1 /* 2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.] 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package edu.internet2.middleware.shibboleth.common.attribute.provider; 18 19 import java.util.Collection; 20 21 import org.opensaml.saml2.core.Attribute; 22 import org.opensaml.saml2.core.AttributeQuery; 23 import org.opensaml.saml2.core.AttributeStatement; 24 import org.opensaml.saml2.core.NameID; 25 import org.opensaml.saml2.core.RequestAbstractType; 26 import org.opensaml.saml2.core.StatusResponseType; 27 28 import edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthority; 29 import edu.internet2.middleware.shibboleth.common.attribute.AttributeRequestException; 30 import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute; 31 import edu.internet2.middleware.shibboleth.common.attribute.encoding.AttributeEncodingException; 32 import edu.internet2.middleware.shibboleth.common.profile.provider.SAMLProfileRequestContext; 33 import edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml2.AbstractSAML2ProfileConfiguration; 34 35 /** 36 * An attribute authority that can take an attribute query and produce a resultant attribute statement. 37 */ 38 public interface SAML2AttributeAuthority 39 extends 40 AttributeAuthority<SAMLProfileRequestContext<? extends RequestAbstractType, ? extends StatusResponseType, NameID, ? extends AbstractSAML2ProfileConfiguration>> { 41 42 /** 43 * Resolves a {@link NameID} into the internal principal name used Shibboleth. 44 * 45 * @param requestContext The request context within which to retrieve the principal. At a mimium, a {@link NameID} 46 * and relying party ID must be included. 47 * 48 * @return {@link NameID} into the internal principal name used Shibboleth 49 * 50 * @throws AttributeRequestException thrown if the principal get not be resolved 51 */ 52 public String getPrincipal( 53 SAMLProfileRequestContext<? extends RequestAbstractType, ? extends StatusResponseType, NameID, ? extends AbstractSAML2ProfileConfiguration> requestContext) 54 throws AttributeRequestException; 55 56 /** 57 * Creates a SAML 2 attribute statment from a collection of {@link BaseAttribute}. 58 * 59 * @param query the attribute query the statement is in respone to, may be null 60 * @param attributes the attributes to create the attribute statement form 61 * 62 * @return the generated attribute statement 63 * 64 * @throws AttributeEncodingException thrown if an {@link BaseAttribute} can not be encoded 65 */ 66 public AttributeStatement buildAttributeStatement(AttributeQuery query, Collection<BaseAttribute> attributes) 67 throws AttributeEncodingException; 68 69 /** 70 * Translates SAML 2 attribute naming information into the internal attribute ID used by the resolver and filtering 71 * engine. 72 * 73 * @param attribute the SAML 2 attribute to translate 74 * 75 * @return the attribute ID used by the resolver and filtering engine 76 */ 77 public String getAttributeIDBySAMLAttribute(Attribute attribute); 78 79 /** 80 * Translates the internal attribute ID, used by the resolver and filtering engine, into its representative SAML 2 81 * attribute name. 82 * 83 * @param id internal attribute ID 84 * 85 * @return SAML 2 attribute name 86 */ 87 public Attribute getSAMLAttributeByAttributeID(String id); 88 }