Package com.sun.identity.wss.sts

Class TrustAuthorityClient

  • public class TrustAuthorityClient
extends Object
    The class TrustAuthorityClient is a client API class that is used to obtain the Security Tokens from the trusted authority services such as Security Token Service (STS) or Liberty Discovery Service. In OpenAM, this client API is used as STS client API class that retrieves Security Tokens from STS service by making WS-Trust request and receiving WS-Trust response.

    • Field Detail

      • jars

        public static String[] jars
        The list of jar files to be loaded by FAMClassLoader.

    • Constructor Detail

      • TrustAuthorityClient

        public TrustAuthorityClient()
        Creates a new instance of TrustAuthorityClient.

    • Method Detail

      • getSecurityToken

        public SecurityToken getSecurityToken​(ProviderConfig pc,
                                      Object credential)
                               throws FAMSTSException
        Returns the SecurityToken for the web services client from a trusted authority, which is Security Token Service (STS). The web services client configuation and web service information is identified by the client provider configuration.
        Parameters:
        pc - Provider configuration of the web services client.
        credential - User's credential. The user's credential could be Single Sign-On Token or a SAML Assertion or any other object.
        Returns:
        SecurityToken security token for the web services consumer.
        Throws:
        FAMSTSException - if it's unable to retrieve security token.

      • getSecurityToken

        public SecurityToken getSecurityToken​(ProviderConfig pc,
                                      Object credential,
                                      jakarta.servlet.ServletContext context)
                               throws FAMSTSException
        Returns the SecurityToken for the web services client from a trusted authority, which is Security Token Service (STS). The web services client configuation and web service information is identified by the client provider configuration.
        Parameters:
        pc - Provider configuration of the web services client.
        credential - User's credential. The user's credential could be Single Sign-On Token or a SAML Assertion or any other object.
        context - Web context under which this class is running.
        Returns:
        SecurityToken security token for the web services consumer.
        Throws:
        FAMSTSException - if it's unable to retrieve security token.

      • getSecurityToken

        public SecurityToken getSecurityToken​(String wspEndPoint,
                                      String stsEndPoint,
                                      String stsMexEndPoint,
                                      Object credential,
                                      String securityMech,
                                      jakarta.servlet.ServletContext context)
                               throws FAMSTSException
        Returns the SecurityToken for the web services client from a trusted authority, which is Security Token Service (STS).
        Parameters:
        wspEndPoint - Web Service Provider end point.
        stsEndPoint - Security Token Service end point.
        stsMexEndPoint - Security Token Service MEX end point.
        credential - User's credential. The user's credential could be Single Sign-On Token or a SAML Assertion or any other object.
        securityMech - Required Security Mechanism by Web Service Client.
        context - web context under which this class is running.
        Returns:
        SecurityToken security token for the web services consumer.
        Throws:
        FAMSTSException - if it's unable to retrieve security token.

      • getSecurityToken

        public SecurityToken getSecurityToken​(String wspEndPoint,
                                      String stsEndPoint,
                                      String stsMexEndPoint,
                                      Object credential,
                                      String securityMech,
                                      String tokenType,
                                      jakarta.servlet.ServletContext context)
                               throws FAMSTSException
        Returns the SecurityToken for the web services client from a trusted authority, which is Security Token Service (STS).
        Parameters:
        wspEndPoint - Web Service Provider end point.
        stsEndPoint - Security Token Service end point.
        stsMexEndPoint - Security Token Service MEX end point.
        credential - User's credential. The user's credential could be Single Sign-On Token or a SAML Assertion or any other object.
        securityMech - Required Security Mechanism by Web Service Client.
        tokenType - the token type for the returned security token.
        context - web context under which this class is running.
        Returns:
        SecurityToken security token for the web services consumer.
        Throws:
        FAMSTSException - if it's unable to retrieve security token.

      • renewIssuedToken

        public SecurityToken renewIssuedToken​(SecurityToken securityToken,
                                      ProviderConfig pc,
                                      Object credential)
                               throws FAMSTSException
        Renews the issued security token that was obtained from previous interactions with Security Token Service (STS). This method applies only for the STS Tokens. In OpenAM, this method implementation is not supported.
        Parameters:
        securityToken - security token that needs to be renewed.
        pc - provider configuration of the web services client.
        credential - User's credential. The user's credential could be Single Sign-On Token or a SAML Assertion or any other object.
        Returns:
        SecurityToken security token for the web services consumer.
        Throws:
        FAMSTSException - if it's unable to renew security token or if the trust authority configuration is not of STS.

      • cancelIssuedToken

        public boolean cancelIssuedToken​(SecurityToken securityToken,
                                 ProviderConfig pc)
                          throws FAMSTSException
        Cancels the issued security token that was obtained from previous interactions with Security Token Service (STS). This method applies only for the STS Tokens. In OpenAM, this method implementation is not supported.
        Parameters:
        securityToken - security token that needs to be canceled.
        pc - provider configuration of the web services client.
        Returns:
        true if succeed in cancelling the issued token.
        Throws:
        FAMSTSException - if there is an exception in cancelling issued security token or if the trust authority configuration is not of STS.

      • getSecretKey

        public Key getSecretKey()
        Returns the secret key obtained as a proof token from STS. This is available only when the requested token type is symmetric.
        Returns:
        the secret key obtained from STS.