Package se.swedenconnect.opensaml.saml2.metadata

Class EntityDescriptorUtils

java.lang.Object
se.swedenconnect.opensaml.saml2.metadata.EntityDescriptorUtils
public class EntityDescriptorUtils extends Object
Utility methods for accessing metadata elements.
Author:
Martin Lindström (martin@idsec.se)

  • Method Summary

    Modifier and Type
    Method
    Description
    static List<String>
    getAssuranceCertificationUris(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
    Extracts the string values found in the assurance certification (urn:oasis:names:tc:SAML:attribute:assurance-certification) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
    static List<org.opensaml.saml.ext.saml2alg.DigestMethod>
    getDigestMethods(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
    Returns a (possibly) empty list of alg:DigestMethod elements.
    static List<String>
    getEntityCategories(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
    Extracts the string values found in the entity category (http://macedir.org/entity-category) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
    static List<org.opensaml.security.x509.X509Credential>
    getMetadataCertificates(org.opensaml.saml.saml2.metadata.SSODescriptor descriptor, org.opensaml.security.credential.UsageType usageType)
    Utility that extracs certificates found under the KeyDescriptor elements of a metadata record.
    static <T> T
    getMetadataExtension(org.opensaml.saml.saml2.metadata.Extensions extensions, Class<T> clazz)
    Finds the first extension matching the supplied type.
    static org.opensaml.core.xml.XMLObject
    getMetadataExtension(org.opensaml.saml.saml2.metadata.Extensions extensions, QName qname)
    Finds the first extension matching the supplied QName.
    static <T> List<T>
    getMetadataExtensions(org.opensaml.saml.saml2.metadata.Extensions extensions, Class<T> clazz)
    Finds all extensions matching the supplied type.
    static List<org.opensaml.core.xml.XMLObject>
    getMetadataExtensions(org.opensaml.saml.saml2.metadata.Extensions extensions, QName qname)
    Finds all extensions matching the supplied QName.
    static List<org.opensaml.saml.ext.saml2alg.SigningMethod>
    getSigningMethods(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
    Returns a (possibly) empty list of alg:SigningMethod elements.
    static org.opensaml.saml.saml2.metadata.SSODescriptor
    getSSODescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
    Returns the SSODescriptor for the supplied SP or IdP entity descriptor.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • getMetadataExtension

      public static <T> T getMetadataExtension(org.opensaml.saml.saml2.metadata.Extensions extensions, Class<T> clazz)
      Finds the first extension matching the supplied type.
      Type Parameters:
      T - the type of the extension
      Parameters:
      extensions - the Extensions to search
      clazz - the extension type
      Returns:
      the matching extension or null

    • getMetadataExtension

      public static org.opensaml.core.xml.XMLObject getMetadataExtension(org.opensaml.saml.saml2.metadata.Extensions extensions, QName qname)
      Finds the first extension matching the supplied QName.
      Parameters:
      extensions - the Extensions to search
      qname - the QName to match
      Returns:
      the matching extension or null

    • getMetadataExtensions

      public static <T> List<T> getMetadataExtensions(org.opensaml.saml.saml2.metadata.Extensions extensions, Class<T> clazz)
      Finds all extensions matching the supplied type.
      Type Parameters:
      T - the type of the extension
      Parameters:
      extensions - the Extensions to search
      clazz - the extension type
      Returns:
      a (possibly empty) list of extensions elements of the given type

    • getMetadataExtensions

      public static List<org.opensaml.core.xml.XMLObject> getMetadataExtensions(org.opensaml.saml.saml2.metadata.Extensions extensions, QName qname)
      Finds all extensions matching the supplied QName.
      Parameters:
      extensions - the Extensions to search
      qname - the QName
      Returns:
      a (possibly empty) list of extensions elements of the given type

    • getMetadataCertificates

      public static List<org.opensaml.security.x509.X509Credential> getMetadataCertificates(org.opensaml.saml.saml2.metadata.SSODescriptor descriptor, org.opensaml.security.credential.UsageType usageType)
      Utility that extracs certificates found under the KeyDescriptor elements of a metadata record.

      If UsageType.SIGNING is supplied, the method will return all certificates with usage type signing, but also those that does not have a usage. And the same goes for encryption.

      Parameters:
      descriptor - the SSO descriptor
      usageType - the requested usage type
      Returns:
      a list of credentials

    • getDigestMethods

      public static List<org.opensaml.saml.ext.saml2alg.DigestMethod> getDigestMethods(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
      Returns a (possibly) empty list of alg:DigestMethod elements. "SAML v2.0 Metadata Profile for Algorithm Support Version 1.0" states that elements found in the extension under the role descriptor has precedence over those found under the entity descriptor extensions, and the sets should not be combined if both are present.
      Parameters:
      ed - the entity descriptor
      Returns:
      a list of digest methods (may be empty)

    • getSigningMethods

      public static List<org.opensaml.saml.ext.saml2alg.SigningMethod> getSigningMethods(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
      Returns a (possibly) empty list of alg:SigningMethod elements. "SAML v2.0 Metadata Profile for Algorithm Support Version 1.0" states that elements found in the extension under the role descriptor has precedence over those found under the entity descriptor extensions, and the sets should not be combined if both are present.
      Parameters:
      ed - the entity descriptor
      Returns:
      a list of signing methods (may be empty)

    • getEntityCategories

      public static List<String> getEntityCategories(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
      Extracts the string values found in the entity category (http://macedir.org/entity-category) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      a (possible empty) list of entity category values

    • getAssuranceCertificationUris

      public static List<String> getAssuranceCertificationUris(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
      Extracts the string values found in the assurance certification (urn:oasis:names:tc:SAML:attribute:assurance-certification) attribute under a EntityAttributes element found in the extensions element of the supplied entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      a (possible empty) list of entity category values

    • getSSODescriptor

      public static org.opensaml.saml.saml2.metadata.SSODescriptor getSSODescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor ed)
      Returns the SSODescriptor for the supplied SP or IdP entity descriptor.
      Parameters:
      ed - the entity descriptor
      Returns:
      the SSODescriptor