/** {@inheritDoc} */ protected void processChildElement(XMLObject parentObject, XMLObject childObject) throws UnmarshallingException { SubjectConfirmation subjectConfirmation = (SubjectConfirmation) parentObject; if (childObject instanceof BaseID) { subjectConfirmation.setBaseID((BaseID) childObject); } else if (childObject instanceof NameID) { subjectConfirmation.setNameID((NameID) childObject); } else if (childObject instanceof EncryptedID) { subjectConfirmation.setEncryptedID((EncryptedID) childObject); } else if (childObject instanceof SubjectConfirmationData) { subjectConfirmation.setSubjectConfirmationData((SubjectConfirmationData) childObject); } else { super.processChildElement(parentObject, childObject); } }
/** * Create a SubjectConfirmation object * One of the following subject confirmation methods MUST be used: * urn:oasis:names:tc:SAML:2.0:cm:holder-of-key * urn:oasis:names:tc:SAML:2.0:cm:sender-vouches * urn:oasis:names:tc:SAML:2.0:cm:bearer * * @param method of type String * @param subjectConfirmationData of type SubjectConfirmationData * @return a SubjectConfirmation object */ @SuppressWarnings("unchecked") public static SubjectConfirmation createSubjectConfirmation( String method, SubjectConfirmationData subjectConfirmationData, NameID subjectConfirmationNameId ) { if (subjectConfirmationBuilder == null) { subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>) builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME); } SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject(); subjectConfirmation.setMethod(method); subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData); subjectConfirmation.setNameID(subjectConfirmationNameId); return subjectConfirmation; }
subject.getSubjectConfirmations().forEach(c -> c.setNameID(null));
final NameID decrypted = processEncryptedID(profileRequestContext, subject.getEncryptedID()); if (decrypted != null) { sc.setNameID(decrypted); sc.setEncryptedID(null);
/** * Encrypt any {@link NameID}s found in a subject and replace them with the result. * * @param subject subject to operate on * * @throws EncryptionException if an error occurs */ private void processSubject(@Nullable final Subject subject) throws EncryptionException { if (subject != null) { if (shouldEncrypt(subject.getNameID())) { log.debug("{} Encrypt NameID in Subject", getLogPrefix()); final EncryptedID encrypted = getEncrypter().encrypt(subject.getNameID()); subject.setEncryptedID(encrypted); subject.setNameID(null); } for (final SubjectConfirmation sc : subject.getSubjectConfirmations()) { if (shouldEncrypt(sc.getNameID())) { log.debug("{} Encrypt NameID in SubjectConfirmation", getLogPrefix()); final EncryptedID encrypted = getEncrypter().encrypt(sc.getNameID()); sc.setEncryptedID(encrypted); sc.setNameID(null); } } } }
SubjectConfirmation.DEFAULT_ELEMENT_NAME); sc.setMethod(SubjectConfirmation.METHOD_HOLDER_OF_KEY); sc.setNameID(nameID); sc.setSubjectConfirmationData(scData);