Package se.swedenconnect.opensaml.saml2.metadata

Class EntityDescriptorUtils

java.lang.Object
se.swedenconnect.opensaml.saml2.metadata.EntityDescriptorUtils
public class EntityDescriptorUtils extends Object
Utility methods for accessing metadata elements.
Author:
Martin Lindström (martin@idsec.se)

  • Method Details

    • getMetadataExtension

      public static <T> T getMetadataExtension(Extensions extensions, Class<T> clazz)
      Finds the first extension matching the supplied type.
      Type Parameters:
      T - the type of the extension
      Parameters:
      extensions - the Extensions to search
      clazz - the extension type
      Returns:
      the matching extension or null

    • getMetadataExtension

      public static XMLObject getMetadataExtension(Extensions extensions, QName qname)
      Finds the first extension matching the supplied QName.
      Parameters:
      extensions - the Extensions to search
      qname - the QName to match
      Returns:
      the matching extension or null

    • getMetadataExtensions

      public static <T> List<T> getMetadataExtensions(Extensions extensions, Class<T> clazz)
      Finds all extensions matching the supplied type.
      Type Parameters:
      T - the type of the extension
      Parameters:
      extensions - the Extensions to search
      clazz - the extension type
      Returns:
      a (possibly empty) list of extensions elements of the given type

    • getMetadataExtensions

      public static List<XMLObject> getMetadataExtensions(Extensions extensions, QName qname)
      Finds all extensions matching the supplied QName.
      Parameters:
      extensions - the Extensions to search
      qname - the QName
      Returns:
      a (possibly empty) list of extensions elements of the given type

    • getMetadataCertificates

      public static List<X509Credential> getMetadataCertificates(SSODescriptor descriptor, UsageType usageType)
      Utility that extracs certificates found under the KeyDescriptor elements of a metadata record.

      If UsageType.SIGNING is supplied, the method will return all certificates with usage type signing, but also those that does not have a usage. And the same goes for encryption.

      Parameters:
      descriptor - the SSO descriptor
      usageType - the requested usage type
      Returns:
      a list of credentials

    • getDigestMethods

      public static List<DigestMethod> getDigestMethods(EntityDescriptor ed)
      Returns a (possibly) empty list of alg:DigestMethod elements. "SAML v2.0 Metadata Profile for Algorithm Support Version 1.0" states that elements found in the extension under the role descriptor has precedence over those found under the entity descriptor extensions, and the sets should not be combined if both are present.
      Parameters:
      ed - the entity descriptor
      Returns:
      a list of digest methods (may be empty)

    • getSigningMethods

      public static List<SigningMethod> getSigningMethods(EntityDescriptor ed)
      Returns a (possibly) empty list of alg:SigningMethod elements. "SAML v2.0 Metadata Profile for Algorithm Support Version 1.0" states that elements found in the extension under the role descriptor has precedence over those found under the entity descriptor extensions, and the sets should not be combined if both are present.
      Parameters:
      ed - the entity descriptor
      Returns:
      a list of signing methods (may be empty)

    • getEntityCategories

      public static List<String> getEntityCategories(EntityDescriptor ed)
      Extracts the string values found in the entity category (http://macedir.org/entity-category) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      a (possible empty) list of entity category values

    • getAssuranceCertificationUris

      public static List<String> getAssuranceCertificationUris(EntityDescriptor ed)
      Extracts the string values found in the assurance certification (urn:oasis:names:tc:SAML:attribute:assurance-certification) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      a (possible empty) list of entity category values

    • getSSODescriptor

      public static SSODescriptor getSSODescriptor(EntityDescriptor ed)
      Returns the SSODescriptor for the supplied SP or IdP entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      the SSODescriptor