edu.internet2.middleware.shibboleth.idp.profile.saml2

Class UnsolicitedSSODecoder

java.lang.Object

org.opensaml.ws.message.decoder.BaseMessageDecoder

org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder

org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder

edu.internet2.middleware.shibboleth.idp.profile.saml2.UnsolicitedSSODecoder

All Implemented Interfaces:

SAMLMessageDecoder, MessageDecoder

public class UnsolicitedSSODecoder
extends BaseSAML2MessageDecoder
implements SAMLMessageDecoder

Shibboleth 2.x HTTP request parameter-based SSO authentication request message decoder.

This decoder understands and processes a set of defined HTTP request parameters representing a logical SAML 2 SSO authentication request, and builds a corresponding AuthnRequest message. This message is then stored in the SAMLMessageContext so that it may be processed by other components (e.g. profile handler) that process standard AuthnRequest messages.

.

Field Summary

Fields

Modifier and Type	Field and Description
private SAMLObjectBuilder<AuthnRequest>	authnRequestBuilder AuthnRequest builder.
private String	defaultBinding The binding URI default value.
private IdentifierGenerator	idGenerator Identifier generator.
private SAMLObjectBuilder<Issuer>	issuerBuilder Issuer builder.
private org.slf4j.Logger	log Class logger.
private SAMLObjectBuilder<NameIDPolicy>	nipBuilder NameIDPolicy builder.

Constructor Summary

Constructors

Constructor and Description
UnsolicitedSSODecoder(IdentifierGenerator identifierGenerator) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
private AuthnRequest	buildAuthnRequest(String entityID, String acsURL, String acsBinding, String timeStr, String sessionID) Build a SAML 2 AuthnRequest from the parameters specified in the inbound transport.
protected void	doDecode(MessageContext messageContext)
String	getBindingURI()
String	getDefaultBinding() Returns the default ACS binding.
protected String	getIntendedDestinationEndpointURI(SAMLMessageContext samlMsgCtx)
protected boolean	isIntendedDestinationEndpointURIRequired(SAMLMessageContext samlMsgCtx)
private String	lookupACSURL(MetadataProvider mdProvider, String entityId) Lookup the ACS URL for the specified SP entityID and binding URI.
void	setDefaultBinding(String binding) Sets the default ACS binding.

Methods inherited from class org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder

decode, extractEntityId, extractRequestInfo, extractResponseInfo, populateMessageContext, populateMessageIdIssueInstantIssuer, populateRelyingPartyMetadata

Methods inherited from class org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder

checkEndpointURI, compareEndpointURIs, getActualReceiverEndpointURI, getURIComparator, isMessageSigned, setURIComparator

Methods inherited from class org.opensaml.ws.message.decoder.BaseMessageDecoder

getParserPool, logDecodedMessage, processSecurityPolicy, setParserPool, unmarshallMessage

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.opensaml.ws.message.decoder.MessageDecoder

decode

Field Detail

log

private final org.slf4j.Logger log

Class logger.

defaultBinding

private String defaultBinding

The binding URI default value.

authnRequestBuilder

private SAMLObjectBuilder<AuthnRequest> authnRequestBuilder

AuthnRequest builder.

issuerBuilder

private SAMLObjectBuilder<Issuer> issuerBuilder

Issuer builder.

nipBuilder

private SAMLObjectBuilder<NameIDPolicy> nipBuilder

NameIDPolicy builder.

idGenerator

private IdentifierGenerator idGenerator

Identifier generator.

Constructor Detail

UnsolicitedSSODecoder

public UnsolicitedSSODecoder(IdentifierGenerator identifierGenerator)

Constructor.

Parameters:

identifierGenerator - the IdentifierGenerator instance to use.

Method Detail

getBindingURI

public String getBindingURI()

Specified by:

getBindingURI in interface SAMLMessageDecoder

isIntendedDestinationEndpointURIRequired

protected boolean isIntendedDestinationEndpointURIRequired(SAMLMessageContext samlMsgCtx)

Specified by:

isIntendedDestinationEndpointURIRequired in class BaseSAMLMessageDecoder

getIntendedDestinationEndpointURI

protected String getIntendedDestinationEndpointURI(SAMLMessageContext samlMsgCtx)
                                            throws MessageDecodingException

Overrides:

getIntendedDestinationEndpointURI in class BaseSAML2MessageDecoder

Throws:

MessageDecodingException

getDefaultBinding

public String getDefaultBinding()

Returns the default ACS binding.

Returns:

default binding URI

setDefaultBinding

public void setDefaultBinding(String binding)

Sets the default ACS binding.

Parameters:

binding - default binding URI

doDecode

protected void doDecode(MessageContext messageContext)
                 throws MessageDecodingException

Specified by:

doDecode in class BaseMessageDecoder

Throws:

MessageDecodingException

buildAuthnRequest

private AuthnRequest buildAuthnRequest(String entityID,
                             String acsURL,
                             String acsBinding,
                             String timeStr,
                             String sessionID)

Build a SAML 2 AuthnRequest from the parameters specified in the inbound transport.

Parameters:

entityID - the requester identity

acsURL - the ACS URL

acsBinding - the ACS binding URI

timeStr - the request timestamp

sessionID - the container session, if any

Returns:

a newly constructed AuthnRequest instance

lookupACSURL

private String lookupACSURL(MetadataProvider mdProvider,
                  String entityId)
                     throws MessageDecodingException

Lookup the ACS URL for the specified SP entityID and binding URI.

Parameters:

mdProvider - the SAML message context's metadata source

entityId - the SP entityID

Returns:

the resolved ACS URL endpoint

Throws:

MessageDecodingException - if there is an error resolving the ACS URL