public class MetadataGenerator extends Object
Modifier and Type | Field and Description |
---|---|
protected org.opensaml.xml.XMLObjectBuilderFactory |
builderFactory |
static Collection<String> |
defaultNameID
Default set of NameIDs included in metadata.
|
protected KeyManager |
keyManager
Source of certificates.
|
protected static org.slf4j.Logger |
log
Class logger.
|
protected SAMLDiscovery |
samlDiscovery |
protected SAMLEntryPoint |
samlEntryPoint |
protected SAMLLogoutProcessingFilter |
samlLogoutProcessingFilter |
protected SAMLProcessingFilter |
samlWebSSOFilter
Filters for loading of paths.
|
protected SAMLWebSSOHoKProcessingFilter |
samlWebSSOHoKFilter |
Constructor and Description |
---|
MetadataGenerator()
Default constructor.
|
Modifier and Type | Method and Description |
---|---|
protected org.opensaml.saml2.common.Extensions |
buildExtensions(String entityBaseURL,
String entityAlias) |
protected org.opensaml.saml2.metadata.SPSSODescriptor |
buildSPSSODescriptor(String entityBaseURL,
String entityAlias,
boolean requestSigned,
boolean wantAssertionSigned,
Collection<String> includedNameID) |
ExtendedMetadata |
generateExtendedMetadata()
Generates extended metadata.
|
protected org.opensaml.xml.signature.KeyInfo |
generateKeyInfoForCredential(org.opensaml.xml.security.credential.Credential credential) |
org.opensaml.saml2.metadata.EntityDescriptor |
generateMetadata() |
int |
getAssertionConsumerIndex() |
protected org.opensaml.saml2.metadata.AssertionConsumerService |
getAssertionConsumerService(String entityBaseURL,
String entityAlias,
boolean isDefault,
int index,
String filterURL,
String binding) |
Collection<String> |
getBindingsHoKSSO() |
Collection<String> |
getBindingsSLO() |
Collection<String> |
getBindingsSSO() |
protected String |
getDiscoveryResponseURL(String entityBaseURL,
String entityAlias)
Provides set discovery response url or generates a default when none was provided.
|
protected org.opensaml.samlext.idpdisco.DiscoveryResponse |
getDiscoveryService(String entityBaseURL,
String entityAlias,
int index) |
protected String |
getDiscoveryURL(String entityBaseURL,
String entityAlias)
Provides set discovery request url or generates a default when none was provided.
|
protected String |
getEncryptionKey()
Provides key used for encryption from extended metadata.
|
protected String |
getEntityAlias()
Provides entity alias from extended metadata, or null when metadata isn't specified or contains null.
|
String |
getEntityBaseURL() |
String |
getEntityId() |
ExtendedMetadata |
getExtendedMetadata()
Extended metadata which contains details on configuration of the generated service provider metadata.
|
protected org.opensaml.saml2.metadata.AssertionConsumerService |
getHoKAssertionConsumerService(String entityBaseURL,
String entityAlias,
boolean isDefault,
int index,
String filterURL,
String binding) |
String |
getId() |
protected org.opensaml.saml2.metadata.KeyDescriptor |
getKeyDescriptor(org.opensaml.xml.security.credential.UsageType type,
org.opensaml.xml.signature.KeyInfo key) |
Collection<String> |
getNameID() |
protected Collection<org.opensaml.saml2.metadata.NameIDFormat> |
getNameIDFormat(Collection<String> includedNameID) |
protected org.opensaml.xml.signature.KeyInfo |
getServerKeyInfo(String alias) |
protected String |
getSigningKey()
Provides key used for signing from extended metadata.
|
protected org.opensaml.saml2.metadata.SingleLogoutService |
getSingleLogoutService(String entityBaseURL,
String entityAlias,
String binding) |
protected String |
getTLSKey()
Provides key used for SSL/TLS from extended metadata.
|
protected boolean |
isIncludeDiscovery()
True when IDP discovery is enabled either on local property includeDiscovery or property idpDiscoveryEnabled
in the extended metadata.
|
boolean |
isIncludeDiscoveryExtension() |
boolean |
isRequestSigned() |
boolean |
isWantAssertionSigned() |
protected Collection<String> |
mapAliases(Collection<String> values)
Method iterates all values in the input, for each tries to resolve correct alias.
|
void |
setAssertionConsumerIndex(int assertionConsumerIndex)
Generated assertion consumer service with the index equaling set value will be marked as default.
|
void |
setBindingsHoKSSO(Collection<String> bindingsHoKSSO)
List of bindings to be included in the generated metadata for Web Single Sign-On Holder of Key.
|
void |
setBindingsSLO(Collection<String> bindingsSLO)
List of bindings to be included in the generated metadata for Single Logout.
|
void |
setBindingsSSO(Collection<String> bindingsSSO)
List of bindings to be included in the generated metadata for Web Single Sign-On.
|
void |
setEntityBaseURL(String entityBaseURL) |
void |
setEntityId(String entityId) |
void |
setExtendedMetadata(ExtendedMetadata extendedMetadata)
Default value for generation of extended metadata.
|
void |
setId(String id) |
void |
setIncludeDiscoveryExtension(boolean includeDiscoveryExtension)
When true discovery profile extension metadata pointing to the default SAMLEntryPoint will be generated and stored
in the generated metadata document.
|
void |
setKeyManager(KeyManager keyManager) |
void |
setNameID(Collection<String> nameID) |
void |
setRequestSigned(boolean requestSigned) |
void |
setSamlEntryPoint(SAMLEntryPoint samlEntryPoint) |
void |
setSamlLogoutProcessingFilter(SAMLLogoutProcessingFilter samlLogoutProcessingFilter) |
void |
setSamlWebSSOFilter(SAMLProcessingFilter samlWebSSOFilter) |
void |
setSamlWebSSOHoKFilter(SAMLWebSSOHoKProcessingFilter samlWebSSOHoKFilter) |
void |
setWantAssertionSigned(boolean wantAssertionSigned) |
protected void |
validateRequiredAttributes(String entityId,
String entityBaseURL) |
public static final Collection<String> defaultNameID
protected org.opensaml.xml.XMLObjectBuilderFactory builderFactory
protected KeyManager keyManager
protected SAMLProcessingFilter samlWebSSOFilter
protected SAMLWebSSOHoKProcessingFilter samlWebSSOHoKFilter
protected SAMLLogoutProcessingFilter samlLogoutProcessingFilter
protected SAMLEntryPoint samlEntryPoint
protected SAMLDiscovery samlDiscovery
protected static final org.slf4j.Logger log
public org.opensaml.saml2.metadata.EntityDescriptor generateMetadata()
protected void validateRequiredAttributes(String entityId, String entityBaseURL)
protected org.opensaml.xml.signature.KeyInfo getServerKeyInfo(String alias)
public ExtendedMetadata generateExtendedMetadata()
protected org.opensaml.xml.signature.KeyInfo generateKeyInfoForCredential(org.opensaml.xml.security.credential.Credential credential)
protected org.opensaml.saml2.metadata.SPSSODescriptor buildSPSSODescriptor(String entityBaseURL, String entityAlias, boolean requestSigned, boolean wantAssertionSigned, Collection<String> includedNameID)
protected Collection<String> mapAliases(Collection<String> values)
values
- input collectionprotected org.opensaml.saml2.common.Extensions buildExtensions(String entityBaseURL, String entityAlias)
protected org.opensaml.saml2.metadata.KeyDescriptor getKeyDescriptor(org.opensaml.xml.security.credential.UsageType type, org.opensaml.xml.signature.KeyInfo key)
protected Collection<org.opensaml.saml2.metadata.NameIDFormat> getNameIDFormat(Collection<String> includedNameID)
protected org.opensaml.saml2.metadata.AssertionConsumerService getAssertionConsumerService(String entityBaseURL, String entityAlias, boolean isDefault, int index, String filterURL, String binding)
protected org.opensaml.saml2.metadata.AssertionConsumerService getHoKAssertionConsumerService(String entityBaseURL, String entityAlias, boolean isDefault, int index, String filterURL, String binding)
protected org.opensaml.samlext.idpdisco.DiscoveryResponse getDiscoveryService(String entityBaseURL, String entityAlias, int index)
protected org.opensaml.saml2.metadata.SingleLogoutService getSingleLogoutService(String entityBaseURL, String entityAlias, String binding)
@Autowired(required=false) @Qualifier(value="samlWebSSOProcessingFilter") public void setSamlWebSSOFilter(SAMLProcessingFilter samlWebSSOFilter)
@Autowired(required=false) @Qualifier(value="samlWebSSOHoKProcessingFilter") public void setSamlWebSSOHoKFilter(SAMLWebSSOHoKProcessingFilter samlWebSSOHoKFilter)
@Autowired(required=false) public void setSamlLogoutProcessingFilter(SAMLLogoutProcessingFilter samlLogoutProcessingFilter)
@Autowired(required=false) public void setSamlEntryPoint(SAMLEntryPoint samlEntryPoint)
public boolean isRequestSigned()
public void setRequestSigned(boolean requestSigned)
public boolean isWantAssertionSigned()
public void setWantAssertionSigned(boolean wantAssertionSigned)
public Collection<String> getNameID()
public void setNameID(Collection<String> nameID)
public String getEntityBaseURL()
public void setEntityBaseURL(String entityBaseURL)
@Autowired public void setKeyManager(KeyManager keyManager)
public void setId(String id)
public String getId()
public void setEntityId(String entityId)
public String getEntityId()
public Collection<String> getBindingsSSO()
public void setBindingsSSO(Collection<String> bindingsSSO)
bindingsSSO
- bindings for web single sign-onpublic Collection<String> getBindingsSLO()
public void setBindingsSLO(Collection<String> bindingsSLO)
bindingsSLO
- bindings for single logoutpublic Collection<String> getBindingsHoKSSO()
public void setBindingsHoKSSO(Collection<String> bindingsHoKSSO)
bindingsHoKSSO
- bindings for web single sign-on holder-of-keypublic boolean isIncludeDiscoveryExtension()
public void setIncludeDiscoveryExtension(boolean includeDiscoveryExtension)
includeDiscoveryExtension
- flag indicating whether IDP discovery should be enabledpublic int getAssertionConsumerIndex()
public void setAssertionConsumerIndex(int assertionConsumerIndex)
assertionConsumerIndex
- assertion consumer index of service to mark as defaultprotected boolean isIncludeDiscovery()
protected String getDiscoveryURL(String entityBaseURL, String entityAlias)
entityBaseURL
- base URL for generation of endpointsentityAlias
- alias of entity, or null when there's no alias requiredprotected String getDiscoveryResponseURL(String entityBaseURL, String entityAlias)
entityBaseURL
- base URL for generation of endpointsentityAlias
- alias of entity, or null when there's no alias requiredprotected String getSigningKey()
protected String getEncryptionKey()
protected String getTLSKey()
protected String getEntityAlias()
public ExtendedMetadata getExtendedMetadata()
public void setExtendedMetadata(ExtendedMetadata extendedMetadata)
extendedMetadata
- default extended metadata or null