Package net.shibboleth.idp.saml.saml2.profile.impl

Class AddAuthnRequest

java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.profile.action.AbstractConditionalProfileAction
net.shibboleth.idp.profile.AbstractProfileAction
net.shibboleth.idp.authn.AbstractAuthenticationAction
net.shibboleth.idp.saml.saml2.profile.impl.AddAuthnRequest
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction, Aware, MessageSource, MessageSourceAware, Action
public class AddAuthnRequest
extends AbstractAuthenticationAction
Action that creates an AuthnRequest and sets it as the message returned by InOutOperationContext.getOutboundMessageContext().

If an issuer value is returned via a lookup strategy, then it's set as the Issuer of the message.

Various other values are derived from the active configuration such as RequestedAuthnContext, NameIDPolicy, and Scoping.

Event:
EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX, EventIds.INVALID_PROFILE_CTX, IdPEventIds.INVALID_PROFILE_CONFIG
Postcondition:
ProfileRequestContext.getOutboundMessageContext().getMessage() != null

  • Field Details

  • Constructor Details

    • AddAuthnRequest

      public AddAuthnRequest()
      Constructor.

  • Method Details

    • setOverwriteExisting

      public void setOverwriteExisting​(boolean flag)
      Set whether to overwrite an existing message.
      Parameters:
      flag - flag to set

    • setIdentifierGeneratorLookupStrategy

      public void setIdentifierGeneratorLookupStrategy​(@Nonnull Function<ProfileRequestContext,​IdentifierGenerationStrategy> strategy)
      Set the strategy used to locate the IdentifierGenerationStrategy to use.
      Parameters:
      strategy - lookup strategy

    • setIssuerLookupStrategy

      public void setIssuerLookupStrategy​(@Nullable Function<ProfileRequestContext,​String> strategy)
      Set the strategy used to locate the issuer value to use.
      Parameters:
      strategy - lookup strategy

    • doPreExecute

      protected boolean doPreExecute​(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action's pre-execute step. Default implementation just returns true.
      Overrides:
      doPreExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context
      Returns:
      true iff execution should continue

    • doExecute

      protected void doExecute​(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext)
      Performs this authentication action. Default implementation throws an exception.
      Overrides:
      doExecute in class AbstractAuthenticationAction
      Parameters:
      profileRequestContext - the current IdP profile request context
      authenticationContext - the current authentication context

    • getRequestedAuthnContext

      @Nullable private RequestedAuthnContext getRequestedAuthnContext​(@Nullable ProfileRequestContext profileRequestContext)
      Build a RequestedAuthnContext if warranted.
      Parameters:
      profileRequestContext - current profile request context
      Returns:
      the object to include in the request, or null

    • buildScoping

      @Nullable public Scoping buildScoping​(@Nonnull ProfileRequestContext profileRequestContext, @Nullable Integer count, @Nonnull @NonnullElements Set<String> idplist)
      Build a Scoping element, decrementing the proxy count if set.
      Parameters:
      profileRequestContext - current profile request context
      count - proxy count
      idplist - list of IdP entityIDs
      Returns:
      populated Scoping