View Javadoc

1   /*
2    * Licensed to the University Corporation for Advanced Internet Development, 
3    * Inc. (UCAID) under one or more contributor license agreements.  See the 
4    * NOTICE file distributed with this work for additional information regarding
5    * copyright ownership. The UCAID licenses this file to You under the Apache 
6    * License, Version 2.0 (the "License"); you may not use this file except in 
7    * compliance with the License.  You may obtain a copy of the License at
8    *
9    *    http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  
18  package edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.attributeDefinition;
19  
20  import java.util.Collection;
21  
22  import org.opensaml.Configuration;
23  import org.opensaml.common.SAMLObjectBuilder;
24  import org.opensaml.saml2.core.NameID;
25  
26  import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute;
27  import edu.internet2.middleware.shibboleth.common.attribute.provider.BasicAttribute;
28  import edu.internet2.middleware.shibboleth.common.attribute.resolver.AttributeResolutionException;
29  import edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.ShibbolethResolutionContext;
30  
31  /**
32   * An attribute definition the creates attributes whose values are {@link NameID}.
33   * 
34   * When building the NameID the textual content of the NameID is the value of the source attribute. If a
35   * {@link #nameIdQualifier} is provided that value is used as the NameID's name qualifier otherwise the attribute
36   * issuer's entity ID is used. The attribute requester's entity ID is always used as the NameID's SP name qualifier.
37   */
38  public class SAML2NameIDAttributeDefinition extends BaseAttributeDefinition {
39  
40      /** Builder of NameID XMLObjects. */
41      private final SAMLObjectBuilder<NameID> nameIdBuilder;
42  
43      /** Format of the NameID. */
44      private String nameIdFormat;
45  
46      /** Name qualifier for the NameID. */
47      private String nameIdQualifier;
48  
49      /** SP name qualifier for the NameID. */
50      private String nameIdSPQualifier;
51      
52      /** Constructor. */
53      public SAML2NameIDAttributeDefinition() {
54          super();
55          nameIdBuilder = (SAMLObjectBuilder<NameID>) Configuration.getBuilderFactory().getBuilder(
56                  NameID.DEFAULT_ELEMENT_NAME);
57      }
58  
59      /**
60       * Gets the format for the NameID used as an attribute value.
61       * 
62       * @return format for the NameID used as an attribute value
63       */
64      public String getNameIdFormat() {
65          return nameIdFormat;
66      }
67  
68      /**
69       * Sets the format for the NameID used as an attribute value.
70       * 
71       * @param format format for the NameID used as an attribute value
72       */
73      public void setNameIdFormat(String format) {
74          nameIdFormat = format;
75      }
76  
77      /**
78       * Gets the NameQualifier for the NameID used as an attribute value.
79       * 
80       * @return NameQualifier for the NameID used as an attribute value
81       */
82      public String getNameIdQualifier() {
83          return nameIdQualifier;
84      }
85  
86      /**
87       * Sets the NameQualifier for the NameID used as an attribute value.
88       * 
89       * @param qualifier NameQualifier for the NameID used as an attribute value
90       */
91      public void setNameIdQualifier(String qualifier) {
92          nameIdQualifier = qualifier;
93      }
94  
95      /**
96       * Gets the SPNameQualifier for the NameID used as an attribute value.
97       * 
98       * @return SPNameQualifier for the NameID used as an attribute value
99       */
100     public String getNameIdSPQualifier() {
101         return nameIdSPQualifier;
102     }
103 
104     /**
105      * Sets the SPNameQualifier for the NameID used as an attribute value.
106      * 
107      * @param qualifier SPNameQualifier for the NameID used as an attribute value
108      */
109     public void setNameIdSPQualifier(String qualifier) {
110         nameIdSPQualifier = qualifier;
111     }
112     
113     /** {@inheritDoc} */
114     protected BaseAttribute<?> doResolve(ShibbolethResolutionContext resolutionContext)
115             throws AttributeResolutionException {
116         BasicAttribute<NameID> attribute = new BasicAttribute<NameID>();
117         attribute.setId(getId());
118 
119         Collection<?> values = getValuesFromAllDependencies(resolutionContext);
120         if (values != null && !values.isEmpty()) {
121             for (Object value : values) {
122                 attribute.getValues().add(buildNameId(value.toString(), resolutionContext));
123             }
124         }
125 
126         return attribute;
127     }
128 
129     /**
130      * Builds a name ID. The provided value is the textual content of the NameID. The
131      * NameQualifier and SPNameQualifier are set according to the configuration, or
132      * to the local and requesting entityIDs respectively. 
133      * 
134      * @param nameIdValue value of the NameID
135      * @param resolutionContext current resolution context
136      * 
137      * @return the constructed NameID
138      */
139     protected NameID buildNameId(String nameIdValue, ShibbolethResolutionContext resolutionContext) {
140         NameID nameId = nameIdBuilder.buildObject();
141         nameId.setValue(nameIdValue);
142 
143         if (nameIdFormat != null) {
144             nameId.setFormat(nameIdFormat);
145         }
146 
147         if (nameIdQualifier != null) {
148             nameId.setNameQualifier(nameIdQualifier);
149         } else {
150             nameId.setNameQualifier(resolutionContext.getAttributeRequestContext().getLocalEntityId());
151         }
152         
153         if (nameIdSPQualifier != null) {
154             nameId.setSPNameQualifier(nameIdSPQualifier);
155         } else {
156             nameId.setSPNameQualifier(resolutionContext.getAttributeRequestContext().getInboundMessageIssuer());
157         }
158 
159         return nameId;
160     }
161 
162     /** {@inheritDoc} */
163     public void validate() throws AttributeResolutionException {
164         // do nothing
165     }
166 }