private boolean isSupportedNameIdFormat(String nameIdFormat) { if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get()) || nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()) || nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get()) || nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get())) { return true; } return false; }
/** * Holds essential information about an IDP for creating saml messages. * * @author [email protected] * @since Dec 10, 2008 */ public class IDPInfoHolder { private String subjectConfirmationMethod = JBossSAMLURIConstants.SUBJECT_CONFIRMATION_BEARER.get(); private String nameIDFormat = JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get(); private String nameIDFormatValue; private AssertionType assertion; private int assertionValidityDuration = 5; // 5 Minutes public int getAssertionValidityDuration() { return assertionValidityDuration; } public void setAssertionValidityDuration(int assertionValidityDuration) { this.assertionValidityDuration = assertionValidityDuration; } public String getSubjectConfirmationMethod() { return subjectConfirmationMethod; } public void setSubjectConfirmationMethod(String subjectConfirmationMethod) { this.subjectConfirmationMethod = subjectConfirmationMethod; } public String getNameIDFormat() { return nameIDFormat; } public void setNameIDFormat(String nameIDFormat) { this.nameIDFormat = nameIDFormat; } public String getNameIDFormatValue() { return nameIDFormatValue; } public void setNameIDFormatValue(String nameIDFormatValue) { this.nameIDFormatValue = nameIDFormatValue; } public AssertionType getAssertion() { return assertion; } public void setAssertion(AssertionType assertion) { this.assertion = assertion; } }
protected String getNameId( String nameIdFormat, ClientSessionModel clientSession, UserSessionModel userSession) { if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get())) { return userSession.getUser().getEmail(); } else if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get())) { // "G-" stands for "generated" Add this for the slight possibility of collisions. return "G-" + UUID.randomUUID().toString(); } else if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get())) { return getPersistentNameId(clientSession, userSession); } else if (nameIdFormat.equals(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.get())) { // TODO: Support for persistent NameID (pseudo-random identifier persisted in user object) return userSession.getUser().getUsername(); } else { return userSession.getUser().getUsername(); } }