Class logger.private SAMLObject
response
Response to modify.private Function<ProfileRequestContext,SAMLObject>
responseLookupStrategy
Strategy used to locate the Response to operate on.
-
Constructor Summary
Constructors Constructor Description AddAudienceRestrictionToAssertions()
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
addAudienceRestriction(ProfileRequestContext profileRequestContext, Conditions conditions)
Add the audiences obtained from a lookup function to theAudienceRestrictionCondition
.private void
addAudienceRestriction(ProfileRequestContext profileRequestContext, Conditions conditions)
Add the audiences obtained from a lookup function to theAudienceRestriction
.protected void
doExecute(ProfileRequestContext profileRequestContext)
protected void
doInitialize()
protected boolean
doPreExecute(ProfileRequestContext profileRequestContext)
private AudienceRestriction
getAudienceRestriction(Conditions conditions)
Get theAudienceRestriction
to which audiences will be added.private AudienceRestrictionCondition
getAudienceRestrictionCondition(Conditions conditions)
Get theAudienceRestrictionCondition
to which audiences will be added.void
setAddingAudiencesToExistingRestriction(boolean addingToExistingRestriction)
Set whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.void
setAudienceRestrictionsLookupStrategy(Function<ProfileRequestContext,Collection<String>> strategy)
Set the strategy used to obtain the audience restrictions to apply.void
setResponseLookupStrategy(Function<ProfileRequestContext,SAMLObject> strategy)
Set the strategy used to locate the Response to operate on.-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
addingAudiencesToExistingRestriction
private boolean addingAudiencesToExistingRestriction
Whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.
-
responseLookupStrategy
@Nonnull private Function<ProfileRequestContext,SAMLObject> responseLookupStrategy
Strategy used to locate the Response to operate on.
-
audienceRestrictionsLookupStrategy
@Nullable private Function<ProfileRequestContext,Collection<String>> audienceRestrictionsLookupStrategy
Strategy used to obtain the audiences to add.
-
response
@Nullable private SAMLObject response
Response to modify.
-
audiences
@Nullable private Collection<String> audiences
Audiences to add.
-
-
Method Detail
-
setResponseLookupStrategy
public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext,SAMLObject> strategy)
Set the strategy used to locate the Response to operate on.- Parameters:
strategy
- lookup strategy
-
setAddingAudiencesToExistingRestriction
public void setAddingAudiencesToExistingRestriction(boolean addingToExistingRestriction)
Set whether, if an assertion already contains an audience restriction, this action will add its audiences to that restriction or create another one.- Parameters:
addingToExistingRestriction
- whether this action will add its audiences to that restriction or create another one
-
setAudienceRestrictionsLookupStrategy
public void setAudienceRestrictionsLookupStrategy(@Nonnull Function<ProfileRequestContext,Collection<String>> strategy)
Set the strategy used to obtain the audience restrictions to apply.- Parameters:
strategy
- lookup strategy
-
doInitialize
protected void doInitialize() throws ComponentInitializationException
- Overrides:
doInitialize
in classAbstractInitializableComponent
- Throws:
ComponentInitializationException
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
- Overrides:
doPreExecute
in classAbstractConditionalProfileAction
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
- Overrides:
doExecute
in classAbstractProfileAction
-
addAudienceRestriction
private void addAudienceRestriction(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Conditions conditions)
Add the audiences obtained from a lookup function to theAudienceRestrictionCondition
. If noAudienceRestrictionCondition
exists on the given Conditions one is created and added.- Parameters:
profileRequestContext
- current profile request contextconditions
- condition that has, or will receive the created,AudienceRestrictionCondition
-
addAudienceRestriction
private void addAudienceRestriction(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Conditions conditions)
Add the audiences obtained from a lookup function to theAudienceRestriction
. If noAudienceRestriction
exists on the given Conditions one is created and added.- Parameters:
profileRequestContext
- current profile request contextconditions
- condition that has, or will receive the created,AudienceRestriction
-
getAudienceRestrictionCondition
@Nonnull private AudienceRestrictionCondition getAudienceRestrictionCondition(@Nonnull Conditions conditions)
Get theAudienceRestrictionCondition
to which audiences will be added.- Parameters:
conditions
- existing set of conditions- Returns:
- the condition to which audiences will be added
-
getAudienceRestriction
@Nonnull private AudienceRestriction getAudienceRestriction(@Nonnull Conditions conditions)
Get theAudienceRestriction
to which audiences will be added.- Parameters:
conditions
- existing set of conditions- Returns:
- the condition to which audiences will be added
-
-