Package org.forgerock.am.saml2.impl

Class Saml2SsoResponseUtils

java.lang.Object

org.forgerock.am.saml2.impl.Saml2SsoResponseUtils

public class Saml2SsoResponseUtils
extends Object

Utility methods for working with SAML2 SSO responses.

Since:

AM 7.0.0

Constructor Summary

Constructors

Constructor	Description
Saml2SsoResponseUtils(com.sun.identity.saml2.meta.SAML2MetaManager metaManager)	Constructor.

Method Summary

Modifier and Type	Method	Description
Saml2SsoResult	getSsoResultWithoutLocalLogin(Realm realm, String spEntityId, String idpEntityId, Subject subject, Assertion assertion, String storageKey)	Processes the received SAML2 response, without triggering local authentication.
void	linkAccounts(String nameIdInfo, String universalId)	Sets up a persistent link between the federated account and the local user.
Map<String,Set<String>>	mapSamlAttributes(Realm realm, String spEntityId, String idpEntityId, Saml2SsoResult ssoResult, Assertion assertion)	Maps the SAML2 attributes from the assertion to local attribute values.
org.forgerock.openam.saml2.SAMLData	readSAMLData(String storageKey)	Reads the SAML data from the SAML SFO.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Saml2SsoResponseUtils

@Inject
public Saml2SsoResponseUtils(com.sun.identity.saml2.meta.SAML2MetaManager metaManager)

Constructor.

Parameters:

metaManager - The SAML2 metadata manager.

Method Details

readSAMLData

public org.forgerock.openam.saml2.SAMLData readSAMLData(String storageKey)
                                                 throws org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException

Reads the SAML data from the SAML SFO.

Parameters:

storageKey - The storage key used for the lookup.

Returns:

The SAML data. May be null, if the data could not be found.

Throws:

org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException - If there was an issue while retrieving the object.

getSsoResultWithoutLocalLogin

public Saml2SsoResult getSsoResultWithoutLocalLogin(Realm realm,
 String spEntityId,
 String idpEntityId,
 Subject subject,
 Assertion assertion,
 String storageKey)
                                             throws SAML2Exception

Processes the received SAML2 response, without triggering local authentication.

Parameters:

realm - The realm the service provider belongs to.

spEntityId - The service provider's entity ID.

idpEntityId - The identity provider's entity ID.

subject - The Assertion's subject.

assertion - The SAML2 assertion.

storageKey - The storage key used for cache operations.

Returns:

The SAML2 SSO authentication result.

Throws:

SAML2Exception - If there was an error while processing the SAML assertion.

mapSamlAttributes

public Map<String,Set<String>> mapSamlAttributes(Realm realm,
 String spEntityId,
 String idpEntityId,
 Saml2SsoResult ssoResult,
 Assertion assertion)
                                          throws SAML2Exception

Maps the SAML2 attributes from the assertion to local attribute values.

Parameters:

realm - The realm the service provider belongs to.

spEntityId - The service provider's entity ID.

idpEntityId - The identity provider's entity ID.

ssoResult - The SAML2 SSO authentication's result.

assertion - The SAML2 assertion.

Returns:

The mapped SAML2 attributes.

Throws:

SAML2Exception - If there was an issue while mapping the attributes.

linkAccounts

public void linkAccounts(String nameIdInfo,
 String universalId)
                  throws SAML2Exception

Sets up a persistent link between the federated account and the local user.

Parameters:

nameIdInfo - The NameID received by the local service provider.

universalId - The universal Id of the user.

Throws:

SAML2Exception - If there was an issue while persisting the account link.