You create a token-processor implementation (for PingFederate 6.0 and higher) by implementing the TokenProcessor interface. The following Java packages are needed, at a minimum, for implementing this interface:

  • org.sourceid.saml20.adapter.attribute
  • org.sourceid.saml20.adapter.idp.authn
  • org.sourceid.saml20.adapter.gui
  • org.sourceid.saml20.adapter.conf
  • org.sourceid.wstrust.model
  • org.sourceid.wstrust.plugin
  • org.sourceid.wstrust.plugin.process
  • com.pingidentity.sdk

For each token-processor implementation, in addition to the methods described under Shared interfaces, you must define the method:

TokenContext processToken(T token)

PingFederate invokes the processToken() method during the processing of an STS request to perform necessary operations for determining the validity of a token. Type T must extend, at a minimum, the type SecurityToken. The type BinarySecurityToken is also available and may be used to represent custom security tokens that can be transported as Base64-encoded data.