001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: IDPAuthnContextMapper.java,v 1.6 2008/06/25 05:47:51 qcheng Exp $
026 *
027 */
028
029
030package com.sun.identity.saml2.plugins;
031
032import java.util.List;
033
034import com.sun.identity.saml2.assertion.AuthnContext;
035import com.sun.identity.saml2.common.SAML2Exception;
036import com.sun.identity.saml2.protocol.AuthnRequest;
037
038/** 
039 * The interface <code>IDPAuthnContextMapper</code> creates an
040 * <code>IDPAuthnContextInfo<code> based on the RequestAuthnContext from
041 * the AuthnRequest sent by a Service Provider and the AuthnContext
042 * configuration at the IDP entity config.
043 * The implementation of this class will be used by the IDP to find out
044 * the authentication mechaism and set the AuthnContext in the Assertion.
045 *
046 * @supported.all.api
047 */ 
048
049public interface IDPAuthnContextMapper {
050
051   /** 
052    * Returns an <code>IDPAuthnContextInfo</code> object.
053    *
054    * @param authnRequest the <code>AuthnRequest</code> from the Service 
055    * Provider
056    * @param idpEntityID the Entity ID of the Identity Provider    
057    * @param realm the realm to which the Identity Provider belongs
058    * 
059    * @return an <code>IDPAuthnContextInfo</code> object
060    * @throws SAML2Exception if an error occurs.
061    */
062    public IDPAuthnContextInfo getIDPAuthnContextInfo(
063        AuthnRequest authnRequest,
064        String idpEntityID,
065        String realm) throws SAML2Exception;
066
067   /** 
068    * Returns true if the specified AuthnContextClassRef matches a list of
069    * requested AuthnContextClassRef.
070    *
071    * @param requestedACClassRefs a list of requested AuthnContextClassRef's
072    * @param acClassRef AuthnContextClassRef
073    * @param comparison the type of comparison
074    * @param realm the realm to which the Identity Provider belongs
075    * @param idpEntityID the Entity ID of the Identity Provider    
076    * 
077    * @return true if the specified AuthnContextClassRef matches a list of
078    *     requested AuthnContextClassRef
079    */
080    public boolean isAuthnContextMatching(List requestedACClassRefs,
081        String acClassRef, String comparison, String realm,
082        String idpEntityID);
083
084    /**
085     * Returns <code>AuthnContext</code> that matches the authenticated level.
086     * @param authLevel user authenticated level
087     * @param realm the realm to which the Identity Provider belongs
088     * @param idpEntityID the Entity ID of the Identity Provider
089     *
090     * @return <code>AuthnContext</code> object that matches authenticated
091     *  level.
092     * @throws SAML2Exception if an error occurs.
093     */
094    public AuthnContext getAuthnContextFromAuthLevel(
095        String authLevel, String realm, String idpEntityID)
096        throws SAML2Exception;
097}