Class ScopeUtils
java.lang.Object
se.swedenconnect.opensaml.saml2.metadata.scope.ScopeUtils
Utility methods for validating a scoped attribute against a
shibmd:Scope
element.- Author:
- Martin Lindström (martin@idsec.se)
-
Method Summary
Modifier and TypeMethodDescriptionstatic String
getScopedDomain
(String attributeValue) Gets the domain part (value@domain) from a scoped attribute value.static List
<org.opensaml.core.xml.XMLObject> getScopeExtensions
(org.opensaml.saml.saml2.metadata.EntityDescriptor entityDescriptor) Given an (IdP)EntityDescriptor
, the method finds allshibmd:Scope
elements.static boolean
isAuthorized
(org.opensaml.saml.saml2.core.Attribute scopedAttribute, List<org.opensaml.core.xml.XMLObject> scopes) Predicate that tells if a scoped attribute is "authorized", i.e., if its scope is listed in the supplied list ofshibmd:Scope
elements (gotten from the IdP metadata).static boolean
Given ashibmd:Scope
element, the method tests whether the value of the (scoped) attribute matches the scope.static boolean
isMatch
(org.opensaml.core.xml.XMLObject scope, org.opensaml.saml.saml2.core.Attribute attribute) Given ashibmd:Scope
element, the method tests whether the value of the (scoped) attribute matches the scope.
-
Method Details
-
getScopeExtensions
public static List<org.opensaml.core.xml.XMLObject> getScopeExtensions(org.opensaml.saml.saml2.metadata.EntityDescriptor entityDescriptor) Given an (IdP)EntityDescriptor
, the method finds allshibmd:Scope
elements.- Parameters:
entityDescriptor
- the metadata object- Returns:
- a (possible empty) list of
shibmd:Scope
elements
-
isAuthorized
public static boolean isAuthorized(org.opensaml.saml.saml2.core.Attribute scopedAttribute, List<org.opensaml.core.xml.XMLObject> scopes) Predicate that tells if a scoped attribute is "authorized", i.e., if its scope is listed in the supplied list ofshibmd:Scope
elements (gotten from the IdP metadata).If an attribute that is not "scoped" (value@scope) the method returns
false
.- Parameters:
scopedAttribute
- the attribute to testscopes
- the shibmd:Scope elements- Returns:
- true if the attribute scope is listed among the Scope extensions and false otherwise
-
isMatch
public static boolean isMatch(org.opensaml.core.xml.XMLObject scope, org.opensaml.saml.saml2.core.Attribute attribute) Given ashibmd:Scope
element, the method tests whether the value of the (scoped) attribute matches the scope.If the attribute contains multiple values, all must match the scope.
- Parameters:
scope
- the Scope elementattribute
- the attribute- Returns:
- true if there is a match and false otherwise
-
isMatch
Given ashibmd:Scope
element, the method tests whether the value of the (scoped) attribute matches the scope.- Parameters:
scope
- the Scope elementattributeValue
- the full attribute value- Returns:
- true if there is a match and false otherwise
-
getScopedDomain
Gets the domain part (value@domain) from a scoped attribute value.- Parameters:
attributeValue
- the attribute value- Returns:
- the domain part, or null
-