Package org.forgerock.am.saml2.impl

Class Saml2SsoResponseUtils

java.lang.Object
org.forgerock.am.saml2.impl.Saml2SsoResponseUtils
public class Saml2SsoResponseUtils extends Object
Utility methods for working with SAML2 SSO responses.
Since:
AM 7.0.0

  • Constructor Details

    • Saml2SsoResponseUtils

      @Inject public Saml2SsoResponseUtils(com.sun.identity.saml2.meta.SAML2MetaManager metaManager)
      Constructor.
      Parameters:
      metaManager - The SAML2 metadata manager.

  • Method Details

    • readSaml2ResponseData

      public Saml2ResponseData readSaml2ResponseData(String storageKey) throws org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException
      Reads the SAML2 response data from the SAML SFO.
      Parameters:
      storageKey - The storage key used for the lookup.
      Returns:
      The SAML2 response data. May be null, if the response data could not be found.
      Throws:
      org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException - If there was an issue while retrieving the object from SAML SFO.

    • removeSaml2ResponseData

      public void removeSaml2ResponseData(String storageKey) throws org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException
      Removes the data associated with the specified key from the SAML Failover store.
      Parameters:
      storageKey - The storage key used for the lookup.
      Throws:
      org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException - If there was an issue in deleting the object from the store.

    • getSsoResultWithoutLocalLogin

      public Saml2SsoResult getSsoResultWithoutLocalLogin(Realm realm, String spEntityId, String idpEntityId, Subject subject, Assertion assertion, String storageKey) throws com.sun.identity.saml2.common.SAML2Exception
      Processes the received SAML2 response, without triggering local authentication.
      Parameters:
      realm - The realm the service provider belongs to.
      spEntityId - The service provider's entity ID.
      idpEntityId - The identity provider's entity ID.
      subject - The Assertion's subject.
      assertion - The SAML2 assertion.
      storageKey - The storage key used for cache operations.
      Returns:
      The SAML2 SSO authentication result.
      Throws:
      com.sun.identity.saml2.common.SAML2Exception - If there was an error while processing the SAML assertion.

    • mapSamlAttributes

      public Map<String,Set<String>> mapSamlAttributes(Realm realm, String spEntityId, String idpEntityId, Saml2SsoResult ssoResult, Assertion assertion) throws com.sun.identity.saml2.common.SAML2Exception
      Maps the SAML2 attributes from the assertion to local attribute values.
      Parameters:
      realm - The realm the service provider belongs to.
      spEntityId - The service provider's entity ID.
      idpEntityId - The identity provider's entity ID.
      ssoResult - The SAML2 SSO authentication's result.
      assertion - The SAML2 assertion.
      Returns:
      The mapped SAML2 attributes.
      Throws:
      com.sun.identity.saml2.common.SAML2Exception - If there was an issue while mapping the attributes.

    • linkAccounts

      public void linkAccounts(String nameIdInfo, String universalId) throws com.sun.identity.saml2.common.SAML2Exception
      Sets up a persistent link between the federated account and the local user.
      Parameters:
      nameIdInfo - The NameID received by the local service provider.
      universalId - The universal Id of the user.
      Throws:
      com.sun.identity.saml2.common.SAML2Exception - If there was an issue while persisting the account link.