2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package edu.internet2.middleware.shibboleth.idp.profile;
19 import javax.servlet.ServletRequest;
20 import javax.servlet.ServletResponse;
22 import org.opensaml.common.IdentifierGenerator;
23 import org.opensaml.common.binding.MessageDecoder;
24 import org.opensaml.common.binding.MessageEncoder;
25 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
26 import org.opensaml.saml2.metadata.provider.MetadataProvider;
28 import edu.internet2.middleware.shibboleth.common.profile.AbstractProfileHandler;
29 import edu.internet2.middleware.shibboleth.common.profile.ProfileException;
30 import edu.internet2.middleware.shibboleth.common.profile.ProfileRequest;
31 import edu.internet2.middleware.shibboleth.common.profile.ProfileResponse;
32 import edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager;
33 import edu.internet2.middleware.shibboleth.idp.session.Session;
36 * Base class for SAML profile handlers.
38 public abstract class AbstractSAMLProfileHandler extends
39 AbstractProfileHandler<SAMLMDRelyingPartyConfigurationManager, Session> {
41 /** Generator of IDs which may be used for SAML assertions, requests, etc. */
42 private IdentifierGenerator idGenerator;
45 protected AbstractSAMLProfileHandler() {
47 idGenerator = new SecureRandomIdentifierGenerator();
51 * Gets an ID generator which may be used for SAML assertions, requests, etc.
53 * @return ID generator
55 public IdentifierGenerator getIdGenerator() {
60 * A convenience method for retrieving the SAML metadata provider from the relying party manager.
62 * @return the metadata provider or null
64 public MetadataProvider getMetadataProvider() {
65 SAMLMDRelyingPartyConfigurationManager rpcManager = getRelyingPartyConfigurationManager();
66 if (rpcManager != null) {
67 return rpcManager.getMetadataProvider();
74 * Populates the given message decoder with the profile handler's metadata provider.
78 @SuppressWarnings("unchecked")
79 protected void populateMessageDecoder(MessageDecoder<ServletRequest> decoder){
80 super.populateMessageDecoder(decoder);
81 decoder.setMetadataProvider(getMetadataProvider());
85 * Populates the given message encoder with the profile handler's metadata provider.
89 protected void populateMessageEncoder(MessageEncoder<ServletResponse> encoder) {
90 super.populateMessageEncoder(encoder);
91 encoder.setMetadataProvider(getMetadataProvider());
95 * Gets the message decoder to use in this query.
97 * @param request attribute request
99 * @return message decoder to use in this query
101 * @throws ProfileException thrown if a message decoder can not be created for the given request
103 protected abstract MessageDecoder<ServletRequest> getMessageDecoder(ProfileRequest<ServletRequest> request)
104 throws ProfileException;
107 * Gets the message encoder to use in this query.
109 * @param response attribute query response
111 * @return message encoder to use in this query
113 * @throws ProfileException thrown if a message encoder can not be created for the given request
115 protected abstract MessageEncoder<ServletResponse> getMessageEncoder(ProfileResponse<ServletResponse> response)
116 throws ProfileException;
119 * Gets the user's session ID from the current request.
121 * @param request current request
123 * @return user's session ID
125 protected abstract String getUserSessionId(ProfileRequest<ServletRequest> request);