Package se.swedenconnect.opensaml.saml2.metadata.scope

Class ScopeUtils

java.lang.Object

se.swedenconnect.opensaml.saml2.metadata.scope.ScopeUtils

public class ScopeUtils
extends Object

Utility methods for validating a scoped attribute against a shibmd:Scope element.

Author:

Martin Lindström (martin@idsec.se)

Method Summary

Modifier and Type	Method	Description
static String	getScopedDomain(String attributeValue)	Gets the domain part (value@domain) from a scoped attribute value.
static List<XMLObject>	getScopeExtensions(EntityDescriptor entityDescriptor)	Given an (IdP) EntityDescriptor, the method finds all shibmd:Scope elements.
static boolean	isAuthorized(Attribute scopedAttribute, List<XMLObject> scopes)	Predicate that tells if a scoped attribute is "authorized", i.e., if its scope is listed in the supplied list of shibmd:Scope elements (gotten from the IdP metadata).
static boolean	isMatch(XMLObject scope, String attributeValue)	Given a shibmd:Scope element, the method tests whether the value of the (scoped) attribute matches the scope.
static boolean	isMatch(XMLObject scope, Attribute attribute)	Given a shibmd:Scope element, the method tests whether the value of the (scoped) attribute matches the scope.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

getScopeExtensions

public static List<XMLObject> getScopeExtensions(EntityDescriptor entityDescriptor)

Given an (IdP) EntityDescriptor, the method finds all shibmd:Scope elements.

Parameters:

entityDescriptor - the metadata object

Returns:

a (possible empty) list of shibmd:Scope elements

isAuthorized

public static boolean isAuthorized(Attribute scopedAttribute,
 List<XMLObject> scopes)

Predicate that tells if a scoped attribute is "authorized", i.e., if its scope is listed in the supplied list of shibmd:Scope elements (gotten from the IdP metadata).

If an attribute that is not "scoped" (value@scope) the method returns false.

Parameters:

scopedAttribute - the attribute to test

scopes - the shibmd:Scope elements

Returns:

true if the attribute scope is listed among the Scope extensions and false otherwise

isMatch

public static boolean isMatch(XMLObject scope,
 Attribute attribute)

Given a shibmd:Scope element, the method tests whether the value of the (scoped) attribute matches the scope.

If the attribute contains multiple values, all must match the scope.

Parameters:

scope - the Scope element

attribute - the attribute

Returns:

true if there is a match and false otherwise

isMatch

public static boolean isMatch(XMLObject scope,
 String attributeValue)

Given a shibmd:Scope element, the method tests whether the value of the (scoped) attribute matches the scope.

Parameters:

scope - the Scope element

attributeValue - the full attribute value

Returns:

true if there is a match and false otherwise

getScopedDomain

public static String getScopedDomain(String attributeValue)

Gets the domain part (value@domain) from a scoped attribute value.

Parameters:

attributeValue - the attribute value

Returns:

the domain part, or null