001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: SPAuthnContextMapper.java,v 1.5 2008/06/25 05:47:52 qcheng Exp $
026 *
027 */
028
029
030package com.sun.identity.saml2.plugins;
031
032import com.sun.identity.saml2.assertion.AuthnContext;
033import com.sun.identity.saml2.protocol.RequestedAuthnContext;
034import com.sun.identity.saml2.common.SAML2Exception;
035import java.util.List;
036import java.util.Map;
037
038/**
039 * The interface <code>SPAuthnContextMapper.java</code> determines
040 * the Authentication Context to be set in the Authentication Request
041 * and the Auth Level of an Authentication Context.
042 *
043 * The implementation of this interface will be used to create 
044 * <code>RequestedAuthnContext</code> to set in the <code>AuthnRequest</code>
045 * and the Authentication Level of an Authentication Context.
046 *
047 * @supported.all.api
048 */
049
050public interface SPAuthnContextMapper {
051
052    /**
053     * Returns the <code>RequestedAuthnContext</code> Object .
054     * This method is called during Single Sign On initiation
055     * at the Service Provider for determining the 
056     * <code>RequestedAuthnContext</code>  to be set in the 
057     * <code>AuthRequest</code> before sending the request to
058     * the Identity Provider.
059     *
060     * @param realm Organization or realm of the Service Provider.
061     * @param hostEntityID Entity Identifier of the Host.
062     * @param paramsMap Map containing key/value pairs of request parameters.
063     * @return RequestedAuthnContext Object.
064     * @throws SAML2Exception if an error occurs.
065     */
066    public RequestedAuthnContext getRequestedAuthnContext(String realm,
067                                           String hostEntityID,
068                                           Map paramsMap)
069                                           throws SAML2Exception;
070
071    /**
072     * Returns the Auth Level for the <code>AuthContext</code>.
073     *
074     * This method is called by the Service Provider to determine
075     * the authLevel of Identity Provider Authentication Context
076     * which will set in the SSOToken created for the user on successful
077     * authentication.
078     *
079     * @param reqCtx the <code>RequestedAuthContext</code> object.
080     * @param authContext the <code>AuthContext</code> object.
081     * @param realm the organization or realm of the Service Provider.
082     * @param hostEntityID the Hosted Provider Entity ID.
083     * @param idpEntityID the Identity Provider Entity ID.
084     * @return authlevel of the <code>AuthContext</code>.
085     * @throws SAML2Exception if an error occurs.
086     */
087    public int getAuthLevel(RequestedAuthnContext reqCtx,
088                            AuthnContext authContext,String realm,
089                            String hostEntityID, String idpEntityID) 
090                            throws SAML2Exception;
091
092    /** 
093     * Returns true if the specified AuthnContextClassRef matches a list of
094     * requested AuthnContextClassRef.
095     *
096     * @param requestedACClassRefs a list of requested AuthnContextClassRef's
097     * @param acClassRef AuthnContextClassRef
098     * @param comparison the type of comparison
099     * @param realm  Realm or Organization of the Service Provider.
100     * @param hostEntityID Entity ID of the Service Provider.
101     * 
102     * @return true if the specified AuthnContextClassRef matches a list of
103     *     requested AuthnContextClassRef
104     */
105    public boolean isAuthnContextMatching(List requestedACClassRefs,
106        String acClassRef, String comparison, String realm,
107        String hostEntityID);
108}