Package org.opensaml.saml.saml2.profile.impl

Class DecryptAttributes

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

org.opensaml.saml.saml2.profile.impl.DecryptAttributes

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction

public class DecryptAttributes
extends AbstractDecryptAction

Action to decrypt an EncryptedAttribute element and replace it with the decrypted Attribute in situ.

All of the built-in SAML message types that may include an EncryptedAttribute are potentially handled, but the actual message to handle is obtained via strategy function, by default the inbound message.

Event:

EventIds.PROCEED_EVENT_ID, SAMLEventIds.DECRYPT_ATTRIBUTE_FAILED

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
DecryptAttributes()

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext)	Performs this action.
private void	processAssertion(ProfileRequestContext profileRequestContext, Assertion assertion)	Decrypt any EncryptedAttribute found in an assertion and replace it with the result.
private Attribute	processEncryptedAttribute(ProfileRequestContext profileRequestContext, EncryptedAttribute encAttr)	Decrypt an EncryptedAttribute and return the result.

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

doPreExecute, getDecrypter, getDecryptionPredicate, getSAMLObject, isErrorFatal, setDecryptionPredicate, setErrorFatal, setMessageLookupStrategy, setSecurityParametersContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Details

DecryptAttributes

public DecryptAttributes()

Method Details

doExecute

protected void doExecute(@Nonnull
ProfileRequestContext profileRequestContext)

Performs this action. Actions must override this method to perform their work.

Overrides:

doExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

processEncryptedAttribute

@Nullable
private Attribute processEncryptedAttribute(@Nonnull
ProfileRequestContext profileRequestContext,
@Nonnull
EncryptedAttribute encAttr)
                                     throws DecryptionException

Decrypt an EncryptedAttribute and return the result.

Parameters:

profileRequestContext - current profile request context

encAttr - the encrypted object

Returns:

the decrypted attribute, or null if the object did not need decryption

Throws:

DecryptionException - if an error occurs during decryption

processAssertion

private void processAssertion(@Nonnull
ProfileRequestContext profileRequestContext,
@Nonnull
Assertion assertion)
                       throws DecryptionException

Decrypt any EncryptedAttribute found in an assertion and replace it with the result.

Parameters:

profileRequestContext - current profile request context

assertion - assertion to operate on

Throws:

DecryptionException - if an error occurs