Package org.opensaml.security.messaging.impl

Class BaseTrustEngineSecurityHandler<TokenType>

    • Field Detail

      • log

        @Nonnull
private final org.slf4j.Logger log
        Logger.

      • trustEngine

        @Nullable
private TrustEngine<? super TokenType> trustEngine
        Trust engine used to verify the particular token type.

    • Constructor Detail

      • BaseTrustEngineSecurityHandler

        public BaseTrustEngineSecurityHandler()

    • Method Detail

      • getTrustEngine

        @Nullable
protected TrustEngine<? super TokenType> getTrustEngine()
        Gets the trust engine used to validate the untrusted token.
        Returns:
        trust engine used to validate the untrusted token

      • resolveTrustEngine

        @Nullable
protected abstract TrustEngine<? super TokenType> resolveTrustEngine​(@Nonnull
                                                                     MessageContext messageContext)
        Resolve a TrustEngine instance of the appropriate type from the message context.
        Parameters:
        messageContext - the message context which is being evaluated
        Returns:
        the resolved TrustEngine, may be null

      • buildCriteriaSet

        @Nullable
protected abstract CriteriaSet buildCriteriaSet​(@Nullable
                                                String entityID,
                                                @Nonnull
                                                MessageContext messageContext)
                                         throws MessageHandlerException
        Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
        Parameters:
        entityID - the candidate issuer entity ID which is being evaluated
        messageContext - the message context which is being evaluated
        Returns:
        a newly constructly set of criteria suitable for the configured trust engine
        Throws:
        MessageHandlerException - thrown if criteria set can not be constructed

      • evaluate

        protected boolean evaluate​(@Nonnull
                           TokenType token,
                           @Nullable
                           String entityID,
                           @Nonnull
                           MessageContext messageContext)
                    throws MessageHandlerException
        Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.
        Parameters:
        token - the token to be evaluated
        entityID - the candidate issuer entity ID which is being evaluated
        messageContext - the message context which is being evaluated
        Returns:
        true if the token satisfies the criteria as determined by the trust engine, otherwise false
        Throws:
        MessageHandlerException - thrown if there is a fatal error during trust engine evaluation

      • evaluate

        protected boolean evaluate​(@Nonnull
                           TokenType token,
                           @Nullable
                           CriteriaSet criteriaSet)
                    throws MessageHandlerException
        Evaluate the token against the specified criteria using the configured trust engine.
        Parameters:
        token - the token to be evaluated
        criteriaSet - the set of criteria against which to evaluate the token
        Returns:
        true if the token satisfies the criteria as determined by the trust engine, otherwise false
        Throws:
        MessageHandlerException - thrown if there is a fatal error during trust engine evaluation