package edu.internet2.middleware.shibboleth.artifact.provider;
+import java.net.URI;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.opensaml.SAMLAssertion;
import org.opensaml.artifact.Artifact;
import org.opensaml.artifact.SAMLArtifactType0001;
+import org.opensaml.artifact.SAMLArtifactType0002;
import org.opensaml.artifact.Util;
import edu.internet2.middleware.shibboleth.artifact.ArtifactMapper;
public abstract class BaseArtifactMapper implements ArtifactMapper {
private static Logger log = Logger.getLogger(BaseArtifactMapper.class.getName());
+ // TODO init from config
+ private URI type2SourceLocation;
private MessageDigest md;
public Artifact generateArtifact(SAMLAssertion assertion, RelyingParty relyingParty) {
- // TODO should the artifact type be configurable?
-
// Generate the artifact
Artifact artifact;
- synchronized (md) {
- artifact = new SAMLArtifactType0001(Util.generateSourceId(md, relyingParty.getIdentityProvider()
- .getProviderId()));
+
+ // If the relying party prefers type 2 and we have the proper data, use it
+ if (relyingParty.getPreferredArtifactType() == 2 && type2SourceLocation != null) {
+ synchronized (md) {
+ artifact = new SAMLArtifactType0002(Util.generateSourceId(md, relyingParty.getIdentityProvider()
+ .getProviderId()), type2SourceLocation);
+ }
+ // Else, use type 1
+ } else {
+ if (relyingParty.getPreferredArtifactType() == 2) {
+ log.warn("The relying party prefers Type 2 artifacts, but the mapper does not "
+ + "have a sourceLocation configured. Using Type 1.");
+ } else if (relyingParty.getPreferredArtifactType() != 1) {
+ log.warn("The relying party prefers Type " + relyingParty.getPreferredArtifactType()
+ + " artifacts, but the mapper does not " + "support this type. Using Type 1.");
+ }
+
+ synchronized (md) {
+ artifact = new SAMLArtifactType0001(Util.generateSourceId(md, relyingParty.getIdentityProvider()
+ .getProviderId()));
+ }
}
// Delegate adding to extenders
return wantsAssertionsSigned;
}
+ public int getPreferredArtifactType() {
+
+ // TODO make configurable
+ return 1;
+ }
+
/**
* Default identity provider implementation.
*
return wrapped.wantsAssertionsSigned();
}
+
+ public int getPreferredArtifactType() {
+
+ return wrapped.getPreferredArtifactType();
+ }
}
/**
return wrapped.wantsAssertionsSigned();
}
+
+ public int getPreferredArtifactType() {
+
+ return wrapped.getPreferredArtifactType();
+ }
}
/**