Package org.springframework.security.saml2.provider.service.web.metadata

Class RequestMatcherMetadataResponseResolver

java.lang.Object

org.springframework.security.saml2.provider.service.web.metadata.RequestMatcherMetadataResponseResolver

All Implemented Interfaces:

Saml2MetadataResponseResolver

Direct Known Subclasses:

RequestMatcherMetadataResponseResolver

public class RequestMatcherMetadataResponseResolver
extends Object
implements Saml2MetadataResponseResolver

An implementation of Saml2MetadataResponseResolver that identifies which RelyingPartyRegistrations to use with a RequestMatcher

Since:

6.1

Constructor Summary

Constructors

Constructor	Description
RequestMatcherMetadataResponseResolver(RelyingPartyRegistrationRepository registrations, Saml2MetadataResolver metadata)	Construct a RequestMatcherMetadataResponseResolver

Method Summary

Modifier and Type	Method	Description
Saml2MetadataResponse	resolve(jakarta.servlet.http.HttpServletRequest request)	Construct and serialize a relying party's SAML 2.0 metadata based on the given HttpServletRequest.
void	setMetadataFilename(String metadataFilename)	Sets the metadata filename template.
void	setRequestMatcher(RequestMatcher requestMatcher)	Use this RequestMatcher to identity which requests to generate metadata for.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

RequestMatcherMetadataResponseResolver

public RequestMatcherMetadataResponseResolver(RelyingPartyRegistrationRepository registrations,
 Saml2MetadataResolver metadata)

Construct a RequestMatcherMetadataResponseResolver

Parameters:

registrations - the source for relying party metadata

metadata - the strategy for converting RelyingPartyRegistrations into metadata

Method Details

resolve

public Saml2MetadataResponse resolve(jakarta.servlet.http.HttpServletRequest request)

Construct and serialize a relying party's SAML 2.0 metadata based on the given HttpServletRequest. Uses the configured RequestMatcher to identify the metadata request, including looking for any indicated registrationId.

If a registrationId is found in the request, it will attempt to use that, erroring if no RelyingPartyRegistration is found.

If no registrationId is found in the request, it will attempt to show all RelyingPartyRegistrations in an <md:EntitiesDescriptor>. To exercise this functionality, the provided RelyingPartyRegistrationRepository needs to implement Iterable.

Specified by:

resolve in interface Saml2MetadataResponseResolver

Parameters:

request - the HTTP request

Returns:

a Saml2MetadataResponse instance

Throws:

Saml2Exception - if the RequestMatcher specifies a non-existent registrationId

setRequestMatcher

public void setRequestMatcher(RequestMatcher requestMatcher)

Use this RequestMatcher to identity which requests to generate metadata for. By default, matches /saml2/metadata, /saml2/metadata/{registrationId}, /saml2/service-provider-metadata, and /saml2/service-provider-metadata/{registrationId}

Parameters:

requestMatcher - the RequestMatcher to use

setMetadataFilename

public void setMetadataFilename(String metadataFilename)

Sets the metadata filename template. If it contains the {registrationId} placeholder, it will be resolved as a random UUID if there are multiple RelyingPartyRegistrations. Otherwise, it will be replaced by the RelyingPartyRegistration's id.

The default value is saml-{registrationId}-metadata.xml

Parameters:

metadataFilename - metadata filename, must contain a {registrationId}