Package org.springframework.security.saml2.provider.service.registration

Class RelyingPartyRegistration

java.lang.Object
org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration
public final class RelyingPartyRegistration extends Object
Represents a configured relying party (aka Service Provider) and asserting party (aka Identity Provider) pair.

Each RP/AP pair is uniquely identified using a registrationId, an arbitrary string.

A fully configured registration may look like: 

        String registrationId = "simplesamlphp";

        String relyingPartyEntityId = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
        String assertionConsumerServiceLocation = "{baseUrl}/login/saml2/sso/{registrationId}";
        Saml2X509Credential relyingPartySigningCredential = ...;

        String assertingPartyEntityId = "https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php";
        String singleSignOnServiceLocation = "https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/SSOService.php";
        Saml2X509Credential assertingPartyVerificationCredential = ...;


        RelyingPartyRegistration rp = RelyingPartyRegistration.withRegistrationId(registrationId)
                        .entityId(relyingPartyEntityId)
                        .assertionConsumerServiceLocation(assertingConsumerServiceLocation)
                        .signingX509Credentials((c) -> c.add(relyingPartySigningCredential))
                        .assertingPartyDetails((details) -> details
                                .entityId(assertingPartyEntityId));
                                .singleSignOnServiceLocation(singleSignOnServiceLocation))
                                .verifyingX509Credentials((c) -> c.add(assertingPartyVerificationCredential))
                        .build();
Since:
5.2

  • Method Details

    • getRegistrationId

      public String getRegistrationId()
      Get the unique registration id for this RP/AP pair
      Returns:
      the unique registration id for this RP/AP pair

    • getEntityId

      public String getEntityId()
      Get the relying party's EntityID.

      Equivalent to the value found in the relying party's <EntityDescriptor EntityID="..."/>

      This value may contain a number of placeholders, which need to be resolved before use. They are baseUrl, registrationId, baseScheme, baseHost, and basePort.

      Returns:
      the relying party's EntityID
      Since:
      5.4

    • getAssertionConsumerServiceLocation

      public String getAssertionConsumerServiceLocation()
      Get the AssertionConsumerService Location. Equivalent to the value found in <AssertionConsumerService Location="..."/> in the relying party's <SPSSODescriptor>. This value may contain a number of placeholders, which need to be resolved before use. They are baseUrl, registrationId, baseScheme, baseHost, and basePort.
      Returns:
      the AssertionConsumerService Location
      Since:
      5.4

    • getAssertionConsumerServiceBinding

      public Saml2MessageBinding getAssertionConsumerServiceBinding()
      Get the AssertionConsumerService Binding. Equivalent to the value found in <AssertionConsumerService Binding="..."/> in the relying party's <SPSSODescriptor>.
      Returns:
      the AssertionConsumerService Binding
      Since:
      5.4

    • getSingleLogoutServiceBinding

      public Saml2MessageBinding getSingleLogoutServiceBinding()
      Get the SingleLogoutService Binding

      Equivalent to the value found in <SingleLogoutService Binding="..."/> in the relying party's <SPSSODescriptor>.

      Returns:
      the SingleLogoutService Binding
      Since:
      5.6

    • getSingleLogoutServiceBindings

      public Collection<Saml2MessageBinding> getSingleLogoutServiceBindings()
      Get the SingleLogoutService Binding

      Equivalent to the value found in <SingleLogoutService Binding="..."/> in the relying party's <SPSSODescriptor>.

      Returns:
      the SingleLogoutService Binding
      Since:
      5.8

    • getSingleLogoutServiceLocation

      public String getSingleLogoutServiceLocation()
      Get the SingleLogoutService Location

      Equivalent to the value found in <SingleLogoutService Location="..."/> in the relying party's <SPSSODescriptor>.

      Returns:
      the SingleLogoutService Location
      Since:
      5.6

    • getSingleLogoutServiceResponseLocation

      public String getSingleLogoutServiceResponseLocation()
      Get the SingleLogoutService Response Location

      Equivalent to the value found in <SingleLogoutService ResponseLocation="..."/> in the relying party's <SPSSODescriptor>.

      Returns:
      the SingleLogoutService Response Location
      Since:
      5.6

    • getNameIdFormat

      public String getNameIdFormat()
      Get the NameID format.
      Returns:
      the NameID format
      Since:
      5.7

    • getDecryptionX509Credentials

      public Collection<Saml2X509Credential> getDecryptionX509Credentials()
      Get the Collection of decryption Saml2X509Credentials associated with this relying party
      Returns:
      the Collection of decryption Saml2X509Credentials associated with this relying party
      Since:
      5.4

    • getSigningX509Credentials

      public Collection<Saml2X509Credential> getSigningX509Credentials()
      Get the Collection of signing Saml2X509Credentials associated with this relying party
      Returns:
      the Collection of signing Saml2X509Credentials associated with this relying party
      Since:
      5.4

    • getAssertingPartyDetails

      public RelyingPartyRegistration.AssertingPartyDetails getAssertingPartyDetails()
      Get the configuration details for the Asserting Party
      Returns:
      the RelyingPartyRegistration.AssertingPartyDetails
      Since:
      5.4

    • withRegistrationId

      public static RelyingPartyRegistration.Builder withRegistrationId(String registrationId)
      Creates a RelyingPartyRegistration RelyingPartyRegistration.Builder with a known registrationId
      Parameters:
      registrationId - a string identifier for the RelyingPartyRegistration
      Returns:
      Builder to create a RelyingPartyRegistration object

    • withAssertingPartyDetails

      public static RelyingPartyRegistration.Builder withAssertingPartyDetails(RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails)

    • withRelyingPartyRegistration

      public static RelyingPartyRegistration.Builder withRelyingPartyRegistration(RelyingPartyRegistration registration)
      Creates a RelyingPartyRegistration RelyingPartyRegistration.Builder based on an existing object
      Parameters:
      registration - the RelyingPartyRegistration
      Returns:
      Builder to create a RelyingPartyRegistration object