org.wso2.solutions.identity.sts
Class IdentityTokenIssuer

java.lang.Object
  extended by org.wso2.solutions.identity.sts.IdentityTokenIssuer
All Implemented Interfaces:
org.apache.rahas.TokenIssuer
Direct Known Subclasses:
OpenIDTokenIssuer

public class IdentityTokenIssuer
extends java.lang.Object
implements org.apache.rahas.TokenIssuer

This is the main token issuer implementation identity provider. Two types of credential mechanisms are supported:

Supported list of claims can be configured and the values of those supported claims will be obtained from the user store setup to work with the identity provider.


Field Summary
protected  IdentityProviderData ipData
           
static java.lang.String ISSUER_SELF
           
 
Constructor Summary
IdentityTokenIssuer()
           
 
Method Summary
protected  boolean checkIsValidTokenType(IdentityProviderData data)
           
protected  void createAttachedRef(org.apache.axiom.om.OMElement rstrElem, java.lang.String id)
          Create and add wst:AttachedReference element
protected  org.apache.axiom.om.OMElement createDisplayToken(org.apache.axiom.om.OMElement rstrElem, IdentityProviderData ipData)
          Create the DisplayToken element according to CardSpace specifications.
protected  org.apache.axiom.om.OMElement createRSTR(org.apache.rahas.RahasData data, java.util.Date notBefore, java.util.Date notAfter, org.apache.axiom.soap.SOAPEnvelope env, org.w3c.dom.Document doc, org.w3c.dom.Node assertionElem, java.lang.String assertionId, org.apache.ws.security.message.WSSecEncryptedKey encryptedKey)
          Create the wst:RequstedSecurityTokenRespoonse element.
protected  org.w3c.dom.Element createSAMLAssertionAsDOM(IdentityProviderData ipData, org.apache.rahas.RahasData rahasData, org.joda.time.DateTime notBefore, org.joda.time.DateTime notAfter, java.lang.String assertionId)
           
protected  void createUnattachedRef(org.apache.axiom.om.OMElement rstrElem, java.lang.String id)
          Create and add wst:UnattachedReference element
protected  IdentityProviderData getIdentityProviderData(org.apache.rahas.RahasData rahasData)
           
 java.lang.String getResponseAction(org.apache.rahas.RahasData data)
          
 org.apache.axiom.soap.SOAPEnvelope issue(org.apache.rahas.RahasData data)
          
 void setConfigurationElement(org.apache.axiom.om.OMElement configElement)
          
 void setConfigurationFile(java.lang.String configFile)
          
 void setConfigurationParamName(java.lang.String configParamName)
          
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ipData

protected IdentityProviderData ipData

ISSUER_SELF

public static final java.lang.String ISSUER_SELF
See Also:
Constant Field Values
Constructor Detail

IdentityTokenIssuer

public IdentityTokenIssuer()
Method Detail

getResponseAction

public java.lang.String getResponseAction(org.apache.rahas.RahasData data)
                                   throws org.apache.rahas.TrustException

Specified by:
getResponseAction in interface org.apache.rahas.TokenIssuer
Throws:
org.apache.rahas.TrustException

issue

public org.apache.axiom.soap.SOAPEnvelope issue(org.apache.rahas.RahasData data)
                                         throws org.apache.rahas.TrustException

Specified by:
issue in interface org.apache.rahas.TokenIssuer
Throws:
org.apache.rahas.TrustException

createRSTR

protected org.apache.axiom.om.OMElement createRSTR(org.apache.rahas.RahasData data,
                                                   java.util.Date notBefore,
                                                   java.util.Date notAfter,
                                                   org.apache.axiom.soap.SOAPEnvelope env,
                                                   org.w3c.dom.Document doc,
                                                   org.w3c.dom.Node assertionElem,
                                                   java.lang.String assertionId,
                                                   org.apache.ws.security.message.WSSecEncryptedKey encryptedKey)
                                            throws org.apache.rahas.TrustException,
                                                   org.opensaml.SAMLException,
                                                   IdentityProviderException
Create the wst:RequstedSecurityTokenRespoonse element.

Parameters:
data - WS-Trust information in the issue request
notBefore - Created time
notAfter - Expiration time
env - Response SOAP envelope
doc - org.w3.dom.Document instance of the response SOAP envelope
assertion - SAML Assertion to be sent in the response.
encryptedKey - Key used to encrypt the SAML assertion.
Returns:
wst:RequstedSecurityTokenRespoonse element.
Throws:
org.apache.rahas.TrustException
org.opensaml.SAMLException
IdentityProviderException

createAttachedRef

protected void createAttachedRef(org.apache.axiom.om.OMElement rstrElem,
                                 java.lang.String id)
Create and add wst:AttachedReference element

Parameters:
rstrElem - wst:RequestSecurityToken element
id - Token identifier

createUnattachedRef

protected void createUnattachedRef(org.apache.axiom.om.OMElement rstrElem,
                                   java.lang.String id)
Create and add wst:UnattachedReference element

Parameters:
rstrElem - wst:RequestSecurityToken element
id - Token identifier

createDisplayToken

protected org.apache.axiom.om.OMElement createDisplayToken(org.apache.axiom.om.OMElement rstrElem,
                                                           IdentityProviderData ipData)
                                                    throws IdentityProviderException
Create the DisplayToken element according to CardSpace specifications.

Parameters:
rahasData - Information from the WS-Trust request.
ipData - CardSpace specific meta-data for this issuance.
Returns:
The DisplayToken element.
Throws:
IdentityProviderException

setConfigurationElement

public void setConfigurationElement(org.apache.axiom.om.OMElement configElement)

Specified by:
setConfigurationElement in interface org.apache.rahas.TokenIssuer

setConfigurationFile

public void setConfigurationFile(java.lang.String configFile)

Specified by:
setConfigurationFile in interface org.apache.rahas.TokenIssuer

setConfigurationParamName

public void setConfigurationParamName(java.lang.String configParamName)

Specified by:
setConfigurationParamName in interface org.apache.rahas.TokenIssuer

getIdentityProviderData

protected IdentityProviderData getIdentityProviderData(org.apache.rahas.RahasData rahasData)
                                                throws java.lang.Exception
Throws:
java.lang.Exception

createSAMLAssertionAsDOM

protected org.w3c.dom.Element createSAMLAssertionAsDOM(IdentityProviderData ipData,
                                                       org.apache.rahas.RahasData rahasData,
                                                       org.joda.time.DateTime notBefore,
                                                       org.joda.time.DateTime notAfter,
                                                       java.lang.String assertionId)
                                                throws IdentityProviderException
Throws:
IdentityProviderException

checkIsValidTokenType

protected boolean checkIsValidTokenType(IdentityProviderData data)
                                 throws IdentityProviderException
Throws:
IdentityProviderException