Package se.swedenconnect.spring.saml.idp.authentication

Class Saml2UserDetails

java.lang.Object
se.swedenconnect.spring.saml.idp.authentication.Saml2UserDetails
All Implemented Interfaces:
Serializable, org.springframework.security.core.userdetails.UserDetails
public class Saml2UserDetails extends Object implements org.springframework.security.core.userdetails.UserDetails
Representation of a user authenticated using SAML2.
Author:
Martin Lindström
See Also:

  • Constructor Details

    • Saml2UserDetails

      public Saml2UserDetails(Collection<UserAttribute> attributes, String primaryAttribute, String authnContextUri, Instant authnInstant, String subjectIpAddress)
      Constructor.
      Parameters:
      attributes - the user identity attributes
      primaryAttribute - the ID of the primary attribute (that must appear among the attributes)
      authnContextUri - the authentication context URI under which the authentication was made
      authnInstant - the authentication instant

  • Method Details

    • getUsername

      public String getUsername()
      Returns the attribute value for the primaryAttribute.
      Specified by:
      getUsername in interface org.springframework.security.core.userdetails.UserDetails

    • getAttributes

      public Collection<UserAttribute> getAttributes()
      Gets an unmodifiable collection of all user attributes.
      Returns:
      the user attributes

    • getPrimaryAttribute

      public String getPrimaryAttribute()
      Gets the ID of the primary attribute (that must appear among the attributes).
      Returns:
      the primary attribute ID

    • getAuthnContextUri

      public String getAuthnContextUri()
      Gets the authentication context URI under which the authentication was made.
      Returns:
      the authn context URI

    • getAuthnInstant

      public Instant getAuthnInstant()
      Gets the authentication instant.
      Returns:
      the authentication instant

    • getSubjectIpAddress

      public String getSubjectIpAddress()
      Gets the subject locality, an IP-address.
      Returns:
      the subject locality

    • getAuthenticatingAuthority

      @Deprecated public String getAuthenticatingAuthority()
      Deprecated.
      use getAuthenticatingAuthorities()
      If the authentication was performed by another provider and the current IdP acts as a proxy, this field holds the ID of the authenticating authority.
      Returns:
      the authenticating authority, or null if not set

    • getAuthenticatingAuthorities

      public List<String> getAuthenticatingAuthorities()
      If the authentication was performed by another provider and the current IdP acts as a proxy, this field holds the ID of the authenticating authority or authorities that was/were used.
      Returns:
      a (potentially empty) list of authenticating authorities

    • setAuthenticatingAuthority

      @Deprecated public void setAuthenticatingAuthority(String authenticatingAuthority)
      Deprecated.
      use setAuthenticatingAuthorities(List)
      Assigns the authenticating authority. If the authentication was performed by another provider and the current IdP acts as a proxy, this field holds the ID of the authenticating authority.
      Parameters:
      authenticatingAuthority - the authenticating authority

    • setAuthenticatingAuthorities

      public void setAuthenticatingAuthorities(List<String> authenticatingAuthorities)
      Assigns the authenticating authority. If the authentication was performed by another provider and the current IdP acts as a proxy, this field holds the ID of the authenticating authority.
      Parameters:
      authenticatingAuthorities - the authenticating authorities

    • isSignMessageDisplayed

      public boolean isSignMessageDisplayed()
      Predicate telling whether the IdP displayed a SignMessage for the user.
      Returns:
      true if a SignMessage was displayed and false otherwise

    • setSignMessageDisplayed

      public void setSignMessageDisplayed(boolean signMessageDisplayed)
      Tells whether the IdP displayed a SignMessage for the user.
      Parameters:
      signMessageDisplayed - true if a SignMessage was displayed and false otherwise

    • getAuthorities

      public Collection<? extends org.springframework.security.core.GrantedAuthority> getAuthorities()
      Will always return en empty collection.
      Specified by:
      getAuthorities in interface org.springframework.security.core.userdetails.UserDetails

    • getPassword

      public String getPassword()
      Always returns the empty string.
      Specified by:
      getPassword in interface org.springframework.security.core.userdetails.UserDetails

    • isAccountNonExpired

      public boolean isAccountNonExpired()
      Always returns true.
      Specified by:
      isAccountNonExpired in interface org.springframework.security.core.userdetails.UserDetails

    • isAccountNonLocked

      public boolean isAccountNonLocked()
      Always returns true.
      Specified by:
      isAccountNonLocked in interface org.springframework.security.core.userdetails.UserDetails

    • isCredentialsNonExpired

      public boolean isCredentialsNonExpired()
      Always returns true.
      Specified by:
      isCredentialsNonExpired in interface org.springframework.security.core.userdetails.UserDetails

    • isEnabled

      public boolean isEnabled()
      Always returns true.
      Specified by:
      isEnabled in interface org.springframework.security.core.userdetails.UserDetails

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object