Package se.swedenconnect.spring.saml.idp.authnrequest

Class Saml2AuthnRequestAuthenticationToken

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

se.swedenconnect.spring.saml.idp.authnrequest.Saml2AuthnRequestAuthenticationToken

All Implemented Interfaces:

Serializable, Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer

public class Saml2AuthnRequestAuthenticationToken
extends org.springframework.security.authentication.AbstractAuthenticationToken

An Authentication object for a SAML authentication request. This token will act as the input for the user authentication process.

Author:

Martin Lindström

See Also:

• Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.authentication.AbstractAuthenticationToken.AbstractAuthenticationBuilder<B extends org.springframework.security.authentication.AbstractAuthenticationToken.AbstractAuthenticationBuilder<B>>

Nested classes/interfaces inherited from interface org.springframework.security.core.Authentication

org.springframework.security.core.Authentication.Builder<B extends org.springframework.security.core.Authentication.Builder<B>>

Constructor Summary

Constructors

Constructor	Description
Saml2AuthnRequestAuthenticationToken(AuthnRequest authnRequest, String relayState)	Constructor assigning the received AuthnRequest and optionally also the RelayState variable.

Method Summary

Modifier and Type	Method	Description
String	getAssertionConsumerServiceUrl()	Gets the assertion consumer servuce URL to use when posting back an assertion.
AuthnRequest	getAuthnRequest()	Gets the received AuthnRequest.
String	getBindingUri()	Gets the binding URI (redirect or POST).
Object	getCredentials()	Will always return an empty string.
String	getEntityId()	Gets the entityID of the requesting entity.
String	getLogString()	Gets a simple log string looking like:
NameIDGenerator	getNameIDGenerator()	Gets the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.
EntityDescriptor	getPeerMetadata()	Gets the peer (SP) metadata.
Object	getPrincipal()	The principal of this token is the issuer entityID of the AuthnRequest.
String	getRelayState()	Gets the received RelayState value.
boolean	isSignatureServicePeer()	Predicate that tells if the peer is a "signature service" peer.
void	setAssertionConsumerServiceUrl(String assertionConsumerServiceUrl)	Assigns the URL to use when sending back the response.
void	setNameIDGenerator(NameIDGenerator nameIDGenerator)	Assigns the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.
void	setPeerMetadata(EntityDescriptor peerMetadata)	Assigns the peer (SP) metadata.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.springframework.security.core.Authentication

toBuilder

Methods inherited from interface java.security.Principal

implies

Constructor Details

Saml2AuthnRequestAuthenticationToken

public Saml2AuthnRequestAuthenticationToken(AuthnRequest authnRequest,
 String relayState)

Constructor assigning the received AuthnRequest and optionally also the RelayState variable.

Parameters:

authnRequest - the SAML authentication request

relayState - the RelayState variable

Method Details

getCredentials

public Object getCredentials()

Will always return an empty string.

getPrincipal

public Object getPrincipal()

The principal of this token is the issuer entityID of the AuthnRequest.

getEntityId

public String getEntityId()

Gets the entityID of the requesting entity.

Returns:

the entityID of the requesting entity

getAuthnRequest

public AuthnRequest getAuthnRequest()

Gets the received AuthnRequest.

Returns:

the AuthnRequest

getRelayState

public String getRelayState()

Gets the received RelayState value.

Returns:

the RelayState (may be null)

setPeerMetadata

public void setPeerMetadata(EntityDescriptor peerMetadata)

Assigns the peer (SP) metadata.

Parameters:

peerMetadata - the peer metadata

getPeerMetadata

public EntityDescriptor getPeerMetadata()

Gets the peer (SP) metadata.

Returns:

the peer metadata

isSignatureServicePeer

public boolean isSignatureServicePeer()

Predicate that tells if the peer is a "signature service" peer.

Returns:

true if the peer is a signature service and false

getBindingUri

public String getBindingUri()

Gets the binding URI (redirect or POST). Possible values are "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".

Returns:

the binding URI used for the AuthnRequest

getAssertionConsumerServiceUrl

public String getAssertionConsumerServiceUrl()

Gets the assertion consumer servuce URL to use when posting back an assertion.

Returns:

URL

setAssertionConsumerServiceUrl

public void setAssertionConsumerServiceUrl(String assertionConsumerServiceUrl)

Assigns the URL to use when sending back the response.

Parameters:

assertionConsumerServiceUrl - URL

getNameIDGenerator

public NameIDGenerator getNameIDGenerator()

Gets the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.

Returns:

a NameIDGenerator

setNameIDGenerator

public void setNameIDGenerator(NameIDGenerator nameIDGenerator)

Assigns the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.

Parameters:

nameIDGenerator - a NameIDGenerator

getLogString

public String getLogString()

Gets a simple log string looking like:

 entity-id: 'https://sp.example.com', authn-request: '9873hHYYT'
 

Returns:

a formatted log string