Class AddNotOnOrAfterConditionToAssertions

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, ProfileAction

public class AddNotOnOrAfterConditionToAssertions extends AbstractConditionalProfileAction
Action that adds the NotBefore attribute to every assertion in a SAML 1/2 response message. If the containing Conditions is not present, it will be created.
  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Class logger.
    • responseLookupStrategy

      @Nonnull private Function<ProfileRequestContext,SAMLObject> responseLookupStrategy
      Strategy used to locate the Response to operate on.
    • assertionLifetimeStrategy

      @Nullable private Function<ProfileRequestContext,Duration> assertionLifetimeStrategy
      Strategy to obtain assertion lifetime policy.
    • defaultAssertionLifetime

      @Nonnull private Duration defaultAssertionLifetime
      Default lifetime to use to establish timestamp.
    • response

      @Nullable private SAMLObject response
      Response to modify.
  • Constructor Details

    • AddNotOnOrAfterConditionToAssertions

      public AddNotOnOrAfterConditionToAssertions()
  • Method Details

    • setResponseLookupStrategy

      public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext,SAMLObject> strategy)
      Set the strategy used to locate the Response to operate on.
      strategy - lookup strategy
    • setAssertionLifetimeStrategy

      public void setAssertionLifetimeStrategy(@Nullable Function<ProfileRequestContext,Duration> strategy)
      Set strategy function to obtain assertion lifetime.
      strategy - strategy function
    • setDefaultAssertionLifetime

      public void setDefaultAssertionLifetime(@Nonnull Duration lifetime)
      Set the default assertion lifetime.
      lifetime - default lifetime
    • doPreExecute

      protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Called prior to execution, actions may override this method to perform pre-processing for a request.

      If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

      If returning successfully, the last step should be to return the result of the superclass version of this method.

      doPreExecute in class AbstractConditionalProfileAction
      profileRequestContext - the current IdP profile request context
      true iff execution should proceed
    • doExecute

      protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
      Performs this action. Actions must override this method to perform their work.
      doExecute in class AbstractProfileAction
      profileRequestContext - the current IdP profile request context