001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: ActionMapper.java,v 1.4 2008/08/19 19:11:13 veiming Exp $
026 *
027 */
028
029
030package com.sun.identity.saml.plugins;
031
032import com.sun.identity.saml.assertion.Assertion;
033import com.sun.identity.saml.common.SAMLException;
034import com.sun.identity.saml.protocol.AuthorizationDecisionQuery;
035
036import java.util.Map;
037import java.util.Set;
038
039/**
040 * The class <code>ActionMapper</code> is an interface that is 
041 * implemented to get SSO information and map partner actions to
042 * OpenSSO authorization decisions.
043 * <p>
044 * A different implementation of the interface may be developed for different
045 * partner. The mapping between the partner source ID and the implementation
046 * class are configured at the <code>Trusted Partner Sites</code> field
047 * in SAML service.
048 *
049 * @supported.all.api
050 */
051public interface ActionMapper {
052
053    /**
054     * Key to hold a list of actions that are permitted.
055     */
056    public static final String PERMIT = "Permit";
057
058    /**
059     * Key to hold a list of actions that are denied.
060     */
061    public static final String DENY = "Deny";
062
063    /**
064     * Key to hold a list of actions that are indeterminate.
065     */
066    public static final String INDETERMINATE = "Indeterminate";
067
068    /**
069     * Returns the single sign on token id to OpenSSO from the query.
070     *
071     * @param query The received <code>AuthorizationDecisionQuery</code>.
072     * @return String which is the single sign on token ID. Return null if the
073     *         OpenSSO single sign on token id could not be obtained
074     *         from the query.
075     */
076    public String getSSOTokenID(AuthorizationDecisionQuery query);
077
078    /**
079     * Returns the Assertion that contains Authentication information that
080     * can be used to obtain single sign on token.
081     *
082     * @param query The received <code>AuthorizationDecisionQuery</code>.
083     * @param sourceID The <code>SourceID</code> from which this query is
084     *        coming from.
085     * @return Assertion The assertion contained inside the query.
086     */
087    public Assertion getSSOAssertion(AuthorizationDecisionQuery query,
088         String sourceID);
089
090    /**
091     * Returns Action Decisions for the user.
092     * The returned Map is subject to changes per SAML specification.
093     *
094     * @param query The received <code>AuthorizationDecisionQuery</code>.
095     * @param token User sessioin to retrieve the decisions.
096     * @param sourceID The <code>sourceID</code> from which the query is coming
097     *        from.
098     * @return Map which contains the following possible key value pairs:
099     *         <ul>
100     *         <li><code>PERMIT</code> List of permitted actions, or
101     *         <li><code>DENY</code> List of denied actions, or
102     *         <li><code>INDETERMINATE</code> List of indeterminate actions
103     *         </ul>
104     * @exception SAMLException if an error occurs
105     */
106    public Map getAuthorizationDecisions(AuthorizationDecisionQuery query,
107        Object token, String sourceID) throws SAMLException;
108}