reformat using eclipse's autoformatter. now if i could only make eclipse's indentatio...
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / authn / Saml2LoginContext.java
1 /*
2  * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package edu.internet2.middleware.shibboleth.idp.authn;
18
19 import java.util.List;
20 import java.util.LinkedList;
21
22 import org.apache.log4j.Logger;
23
24 import org.opensaml.saml2.core.AuthnContextClassRef;
25 import org.opensaml.saml2.core.AuthnContextDeclRef;
26 import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
27 import org.opensaml.saml2.core.AuthnRequest;
28 import org.opensaml.saml2.core.RequestedAuthnContext;
29
30 /**
31  * A SAML 2.0 {@link LoginContext}.
32  * 
33  * This class can interpret {@link RequestedAuthnContext} and act accordingly.
34  */
35 public class Saml2LoginContext extends LoginContext {
36
37         private static final Logger log = Logger.getLogger(Saml2LoginContext.class);
38
39         /** The {@link RequestedAuthnContext} */
40         private RequestedAuthnContext ctx;
41
42         /**
43          * Creates a new instance of Saml2LoginContext.
44          * 
45          * @param authnRequest
46          *            A SAML 2.0 Authentication Request.
47          */
48         public Saml2LoginContext(AuthnRequest authnRequest) {
49
50                 if (authnRequest != null) {
51                         forceAuth = authnRequest.isForceAuthn();
52                         passiveAuth = authnRequest.isPassive();
53                         ctx = authnRequest.getRequestedAuthnContext();
54                 }
55         }
56
57         /**
58          * This method evaluates a SAML2 {@link RequestedAuthnContext} and returns
59          * the list of requested authentication method URIs.
60          * 
61          * If the AuthnQuery did not contain a RequestedAuthnContext, this method
62          * will return <code>null</code>.
63          * 
64          * @return An array of authentication method URIs, or <code>null</code>.
65          */
66         public String[] getRequestedAuthenticationMethods() {
67
68                 if (ctx == null)
69                         return null;
70
71                 // For the immediate future, we only support the "exact" comparator.
72                 // XXX: we should probably throw an exception or somehow indicate this
73                 // as an error to the caller.
74                 AuthnContextComparisonTypeEnumeration comparator = ctx.getComparison();
75                 if (comparator != null
76                                 && comparator != AuthnContextComparisonTypeEnumeration.EXACT) {
77                         log
78                                         .error("Unsupported comparision operator ( "
79                                                         + comparator
80                                                         + ") in RequestedAuthnContext. Only exact comparisions are supported.");
81                         return null;
82                 }
83
84                 // build a list of all requested authn classes and declrefs
85                 List<String> requestedAuthnMethods = new LinkedList<String>();
86                 List<AuthnContextClassRef> authnClasses = ctx
87                                 .getAuthnContextClassRefs();
88                 List<AuthnContextDeclRef> authnDeclRefs = ctx.getAuthnContextDeclRefs();
89
90                 if (authnClasses != null) {
91                         for (AuthnContextClassRef classRef : authnClasses) {
92                                 if (classRef != null) {
93                                         String s = classRef.getAuthnContextClassRef();
94                                         if (s != null) {
95                                                 requestedAuthnMethods.add(s);
96                                         }
97                                 }
98                         }
99                 }
100
101                 if (authnDeclRefs != null) {
102                         for (AuthnContextDeclRef declRef : authnDeclRefs) {
103                                 if (declRef != null) {
104                                         String s = declRef.getAuthnContextDeclRef();
105                                         if (s != null) {
106                                                 requestedAuthnMethods.add(s);
107                                         }
108                                 }
109                         }
110                 }
111
112                 if (requestedAuthnMethods.size() == 0) {
113                         return null;
114                 } else {
115                         String[] methods = new String[requestedAuthnMethods.size()];
116                         return requestedAuthnMethods.toArray(methods);
117                 }
118
119         }
120 }