java.lang.Object
- org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration

public class RelyingPartyRegistration
extends java.lang.Object

Represents a configured service provider, SP, and a remote identity provider, IDP, pair. Each SP/IDP pair is uniquely identified using a registrationId, an arbitrary string. A fully configured registration may look like

                //remote IDP entity ID
                String idpEntityId = "https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php";
                //remote WebSSO Endpoint - Where to Send AuthNRequests to
                String webSsoEndpoint = "https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/SSOService.php";
                //local registration ID
                String registrationId = "simplesamlphp";
                //local entity ID - autogenerated based on URL
                String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
                //local SSO URL - autogenerated, endpoint to receive SAML Response objects
                String acsUrlTemplate = "{baseUrl}/login/saml2/sso/{registrationId}";
                //local signing (and local decryption key and remote encryption certificate)
                Saml2X509Credential signingCredential = getSigningCredential();
                //IDP certificate for verification of incoming messages
                Saml2X509Credential idpVerificationCertificate = getVerificationCertificate();
                RelyingPartyRegistration rp = RelyingPartyRegistration.withRegistrationId(registrationId)
                                .remoteIdpEntityId(idpEntityId)
                                .idpWebSsoUrl(webSsoEndpoint)
                                .credentials(c -> c.add(signingCredential))
                                .credentials(c -> c.add(idpVerificationCertificate))
                                .localEntityIdTemplate(localEntityIdTemplate)
                                .assertionConsumerServiceUrlTemplate(acsUrlTemplate)
                                .build();

Since:: 5.2

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static class RelyingPartyRegistration.Builder

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`java.lang.String`	`getAssertionConsumerServiceUrlTemplate()`	returns the URL template for which ACS URL authentication requests should contain Possible variables are `baseUrl`, `registrationId`, `baseScheme`, `baseHost`, and `basePort`.
`java.util.List<Saml2X509Credential>`	`getCredentials()`	Returns a list of configured credentials to be used in message exchanges between relying party, SP, and asserting party, IDP.
`java.util.List<Saml2X509Credential>`	`getDecryptionCredentials()`
`java.util.List<Saml2X509Credential>`	`getEncryptionCredentials()`
`java.lang.String`	`getIdpWebSsoUrl()`	Contains the URL for which to send the SAML 2 Authentication Request to initiate a single sign on flow.
`java.lang.String`	`getLocalEntityIdTemplate()`	The local relying party, or Service Provider, can generate it's entity ID based on possible variables of `baseUrl`, `registrationId`, `baseScheme`, `baseHost`, and `basePort`, for example `{baseUrl}/saml2/service-provider-metadata/{registrationId}`
`java.lang.String`	`getRegistrationId()`	Returns the unique relying party registration ID
`java.lang.String`	`getRemoteIdpEntityId()`	Returns the entity ID of the IDP, the asserting party.
`java.util.List<Saml2X509Credential>`	`getSigningCredentials()`
`java.util.List<Saml2X509Credential>`	`getVerificationCredentials()`
`static RelyingPartyRegistration.Builder`	`withRegistrationId(java.lang.String registrationId)`	Creates a `RelyingPartyRegistration` `RelyingPartyRegistration.Builder` with a known `registrationId`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - getRemoteIdpEntityId
```
public java.lang.String getRemoteIdpEntityId()
```
    Returns the entity ID of the IDP, the asserting party.
    
    Returns:
    
    entity ID of the asserting party
  - getRegistrationId
```
public java.lang.String getRegistrationId()
```
    Returns the unique relying party registration ID
    
    Returns:
    
    registrationId
  - getAssertionConsumerServiceUrlTemplate
```
public java.lang.String getAssertionConsumerServiceUrlTemplate()
```
    returns the URL template for which ACS URL authentication requests should contain Possible variables are baseUrl, registrationId, baseScheme, baseHost, and basePort.
    
    Returns:
    
    string containing the ACS URL template, with or without variables present
  - getIdpWebSsoUrl
```
public java.lang.String getIdpWebSsoUrl()
```
    Contains the URL for which to send the SAML 2 Authentication Request to initiate a single sign on flow.
    
    Returns:
    
    a IDP URL that accepts REDIRECT or POST binding for authentication requests
  - getLocalEntityIdTemplate
```
public java.lang.String getLocalEntityIdTemplate()
```
    The local relying party, or Service Provider, can generate it's entity ID based on possible variables of baseUrl, registrationId, baseScheme, baseHost, and basePort, for example {baseUrl}/saml2/service-provider-metadata/{registrationId}
    
    Returns:
    
    a string containing the entity ID or entity ID template
  - getCredentials
```
public java.util.List<Saml2X509Credential> getCredentials()
```
    Returns a list of configured credentials to be used in message exchanges between relying party, SP, and asserting party, IDP.
    
    Returns:
    
    a list of credentials
  - getVerificationCredentials
```
public java.util.List<Saml2X509Credential> getVerificationCredentials()
```
    Returns:
    
    a filtered list containing only credentials of type Saml2X509Credential.Saml2X509CredentialType.VERIFICATION. Returns an empty list of credentials are not found
  - getSigningCredentials
```
public java.util.List<Saml2X509Credential> getSigningCredentials()
```
    Returns:
    
    a filtered list containing only credentials of type Saml2X509Credential.Saml2X509CredentialType.SIGNING. Returns an empty list of credentials are not found
  - getEncryptionCredentials
```
public java.util.List<Saml2X509Credential> getEncryptionCredentials()
```
    Returns:
    
    a filtered list containing only credentials of type Saml2X509Credential.Saml2X509CredentialType.ENCRYPTION. Returns an empty list of credentials are not found
  - getDecryptionCredentials
```
public java.util.List<Saml2X509Credential> getDecryptionCredentials()
```
    Returns:
    
    a filtered list containing only credentials of type Saml2X509Credential.Saml2X509CredentialType.DECRYPTION. Returns an empty list of credentials are not found
  - withRegistrationId
```
public static RelyingPartyRegistration.Builder withRegistrationId(java.lang.String registrationId)
```
    Creates a RelyingPartyRegistration RelyingPartyRegistration.Builder with a known registrationId
    
    Parameters:
    
    registrationId - a string identifier for the RelyingPartyRegistration
    
    Returns:
    
    Builder to create a RelyingPartyRegistration object

Class RelyingPartyRegistration

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getRemoteIdpEntityId

getRegistrationId

getAssertionConsumerServiceUrlTemplate

getIdpWebSsoUrl

getLocalEntityIdTemplate

getCredentials

getVerificationCredentials

getSigningCredentials

getEncryptionCredentials

getDecryptionCredentials

withRegistrationId