Class AddRequestObjectSecurityConfigurationToClientMetadata
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AddRequestObjectSecurityConfigurationToClientMetadata
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class AddRequestObjectSecurityConfigurationToClientMetadata extends AbstractOIDCClientMetadataPopulationAction
Verifies and adds the request object configuration details (request_object_signing_alg, request_object_encryption_alg and request_object_encryption_enc) to the client metadata.
-
-
Field Summary
Fields Modifier and Type Field Description private booleanallowSignatureNoneWhether signature algorithm none is allowed regardless of what list of Signature Validation Algs has.private Function<ProfileRequestContext,List<String>>dataEncryptionAlgorithmsLookupStrategyStrategy to obtain list of supported data encryption algorithms.private Function<ProfileRequestContext,List<String>>keyTransportEncryptionAlgorithmsLookupStrategyStrategy to obtain list of supported key transport encryption algorithms.private org.slf4j.LoggerlogClass logger.private Function<ProfileRequestContext,List<String>>signatureAlgorithmsLookupStrategyStrategy to obtain list of supported signature algorithms.private List<String>supportedDecryptionAlgsList of supported key transport algorithms obtained from the security configuration.private List<String>supportedDecryptionEncsList of supported data decryption algorithms obtained from the security configuration.private List<String>supportedSignatureValidationAlgsList of supported signature validation algorithms obtained from the security configuration.
-
Constructor Summary
Constructors Constructor Description AddRequestObjectSecurityConfigurationToClientMetadata()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoExecute(ProfileRequestContext profileRequestContext)protected booleandoPreExecute(ProfileRequestContext profileRequestContext)voidsetAllowSignatureNone(boolean allow)Set whether signature algorithm none is allowed regardless of what list of Signature Validation Algs has.voidsetDataEncryptionAlgorithmsLookupStrategy(Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.voidsetKeyTransportAlgorithmsLookupStrategy(Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.voidsetSignatureAlgorithmsLookupStrategy(Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCClientMetadataPopulationAction
getInputMetadata, getOutputMetadata, setOidcInputMetadataLookupStrategy, setOidcOutputMetadataLookupStrategy
-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
signatureAlgorithmsLookupStrategy
@Nullable private Function<ProfileRequestContext,List<String>> signatureAlgorithmsLookupStrategy
Strategy to obtain list of supported signature algorithms.
-
dataEncryptionAlgorithmsLookupStrategy
@Nullable private Function<ProfileRequestContext,List<String>> dataEncryptionAlgorithmsLookupStrategy
Strategy to obtain list of supported data encryption algorithms.
-
keyTransportEncryptionAlgorithmsLookupStrategy
@Nullable private Function<ProfileRequestContext,List<String>> keyTransportEncryptionAlgorithmsLookupStrategy
Strategy to obtain list of supported key transport encryption algorithms.
-
allowSignatureNone
private boolean allowSignatureNone
Whether signature algorithm none is allowed regardless of what list of Signature Validation Algs has.
-
supportedSignatureValidationAlgs
@Nullable private List<String> supportedSignatureValidationAlgs
List of supported signature validation algorithms obtained from the security configuration.
-
supportedDecryptionEncs
@Nullable private List<String> supportedDecryptionEncs
List of supported data decryption algorithms obtained from the security configuration.
-
-
Method Detail
-
setAllowSignatureNone
public void setAllowSignatureNone(boolean allow)
Set whether signature algorithm none is allowed regardless of what list of Signature Validation Algs has.- Parameters:
allow- Whether signature algorithm none is allowed regardless of what list of Signature Validation Algs has
-
setSignatureAlgorithmsLookupStrategy
public void setSignatureAlgorithmsLookupStrategy(@Nonnull Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.- Parameters:
strategy- What to set.
-
setDataEncryptionAlgorithmsLookupStrategy
public void setDataEncryptionAlgorithmsLookupStrategy(@Nonnull Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.- Parameters:
strategy- What to set.
-
setKeyTransportAlgorithmsLookupStrategy
public void setKeyTransportAlgorithmsLookupStrategy(@Nonnull Function<ProfileRequestContext,List<String>> strategy)Set the strategy used to obtain list of supported signature algorithms.- Parameters:
strategy- What to set.
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doPreExecutein classAbstractOIDCClientMetadataPopulationAction
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doExecutein classAbstractProfileAction
-
-