Package com.avoka.fc.core.security
Class SAML2AttributesParser
java.lang.Object
com.avoka.fc.core.security.SAML2AttributesParser
Provides a SAML2 (Security Assertion Markup Language) attribute parser helper class for SSO Filter authentication token scripts.
- Since:
- 4.0.0
-
Field Summary
-
Constructor Summary
ConstructorDescriptionSAML2AttributesParser
(jakarta.servlet.http.HttpServletRequest request) Create a SAML2 Attribute parser from the given request. -
Method Summary
Modifier and TypeMethodDescriptionReturn the SAML2 attributes from a request containing the token.boolean
Returns true if the request has a SAML2 SAMLRequest or SAMLResponse request parameters.boolean
Deprecated.boolean
Validates the signature associated with the SAML2 Response.void
setFromSecurityManager
(SecurityManager securityManager) Set the configuration properties from the SecurityManager instead of setting individually.void
setGroupAttributeName
(String groupAttributeName) Sets the Group Attribute Name.void
setKeystoreData
(byte[] keystoreData) Sets the keystore that holds the private key and validationCertAliasvoid
setKeystorePassword
(String keystorePassword) Sets the keystore passwordvoid
setPrivateKeyAlias
(String privateKeyAlias) Sets the Private Key Alias for the keystorevoid
setPrivateKeyPassword
(String privateKeyPassword) Sets the Private Key Passwordvoid
setValidationCertData
(byte[] validatorCertData) Sets the certificate used for validating the SAML2 Signature
-
Field Details
-
REQUEST_PARAM_SAML_RESPONSE
Request param SAMLResponse- See Also:
-
-
Constructor Details
-
SAML2AttributesParser
public SAML2AttributesParser(jakarta.servlet.http.HttpServletRequest request) Create a SAML2 Attribute parser from the given request.- Parameters:
request
- - HttpServletRequest that contains the SAML Token (required)
-
-
Method Details
-
getSSOAuthenticationToken
Return the SAML2 attributes from a request containing the token. The map has 2 types of entries:- simple attributes like givenname are stored in the Map as String
- attributes such as groups are stored in the Map as List
SSOAuthenticationToken
will any parsed groups as SpringGrantedAuthority
s.- Returns:
- the ssoAuthenticationToken which contain a ssoAuthTokenAttributeMap
-
isValidSignature
public boolean isValidSignature()Validates the signature associated with the SAML2 Response. Note this does not check the signature of the assertions.- Returns:
- false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.
-
isValidSignatue
public boolean isValidSignatue()Deprecated.Validates the SAML2 Response.- Returns:
- false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.
-
setFromSecurityManager
Set the configuration properties from the SecurityManager instead of setting individually.- Parameters:
securityManager
- the security manager associated with this SSO (required)
-
setValidationCertData
public void setValidationCertData(byte[] validatorCertData) Sets the certificate used for validating the SAML2 Signature- Parameters:
validatorCertData
- byte[]
-
setKeystoreData
public void setKeystoreData(byte[] keystoreData) Sets the keystore that holds the private key and validationCertAlias- Parameters:
keystoreData
- byte[]
-
setKeystorePassword
Sets the keystore password- Parameters:
keystorePassword
- String
-
setPrivateKeyAlias
Sets the Private Key Alias for the keystore- Parameters:
privateKeyAlias
- String
-
setPrivateKeyPassword
Sets the Private Key Password- Parameters:
privateKeyPassword
- String
-
setGroupAttributeName
Sets the Group Attribute Name. If the SAML2 attribute parser has groupAttributeName configured then theSSOAuthenticationToken
will any parsed groups as SpringGrantedAuthority
s.- Parameters:
groupAttributeName
- String
-
hasSamlToken
public boolean hasSamlToken()Returns true if the request has a SAML2 SAMLRequest or SAMLResponse request parameters.- Returns:
- true if has a SAMLRequest or SAMLResponse request parameter
-