Package org.apereo.cas.support.saml.web.idp.profile.builders.enc

Class DefaultSamlIdPObjectSigner

java.lang.Object
org.apereo.cas.support.saml.web.idp.profile.builders.enc.DefaultSamlIdPObjectSigner
All Implemented Interfaces:
SamlIdPObjectSigner
public class DefaultSamlIdPObjectSigner extends Object implements SamlIdPObjectSigner
This is DefaultSamlIdPObjectSigner.
Since:
5.0.0

  • Field Summary

    Fields inherited from interface org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner

    DEFAULT_BEAN_NAME

  • Constructor Summary

    Constructors
    Constructor
    Description
    DefaultSamlIdPObjectSigner()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.opensaml.xmlsec.SignatureSigningParameters
    buildSignatureSigningParameters(org.opensaml.saml.saml2.metadata.RoleDescriptor descriptor, org.apereo.cas.support.saml.services.SamlRegisteredService service)
    Build signature signing parameters signature signing parameters.
    protected org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration
    configureSignatureSigningSecurityConfiguration(org.apereo.cas.support.saml.services.SamlRegisteredService service)
     
    <T extends org.opensaml.saml.common.SAMLObject>
    T
    encode(T samlObject, org.apereo.cas.support.saml.services.SamlRegisteredService service, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.http.HttpServletRequest request, String binding, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest, org.opensaml.messaging.context.MessageContext messageContext)
    Encode a given saml object by invoking a number of outbound security handlers on the context.
    protected org.opensaml.security.credential.AbstractCredential
    getResolvedSigningCredential(org.opensaml.security.credential.Credential credential, PrivateKey privateKey, org.apereo.cas.support.saml.services.SamlRegisteredService service)
     
    protected org.opensaml.xmlsec.SignatureSigningConfiguration
    getSignatureSigningConfiguration(org.apereo.cas.support.saml.services.SamlRegisteredService service)
    Gets signature signing configuration.
    protected PrivateKey
    getSigningPrivateKey(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService)
    Gets signing private key.
    protected void
    prepareEndpointURLSchemeSecurityHandler(org.opensaml.messaging.context.MessageContext outboundContext)
    Prepare endpoint url scheme security handler.
    protected <T extends org.opensaml.saml.common.SAMLObject>
    void
    prepareOutboundContext(T samlObject, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, org.opensaml.messaging.context.MessageContext outboundContext, String binding, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest)
    Prepare outbound context.
    protected void
    prepareSamlOutboundDestinationHandler(org.opensaml.messaging.context.MessageContext outboundContext)
    Prepare saml outbound destination handler.
    protected void
    prepareSamlOutboundProtocolMessageSigningHandler(org.opensaml.messaging.context.MessageContext outboundContext)
    Prepare saml outbound protocol message signing handler.
    protected void
    prepareSecurityParametersContext(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, org.opensaml.messaging.context.MessageContext outboundContext, org.apereo.cas.support.saml.services.SamlRegisteredService service)
    Prepare security parameters context.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner

    getSamlIdPMetadataResolver

  • Constructor Details

    • DefaultSamlIdPObjectSigner

      public DefaultSamlIdPObjectSigner()

  • Method Details

    • encode

      public <T extends org.opensaml.saml.common.SAMLObject> T encode(T samlObject, org.apereo.cas.support.saml.services.SamlRegisteredService service, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.http.HttpServletRequest request, String binding, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest, org.opensaml.messaging.context.MessageContext messageContext) throws Exception
      Description copied from interface: SamlIdPObjectSigner
      Encode a given saml object by invoking a number of outbound security handlers on the context.
      Specified by:
      encode in interface SamlIdPObjectSigner
      Type Parameters:
      T - the type parameter
      Parameters:
      samlObject - the saml object
      service - the service
      adaptor - the adaptor
      response - the response
      request - the request
      binding - the binding
      authnRequest - the authn request
      messageContext - the message context
      Returns:
      the saml object
      Throws:
      Exception - the saml exception

    • prepareSamlOutboundProtocolMessageSigningHandler

      protected void prepareSamlOutboundProtocolMessageSigningHandler(org.opensaml.messaging.context.MessageContext outboundContext) throws Exception
      Prepare saml outbound protocol message signing handler.
      Parameters:
      outboundContext - the outbound context
      Throws:
      Exception - the exception

    • prepareSamlOutboundDestinationHandler

      protected void prepareSamlOutboundDestinationHandler(org.opensaml.messaging.context.MessageContext outboundContext) throws Exception
      Prepare saml outbound destination handler.
      Parameters:
      outboundContext - the outbound context
      Throws:
      Exception - the exception

    • prepareEndpointURLSchemeSecurityHandler

      protected void prepareEndpointURLSchemeSecurityHandler(org.opensaml.messaging.context.MessageContext outboundContext) throws Exception
      Prepare endpoint url scheme security handler.
      Parameters:
      outboundContext - the outbound context
      Throws:
      Exception - the exception

    • prepareSecurityParametersContext

      protected void prepareSecurityParametersContext(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, org.opensaml.messaging.context.MessageContext outboundContext, org.apereo.cas.support.saml.services.SamlRegisteredService service)
      Prepare security parameters context.
      Parameters:
      adaptor - the adaptor
      outboundContext - the outbound context
      service - the service

    • prepareOutboundContext

      protected <T extends org.opensaml.saml.common.SAMLObject> void prepareOutboundContext(T samlObject, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, org.opensaml.messaging.context.MessageContext outboundContext, String binding, org.opensaml.saml.saml2.core.RequestAbstractType authnRequest) throws org.apereo.cas.support.saml.SamlException
      Prepare outbound context.
      Type Parameters:
      T - the type parameter
      Parameters:
      samlObject - the saml object
      adaptor - the adaptor
      outboundContext - the outbound context
      binding - the binding
      authnRequest - the authn request
      Throws:
      org.apereo.cas.support.saml.SamlException - the saml exception

    • buildSignatureSigningParameters

      protected org.opensaml.xmlsec.SignatureSigningParameters buildSignatureSigningParameters(org.opensaml.saml.saml2.metadata.RoleDescriptor descriptor, org.apereo.cas.support.saml.services.SamlRegisteredService service)
      Build signature signing parameters signature signing parameters.
      Parameters:
      descriptor - the descriptor
      service - the service
      Returns:
      the signature signing parameters

    • getSignatureSigningConfiguration

      protected org.opensaml.xmlsec.SignatureSigningConfiguration getSignatureSigningConfiguration(org.apereo.cas.support.saml.services.SamlRegisteredService service) throws Exception
      Gets signature signing configuration. The resolved used is SamlIdPMetadataCredentialResolver that allows the entire criteria set to be passed to the role descriptor resolver. This behavior allows the passing of SamlIdPSamlRegisteredServiceCriterion so signing configuration, etc can be fetched for a specific service as an override, if on is in fact defined for the service.
      Parameters:
      service - the service
      Returns:
      the signature signing configuration
      Throws:
      Exception - the exception

    • getSigningPrivateKey

      protected PrivateKey getSigningPrivateKey(org.apereo.cas.support.saml.services.SamlRegisteredService registeredService) throws Exception
      Gets signing private key.
      Parameters:
      registeredService - the registered service
      Returns:
      the signing private key
      Throws:
      Exception - the exception

    • configureSignatureSigningSecurityConfiguration

      protected org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration configureSignatureSigningSecurityConfiguration(org.apereo.cas.support.saml.services.SamlRegisteredService service)

    • getResolvedSigningCredential

      protected org.opensaml.security.credential.AbstractCredential getResolvedSigningCredential(org.opensaml.security.credential.Credential credential, PrivateKey privateKey, org.apereo.cas.support.saml.services.SamlRegisteredService service)