001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: IDPAccountMapper.java,v 1.5 2008/06/25 05:47:51 qcheng Exp $
026 *
027 */
028
029
030package com.sun.identity.saml2.plugins;
031
032import com.sun.identity.saml2.assertion.NameID;
033import com.sun.identity.saml2.common.SAML2Exception;
034
035/**
036 * The interface <code>IDPAccountMapper</code> is used to map the
037 * local identities to the <code>SAML</code> protocol objects and
038 * also the vice versa for some of the protocols for e.g.
039 * <code>ManageNameIDRequest</code>.
040 * This mapper interface is used to map the identities only at the
041 * <code>SAMLAssertionProducer</code>, in otherwords, <code>SAML</code>
042 *  Provider as an <code>IdentityProvider</code>. The implementation of this
043 * interface will be used by the <code>SAML</code> framework to retrieve
044 * the user's account federation information for the constructing
045 * SAML protocol objects such as <code>Assertion</code> and also to
046 * find out the corresponding user account for the given SAML requests.
047 * The implementation of this interface may need to consider the
048 * deployment of the SAMLv2 plugin for example the <code>AccessManger</code>
049 * platform or the <code>FederationManager</code> platform.
050 * @see com.sun.identity.saml2.plugins.SPAccountMapper
051 *
052 * @supported.all.api
053 */
054public interface IDPAccountMapper {
055
056    /**
057     * Returns the user's <code>NameID</code>information that contains
058     * account federation with the corresponding remote and local entities.
059     * @param session Single Sign On session of the user.
060     * @param hostEntityID <code>EntityID</code> of the hosted provider.
061     * @param remoteEntityID <code>EntityID</code> of the remote provider.
062     * @param realm realm or the organization name that may be used to find
063     *        the user information.
064     * @param nameIDFormat <code>NameID</code> format.
065     * @return the <code>NameID</code> corresponding to the authenticated user.
066     * @exception SAML2Exception if any failure.
067     */
068    public com.sun.identity.saml2.assertion.NameID getNameID(
069        Object session,
070        java.lang.String hostEntityID,
071        java.lang.String remoteEntityID,
072        java.lang.String realm,
073        java.lang.String nameIDFormat
074    ) throws SAML2Exception;
075
076
077    /**
078     * Returns the user's disntinguished name or the universal ID for the
079     * corresponding  <code>SAML</code> <code>ManageNameIDRequest</code>.
080     * This method returns the universal ID or the DN based on the
081     * deployment of the SAMLv2 plugin base platform.
082     *
083     * @param manageNameIDRequest <code>SAML</code>
084     *   <code>ManageNameIDRequest</code> that needs to be mapped to the user.
085     * @param hostEntityID <code>EntityID</code> of the hosted provider.
086     * @param realm realm or the organization name that may be used to find
087     *        the user information.
088     * @return user's disntinguished name or the universal ID.
089     * @exception SAML2Exception if any failure.
090     */
091    public java.lang.String getIdentity(
092        com.sun.identity.saml2.protocol.ManageNameIDRequest manageNameIDRequest,
093        java.lang.String hostEntityID,
094        java.lang.String realm
095    ) throws SAML2Exception;
096
097    /**
098     * Returns the user's disntinguished name or the universal ID for the
099     * corresponding  <code>SAML</code> <code>NameID</code>.
100     * This method returns the universal ID or the DN based on the
101     * deployment of the SAMLv2 plugin base platform.
102     *
103     * @param nameID <code>SAML</code> <code>NameID</code> that needs to be
104     *     mapped to the user.
105     * @param hostEntityID <code>EntityID</code> of the hosted provider.
106     * @param remoteEntityID <code>EntityID</code> of the remote provider.
107     * @param realm realm or the organization name that may be used to find
108     *        the user information.
109     * @return user's disntinguished name or the universal ID.
110     * @exception SAML2Exception if any failure.
111     */
112    public String getIdentity(NameID nameID, String hostEntityID,
113        String remoteEntityID, String realm) throws SAML2Exception;
114}