Package se.swedenconnect.spring.saml.idp.authnrequest

Class Saml2AuthnRequestAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
se.swedenconnect.spring.saml.idp.authnrequest.Saml2AuthnRequestAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer
public class Saml2AuthnRequestAuthenticationToken extends org.springframework.security.authentication.AbstractAuthenticationToken
An Authentication object for a SAML authentication request. This token will act as the input for the user authentication process.
Author:
Martin Lindström
See Also:

  • Constructor Details

    • Saml2AuthnRequestAuthenticationToken

      public Saml2AuthnRequestAuthenticationToken(AuthnRequest authnRequest, String relayState)
      Constructor assigning the received AuthnRequest and optionally also the RelayState variable.
      Parameters:
      authnRequest - the SAML authentication request
      relayState - the RelayState variable

  • Method Details

    • getCredentials

      public Object getCredentials()
      Will always return an empty string.

    • getPrincipal

      public Object getPrincipal()
      The principal of this token is the issuer entityID of the AuthnRequest.

    • getEntityId

      public String getEntityId()
      Gets the entityID of the requesting entity.
      Returns:
      the entityID of the requesting entity

    • getAuthnRequest

      public AuthnRequest getAuthnRequest()
      Gets the received AuthnRequest.
      Returns:
      the AuthnRequest

    • getRelayState

      public String getRelayState()
      Gets the received RelayState value.
      Returns:
      the RelayState (may be null)

    • setPeerMetadata

      public void setPeerMetadata(EntityDescriptor peerMetadata)
      Assigns the peer (SP) metadata.
      Parameters:
      peerMetadata - the peer metadata

    • getPeerMetadata

      public EntityDescriptor getPeerMetadata()
      Gets the peer (SP) metadata.
      Returns:
      the peer metadata

    • isSignatureServicePeer

      public boolean isSignatureServicePeer()
      Predicate that tells if the peer is a "signature service" peer.
      Returns:
      true if the peer is a signature service and false

    • getBindingUri

      public String getBindingUri()
      Gets the binding URI (redirect or POST). Possible values are "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" and "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".
      Returns:
      the binding URI used for the AuthnRequest

    • getAssertionConsumerServiceUrl

      public String getAssertionConsumerServiceUrl()
      Gets the assertion consumer servuce URL to use when posting back an assertion.
      Returns:
      URL

    • setAssertionConsumerServiceUrl

      public void setAssertionConsumerServiceUrl(String assertionConsumerServiceUrl)
      Assigns the URL to use when sending back the response.
      Parameters:
      assertionConsumerServiceUrl - URL

    • getNameIDGenerator

      public NameIDGenerator getNameIDGenerator()
      Gets the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.
      Returns:
      a NameIDGenerator

    • setNameIDGenerator

      public void setNameIDGenerator(NameIDGenerator nameIDGenerator)
      Assigns the NameIDGenerator to use when generating a NameID in the assertion that is created based on this request.
      Parameters:
      nameIDGenerator - a NameIDGenerator

    • getLogString

      public String getLogString()
      Gets a simple log string looking like: 
       entity-id: 'https://sp.example.com', authn-request: '9873hHYYT'
      Returns:
      a formatted log string