/** {@inheritDoc} */ @Override protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final AuthenticationContext authenticationContext) { if (!super.doPreExecute(profileRequestContext, authenticationContext)) { return false; } sessionCtx = sessionContextLookupStrategy.apply(profileRequestContext); if (sessionCtx == null || sessionCtx.getIdPSession() == null) { log.debug("{} No previous session found, nothing to do", getLogPrefix()); return false; } final SubjectCanonicalizationContext c14n = c14nContextLookupStrategy.apply(profileRequestContext); if (c14n == null || c14n.getPrincipalName() == null) { log.debug("{} Reusing identity from session, nothing to do", getLogPrefix()); return false; } newPrincipalName = c14n.getPrincipalName(); return true; }
/** {@inheritDoc} */ @Override public String apply(final ProfileRequestContext input) { if (input != null) { final SubjectCanonicalizationContext c14nContext = input.getSubcontext(SubjectCanonicalizationContext.class); if (c14nContext != null && c14nContext.getPrincipalName() != null) { return c14nContext.getPrincipalName(); } final SessionContext sessionContext = input.getSubcontext(SessionContext.class); if (sessionContext != null && sessionContext.getIdPSession() != null) { return sessionContext.getIdPSession().getPrincipalName(); } } return null; }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final SubjectCanonicalizationContext c14nContext) { final Set<NameIDPrincipal> nameIDs = c14nContext.getSubject().getPrincipals(NameIDPrincipal.class); final NameID nameID = nameIDs.iterator().next().getNameID(); try { c14nContext.setPrincipalName(decoder.decode(c14nContext, nameID)); if (c14nContext.getPrincipalName() == null) { ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT); } } catch (final NameDecoderException e) { c14nContext.setException(e); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.SUBJECT_C14N_ERROR); } }
/** {@inheritDoc} */ @Override protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext, @Nonnull final SubjectCanonicalizationContext c14nContext) { final Set<NameIdentifierPrincipal> nameIdentifiers = c14nContext.getSubject().getPrincipals(NameIdentifierPrincipal.class); final NameIdentifier nameIdentifier = nameIdentifiers.iterator().next().getNameIdentifier(); try { c14nContext.setPrincipalName(decoder.decode(c14nContext, nameIdentifier)); if (c14nContext.getPrincipalName() == null) { ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT); } } catch (final NameDecoderException e) { c14nContext.setException(e); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.SUBJECT_C14N_ERROR); } }
/** {@inheritDoc} */ @Override protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) { final SubjectCanonicalizationContext c14nCtx = profileRequestContext.getSubcontext(SubjectCanonicalizationContext.class); if (c14nCtx == null) { log.debug("{} No SubjectCanonicalizationContext available", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT_C14N_CTX); return false; } canonicalPrincipalName = c14nCtx.getPrincipalName(); profileRequestContext.removeSubcontext(c14nCtx); if (canonicalPrincipalName == null) { log.debug("{} No principal name in SubjectCanonicalizationContext", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT_C14N_CTX); return false; } return super.doPreExecute(profileRequestContext); }
/** {@inheritDoc} */ protected boolean doPreExecute(final ProfileRequestContext profileRequestContext) { if (!super.doPreExecute(profileRequestContext)) { return false; } final SubjectCanonicalizationContext c14nContext = profileRequestContext.getSubcontext(SubjectCanonicalizationContext.class); if (c14nContext == null) { log.warn("{} SubjectCanonicalizationContext was missing", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT_C14N_CTX); return false; } principalName = c14nContext.getPrincipalName(); if (principalName == null) { log.warn("{} SubjectCanonicalizationContext principal name was null", getLogPrefix()); ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_SUBJECT_C14N_CTX); return false; } log.debug("{} Subject c14n from inbound delegated Assertion token produced principal name: {}", getLogPrefix(), principalName); return true; }
profileRequestContext.getSubcontext(SubjectCanonicalizationContext.class); if (c14nCtx != null) { canonicalPrincipalName = c14nCtx.getPrincipalName(); profileRequestContext.removeSubcontext(c14nCtx); log.debug("{} Canonical principal name was established as '{}'", getLogPrefix(), canonicalPrincipalName);