Package org.pac4j.saml.client

Class SAML2Client

java.lang.Object

org.pac4j.core.util.InitializableObject

org.pac4j.core.client.BaseClient

org.pac4j.core.client.IndirectClient

org.pac4j.saml.client.SAML2Client

All Implemented Interfaces:

org.pac4j.core.client.Client

public class SAML2Client
extends org.pac4j.core.client.IndirectClient

This class is the client to authenticate and logout users with a SAML2 Identity Provider.

Since:

1.5.0

Author:

Michael Remond, Misagh Moayyed, Ruochao Zheng, Jerome Leleu

Field Summary

Fields

Modifier and Type	Field	Description
protected SAML2ResponseValidator	authnResponseValidator
protected SAML2Configuration	configuration
protected SAMLContextProvider	contextProvider
protected org.opensaml.saml.saml2.encryption.Decrypter	decrypter
protected SAML2MetadataResolver	idpMetadataResolver
protected SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest>	logoutProfileHandler
protected SAML2LogoutValidator	logoutValidator
protected SAML2ProfileHandler<org.opensaml.saml.saml2.core.AuthnRequest>	profileHandler
protected ReplayCacheProvider	replayCache
protected SignatureSigningParametersProvider	signatureSigningParametersProvider
protected SAML2SignatureTrustEngineProvider	signatureTrustEngineProvider
protected SOAPPipelineProvider	soapPipelineProvider
protected SAML2MetadataResolver	spMetadataResolver
protected org.pac4j.core.util.generator.ValueGenerator	stateGenerator

Fields inherited from class org.pac4j.core.client.IndirectClient

ATTEMPTED_AUTHENTICATION_SUFFIX, callbackUrl, callbackUrlResolver, urlResolver

Fields inherited from class org.pac4j.core.client.BaseClient

logger, saveProfileInSession

Constructor Summary

Constructors

Constructor	Description
SAML2Client()
SAML2Client(SAML2Configuration configuration)

Method Summary

Modifier and Type	Method	Description
void	destroy()
SAML2ResponseValidator	getAuthnResponseValidator()
final SAML2Configuration	getConfiguration()
SAMLContextProvider	getContextProvider()
final SAML2MetadataResolver	getIdentityProviderMetadataResolver()
final String	getIdentityProviderResolvedEntityId()
SAML2MetadataResolver	getIdpMetadataResolver()
protected SAML2LogoutMessageReceiver	getLogoutMessageReceiver()
SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest>	getLogoutProfileHandler()
protected SAML2LogoutRequestMessageSender	getLogoutRequestMessageSender()
SAML2LogoutValidator	getLogoutValidator()
SAML2ProfileHandler<org.opensaml.saml.saml2.core.AuthnRequest>	getProfileHandler()
ReplayCacheProvider	getReplayCache()
final SAML2MetadataResolver	getServiceProviderMetadataResolver()
final String	getServiceProviderResolvedEntityId()
SignatureSigningParametersProvider	getSignatureSigningParametersProvider()
SAML2SignatureTrustEngineProvider	getSignatureTrustEngineProvider()
SAML2MetadataResolver	getSpMetadataResolver()
org.pac4j.core.util.generator.ValueGenerator	getStateGenerator()
protected void	initDecrypter()
protected void	initIdentityProviderMetadataResolver()
protected void	initSAMLContextProvider()
protected void	initSAMLLogoutProfileHandler()
protected void	initSAMLLogoutResponseValidator()
protected void	initSAMLProfileHandler()
protected void	initSAMLReplayCache()
protected void	initSAMLResponseValidator()
protected void	initServiceProviderMetadataResolver()
protected void	initSignatureSigningParametersProvider()
protected void	initSignatureTrustEngineProvider()
protected void	initSOAPPipelineProvider()
protected void	internalInit(boolean forceReinit)
void	notifySessionRenewal(String oldSessionId, org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
void	setConfiguration(SAML2Configuration configuration)
void	setLogoutProfileHandler(SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest> logoutProfileHandler)
void	setStateGenerator(org.pac4j.core.util.generator.ValueGenerator stateGenerator)

Methods inherited from class org.pac4j.core.client.IndirectClient

afterInternalInit, beforeInternalInit, computeFinalCallbackUrl, defaultLogoutActionBuilder, defaultRedirectionActionBuilder, getAjaxRequestResolver, getCallbackUrl, getCallbackUrlResolver, getCodeVerifierSessionAttributeName, getCredentials, getLogoutAction, getLogoutActionBuilder, getNonceSessionAttributeName, getRedirectionAction, getRedirectionActionBuilder, getStateSessionAttributeName, getUrlResolver, isCheckAuthenticationAttempt, newDefaultCallbackUrlResolver, setAjaxRequestResolver, setCallbackUrl, setCallbackUrlResolver, setCheckAuthenticationAttempt, setLogoutActionBuilder, setRedirectionActionBuilder, setUrlResolver, toString

Methods inherited from class org.pac4j.core.client.BaseClient

addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getAuthenticator, getAuthorizationGenerators, getCredentialsExtractor, getCustomProperties, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getSaveProfileInSession, getUserProfile, isMultiProfile, renewUserProfile, retrieveCredentials, retrieveUserProfile, setAuthenticator, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCredentialsExtractor, setCustomProperties, setMultiProfile, setName, setProfileCreator, setProfileFactoryWhenNotAuthenticated, setSaveProfileInSession

Methods inherited from class org.pac4j.core.util.InitializableObject

getLastAttempt, getMaxAttempts, getMinTimeIntervalBetweenAttemptsInMilliseconds, getNbAttempts, init, init, isInitialized, reinit, setMaxAttempts, setMinTimeIntervalBetweenAttemptsInMilliseconds, shouldInitialize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

contextProvider

protected SAMLContextProvider contextProvider

signatureSigningParametersProvider

protected SignatureSigningParametersProvider signatureSigningParametersProvider

profileHandler

protected SAML2ProfileHandler<org.opensaml.saml.saml2.core.AuthnRequest> profileHandler

logoutProfileHandler

protected SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest> logoutProfileHandler

authnResponseValidator

protected SAML2ResponseValidator authnResponseValidator

logoutValidator

protected SAML2LogoutValidator logoutValidator

signatureTrustEngineProvider

protected SAML2SignatureTrustEngineProvider signatureTrustEngineProvider

idpMetadataResolver

protected SAML2MetadataResolver idpMetadataResolver

spMetadataResolver

protected SAML2MetadataResolver spMetadataResolver

decrypter

protected org.opensaml.saml.saml2.encryption.Decrypter decrypter

configuration

protected SAML2Configuration configuration

stateGenerator

protected org.pac4j.core.util.generator.ValueGenerator stateGenerator

replayCache

protected ReplayCacheProvider replayCache

soapPipelineProvider

protected SOAPPipelineProvider soapPipelineProvider

Constructor Details

SAML2Client

public SAML2Client()

SAML2Client

public SAML2Client(SAML2Configuration configuration)

Method Details

internalInit

protected void internalInit(boolean forceReinit)

Specified by:

internalInit in class org.pac4j.core.util.InitializableObject

initSOAPPipelineProvider

protected void initSOAPPipelineProvider()

initSAMLProfileHandler

protected void initSAMLProfileHandler()

initSAMLLogoutProfileHandler

protected void initSAMLLogoutProfileHandler()

getLogoutMessageReceiver

protected SAML2LogoutMessageReceiver getLogoutMessageReceiver()

getLogoutRequestMessageSender

protected SAML2LogoutRequestMessageSender getLogoutRequestMessageSender()

initSAMLLogoutResponseValidator

protected void initSAMLLogoutResponseValidator()

initSAMLResponseValidator

protected void initSAMLResponseValidator()

initSignatureTrustEngineProvider

protected void initSignatureTrustEngineProvider()

initSAMLContextProvider

protected void initSAMLContextProvider()

initServiceProviderMetadataResolver

protected void initServiceProviderMetadataResolver()

initIdentityProviderMetadataResolver

protected void initIdentityProviderMetadataResolver()

initDecrypter

protected void initDecrypter()

initSignatureSigningParametersProvider

protected void initSignatureSigningParametersProvider()

initSAMLReplayCache

protected void initSAMLReplayCache()

destroy

public void destroy()

notifySessionRenewal

public void notifySessionRenewal(String oldSessionId,
 org.pac4j.core.context.WebContext context,
 org.pac4j.core.context.session.SessionStore sessionStore)

Overrides:

notifySessionRenewal in class org.pac4j.core.client.BaseClient

getAuthnResponseValidator

public SAML2ResponseValidator getAuthnResponseValidator()

getServiceProviderMetadataResolver

public final SAML2MetadataResolver getServiceProviderMetadataResolver()

getIdentityProviderMetadataResolver

public final SAML2MetadataResolver getIdentityProviderMetadataResolver()

getIdentityProviderResolvedEntityId

public final String getIdentityProviderResolvedEntityId()

getServiceProviderResolvedEntityId

public final String getServiceProviderResolvedEntityId()

setConfiguration

public void setConfiguration(SAML2Configuration configuration)

getConfiguration

public final SAML2Configuration getConfiguration()

getContextProvider

public SAMLContextProvider getContextProvider()

getLogoutValidator

public SAML2LogoutValidator getLogoutValidator()

getIdpMetadataResolver

public SAML2MetadataResolver getIdpMetadataResolver()

getSpMetadataResolver

public SAML2MetadataResolver getSpMetadataResolver()

getProfileHandler

public SAML2ProfileHandler<org.opensaml.saml.saml2.core.AuthnRequest> getProfileHandler()

getSignatureSigningParametersProvider

public SignatureSigningParametersProvider getSignatureSigningParametersProvider()

getSignatureTrustEngineProvider

public SAML2SignatureTrustEngineProvider getSignatureTrustEngineProvider()

getStateGenerator

public org.pac4j.core.util.generator.ValueGenerator getStateGenerator()

setStateGenerator

public void setStateGenerator(org.pac4j.core.util.generator.ValueGenerator stateGenerator)

getLogoutProfileHandler

public SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest> getLogoutProfileHandler()

setLogoutProfileHandler

public void setLogoutProfileHandler(SAML2ProfileHandler<org.opensaml.saml.saml2.core.LogoutRequest> logoutProfileHandler)

getReplayCache

public ReplayCacheProvider getReplayCache()