Class SADFactory
- java.lang.Object
-
- se.litsec.swedisheid.opensaml.saml2.signservice.SADFactory
-
public class SADFactory extends Object
A bean for building aSADobject and a signed JWT holding the SAD.- Author:
- Martin Lindström (martin.lindstrom@litsec.se)
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classSADFactory.SADBuilderA builder for creating a SAD and a signed SAD JWT.
-
Field Summary
Fields Modifier and Type Field Description static intDEFAULT_JWT_ID_SIZEThe default size for generated JWT identifiers (24)static StringDEFAULT_JWT_SIGNING_ALGORITHMThe name of the default JWT signature algorithm to be used (RS256).static StringDEFAULT_USER_ID_ATTRIBUTE_NAMEThe default attribute name for the user ID ("urn:oid:1.2.752.29.4.13").static intDEFAULT_VALIDITY_TIMEThe default validity time for a SAD (five minutes).
-
Constructor Summary
Constructors Constructor Description SADFactory(String idpEntityID, X509Credential signingCredential)Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringcreateJwt(SAD sad)Given a SAD, the method builds a JWT and signs it using the configured key.SADFactory.SADBuildergetBuilder()Returns a builder that allows building a SAD using a cascading builder pattern.voidsetJwtIdSize(int jwtIdSize)Assigns the size of generated JWT identifiers.voidsetJwtSigningAlgorithm(String jwtSigningAlgorithm)Assigns the JWT signature algorithm.voidsetUserIdAttributeName(String userIdAttributeName)Assigns the attribute name for the attribute holding the user ID.voidsetValidityTime(int seconds)Assigns the validity time for a SAD object (in seconds).
-
-
-
Field Detail
-
DEFAULT_VALIDITY_TIME
public static final int DEFAULT_VALIDITY_TIME
The default validity time for a SAD (five minutes).- See Also:
- Constant Field Values
-
DEFAULT_USER_ID_ATTRIBUTE_NAME
public static final String DEFAULT_USER_ID_ATTRIBUTE_NAME
The default attribute name for the user ID ("urn:oid:1.2.752.29.4.13").- See Also:
- Constant Field Values
-
DEFAULT_JWT_ID_SIZE
public static final int DEFAULT_JWT_ID_SIZE
The default size for generated JWT identifiers (24)- See Also:
- Constant Field Values
-
DEFAULT_JWT_SIGNING_ALGORITHM
public static final String DEFAULT_JWT_SIGNING_ALGORITHM
The name of the default JWT signature algorithm to be used (RS256).
-
-
Constructor Detail
-
SADFactory
public SADFactory(String idpEntityID, X509Credential signingCredential)
Constructor.- Parameters:
idpEntityID- the entityID of the issuing IdPsigningCredential- the IdP signature credential
-
-
Method Detail
-
getBuilder
public SADFactory.SADBuilder getBuilder()
Returns a builder that allows building a SAD using a cascading builder pattern.- Returns:
- a SAD builder
-
createJwt
public String createJwt(SAD sad) throws IOException, SignatureException
Given a SAD, the method builds a JWT and signs it using the configured key.Note: Only RSA keys are supported.
- Parameters:
sad- the SAD to include in the JWT- Returns:
- a signed JWT (encoded)
- Throws:
IOException- for JSON processing errorsSignatureException- for JWT signature errors- See Also:
SADFactory.SADBuilder.buildJwt()
-
setValidityTime
public void setValidityTime(int seconds)
Assigns the validity time for a SAD object (in seconds). The default isDEFAULT_VALIDITY_TIME.- Parameters:
seconds- validity time in seconds
-
setUserIdAttributeName
public void setUserIdAttributeName(String userIdAttributeName)
Assigns the attribute name for the attribute holding the user ID. Defaults toDEFAULT_USER_ID_ATTRIBUTE_NAME.- Parameters:
userIdAttributeName- attribute name (URI)
-
setJwtIdSize
public void setJwtIdSize(int jwtIdSize)
Assigns the size of generated JWT identifiers. The default isDEFAULT_JWT_ID_SIZE.- Parameters:
jwtIdSize- the size
-
setJwtSigningAlgorithm
public void setJwtSigningAlgorithm(String jwtSigningAlgorithm)
Assigns the JWT signature algorithm. The default isDEFAULT_JWT_SIGNING_ALGORITHM.- Parameters:
jwtSigningAlgorithm- JWT algorithm name
-
-