Package com.sun.identity.saml2.profile

Class AttributeQueryUtil

  • public class AttributeQueryUtil
extends Object
    This class provides methods to send or process AttributeQuery.

    • Method Detail

      • sendAttributeQuery

        public static Response sendAttributeQuery​(AttributeQuery attrQuery,
                                          String attrAuthorityEntityID,
                                          String realm,
                                          String attrQueryProfile,
                                          String attrProfile,
                                          String binding)
                                   throws SAML2Exception
        Sends the AttributeQuery to specified attribute authority and returns Response coming from the attribute authority.
        Parameters:
        attrQuery - the AttributeQuery object
        attrAuthorityEntityID - entity ID of attribute authority
        realm - the realm of hosted entity
        attrQueryProfile - the attribute query profile or null to ignore
        attrProfile - the attribute profile
        binding - the binding
        Returns:
        the Response object
        Throws:
        SAML2Exception - if the operation is not successful

      • sendAttributeQuery

        public static void sendAttributeQuery​(AttributeQuery attrQuery,
                                      jakarta.servlet.http.HttpServletRequest request,
                                      jakarta.servlet.http.HttpServletResponse response,
                                      String attrAuthorityEntityID,
                                      String realm,
                                      String attrQueryProfile,
                                      String attrProfile,
                                      String binding)
                               throws SAML2Exception
        Sends the AttributeQuery to specified attribute authority and returns Response coming from the attribute authority.
        Parameters:
        attrQuery - the AttributeQuery object
        request - the HTTP Request
        response - the HTTP Response
        attrAuthorityEntityID - entity ID of attribute authority
        realm - the realm of hosted entity
        attrQueryProfile - the attribute query profile or null to ignore
        attrProfile - the attribute profile
        binding - the binding
        Throws:
        SAML2Exception - if the operation is not successful

      • processAttributeQuery

        public static Response processAttributeQuery​(AttributeQuery attrQuery,
                                             jakarta.servlet.http.HttpServletRequest request,
                                             jakarta.servlet.http.HttpServletResponse response,
                                             String attrAuthorityEntityID,
                                             String realm,
                                             String attrQueryProfileAlias)
                                      throws SAML2Exception
        Processes the AttributeQuery coming from a requester.
        Parameters:
        attrQuery - the AttributeQuery object
        request - the HttpServletRequest object
        response - the HttpServletResponse object
        attrAuthorityEntityID - entity ID of attribute authority
        realm - the realm of hosted entity
        attrQueryProfileAlias - the attribute query profile alias
        Returns:
        the Response object
        Throws:
        SAML2Exception - if the operation is not successful

      • getAttributeQueryProfile

        public static String getAttributeQueryProfile​(String attrQueryProfileAlias)
        Converts attribute query profile alias to attribute query profile.
        Parameters:
        attrQueryProfileAlias - attribute query profile alias
        Returns:
        attribute query profile

      • verifyAttrQuerySignature

        public static void verifyAttrQuerySignature​(AttributeQuery attrQuery,
                                            String attrAuthorityEntityID,
                                            String realm)
                                     throws SAML2Exception
        Checks if the attribute query signature is valid.
        Parameters:
        attrQuery - attribute query
        attrAuthorityEntityID - entity ID of attribute authority
        realm - the realm of hosted entity
        Throws:
        SAML2Exception - if the attribute query signature is not valid.

      • getAttributeMapForFedlet

        public static Map<String,​String> getAttributeMapForFedlet​(String spEntityID,
                                                                String idpEntityID,
                                                                String nameIDValue,
                                                                List<String> attrsList,
                                                                String attrQueryProfileAlias,
                                                                String subjectDN)
                                                         throws SAML2Exception
        Deprecated.
        Use getAttributesForFedlet(String, String, String, List, String, String)
        Sends the AttributeQuery to specified attribute authority, validates the response and returns the attribute map Map<String, String> to the Fedlet
        Parameters:
        spEntityID - SP entity ID
        idpEntityID - IDP entity ID
        nameIDValue - NameID value
        attrsList - The list of attributes whose values need to be fetched from IDP
        attrQueryProfileAlias - Attribute Query Profile Alias
        subjectDN - Attribute name which contains X.509 subject DN
        Returns:
        the Map object
        Throws:
        SAML2Exception - if the operation is not successful

      • getAttributesForFedlet

        public static Map<String,​Set<String>> getAttributesForFedlet​(String spEntityID,
                                                                   String idpEntityID,
                                                                   String nameIDValue,
                                                                   List<String> attrsList,
                                                                   String attrQueryProfileAlias,
                                                                   String subjectDN)
                                                            throws SAML2Exception
        Sends the AttributeQuery to specified attribute authority, validates the response and returns the attribute map Map<String, Set<String>> to the Fedlet
        Parameters:
        spEntityID - SP entity ID
        idpEntityID - IDP entity ID
        nameIDValue - NameID value
        attrsList - The list of attributes whose values need to be fetched from IDP
        attrQueryProfileAlias - Attribute Query Profile Alias
        subjectDN - Attribute name which contains X.509 subject DN
        Returns:
        the Map object
        Throws:
        SAML2Exception - if the operation is not successful