Class AbstractAssertionValidationParametersBuilder<T extends AbstractAssertionValidationParametersBuilder<T>>
java.lang.Object
se.swedenconnect.opensaml.common.validation.AbstractValidationParametersBuilder<T>
se.swedenconnect.opensaml.saml2.response.validation.AbstractResponseValidationParametersBuilder<T>
se.swedenconnect.opensaml.saml2.assertion.validation.AbstractAssertionValidationParametersBuilder<T>
- All Implemented Interfaces:
ValidationParametersBuilder
- Direct Known Subclasses:
AssertionValidationParametersBuilder
public abstract class AbstractAssertionValidationParametersBuilder<T extends AbstractAssertionValidationParametersBuilder<T>>
extends AbstractResponseValidationParametersBuilder<T>
Abstract builder class for building the
ValidationContext
object for use as validation input to the
AssertionValidator
.
The reason for all fiddling with generics is that we want to be able to subclass the builder classes.
- Author:
- Martin Lindström (martin@idsec.se)
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionauthnRequestForceAuthn
(Boolean forceAuthn) Assigns theForceAuthn
flag from the correspondingAuthnRequest
.authnRequestIssueInstant
(long issueInstant) Assigns the issuance time for the correspondingAuthnRequest
when validating an assertion.authnRequestIssueInstant
(Instant issueInstant) Assigns the issuance time for the correspondingAuthnRequest
when validating an assertion.org.opensaml.saml.common.assertion.ValidationContext
build()
Adds default settings before invoking the super implementation.clientCertificate
(X509Certificate clientCertificate) Assigns the client certificate to be used for HoK validation.idpMetadata
(org.opensaml.saml.saml2.metadata.EntityDescriptor metadata) Assigns the SP metadata.inResponseTo
(String id) maxAcceptedSsoSessionTime
(long duration) Assigns the maximum session time that we, as a SP, can accept when receiving assertions based on older authentications (SSO).maxAcceptedSsoSessionTime
(Duration duration) Assigns the maximum session time that we, as a SP, can accept when receiving assertions based on older authentications (SSO).responseIssueInstant
(long instant) Assigns the issue instant from the Response message that contained the assertion being validated.responseIssueInstant
(Instant instant) Assigns the issue instant from the Response message that contained the assertion being validated.spMetadata
(org.opensaml.saml.saml2.metadata.EntityDescriptor metadata) Assigns the SP metadata.subjectConfirmationCheckAddess
(boolean flag) subjectLocalityCheckAddress
(boolean flag) validAddresses
(String... addresses) Assigns the valid addresses that we allow the user agent to have.validAddresses
(InetAddress... addresses) Assigns the valid addresses that we allow the user agent to have.validAudiences
(String... audiences) Assigns the entityID:s of the valid audiences.validRecipients
(String... recipients) Assigns the valid URLs for the intended recipients.Methods inherited from class se.swedenconnect.opensaml.saml2.response.validation.AbstractResponseValidationParametersBuilder
authnRequest, authnRequestID, expectedIssuer, receiveUrl
Methods inherited from class se.swedenconnect.opensaml.common.validation.AbstractValidationParametersBuilder
addDynamicParameter, addDynamicParameters, addStaticParameter, addStaticParameterIfMissing, addStaticParameters, allowedClockSkew, allowedClockSkew, dynamicParameter, getDynamicParameter, getStaticParameter, getThis, maxAgeReceivedMessage, maxAgeReceivedMessage, receiveInstant, receiveInstant, signatureRequired, signatureValidationCriteriaSet, staticParameter, strictValidation
-
Constructor Details
-
AbstractAssertionValidationParametersBuilder
public AbstractAssertionValidationParametersBuilder()
-
-
Method Details
-
build
public org.opensaml.saml.common.assertion.ValidationContext build()Adds default settings before invoking the super implementation.- Specified by:
build
in interfaceValidationParametersBuilder
- Overrides:
build
in classAbstractValidationParametersBuilder<T extends AbstractAssertionValidationParametersBuilder<T>>
- Returns:
- the ValidationContext object
-
responseIssueInstant
Assigns the issue instant from the Response message that contained the assertion being validated.- Parameters:
instant
- the response issue instant- Returns:
- the builder
-
responseIssueInstant
Assigns the issue instant from the Response message that contained the assertion being validated.- Parameters:
instant
- the response issue instant- Returns:
- the builder
-
validRecipients
Assigns the valid URLs for the intended recipients.- Parameters:
recipients
- one or more URLs- Returns:
- the builder
-
validAddresses
Assigns the valid addresses that we allow the user agent to have.See also
subjectConfirmationCheckAddess(boolean)
andsubjectLocalityCheckAddress(boolean)
.- Parameters:
addresses
- one or more IP addresses- Returns:
- the builder
-
validAddresses
Assigns the valid addresses that we allow the user agent to have.- Parameters:
addresses
- one or more IP addresses (in string format)- Returns:
- the builder
-
subjectConfirmationCheckAddess
-
subjectLocalityCheckAddress
-
validAudiences
Assigns the entityID:s of the valid audiences.- Parameters:
audiences
- the audiences- Returns:
- the builder
-
authnRequestForceAuthn
Assigns theForceAuthn
flag from the correspondingAuthnRequest
.- Parameters:
forceAuthn
- true/false- Returns:
- the builder
-
authnRequestIssueInstant
Assigns the issuance time for the correspondingAuthnRequest
when validating an assertion.- Parameters:
issueInstant
- issue time- Returns:
- the builder
-
authnRequestIssueInstant
Assigns the issuance time for the correspondingAuthnRequest
when validating an assertion.- Parameters:
issueInstant
- issue time (in milliseconds since epoch)- Returns:
- the builder
-
maxAcceptedSsoSessionTime
Assigns the maximum session time that we, as a SP, can accept when receiving assertions based on older authentications (SSO).- Parameters:
duration
- milliseconds- Returns:
- the builder
-
maxAcceptedSsoSessionTime
Assigns the maximum session time that we, as a SP, can accept when receiving assertions based on older authentications (SSO).- Parameters:
duration
- max session time- Returns:
- the builder
-
inResponseTo
-
clientCertificate
Assigns the client certificate to be used for HoK validation.- Parameters:
clientCertificate
- the client certificate- Returns:
- the builder
-
spMetadata
Assigns the SP metadata.- Parameters:
metadata
- the SP metadata- Returns:
- the builder
-
idpMetadata
Assigns the SP metadata.- Parameters:
metadata
- the SP metadata- Returns:
- the builder
-