org.keycloak.broker.saml

Class SAMLIdentityProviderConfig

java.lang.Object

org.keycloak.models.IdentityProviderModel

org.keycloak.broker.saml.SAMLIdentityProviderConfig

All Implemented Interfaces:

Serializable

public class SAMLIdentityProviderConfig
extends IdentityProviderModel

Author:

Pedro Igor

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static String	ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO
static String	BACKCHANNEL_SUPPORTED
static XmlKeyInfoKeyNameTransformer	DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER
static String	ENCRYPTION_PUBLIC_KEY
static String	FORCE_AUTHN
static String	NAME_ID_POLICY_FORMAT
static String	POST_BINDING_AUTHN_REQUEST
static String	POST_BINDING_LOGOUT
static String	POST_BINDING_RESPONSE
static String	PRINCIPAL_ATTRIBUTE
static String	PRINCIPAL_TYPE
static String	SIGNATURE_ALGORITHM
static String	SIGNING_CERTIFICATE_KEY
static String	SINGLE_LOGOUT_SERVICE_URL
static String	SINGLE_SIGN_ON_SERVICE_URL
static String	VALIDATE_SIGNATURE
static String	WANT_ASSERTIONS_ENCRYPTED
static String	WANT_ASSERTIONS_SIGNED
static String	WANT_AUTHN_REQUESTS_SIGNED
static String	XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER

Fields inherited from class org.keycloak.models.IdentityProviderModel

addReadTokenRoleOnCreate, ALLOWED_CLOCK_SKEW, linkOnly, SYNC_MODE

Constructor Summary

Constructors

Constructor and Description
SAMLIdentityProviderConfig()
SAMLIdentityProviderConfig(IdentityProviderModel identityProviderModel)

Method Summary

Modifier and Type	Method and Description
void	addSigningCertificate(String signingCertificate)
int	getAllowedClockSkew()
String	getEncryptionPublicKey()
String	getNameIDPolicyFormat()
String	getPrincipalAttribute()
SamlPrincipalType	getPrincipalType()
String	getSignatureAlgorithm()
String	getSigningCertificate() Deprecated. Prefer getSigningCertificates()}
String[]	getSigningCertificates()
String	getSingleLogoutServiceUrl()
String	getSingleSignOnServiceUrl()
XmlKeyInfoKeyNameTransformer	getXmlSigKeyInfoKeyNameTransformer() Always returns non-null result.
boolean	isAddExtensionsElementWithKeyInfo()
boolean	isBackchannelSupported()
boolean	isForceAuthn()
boolean	isPostBindingAuthnRequest()
boolean	isPostBindingLogout()
boolean	isPostBindingResponse()
boolean	isValidateSignature()
boolean	isWantAssertionsEncrypted()
boolean	isWantAssertionsSigned()
boolean	isWantAuthnRequestsSigned()
void	setAddExtensionsElementWithKeyInfo(boolean addExtensionsElementWithKeyInfo)
void	setAllowedClockSkew(int allowedClockSkew)
void	setBackchannelSupported(boolean backchannel)
void	setEncryptionPublicKey(String encryptionPublicKey)
void	setForceAuthn(boolean forceAuthn)
void	setNameIDPolicyFormat(String nameIDPolicyFormat)
void	setPostBindingAuthnRequest(boolean postBindingAuthnRequest)
void	setPostBindingLogout(boolean postBindingLogout)
void	setPostBindingResponse(boolean postBindingResponse)
void	setPrincipalAttribute(String principalAttribute)
void	setPrincipalType(SamlPrincipalType principalType)
void	setSignatureAlgorithm(String signatureAlgorithm)
void	setSigningCertificate(String signingCertificate) Deprecated. Prefer addSigningCertificate(String)}
void	setSingleLogoutServiceUrl(String singleLogoutServiceUrl)
void	setSingleSignOnServiceUrl(String singleSignOnServiceUrl)
void	setValidateSignature(boolean validateSignature)
void	setWantAssertionsEncrypted(boolean wantAssertionsEncrypted)
void	setWantAssertionsSigned(boolean wantAssertionsSigned)
void	setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned)
void	setXmlSigKeyInfoKeyNameTransformer(XmlKeyInfoKeyNameTransformer xmlSigKeyInfoKeyNameTransformer)
void	validate(RealmModel realm) Validates this configuration.

Methods inherited from class org.keycloak.models.IdentityProviderModel

getAlias, getConfig, getDisplayName, getFirstBrokerLoginFlowId, getInternalId, getPostBrokerLoginFlowId, getProviderId, getSyncMode, isAddReadTokenRoleOnCreate, isAuthenticateByDefault, isEnabled, isLinkOnly, isStoreToken, isTrustEmail, setAddReadTokenRoleOnCreate, setAlias, setAuthenticateByDefault, setConfig, setDisplayName, setEnabled, setFirstBrokerLoginFlowId, setInternalId, setLinkOnly, setPostBrokerLoginFlowId, setProviderId, setStoreToken, setSyncMode, setTrustEmail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER

public static final XmlKeyInfoKeyNameTransformer DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER

ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO

public static final String ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO

See Also:

Constant Field Values

BACKCHANNEL_SUPPORTED

public static final String BACKCHANNEL_SUPPORTED

See Also:

Constant Field Values

ENCRYPTION_PUBLIC_KEY

public static final String ENCRYPTION_PUBLIC_KEY

See Also:

Constant Field Values

FORCE_AUTHN

public static final String FORCE_AUTHN

See Also:

Constant Field Values

NAME_ID_POLICY_FORMAT

public static final String NAME_ID_POLICY_FORMAT

See Also:

Constant Field Values

POST_BINDING_AUTHN_REQUEST

public static final String POST_BINDING_AUTHN_REQUEST

See Also:

Constant Field Values

POST_BINDING_LOGOUT

public static final String POST_BINDING_LOGOUT

See Also:

Constant Field Values

POST_BINDING_RESPONSE

public static final String POST_BINDING_RESPONSE

See Also:

Constant Field Values

SIGNATURE_ALGORITHM

public static final String SIGNATURE_ALGORITHM

See Also:

Constant Field Values

SIGNING_CERTIFICATE_KEY

public static final String SIGNING_CERTIFICATE_KEY

See Also:

Constant Field Values

SINGLE_LOGOUT_SERVICE_URL

public static final String SINGLE_LOGOUT_SERVICE_URL

See Also:

Constant Field Values

SINGLE_SIGN_ON_SERVICE_URL

public static final String SINGLE_SIGN_ON_SERVICE_URL

See Also:

Constant Field Values

VALIDATE_SIGNATURE

public static final String VALIDATE_SIGNATURE

See Also:

Constant Field Values

PRINCIPAL_TYPE

public static final String PRINCIPAL_TYPE

See Also:

Constant Field Values

PRINCIPAL_ATTRIBUTE

public static final String PRINCIPAL_ATTRIBUTE

See Also:

Constant Field Values

WANT_ASSERTIONS_ENCRYPTED

public static final String WANT_ASSERTIONS_ENCRYPTED

See Also:

Constant Field Values

WANT_ASSERTIONS_SIGNED

public static final String WANT_ASSERTIONS_SIGNED

See Also:

Constant Field Values

WANT_AUTHN_REQUESTS_SIGNED

public static final String WANT_AUTHN_REQUESTS_SIGNED

See Also:

Constant Field Values

XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER

public static final String XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER

See Also:

Constant Field Values

Constructor Detail

SAMLIdentityProviderConfig

public SAMLIdentityProviderConfig()

SAMLIdentityProviderConfig

public SAMLIdentityProviderConfig(IdentityProviderModel identityProviderModel)

Method Detail

getSingleSignOnServiceUrl

public String getSingleSignOnServiceUrl()

setSingleSignOnServiceUrl

public void setSingleSignOnServiceUrl(String singleSignOnServiceUrl)

getSingleLogoutServiceUrl

public String getSingleLogoutServiceUrl()

setSingleLogoutServiceUrl

public void setSingleLogoutServiceUrl(String singleLogoutServiceUrl)

isValidateSignature

public boolean isValidateSignature()

setValidateSignature

public void setValidateSignature(boolean validateSignature)

isForceAuthn

public boolean isForceAuthn()

setForceAuthn

public void setForceAuthn(boolean forceAuthn)

getSigningCertificate

public String getSigningCertificate()

Deprecated. Prefer getSigningCertificates()}

Parameters:

signingCertificate -

setSigningCertificate

public void setSigningCertificate(String signingCertificate)

Deprecated. Prefer addSigningCertificate(String)}

Parameters:

signingCertificate -

addSigningCertificate

public void addSigningCertificate(String signingCertificate)

getSigningCertificates

public String[] getSigningCertificates()

getNameIDPolicyFormat

public String getNameIDPolicyFormat()

setNameIDPolicyFormat

public void setNameIDPolicyFormat(String nameIDPolicyFormat)

isWantAuthnRequestsSigned

public boolean isWantAuthnRequestsSigned()

setWantAuthnRequestsSigned

public void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned)

isWantAssertionsSigned

public boolean isWantAssertionsSigned()

setWantAssertionsSigned

public void setWantAssertionsSigned(boolean wantAssertionsSigned)

isWantAssertionsEncrypted

public boolean isWantAssertionsEncrypted()

setWantAssertionsEncrypted

public void setWantAssertionsEncrypted(boolean wantAssertionsEncrypted)

isAddExtensionsElementWithKeyInfo

public boolean isAddExtensionsElementWithKeyInfo()

setAddExtensionsElementWithKeyInfo

public void setAddExtensionsElementWithKeyInfo(boolean addExtensionsElementWithKeyInfo)

getSignatureAlgorithm

public String getSignatureAlgorithm()

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)

getEncryptionPublicKey

public String getEncryptionPublicKey()

setEncryptionPublicKey

public void setEncryptionPublicKey(String encryptionPublicKey)

isPostBindingAuthnRequest

public boolean isPostBindingAuthnRequest()

setPostBindingAuthnRequest

public void setPostBindingAuthnRequest(boolean postBindingAuthnRequest)

isPostBindingResponse

public boolean isPostBindingResponse()

setPostBindingResponse

public void setPostBindingResponse(boolean postBindingResponse)

isPostBindingLogout

public boolean isPostBindingLogout()

setPostBindingLogout

public void setPostBindingLogout(boolean postBindingLogout)

isBackchannelSupported

public boolean isBackchannelSupported()

setBackchannelSupported

public void setBackchannelSupported(boolean backchannel)

getXmlSigKeyInfoKeyNameTransformer

public XmlKeyInfoKeyNameTransformer getXmlSigKeyInfoKeyNameTransformer()

Always returns non-null result.

Returns:

Configured ransformer of DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER if not set.

setXmlSigKeyInfoKeyNameTransformer

public void setXmlSigKeyInfoKeyNameTransformer(XmlKeyInfoKeyNameTransformer xmlSigKeyInfoKeyNameTransformer)

getAllowedClockSkew

public int getAllowedClockSkew()

setAllowedClockSkew

public void setAllowedClockSkew(int allowedClockSkew)

getPrincipalType

public SamlPrincipalType getPrincipalType()

setPrincipalType

public void setPrincipalType(SamlPrincipalType principalType)

getPrincipalAttribute

public String getPrincipalAttribute()

setPrincipalAttribute

public void setPrincipalAttribute(String principalAttribute)

validate

public void validate(RealmModel realm)

Description copied from class: IdentityProviderModel

Validates this configuration.

Sub-classes can override this method in order to enforce provider specific validations.

Overrides:

validate in class IdentityProviderModel

Parameters:

realm - the realm