Package org.forgerock.openam.sts.config.user

Class SAML2Config

  • @SupportedAll
public class SAML2Config
extends Object
    Encapsulates the configuration state necessary to produce SAML2 assertions. Each published rest-sts instance will encapsulate state to allow it to issue saml2 assertions for a single SP. Thus the spEntityId, and spAcsUrl (the url of the SP's assertion consumer service) are specified in this class. The signatureAlias corresponds to the IDP's signing key, and the encryptionKeyAlias could correspond to the SP's public key corresponding to the key used to encrypt the symmetric key used to encrypt assertion elements.

    • Method Detail

      • getNameIdFormat

        public String getNameIdFormat()
        Gets the name-id format.
        Returns:
        the name-id format.

      • getTokenLifetimeInSeconds

        public long getTokenLifetimeInSeconds()
        Gets the token lifetime (in seconds).
        Returns:
        the token lifetime.

      • getAttributeMap

        public Map<String,​String> getAttributeMap()
        Gets the attribute map.
        Returns:
        the attribute map.

      • getCustomConditionsProviderClassName

        public String getCustomConditionsProviderClassName()
        Gets the classname of the CustomConditionsProvider.
        Returns:
        the classname of the CustomConditionsProvider.

      • getCustomSubjectProviderClassName

        public String getCustomSubjectProviderClassName()
        Gets the classname of the CustomSubjectProvider.
        Returns:
        the classname of the CustomSubjectProvider.

      • getCustomAuthenticationStatementsProviderClassName

        public String getCustomAuthenticationStatementsProviderClassName()
        Gets the classname of the CustomAuthenticationStatementsProvider.
        Returns:
        the classname of the CustomAuthenticationStatementsProvider.

      • getCustomAttributeMapperClassName

        public String getCustomAttributeMapperClassName()
        Gets the classname of the CustomAttributeMapper.
        Returns:
        the classname of the CustomAttributeMapper.

      • getCustomAuthNContextMapperClassName

        public String getCustomAuthNContextMapperClassName()
        Gets the classname of the CustomAuthNContextMapper.
        Returns:
        the classname of the CustomAuthNContextMapper.

      • getCustomAttributeStatementsProviderClassName

        public String getCustomAttributeStatementsProviderClassName()
        Gets the classname of the CustomAttributeStatementsProvider.
        Returns:
        the classname of the CustomAttributeStatementsProvider.

      • getCustomAuthzDecisionStatementsProviderClassName

        public String getCustomAuthzDecisionStatementsProviderClassName()
        Gets the classname of the CustomAuthzDecisionStatementsProvider.
        Returns:
        the classname of the CustomAuthzDecisionStatementsProvider.

      • signAssertion

        public boolean signAssertion()
        Gets whether the assertion should be signed.
        Returns:
        whether the assertion should be signed.

      • encryptNameID

        public boolean encryptNameID()
        Gets whether the name-id should be encrypted.
        Returns:
        whether the name-id should be encrypted.

      • encryptAttributes

        public boolean encryptAttributes()
        Gets whether the attributes should be encrypted.
        Returns:
        whether the attributes should be encrypted.

      • encryptAssertion

        public boolean encryptAssertion()
        Gets whether the assertion should be encrypted.
        Returns:
        whether the assertion should be encrypted.

      • getEncryptionAlgorithm

        public String getEncryptionAlgorithm()
        Gets the encryption algorithm.
        Returns:
        the encryption algorithm.

      • getEncryptionAlgorithmStrength

        public int getEncryptionAlgorithmStrength()
        Gets the encryption algorithm strength.
        Returns:
        the encryption algorithm strength.

      • getKeyTransportAlgorithm

        public String getKeyTransportAlgorithm()
        Gets the key transport algorithm.
        Returns:
        The key transport algorithm.

      • getKeystoreFileName

        public String getKeystoreFileName()
        Gets the keystore filename.
        Returns:
        the keystore filename.

      • getKeystorePassword

        public byte[] getKeystorePassword()
        Gets the keystore password.
        Returns:
        they keystore password.

      • getSpEntityId

        public String getSpEntityId()
        Gets the SP entity id.
        Returns:
        the SP entity id.

      • getSpAcsUrl

        public String getSpAcsUrl()
        Gets the SP ACS url.
        Returns:
        the SP ACS url.

      • getEncryptionKeyAlias

        public String getEncryptionKeyAlias()
        Gets the encryption key alias.
        Returns:
        the encryption key alias.

      • getSignatureKeyAlias

        public String getSignatureKeyAlias()
        Gets the signature key alias.
        Returns:
        the signature key alias.

      • getSignatureKeyPassword

        public byte[] getSignatureKeyPassword()
        Gets the signature key password.
        Returns:
        the signature key password.

      • getIdpId

        public String getIdpId()
        Gets the Identity Provider id.
        Returns:
        the Identity Provider id.

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object

      • toJson

        public JsonValue toJson()
        Gets the JsonValue representation of the SAML2Config.
        Returns:
        The JsonValue representation of the SAML2Config.

      • toSmsJson

        public JsonValue toSmsJson()
        Gets the SMS JsonValue representation of the SAML2Config.
        Returns:
        The SMS JsonValue representation of the SAML2Config.

      • marshalToAttributeMap

        public Map<String,​Set<String>> marshalToAttributeMap()
        Marshals the SAML2Config into an attribute map
        Returns:
        a map containing the SAML2Config attributes.

      • marshalFromAttributeMap

        public static SAML2Config marshalFromAttributeMap​(Map<String,​Set<String>> smsAttributeMap)
        Marshals an attribute map into a SAML2Config
        Parameters:
        smsAttributeMap - the attribute map.
        Returns:
        a SAML2Config object.

      • getEmptySMSAttributeState

        public static Map<String,​Set<String>> getEmptySMSAttributeState()
        Returns an empty attribute map.
        Returns:
        an empty attribute map.