Package org.opensaml.saml.security.impl

Class SAMLMetadataSignatureSigningParametersResolver

java.lang.Object
org.opensaml.xmlsec.impl.AbstractSecurityParametersResolver<SignatureSigningParameters>
org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver
org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver
All Implemented Interfaces:
Resolver<SignatureSigningParameters,CriteriaSet>, SignatureSigningParametersResolver
public class SAMLMetadataSignatureSigningParametersResolver extends BasicSignatureSigningParametersResolver
A specialization of BasicSignatureSigningParametersResolver which also supports input of SAML metadata, specifically the SigningMethod and DigestMethod extension elements.

In addition to the Criterion inputs documented in BasicSignatureSigningParametersResolver, the following inputs are also supported:

  • Field Details

    • log

      @Nonnull private org.slf4j.Logger log
      Logger.

  • Constructor Details

    • SAMLMetadataSignatureSigningParametersResolver

      public SAMLMetadataSignatureSigningParametersResolver()

  • Method Details

    • resolveAndPopulateCredentialAndSignatureAlgorithm

      protected void resolveAndPopulateCredentialAndSignatureAlgorithm(@Nonnull SignatureSigningParameters params, @Nonnull CriteriaSet criteria, @Nonnull Predicate<String> includeExcludePredicate)
      Resolve and populate the signing credential and signature method algorithm URI on the supplied parameters instance.
      Overrides:
      resolveAndPopulateCredentialAndSignatureAlgorithm in class BasicSignatureSigningParametersResolver
      Parameters:
      params - the parameters instance being populated
      criteria - the input criteria being evaluated
      includeExcludePredicate - the include/exclude predicate with which to evaluate the candidate signing method algorithm URIs

    • credentialSupportsSigningMethod

      protected boolean credentialSupportsSigningMethod(@Nonnull Credential credential, @Nonnull @NotEmpty SigningMethod signingMethod)
      Evaluate whether the specified credential is supported for use with the specified SigningMethod.
      Parameters:
      credential - the credential to evaluate
      signingMethod - the signing method to evaluate
      Returns:
      true if credential may be used with the supplied algorithm URI, false otherwise

    • resolveReferenceDigestMethod

      @Nullable protected String resolveReferenceDigestMethod(@Nonnull CriteriaSet criteria, @Nonnull Predicate<String> includeExcludePredicate)
      Resolve and return the digest method algorithm URI to use, including application of include/exclude policy.
      Overrides:
      resolveReferenceDigestMethod in class BasicSignatureSigningParametersResolver
      Parameters:
      criteria - the input criteria being evaluated
      includeExcludePredicate - the include/exclude predicate to use
      Returns:
      the resolved digest method algorithm URI

    • getExtensions

      @Nullable protected List<XMLObject> getExtensions(@Nonnull RoleDescriptor roleDescriptor, @Nonnull QName extensionName)
      Get the extensions indicated by the passed QName. The passed RoleDescriptor's Extensions element is examined first. If at least 1 such extension is found there, that list is returned. If no such extensions are found on the RoleDescriptor, then the RoleDescriptor's parent EntityDescriptor will be examined, if it exists.
      Parameters:
      roleDescriptor - the role descriptor instance to examine
      extensionName - the extension name for which to search
      Returns:
      the list of extension XMLObjects found, or null