saml2/plugins/DefaultAttributeAuthorityMapper.java

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * opensso/legal/CDDLv1.0.txt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at opensso/legal/CDDLv1.0.txt.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: DefaultAttributeAuthorityMapper.java,v 1.3 2008/08/22 20:40:02 hengming Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.saml2.plugins;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.List;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport javax.servlet.http.HttpServletRequest;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport javax.servlet.http.HttpServletResponse;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.common.SAML2Exception;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.profile.AttributeQueryUtil;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml2.protocol.AttributeQuery;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class <code>DefaultAttributeAuthorityMapper</code> is the default
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * implementation of the <code>AttributeAuthorityMapper</code> that is used by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attribute authority to process attribute query.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class DefaultAttributeAuthorityMapper implements
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    AttributeAuthorityMapper {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Checks if the attribute query requester is valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param request HttpServletRequest
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param response HttpServletResponse
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrQuery attribute query
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrAuthorityEntityID entity ID of attribute authority
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param realm the realm of hosted entity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAML2Exception if the request is not valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public void authenticateRequester(HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        HttpServletResponse response, AttributeQuery attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String attrAuthorityEntityID, String realm) throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        AttributeQueryUtil.validateEntityRequester(attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            attrAuthorityEntityID, realm);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Checks if the attribute query is valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param request HttpServletRequest
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param response HttpServletResponse
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrQuery attribute query
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrAuthorityEntityID entity ID of attribute authority
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param realm the realm of hosted entity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAML2Exception if the attribute query is not valid.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public void validateAttributeQuery(HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        HttpServletResponse response, AttributeQuery attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String attrAuthorityEntityID, String realm) throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        AttributeQueryUtil.verifyAttrQuerySignature(attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            attrAuthorityEntityID, realm);;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns an identity that matches the subject in the attribute query.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param request HttpServletRequest
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param response HttpServletResponse
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrQuery attribute query
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrAuthorityEntityID entity ID of attribute authority
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param realm the realm of hosted entity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return an identity that matches the subject in the attribute query.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAML2Exception if error occurs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public Object getIdentity(HttpServletRequest request,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        HttpServletResponse response, AttributeQuery attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String attrAuthorityEntityID, String realm) throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return AttributeQueryUtil.getIdentity(attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            attrAuthorityEntityID, realm);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns attributes of the specifed identity.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param identity the identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrQuery attribute query
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param attrAuthorityEntityID entity ID of attribute authority
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param realm the realm of hosted entity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return a list of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *     <code>com.sun.identity.saml2.assertion.Attribute</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAML2Exception if error occurs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public List getAttributes(Object identity, AttributeQuery attrQuery,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String attrAuthorityEntityID, String realm) throws SAML2Exception {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return AttributeQueryUtil.getUserAttributes((String)identity,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            attrQuery, attrAuthorityEntityID, realm);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster}