Java tutorial
/* * Licensed to the University Corporation for Advanced Internet Development, * Inc. (UCAID) under one or more contributor license agreements. See the * NOTICE file distributed with this work for additional information regarding * copyright ownership. The UCAID licenses this file to You under the Apache * License, Version 2.0 (the "License"); you may not use this file except in * compliance with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package net.shibboleth.idp.saml.saml1.profile.config; import java.security.Principal; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; import javax.annotation.Nonnull; import javax.annotation.Nullable; import org.opensaml.profile.context.ProfileRequestContext; import com.google.common.base.Predicates; import com.google.common.collect.Collections2; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableSet; import net.shibboleth.idp.authn.config.AuthenticationProfileConfiguration; import net.shibboleth.idp.saml.authn.principal.AuthenticationMethodPrincipal; import net.shibboleth.idp.saml.profile.config.AbstractSAMLProfileConfiguration; import net.shibboleth.idp.saml.profile.config.SAMLArtifactAwareProfileConfiguration; import net.shibboleth.idp.saml.profile.config.SAMLArtifactConfiguration; import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements; import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty; import net.shibboleth.utilities.java.support.annotation.constraint.NotLive; import net.shibboleth.utilities.java.support.annotation.constraint.Unmodifiable; import net.shibboleth.utilities.java.support.logic.Constraint; import net.shibboleth.utilities.java.support.primitive.StringSupport; /** Configuration for SAML 1 Browser SSO profile requests. */ public class BrowserSSOProfileConfiguration extends AbstractSAMLProfileConfiguration implements SAML1ProfileConfiguration, SAMLArtifactAwareProfileConfiguration, AuthenticationProfileConfiguration { /** ID for this profile configuration. */ public static final String PROFILE_ID = "http://shibboleth.net/ns/profiles/saml1/sso/browser"; /** SAML artifact configuration. */ @Nullable private SAMLArtifactConfiguration artifactConfig; /** * Whether attributes should be resolved in the course of the profile. * * <p>Default value: true</p> */ private boolean resolveAttributes; /** * Whether responses to the authentication request should include an attribute statement. * * <p>Default value: false</p> */ private boolean includeAttributeStatement; /** Selects, and limits, the authentication methods to use for requests. */ @Nonnull @NonnullElements private List<AuthenticationMethodPrincipal> defaultAuthenticationMethods; /** Filters the usable authentication flows. */ @Nonnull @NonnullElements private Set<String> authenticationFlows; /** Enables post-authentication interceptor flows. */ @Nonnull @NonnullElements private List<String> postAuthenticationFlows; /** Precedence of name identifier formats to use for requests. */ @Nonnull @NonnullElements private List<String> nameIDFormatPrecedence; /** Constructor. */ public BrowserSSOProfileConfiguration() { this(PROFILE_ID); } /** * Constructor. * * @param profileId unique ID for this profile */ protected BrowserSSOProfileConfiguration(@Nonnull @NotEmpty final String profileId) { super(profileId); setSignResponses(Predicates.<ProfileRequestContext>alwaysTrue()); resolveAttributes = true; includeAttributeStatement = false; defaultAuthenticationMethods = Collections.emptyList(); authenticationFlows = Collections.emptySet(); postAuthenticationFlows = Collections.emptyList(); nameIDFormatPrecedence = Collections.emptyList(); } /** {@inheritDoc} */ @Override @Nullable public SAMLArtifactConfiguration getArtifactConfiguration() { return artifactConfig; } /** * Set the SAML artifact configuration, if any. * * @param config configuration to set */ public void setArtifactConfiguration(@Nullable final SAMLArtifactConfiguration config) { artifactConfig = config; } /** * Get whether attributes should be resolved during the profile. * * @return true iff attributes should be resolved */ public boolean resolveAttributes() { return resolveAttributes; } /** * Set whether attributes should be resolved during the profile. * * @param flag flag to set */ public void setResolveAttributes(final boolean flag) { resolveAttributes = flag; } /** * Get whether responses to the authentication request should include an attribute statement. * * @return whether responses to the authentication request should include an attribute statement */ public boolean includeAttributeStatement() { return includeAttributeStatement; } /** * Set whether responses to the authentication request should include an attribute statement. * * @param include flag to set */ public void setIncludeAttributeStatement(final boolean include) { includeAttributeStatement = include; } /** {@inheritDoc} */ @Override @Nonnull @NonnullElements @NotLive @Unmodifiable public List<Principal> getDefaultAuthenticationMethods() { return ImmutableList.<Principal>copyOf(defaultAuthenticationMethods); } /** * Set the default authentication methods to use, expressed as custom principals. * * @param methods default authentication methods to use */ public void setDefaultAuthenticationMethods( @Nonnull @NonnullElements final List<AuthenticationMethodPrincipal> methods) { Constraint.isNotNull(methods, "List of methods cannot be null"); defaultAuthenticationMethods = new ArrayList<>(Collections2.filter(methods, Predicates.notNull())); } /** {@inheritDoc} */ @Override @Nonnull @NonnullElements @NotLive @Unmodifiable public Set<String> getAuthenticationFlows() { return ImmutableSet.copyOf(authenticationFlows); } /** * Set the authentication flows to use. * * @param flows flow identifiers to use */ public void setAuthenticationFlows(@Nonnull @NonnullElements final Collection<String> flows) { Constraint.isNotNull(flows, "Collection of flows cannot be null"); authenticationFlows = new HashSet<>(StringSupport.normalizeStringCollection(flows)); } /** {@inheritDoc} */ @Override @Nonnull @NonnullElements @NotLive @Unmodifiable public List<String> getPostAuthenticationFlows() { return postAuthenticationFlows; } /** * Set the ordered collection of post-authentication interceptor flows to enable. * * @param flows flow identifiers to enable */ public void setPostAuthenticationFlows(@Nonnull @NonnullElements final Collection<String> flows) { Constraint.isNotNull(flows, "Collection of flows cannot be null"); postAuthenticationFlows = new ArrayList<>(StringSupport.normalizeStringCollection(flows)); } /** {@inheritDoc} */ @Override @Nonnull @NonnullElements @NotLive @Unmodifiable public List<String> getNameIDFormatPrecedence() { return ImmutableList.copyOf(nameIDFormatPrecedence); } /** * Set the name identifier formats to use. * * @param formats name identifier formats to use */ public void setNameIDFormatPrecedence(@Nonnull @NonnullElements final List<String> formats) { Constraint.isNotNull(formats, "List of formats cannot be null"); nameIDFormatPrecedence = new ArrayList<>(StringSupport.normalizeStringCollection(formats)); } }