Module iu.util.auth.config

Package edu.iu.auth.config

Interface IuSamlServiceProviderMetadata

All Superinterfaces:

IuSessionConfiguration

public interface IuSamlServiceProviderMetadata
extends IuSessionConfiguration

Provides client configuration metadata for interacting with an SAML authorization server.

The interface should be implemented by the application client module requiring authorization on behalf of an SAML identity provider.

Method Summary

Modifier and Type	Method	Description
Iterable<URI>	getAcsUris()	Gets the list of assertion Consumer URI
default Iterable<String>	getAllowedRange()	Gets allowed list of IP addresses to validate against SAML response
default Duration	getAuthenticatedSessionTimeout()	Gets the maximum length of time to allow an authenticated session to be remain active before requesting the provide re-establish credentials for the principal.
IuPrivateKeyPrincipal	getIdentity()	Gets the SAML Service Provider identity keys.
Set<String>	getIdentityProviderEntityIds()	Gets an ordered set of registered Identity Provider Entity IDs.
default Duration	getMetadataTtl()	Gets the maximum time interval to re-established metadata resolver typically measured in seconds.
Iterable<URI>	getMetadataUris()	Gets the SAML metadata URI to retrieve configure metadata file that is configured directly into the SAML provider by administrator
default String	getPrincipalNameAttribute()	Gets the name of the SAML Assertion Attribute that contains the principal name.
String	getServiceProviderEntityId()	Gets the Service Provider registered Entity ID.
default boolean	isFailOnAddressMismatch()	Gets whether to fail on address mismatch or not, true if required, false if not

Methods inherited from interface edu.iu.auth.config.IuSessionConfiguration

getInactiveTtl, getMaxSessionTtl, getResourceUris

Method Details

isFailOnAddressMismatch

default boolean isFailOnAddressMismatch()

Gets whether to fail on address mismatch or not, true if required, false if not

Returns:

failed on address mismatch

getAuthenticatedSessionTimeout

default Duration getAuthenticatedSessionTimeout()

Gets the maximum length of time to allow an authenticated session to be remain active before requesting the provide re-establish credentials for the principal.

Returns:

Duration, will be truncated to second

getMetadataTtl

default Duration getMetadataTtl()

Gets the maximum time interval to re-established metadata resolver typically measured in seconds. Once this interval is passed, metadata resolver will be re-established using metadata URIs.

Returns:

metadaaTtl Duration

getAllowedRange

default Iterable<String> getAllowedRange()

Gets allowed list of IP addresses to validate against SAML response

Returns:

allowed ranged of IP addresses

getMetadataUris

Iterable<URI> getMetadataUris()

Gets the SAML metadata URI to retrieve configure metadata file that is configured directly into the SAML provider by administrator

Returns:

metadata URL

getAcsUris

Iterable<URI> getAcsUris()

Gets the list of assertion Consumer URI

Returns:

allowed list of assertion consumer URI

getServiceProviderEntityId

String getServiceProviderEntityId()

Gets the Service Provider registered Entity ID.

Returns:

SP Entity ID

getIdentityProviderEntityIds

Set<String> getIdentityProviderEntityIds()

Gets an ordered set of registered Identity Provider Entity IDs.

The first entry in the set is the primary IDP for redirecting the user agent to for initiating sign-in

Returns:

IDP Entity ID

getIdentity

IuPrivateKeyPrincipal getIdentity()

Gets the SAML Service Provider identity keys.

Returns:

SAML SP identity keys

getPrincipalNameAttribute

default String getPrincipalNameAttribute()

Gets the name of the SAML Assertion Attribute that contains the principal name.

At least one assertion must include this attribute value.

Returns:

principal name attribute