Class ManipulateClaimsForIDToken
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.profile.action.AbstractProfileAction
-
- org.opensaml.profile.action.AbstractConditionalProfileAction
-
- net.shibboleth.idp.profile.AbstractProfileAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCRequestAction<com.nimbusds.openid.connect.sdk.AuthenticationRequest>
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCAuthenticationRequestAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCAuthenticationResponseAction
-
- net.shibboleth.idp.plugin.oidc.op.profile.impl.ManipulateClaimsForIDToken
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction,Aware,MessageSource,MessageSourceAware,Action
public class ManipulateClaimsForIDToken extends AbstractOIDCAuthenticationResponseAction
An action that can be used for manipulating id_token claims via configurable strategy (bi-function). If the function exists, its result (a Map) is used as-is for building new contents for the upcoming id_token, i.e. the previously built claims set is replaced. If the function returns null, the existing id_token contents are not replaced.- Event:
EventIds.INVALID_MSG_CTXIf the id_token does not exist.,IdPEventIds.INVALID_PROFILE_CONFIGIf the new claims set is not compatible with the id_token requirements (e.g. due to missing mandatory claims, or claims having unexpected syntax).
-
-
Field Summary
Fields Modifier and Type Field Description private com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSetidTokenThe id_token to operate on.private Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>>idTokenManipulationStrategyLookupStrategyLookup function to supply strategy bi-function for manipulating id_token claims.private org.slf4j.LoggerlogClass logger.private BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>manipulationStrategyThe strategy used for manipulating the id_token.
-
Constructor Summary
Constructors Constructor Description ManipulateClaimsForIDToken()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoExecute(ProfileRequestContext profileRequestContext)protected booleandoPreExecute(ProfileRequestContext profileRequestContext)voidsetIDTokenManipulationStrategyLookupStrategy(Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> strategy)Set the lookup function to supply strategy bi-function for manipulating id_token claims.-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCAuthenticationResponseAction
getMetadataContext, getOidcResponseContext
-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCAuthenticationRequestAction
getAuthenticationRequest
-
Methods inherited from class net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractOIDCRequestAction
getRequest
-
Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction
doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy
-
Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction
getActivationCondition, setActivationCondition
-
Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
-
-
-
Field Detail
-
log
@Nonnull private org.slf4j.Logger log
Class logger.
-
idTokenManipulationStrategyLookupStrategy
@Nonnull private Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> idTokenManipulationStrategyLookupStrategy
Lookup function to supply strategy bi-function for manipulating id_token claims.
-
manipulationStrategy
private BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>> manipulationStrategy
The strategy used for manipulating the id_token.
-
idToken
private com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet idToken
The id_token to operate on.
-
-
Method Detail
-
setIDTokenManipulationStrategyLookupStrategy
public void setIDTokenManipulationStrategyLookupStrategy(@Nonnull Function<ProfileRequestContext,BiFunction<ProfileRequestContext,Map<String,Object>,Map<String,Object>>> strategy)Set the lookup function to supply strategy bi-function for manipulating id_token claims.- Parameters:
strategy- What to set
-
doPreExecute
protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doPreExecutein classAbstractOIDCAuthenticationResponseAction
-
doExecute
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)- Overrides:
doExecutein classAbstractProfileAction
-
-