public class RelyingPartyRegistration
extends java.lang.Object
registrationId
, an arbitrary string.
A fully configured registration may look like
//remote IDP entity ID String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php"; //remote WebSSO Endpoint - Where to Send AuthNRequests to String webSsoEndpoint = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php"; //local registration ID String registrationId = "simplesamlphp"; //local entity ID - autogenerated based on URL String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}"; //local SSO URL - autogenerated, endpoint to receive SAML Response objects String acsUrlTemplate = "{baseUrl}/login/saml2/sso/{registrationId}"; //local signing (and local decryption key and remote encryption certificate) Saml2X509Credential signingCredential = getSigningCredential(); //IDP certificate for verification of incoming messages Saml2X509Credential idpVerificationCertificate = getVerificationCertificate(); RelyingPartyRegistration rp = RelyingPartyRegistration.withRegistrationId(registrationId) .remoteIdpEntityId(idpEntityId) .idpWebSsoUrl(webSsoEndpoint) .credentials(c -> c.add(signingCredential)) .credentials(c -> c.add(idpVerificationCertificate)) .localEntityIdTemplate(localEntityIdTemplate) .assertionConsumerServiceUrlTemplate(acsUrlTemplate) .build();
Modifier and Type | Class and Description |
---|---|
static class |
RelyingPartyRegistration.Builder |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAssertionConsumerServiceUrlTemplate()
returns the URL template for which ACS URL authentication requests should contain
Possible variables are
baseUrl , registrationId ,
baseScheme , baseHost , and basePort . |
java.util.List<Saml2X509Credential> |
getCredentials()
Returns a list of configured credentials to be used in message exchanges between relying party, SP, and
asserting party, IDP.
|
java.util.List<Saml2X509Credential> |
getDecryptionCredentials() |
java.util.List<Saml2X509Credential> |
getEncryptionCredentials() |
java.lang.String |
getIdpWebSsoUrl()
Contains the URL for which to send the SAML 2 Authentication Request to initiate
a single sign on flow.
|
java.lang.String |
getLocalEntityIdTemplate()
The local relying party, or Service Provider, can generate it's entity ID based on
possible variables of
baseUrl , registrationId ,
baseScheme , baseHost , and basePort , for example
{baseUrl}/saml2/service-provider-metadata/{registrationId} |
java.lang.String |
getRegistrationId()
Returns the unique relying party registration ID
|
java.lang.String |
getRemoteIdpEntityId()
Returns the entity ID of the IDP, the asserting party.
|
java.util.List<Saml2X509Credential> |
getSigningCredentials() |
java.util.List<Saml2X509Credential> |
getVerificationCredentials() |
static RelyingPartyRegistration.Builder |
withRegistrationId(java.lang.String registrationId)
|
public java.lang.String getRemoteIdpEntityId()
public java.lang.String getRegistrationId()
public java.lang.String getAssertionConsumerServiceUrlTemplate()
baseUrl
, registrationId
,
baseScheme
, baseHost
, and basePort
.public java.lang.String getIdpWebSsoUrl()
public java.lang.String getLocalEntityIdTemplate()
baseUrl
, registrationId
,
baseScheme
, baseHost
, and basePort
, for example
{baseUrl}/saml2/service-provider-metadata/{registrationId}
public java.util.List<Saml2X509Credential> getCredentials()
public java.util.List<Saml2X509Credential> getVerificationCredentials()
Saml2X509Credential.Saml2X509CredentialType.VERIFICATION
.
Returns an empty list of credentials are not foundpublic java.util.List<Saml2X509Credential> getSigningCredentials()
Saml2X509Credential.Saml2X509CredentialType.SIGNING
.
Returns an empty list of credentials are not foundpublic java.util.List<Saml2X509Credential> getEncryptionCredentials()
Saml2X509Credential.Saml2X509CredentialType.ENCRYPTION
.
Returns an empty list of credentials are not foundpublic java.util.List<Saml2X509Credential> getDecryptionCredentials()
Saml2X509Credential.Saml2X509CredentialType.DECRYPTION
.
Returns an empty list of credentials are not foundpublic static RelyingPartyRegistration.Builder withRegistrationId(java.lang.String registrationId)
registrationId
- a string identifier for the RelyingPartyRegistration
Builder
to create a RelyingPartyRegistration
object