Package com.sun.identity.saml2.assertion.impl

Class AssertionImpl

  • All Implemented Interfaces:
    Assertion
    public class AssertionImpl
extends Object
implements Assertion
    The Assertion element is a package of information that supplies one or more Statement made by an issuer. There are three kinds of assertions: Authentication, Authorization Decision, and Attribute assertions.

    • Field Detail

      • ASSERTION_ELEMENT

        public static String ASSERTION_ELEMENT

      • ASSERTION_VERSION_ATTR

        public static String ASSERTION_VERSION_ATTR

      • ASSERTION_ID_ATTR

        public static String ASSERTION_ID_ATTR

      • ASSERTION_ISSUEINSTANT_ATTR

        public static String ASSERTION_ISSUEINSTANT_ATTR

      • XSI_TYPE_ATTR

        public static String XSI_TYPE_ATTR

      • ASSERTION_ISSUER

        public static String ASSERTION_ISSUER

      • ASSERTION_SIGNATURE

        public static String ASSERTION_SIGNATURE

      • ASSERTION_SUBJECT

        public static String ASSERTION_SUBJECT

      • ASSERTION_CONDITIONS

        public static String ASSERTION_CONDITIONS

      • ASSERTION_ADVICE

        public static String ASSERTION_ADVICE

      • ASSERTION_STATEMENT

        public static String ASSERTION_STATEMENT

      • ASSERTION_AUTHNSTATEMENT

        public static String ASSERTION_AUTHNSTATEMENT

      • ASSERTION_AUTHZDECISIONSTATEMENT

        public static String ASSERTION_AUTHZDECISIONSTATEMENT

      • ASSERTION_ATTRIBUTESTATEMENT

        public static String ASSERTION_ATTRIBUTESTATEMENT

    • Constructor Detail

      • AssertionImpl

        public AssertionImpl()
        Default constructor

      • AssertionImpl

        public AssertionImpl​(String xml)
              throws SAML2Exception
        This constructor is used to build Assertion object from a XML string.
        Parameters:
        xml - A java.lang.String representing a Assertion object
        Throws:
        SAML2Exception - if it could not process the XML string

      • AssertionImpl

        public AssertionImpl​(Element element)
              throws SAML2Exception
        This constructor is used to build Assertion object from a block of existing XML that has already been built into a DOM.
        Parameters:
        element - A org.w3c.dom.Element representing DOM tree for Assertion object
        Throws:
        SAML2Exception - if it could not process the Element

    • Method Detail

      • getVersion

        public String getVersion()
        Returns the version number of the assertion.
        Specified by:
        getVersion in interface Assertion
        Returns:
        The version number of the assertion.

      • setVersion

        public void setVersion​(String version)
                throws SAML2Exception
        Sets the version number of the assertion.
        Specified by:
        setVersion in interface Assertion
        Parameters:
        version - the version number.
        Throws:
        SAML2Exception - if the object is immutable

      • getIssueInstant

        public Date getIssueInstant()
        Returns the time when the assertion was issued
        Specified by:
        getIssueInstant in interface Assertion
        Returns:
        the time of the assertion issued

      • setIssueInstant

        public void setIssueInstant​(Date issueInstant)
                     throws SAML2Exception
        Set the time when the assertion was issued
        Specified by:
        setIssueInstant in interface Assertion
        Parameters:
        issueInstant - the issue time of the assertion
        Throws:
        SAML2Exception - if the object is immutable

      • getSubject

        public Subject getSubject()
        Returns the subject of the assertion
        Specified by:
        getSubject in interface Assertion
        Returns:
        the subject of the assertion

      • getAdvice

        public Advice getAdvice()
        Returns the advice of the assertion
        Specified by:
        getAdvice in interface Assertion
        Returns:
        the advice of the assertion

      • getSignature

        public String getSignature()
        Returns the signature of the assertion
        Specified by:
        getSignature in interface Assertion
        Returns:
        the signature of the assertion

      • getConditions

        public Conditions getConditions()
        Returns the conditions of the assertion
        Specified by:
        getConditions in interface Assertion
        Returns:
        the conditions of the assertion

      • getID

        public String getID()
        Returns the id of the assertion
        Specified by:
        getID in interface Assertion
        Returns:
        the id of the assertion

      • getStatements

        public List<Object> getStatements()
        Returns the statements of the assertion
        Specified by:
        getStatements in interface Assertion
        Returns:
        the statements of the assertion

      • getIssuer

        public Issuer getIssuer()
        Returns the issuer of the assertion
        Specified by:
        getIssuer in interface Assertion
        Returns:
        the issuer of the assertion

      • isSigned

        public boolean isSigned()
        Return whether the assertion is signed
        Specified by:
        isSigned in interface Assertion
        Returns:
        true if the assertion is signed; false otherwise.

      • isSignatureValid

        public boolean isSignatureValid​(Set<X509Certificate> verificationCerts)
                         throws SAML2Exception
        Description copied from interface: Assertion
        Return whether the signature is valid or not.
        Specified by:
        isSignatureValid in interface Assertion
        Parameters:
        verificationCerts - Certificates containing the public keys which may be used for signature verification; This certificate may also may be used to check against the certificate included in the signature.
        Returns:
        true if the signature is valid; false otherwise.
        Throws:
        SAML2Exception - if the signature could not be verified

      • sign

        public void sign​(PrivateKey privateKey,
                 X509Certificate cert)
          throws SAML2Exception
        Sign the Assertion.
        Specified by:
        sign in interface Assertion
        Parameters:
        privateKey - Signing key
        cert - Certificate which contain the public key correlated to the signing key; It if is not null, then the signature will include the certificate; Otherwise, the signature will not include any certificate
        Throws:
        SAML2Exception - if it could not sign the assertion.

      • encrypt

        public EncryptedAssertion encrypt​(Key recipientPublicKey,
                                  String dataEncAlgorithm,
                                  int dataEncStrength,
                                  String recipientEntityID)
                           throws SAML2Exception
        Returns an EncryptedAssertion object.
        Specified by:
        encrypt in interface Assertion
        Parameters:
        recipientPublicKey - Public key used to encrypt the data encryption (secret) key, it is the public key of the recipient of the XML document to be encrypted.
        dataEncAlgorithm - Data encryption algorithm.
        dataEncStrength - Data encryption strength.
        recipientEntityID - Unique identifier of the recipient, it is used as the index to the cached secret key so that the key can be reused for the same recipient; It can be null in which case the secret key will be generated every time and will not be cached and reused. Note that the generation of a secret key is a relatively expensive operation.
        Returns:
        EncryptedAssertion object
        Throws:
        SAML2Exception - if error occurs during the encryption process.

      • isTimeValid

        public boolean isTimeValid()
        Gets the validity of the assertion evaluating its conditions if specified.
        Specified by:
        isTimeValid in interface Assertion
        Returns:
        false if conditions is invalid based on it lying between NotBefore (current time inclusive) and NotOnOrAfter (current time exclusive) values and true otherwise or if no conditions specified.

      • toXMLString

        public String toXMLString​(boolean includeNSPrefix,
                          boolean declareNS)
                   throws SAML2Exception
        Returns a String representation
        Specified by:
        toXMLString in interface Assertion
        Parameters:
        includeNSPrefix - Determines whether or not the namespace qualifier is prepended to the Element when converted
        declareNS - Determines whether or not the namespace is declared within the Element.
        Returns:
        A String representation
        Throws:
        SAML2Exception - if something is wrong during conversion

      • makeImmutable

        public void makeImmutable()
        Makes the object immutable
        Specified by:
        makeImmutable in interface Assertion

      • isMutable

        public boolean isMutable()
        Returns true if the object is mutable
        Specified by:
        isMutable in interface Assertion
        Returns:
        true if the object is mutable