public class OpenSamlAuthenticationRequestFactory extends java.lang.Object implements Saml2AuthenticationRequestFactory
Constructor and Description |
---|
OpenSamlAuthenticationRequestFactory()
Creates an
OpenSamlAuthenticationRequestFactory |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
createAuthenticationRequest(Saml2AuthenticationRequest request)
Deprecated.
|
Saml2PostAuthenticationRequest |
createPostAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a POST binding.
|
Saml2RedirectAuthenticationRequest |
createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a REDIRECT binding.
|
void |
setAuthenticationRequestContextConverter(org.springframework.core.convert.converter.Converter<Saml2AuthenticationRequestContext,org.opensaml.saml.saml2.core.AuthnRequest> authenticationRequestContextConverter)
Set the
AuthnRequest post-processor resolver |
void |
setClock(java.time.Clock clock)
' Use this
Clock with Instant.now() for generating timestamps |
void |
setProtocolBinding(java.lang.String protocolBinding)
Deprecated.
|
public OpenSamlAuthenticationRequestFactory()
OpenSamlAuthenticationRequestFactory
@Deprecated public java.lang.String createAuthenticationRequest(Saml2AuthenticationRequest request)
Saml2AuthenticationRequestFactory
SAMLRequest
string
for the request, and for a complete set of data parameters please use
Saml2AuthenticationRequestFactory.createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
or
Saml2AuthenticationRequestFactory.createPostAuthenticationRequest(Saml2AuthenticationRequestContext)
createAuthenticationRequest
in interface Saml2AuthenticationRequestFactory
request
- information about the identity provider, the recipient of this
authentication request and accompanying datapublic Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context)
Saml2AuthenticationRequestFactory
Saml2AuthenticationRequestContext
doesn't contain any
Saml2X509Credential.Saml2X509CredentialType.SIGNING
credentials the result will not contain any
signatures. The data set will be signed and encoded for POST binding and if
applicable signed with XML signatures. will contain the following parameters to be
sent as part of the form data: SAMLRequest, RelayState
. The default
implementation of this method returns the SAMLRequest message with an XML signature
embedded, that should only be used for the Saml2MessageBinding.POST
binding.createPostAuthenticationRequest
in interface Saml2AuthenticationRequestFactory
context
- - information about the identity provider, the recipient of this
authentication request and accompanying dataSaml2PostAuthenticationRequest
object with applicable http
parameters necessary to make the AuthNRequest over a POST binding. All parameters
will be SAML encoded but not escaped for Form Data.public Saml2RedirectAuthenticationRequest createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext context)
Saml2AuthenticationRequestFactory
Saml2AuthenticationRequestContext
doesn't contain any
Saml2X509Credential.Saml2X509CredentialType.SIGNING
credentials the result will not contain any
signatures. The data set will be signed and encoded for REDIRECT binding including
the DEFLATE encoding. It will contain the following parameters to be sent as part
of the query string: SAMLRequest, RelayState, SigAlg, Signature
. The
default implementation, for sake of backwards compatibility, of this method returns
the SAMLRequest message with an XML signature embedded, that should only be used
for theSaml2MessageBinding.POST
binding, but works over
Saml2MessageBinding.POST
with most providers.createRedirectAuthenticationRequest
in interface Saml2AuthenticationRequestFactory
context
- - information about the identity provider, the recipient of this
authentication request and accompanying dataSaml2RedirectAuthenticationRequest
object with applicable http
parameters necessary to make the AuthNRequest over a POST or REDIRECT binding. All
parameters will be SAML encoded/deflated, but escaped, ie URI encoded or encoded
for Form Data.public void setAuthenticationRequestContextConverter(org.springframework.core.convert.converter.Converter<Saml2AuthenticationRequestContext,org.opensaml.saml.saml2.core.AuthnRequest> authenticationRequestContextConverter)
AuthnRequest
post-processor resolverauthenticationRequestContextConverter
- public void setClock(java.time.Clock clock)
Clock
with Instant.now()
for generating timestampsclock
- @Deprecated public void setProtocolBinding(java.lang.String protocolBinding)
RelyingPartyRegistration.Builder.assertionConsumerServiceBinding(Saml2MessageBinding)
insteadprotocolBinding
to use when generating authentication requests.
Acceptable values are SAMLConstants.SAML2_POST_BINDING_URI
and
SAMLConstants.SAML2_REDIRECT_BINDING_URI
The IDP will be reading this value
in the AuthNRequest
to determine how to send the Response/Assertion to the
ACS URL, assertion consumer service URL.protocolBinding
- either SAMLConstants.SAML2_POST_BINDING_URI
or
SAMLConstants.SAML2_REDIRECT_BINDING_URI
java.lang.IllegalArgumentException
- if the protocolBinding is not valid