Package se.swedenconnect.spring.saml.idp.authnrequest

Class AuthenticationRequirementsBuilder

java.lang.Object

se.swedenconnect.spring.saml.idp.authnrequest.AuthenticationRequirementsBuilder

public class AuthenticationRequirementsBuilder
extends Object

A builder for AuthenticationRequirements.

Author:

Martin Lindström

Constructor Summary

Constructors

Constructor	Description
AuthenticationRequirementsBuilder()	Default constructor.
AuthenticationRequirementsBuilder(AuthenticationRequirements requirements)	Constructor setting up a builder based on an existing AuthenticationRequirements object.

Method Summary

Modifier and Type	Method	Description
AuthenticationRequirementsBuilder	authnContextRequirement(String authnContextRequirement)	Adds a requested authentication contexts (AuthnContextClassRef).
AuthenticationRequirementsBuilder	authnContextRequirements(Collection<String> authnContextRequirements)	Assigns a collection of the requested authentication contexts (AuthnContextClassRef).
AuthenticationRequirements	build()	Builds the AuthenticationRequirements object
static AuthenticationRequirementsBuilder	builder()	Creates a AuthenticationRequirementsBuilder.
static AuthenticationRequirementsBuilder	builder(AuthenticationRequirements requirements)	Creates a AuthenticationRequirementsBuilder based on an existing AuthenticationRequirements object.
AuthenticationRequirementsBuilder	entityCategories(Collection<String> entityCategories)	Assigns the collection of declared SAML entity categories for the relying party.
AuthenticationRequirementsBuilder	entityCategory(String entityCategory)	Adds an entity category.
AuthenticationRequirementsBuilder	forceAuthn(boolean forceAuthn)	Tells whether "force authentication" has been set, i.e., whether to force user authentication even though a valid user session exists.
AuthenticationRequirementsBuilder	passiveAuthn(boolean passiveAuthn)	Tells whether we should issue an assertion without requiring the user to authenticate again.
AuthenticationRequirementsBuilder	principalSelectionAttribute(UserAttribute principalSelectionAttribute)	Adds a principal selection attribute.
AuthenticationRequirementsBuilder	principalSelectionAttributes(Collection<UserAttribute> principalSelectionAttributes)	The PrincipalSelection extension defined in Sweden Connect technical framework enables a relying party to include one or more attributes in the AuthnRequest to inform the IdP about the user that is being authenticated.
AuthenticationRequirementsBuilder	requestedAttribute(RequestedAttribute requestedAttribute)	Adds a requested attribute.
AuthenticationRequirementsBuilder	requestedAttributes(Collection<RequestedAttribute> requestedAttributes)	Assigns the attributes requested directly in the authentication request or indirectly from the relying party metadata (AttributeConsumingService or entity category declarations).
AuthenticationRequirementsBuilder	sadRequestExtension(SadRequestExtension sadRequestExtension)	Assigns the SadRequestExtension which is the representation of the SADRequest extension as specified in Signature Activation Protocol for Federated Signing.
AuthenticationRequirementsBuilder	signatureMessageExtension(SignatureMessageExtension signatureMessageExtension)	Assigns the SignatureMessageExtension which is the representation of the SignMessage extension as specified in section 3.1.2 of DSS Extension for Federated Central Signing Services.
AuthenticationRequirementsBuilder	userMessageExtension(UserMessageExtension userMessageExtension)	Assigns the UserMessageExtension which is the representation of the UserMessage extension as specified in User Message Extension in SAML Authentication Requests.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthenticationRequirementsBuilder

public AuthenticationRequirementsBuilder()

Default constructor.

AuthenticationRequirementsBuilder

public AuthenticationRequirementsBuilder(AuthenticationRequirements requirements)

Constructor setting up a builder based on an existing AuthenticationRequirements object.

Parameters:

requirements - the template object

Method Details

builder

public static AuthenticationRequirementsBuilder builder()

Creates a AuthenticationRequirementsBuilder.

Returns:

a builder

builder

public static AuthenticationRequirementsBuilder builder(AuthenticationRequirements requirements)

Creates a AuthenticationRequirementsBuilder based on an existing AuthenticationRequirements object.

Parameters:

requirements - the template object

Returns:

a builder

build

public AuthenticationRequirements build()

Builds the AuthenticationRequirements object

Returns:

an AuthenticationRequirements

forceAuthn

public AuthenticationRequirementsBuilder forceAuthn(boolean forceAuthn)

Tells whether "force authentication" has been set, i.e., whether to force user authentication even though a valid user session exists.

Parameters:

forceAuthn - true if authentication should be forced, and false otherwise

Returns:

the builder

passiveAuthn

public AuthenticationRequirementsBuilder passiveAuthn(boolean passiveAuthn)

Tells whether we should issue an assertion without requiring the user to authenticate again.

Parameters:

passiveAuthn - true if passive authentication is required, and false otherwise

Returns:

the builder

entityCategories

public AuthenticationRequirementsBuilder entityCategories(Collection<String> entityCategories)

Assigns the collection of declared SAML entity categories for the relying party.

Parameters:

entityCategories - a collection of URI:s representing declared entity categories

Returns:

the builder

entityCategory

public AuthenticationRequirementsBuilder entityCategory(String entityCategory)

Adds an entity category.

Parameters:

entityCategory - an entity category URI

Returns:

the builder

requestedAttributes

public AuthenticationRequirementsBuilder requestedAttributes(Collection<RequestedAttribute> requestedAttributes)

Assigns the attributes requested directly in the authentication request or indirectly from the relying party metadata (AttributeConsumingService or entity category declarations).

Note: Within the Swedish eID Framework the use of declared entity categories is the preferred way of informing the IdP about which attributes a relying party requests, see entityCategories(Collection).

Parameters:

requestedAttributes - a collection of requested attributes

Returns:

the builder

requestedAttribute

public AuthenticationRequirementsBuilder requestedAttribute(RequestedAttribute requestedAttribute)

Adds a requested attribute.

Parameters:

requestedAttribute - the requested attribute

Returns:

the builder

authnContextRequirements

public AuthenticationRequirementsBuilder authnContextRequirements(Collection<String> authnContextRequirements)

Assigns a collection of the requested authentication contexts (AuthnContextClassRef).

Parameters:

authnContextRequirements - a collection of URI:s

Returns:

the builder

authnContextRequirement

public AuthenticationRequirementsBuilder authnContextRequirement(String authnContextRequirement)

Adds a requested authentication contexts (AuthnContextClassRef).

Parameters:

authnContextRequirement - URI

Returns:

the builder

principalSelectionAttributes

public AuthenticationRequirementsBuilder principalSelectionAttributes(Collection<UserAttribute> principalSelectionAttributes)

The PrincipalSelection extension defined in Sweden Connect technical framework enables a relying party to include one or more attributes in the AuthnRequest to inform the IdP about the user that is being authenticated. This method assigns this information.

Parameters:

principalSelectionAttributes - a collection of "principal selection" attributes

Returns:

the builder

principalSelectionAttribute

public AuthenticationRequirementsBuilder principalSelectionAttribute(UserAttribute principalSelectionAttribute)

Adds a principal selection attribute.

Parameters:

principalSelectionAttribute - principal selection attribute

Returns:

the builder

signatureMessageExtension

public AuthenticationRequirementsBuilder signatureMessageExtension(SignatureMessageExtension signatureMessageExtension)

Assigns the SignatureMessageExtension which is the representation of the SignMessage extension as specified in section 3.1.2 of DSS Extension for Federated Central Signing Services.

Parameters:

signatureMessageExtension - the sign message extension

Returns:

the builder

userMessageExtension

public AuthenticationRequirementsBuilder userMessageExtension(UserMessageExtension userMessageExtension)

Assigns the UserMessageExtension which is the representation of the UserMessage extension as specified in User Message Extension in SAML Authentication Requests.

Parameters:

userMessageExtension - the user message extension

Returns:

the builder

sadRequestExtension

public AuthenticationRequirementsBuilder sadRequestExtension(SadRequestExtension sadRequestExtension)

Assigns the SadRequestExtension which is the representation of the SADRequest extension as specified in Signature Activation Protocol for Federated Signing.

Parameters:

sadRequestExtension - the extension

Returns:

the builder