a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * opensso/legal/CDDLv1.0.txt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at opensso/legal/CDDLv1.0.txt.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: Assertion.java,v 1.2 2008/06/25 05:47:39 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings * Portions Copyrighted 2015 ForgeRock AS.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.saml2.assertion;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.Date;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.List;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.security.Key;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.security.PrivateKey;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.security.cert.X509Certificate;
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbingsimport java.util.Set;
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbingsimport com.fasterxml.jackson.databind.annotation.JsonDeserialize;
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbingsimport com.sun.identity.saml2.assertion.impl.AssertionImpl;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.common.SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The <code>Assertion</code> element is a package of information
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that supplies one or more <code>Statement</code> made by an issuer.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * There are three kinds of assertions: Authentication, Authorization Decision,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * and Attribute assertions.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings@JsonDeserialize(as=AssertionImpl.class)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic interface Assertion {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the version number of the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return The version number of the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings String getVersion();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the version number of the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param version the version number.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setVersion(String version) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the time when the assertion was issued
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the time of the assertion issued
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings Date getIssueInstant();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the time when the assertion was issued
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param issueInstant the issue time of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setIssueInstant(Date issueInstant) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the subject of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the subject of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings Subject getSubject();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the subject of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subject the subject of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setSubject(Subject subject) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the advice of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the advice of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings Advice getAdvice();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the advice of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param advice the advice of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setAdvice(Advice advice) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the signature of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the signature of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings String getSignature();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the conditions of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the conditions of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings Conditions getConditions();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the conditions of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param conditions the conditions of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setConditions(Conditions conditions) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the id of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the id of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings String getID();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the id of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id the id of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setID(String id) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings List<Object> getStatements();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>AuthnStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the <code>AuthnStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings List<AuthnStatement> getAuthnStatements();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the <code>AuthzDecisionStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the <code>AuthzDecisionStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings List<AuthzDecisionStatement> getAuthzDecisionStatements();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the attribute statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the attribute statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings List<AttributeStatement> getAttributeStatements();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param statements the statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setStatements(List<Object> statements) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>AuthnStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param statements the <code>AuthnStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setAuthnStatements(List<AuthnStatement> statements) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the <code>AuthzDecisionStatements</code> of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param statements the <code>AuthzDecisionStatements</code> of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setAuthzDecisionStatements(List<AuthzDecisionStatement> statements)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the attribute statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param statements the attribute statements of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setAttributeStatements(List<AttributeStatement> statements) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the issuer of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the issuer of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings Issuer getIssuer();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets the issuer of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param issuer the issuer of the assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if the object is immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void setIssuer(Issuer issuer) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Return true if the assertion is signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the assertion is signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings boolean isSigned();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Return whether the signature is valid or not.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings * @param verificationCerts Certificates containing the public keys which may be used for signature verification;
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings * This certificate may also may be used to check against the certificate included in the
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings * signature.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the signature is valid; false otherwise.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAML2Exception if the signature could not be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings boolean isSignatureValid(Set<X509Certificate> verificationCerts)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Gets the validity of the assertion evaluating its conditions if
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * specified.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return false if conditions is invalid based on it lying between
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>NotBefore</code> (current time inclusive) and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>NotOnOrAfter</code> (current time exclusive) values
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * and true otherwise or if no conditions specified.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings boolean isTimeValid();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signs the Assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param privateKey Signing key
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Certificate which contain the public key correlated to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the signing key; It if is not null, then the signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * will include the certificate; Otherwise, the signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * will not include any certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if it could not sign the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void sign(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster PrivateKey privateKey,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster X509Certificate cert
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an <code>EncryptedAssertion</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param recipientPublicKey Public key used to encrypt the data encryption
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (secret) key, it is the public key of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * recipient of the XML document to be encrypted.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param dataEncAlgorithm Data encryption algorithm.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param dataEncStrength Data encryption strength.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param recipientEntityID Unique identifier of the recipient, it is used
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * as the index to the cached secret key so that
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the key can be reused for the same recipient;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * It can be null in which case the secret key will
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * be generated every time and will not be cached
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * and reused. Note that the generation of a secret
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * key is a relatively expensive operation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return <code>EncryptedAssertion</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAML2Exception if error occurs during the encryption process.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings EncryptedAssertion encrypt(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Key recipientPublicKey,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String dataEncAlgorithm,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster int dataEncStrength,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String recipientEntityID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ) throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNSPrefix Determines whether or not the namespace qualifier
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is prepended to the Element when converted
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS Determines whether or not the namespace is declared
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * within the Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A String representation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if something is wrong during conversion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings String toXMLString(boolean includeNSPrefix, boolean declareNS)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns a String representation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A String representation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception SAML2Exception if something is wrong during conversion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings String toXMLString() throws SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Makes the object immutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings void makeImmutable();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns true if the object is mutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the object is mutable
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
449854c2a07b50ea64d9d6a8b03d18d4afeeee43Ken Stubbings boolean isMutable();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster}