public final class SAMLBindingSupport extends Object
Modifier and Type | Field and Description |
---|---|
private static org.slf4j.Logger |
LOG
Logger.
|
Modifier | Constructor and Description |
---|---|
private |
SAMLBindingSupport()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
static boolean |
checkRelayState(String relayState)
Checks that the relay state is 80 bytes or less if it is not null.
|
static int |
convertSAML2ArtifactEndpointIndex(byte[] artifactEndpointIndex)
Convert a 2-byte artifact endpoint index byte[] as typically used by SAML 2 artifact types to an integer,
appropriate for use with
IndexedEndpoint impls. |
static String |
getActualReceiverEndpointURI(MessageContext<SAMLObject> messageContext,
javax.servlet.http.HttpServletRequest request)
Extract the transport endpoint URI at which this message was received.
|
static URI |
getEndpointURL(MessageContext<SAMLObject> messageContext)
Get the response URL from the relying party endpoint.
|
static String |
getIntendedDestinationEndpointURI(MessageContext<SAMLObject> messageContext)
Extract the message information which indicates to what receiver endpoint URI the
SAML message was intended to be delivered.
|
static String |
getRelayState(MessageContext<SAMLObject> messageContext)
Get the SAML protocol relay state from a message context.
|
static boolean |
isIntendedDestinationEndpointURIRequired(MessageContext<SAMLObject> messageContext)
Determine whether the binding in use requires the presence within the message
of information indicating the intended message destination endpoint URI.
|
static boolean |
isMessageSigned(MessageContext<SAMLObject> messageContext)
Determine whether the SAML message represented by the message context is digitally signed.
|
static boolean |
isSigningCapableBinding(MessageContext<SAMLObject> messageContext)
Determine whether the SAML binding to be used by the message context supports signatures
at the binding layer.
|
static void |
setRelayState(MessageContext<SAMLObject> messageContext,
String relayState)
Set the SAML protocol relay state on a message context.
|
static void |
setSAML1ResponseRecipient(SAMLObject outboundMessage,
String endpointURL)
Sets the destination attribute on the outbound message if it is a
ResponseAbstractType message. |
static void |
setSAML2Destination(SAMLObject outboundMessage,
String endpointURL)
Sets the destination attribute on an outbound message if it is either a
RequestAbstractType or a
StatusResponseType message. |
@Nonnull private static final org.slf4j.Logger LOG
@Nullable @NotEmpty public static String getRelayState(@Nonnull MessageContext<SAMLObject> messageContext)
messageContext
- the message context on which to operatepublic static void setRelayState(@Nonnull MessageContext<SAMLObject> messageContext, @Nullable String relayState)
messageContext
- the message context on which to operaterelayState
- the relay state to setpublic static boolean checkRelayState(@Nullable String relayState)
relayState
- relay state to check@Nonnull public static URI getEndpointURL(@Nonnull MessageContext<SAMLObject> messageContext) throws BindingException
messageContext
- current message contextBindingException
- throw if no relying party endpoint is availablepublic static void setSAML1ResponseRecipient(@Nonnull SAMLObject outboundMessage, @Nonnull @NotEmpty String endpointURL)
ResponseAbstractType
message.outboundMessage
- outbound SAML messageendpointURL
- destination endpointpublic static void setSAML2Destination(@Nonnull SAMLObject outboundMessage, @Nonnull @NotEmpty String endpointURL)
RequestAbstractType
or a
StatusResponseType
message.outboundMessage
- outbound SAML messageendpointURL
- destination endpointpublic static boolean isMessageSigned(@Nonnull MessageContext<SAMLObject> messageContext)
First the SAML protocol message is examined as to whether an XML signature is present.
If not, then the presence of a binding signature is evaluated by looking at
SAMLBindingContext.hasBindingSignature()
.
messageContext
- current message contextpublic static boolean isSigningCapableBinding(@Nonnull MessageContext<SAMLObject> messageContext)
The capability of the binding is determined by extracting a BindingDescriptor
from a
SAMLBindingContext
.
messageContext
- current message contextpublic static boolean isIntendedDestinationEndpointURIRequired(@Nonnull MessageContext<SAMLObject> messageContext)
messageContext
- current SAML message context@Nullable public static String getIntendedDestinationEndpointURI(@Nonnull MessageContext<SAMLObject> messageContext) throws MessageException
messageContext
- the SAML message context being processedMessageException
- thrown if the message is not an instance of SAML message that
could be processed by the decoder@Nonnull public static String getActualReceiverEndpointURI(@Nonnull MessageContext<SAMLObject> messageContext, @Nonnull javax.servlet.http.HttpServletRequest request) throws MessageException
messageContext
- current message contextrequest
- the HttpServletRequest being evaluatedMessageException
- thrown if the endpoint can not be looked up from the message
context and converted to a string representation@Nonnull public static int convertSAML2ArtifactEndpointIndex(@Nonnull byte[] artifactEndpointIndex)
IndexedEndpoint
impls.
The max input value supported is 0x7FFF (32767), which is the largest possible unsigned 16 bit value. This should be more than sufficient for typical SAML cases.
artifactEndpointIndex
- the endpoint index byte array, must have length == 2, and big endian byte order.Copyright © 1999–2020 Shibboleth Consortium. All rights reserved.