001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: Assertion.java,v 1.2 2008/06/25 05:47:39 qcheng Exp $
026 *
027 */
028
029
030package com.sun.identity.saml2.assertion;
031
032import java.util.Date;
033import java.util.List;
034import java.security.Key;
035import java.security.PrivateKey;
036import java.security.cert.X509Certificate;
037import com.sun.identity.saml2.common.SAML2Exception;
038
039/**
040 * The <code>Assertion</code> element is a package of information
041 * that supplies one or more <code>Statement</code> made by an issuer. 
042 * There are three kinds of assertions: Authentication, Authorization Decision,
043 * and Attribute assertions.
044 * @supported.all.api
045 */
046
047public interface Assertion {
048
049    /**
050     * Returns the version number of the assertion.
051     *
052     * @return The version number of the assertion.
053     */
054    public String getVersion();
055
056    /**
057     * Sets the version number of the assertion.
058     *
059     * @param version the version number.
060     * @exception SAML2Exception if the object is immutable
061     */
062    public void setVersion(String version) throws SAML2Exception;
063
064    /**
065     * Returns the time when the assertion was issued
066     *
067     * @return the time of the assertion issued
068     */
069    public Date getIssueInstant();
070
071    /**
072     * Sets the time when the assertion was issued
073     *
074     * @param issueInstant the issue time of the assertion
075     * @exception SAML2Exception if the object is immutable
076    */
077    public void setIssueInstant(Date issueInstant) throws SAML2Exception;
078
079    /**
080     * Returns the subject of the assertion
081     *
082     * @return the subject of the assertion
083     */
084    public Subject getSubject();
085
086    /**
087     * Sets the subject of the assertion
088     *
089     * @param subject the subject of the assertion
090     * @exception SAML2Exception if the object is immutable
091     */
092    public void setSubject(Subject subject) throws SAML2Exception;
093
094    /**
095     * Returns the advice of the assertion
096     *
097     * @return the advice of the assertion
098     */
099    public Advice getAdvice();
100
101    /**
102     * Sets the advice of the assertion
103     *
104     * @param advice the advice of the assertion
105     * @exception SAML2Exception if the object is immutable
106     */
107    public void setAdvice(Advice advice) throws SAML2Exception;
108
109    /**
110     * Returns the signature of the assertion
111     *
112     * @return the signature of the assertion
113     */
114    public String getSignature();
115
116    /**
117     * Returns the conditions of the assertion
118     *
119     * @return the conditions of the assertion
120     */
121    public Conditions getConditions();
122
123    /**
124     * Sets the conditions of the assertion
125     *
126     * @param conditions the conditions of the assertion
127     * @exception SAML2Exception if the object is immutable
128     */
129    public void setConditions(Conditions conditions) throws SAML2Exception;
130
131    /**
132     * Returns the id of the assertion
133     *
134     * @return the id of the assertion
135     */
136    public String getID();
137
138    /**
139     * Sets the id of the assertion
140     *
141     * @param id the id of the assertion
142     * @exception SAML2Exception if the object is immutable
143     */
144    public void setID(String id) throws SAML2Exception;
145
146    /**
147     * Returns the statements of the assertion
148     *
149     * @return the statements of the assertion
150     */
151    public List getStatements();
152
153    /**
154     * Returns the <code>AuthnStatements</code> of the assertion
155     *
156     * @return the <code>AuthnStatements</code> of the assertion
157     */
158    public List getAuthnStatements();
159
160    /**
161     * Returns the <code>AuthzDecisionStatements</code> of the assertion
162     *
163     * @return the <code>AuthzDecisionStatements</code> of the assertion
164     */
165    public List getAuthzDecisionStatements();
166
167    /**
168     * Returns the attribute statements of the assertion
169     *
170     * @return the attribute statements of the assertion
171     */
172    public List getAttributeStatements();
173
174    /**
175     * Sets the statements of the assertion
176     *
177     * @param statements the statements of the assertion
178     * @exception SAML2Exception if the object is immutable
179     */
180    public void setStatements(List statements) throws SAML2Exception;
181
182    /**
183     * Sets the <code>AuthnStatements</code> of the assertion
184     *
185     * @param statements the <code>AuthnStatements</code> of the assertion
186     * @exception SAML2Exception if the object is immutable
187     */
188    public void setAuthnStatements(List statements) throws SAML2Exception;
189
190    /**
191     * Sets the <code>AuthzDecisionStatements</code> of the assertion
192     *
193     * @param statements the <code>AuthzDecisionStatements</code> of 
194     *        the assertion
195     * @exception SAML2Exception if the object is immutable
196     */
197    public void setAuthzDecisionStatements(List statements)
198        throws SAML2Exception;
199
200    /**
201     * Sets the attribute statements of the assertion
202     *
203     * @param statements the attribute statements of the assertion
204     * @exception SAML2Exception if the object is immutable
205     */
206    public void setAttributeStatements(List statements) throws SAML2Exception;
207
208    /**
209     * Returns the issuer of the assertion
210     *
211     * @return the issuer of the assertion
212     */
213    public Issuer getIssuer();
214
215    /**
216     * Sets the issuer of the assertion
217     *
218     * @param issuer the issuer of the assertion
219     * @exception SAML2Exception if the object is immutable
220     */
221    public void setIssuer(Issuer issuer) throws SAML2Exception;
222
223    /**
224     * Return true if the assertion is signed 
225     *
226     * @return true if the assertion is signed
227     */
228    public boolean isSigned();
229
230    /**
231     * Return whether the signature is valid or not.
232     *
233     * @param senderCert Certificate containing the public key
234     *             which may be used for  signature verification;
235     *             This certificate may also may be used to check
236     *             against the certificate included in the signature
237     * @return true if the signature is valid; false otherwise.
238     * @throws SAML2Exception if the signature could not be verified
239     */
240    public boolean isSignatureValid(X509Certificate senderCert)
241        throws SAML2Exception;
242    
243    /**
244     * Gets the validity of the assertion evaluating its conditions if
245     * specified.
246     *
247     * @return false if conditions is invalid based on it lying between
248     *         <code>NotBefore</code> (current time inclusive) and
249     *         <code>NotOnOrAfter</code> (current time exclusive) values 
250     *         and true otherwise or if no conditions specified.
251     */
252    public boolean isTimeValid();
253
254    /**
255     * Signs the Assertion.
256     *
257     * @param privateKey Signing key
258     * @param cert Certificate which contain the public key correlated to
259     *             the signing key; It if is not null, then the signature
260     *             will include the certificate; Otherwise, the signature
261     *             will not include any certificate
262     * @exception SAML2Exception if it could not sign the assertion.
263     */
264    public void sign(
265        PrivateKey privateKey,
266        X509Certificate cert
267    ) throws SAML2Exception;
268
269    /**
270     * Returns an <code>EncryptedAssertion</code> object.
271     *
272     * @param recipientPublicKey Public key used to encrypt the data encryption
273     *                           (secret) key, it is the public key of the
274     *                           recipient of the XML document to be encrypted.
275     * @param dataEncAlgorithm Data encryption algorithm.
276     * @param dataEncStrength Data encryption strength.
277     * @param recipientEntityID Unique identifier of the recipient, it is used
278     *                          as the index to the cached secret key so that
279     *                          the key can be reused for the same recipient;
280     *                          It can be null in which case the secret key will
281     *                          be generated every time and will not be cached
282     *                          and reused. Note that the generation of a secret
283     *                          key is a relatively expensive operation.
284     * @return <code>EncryptedAssertion</code> object
285     * @throws SAML2Exception if error occurs during the encryption process.
286     */
287    public EncryptedAssertion encrypt(
288        Key recipientPublicKey,
289        String dataEncAlgorithm,
290        int dataEncStrength,
291        String recipientEntityID
292    ) throws SAML2Exception;
293
294   /**
295    * Returns a String representation
296    * @param includeNSPrefix Determines whether or not the namespace qualifier
297    *        is prepended to the Element when converted
298    * @param declareNS Determines whether or not the namespace is declared
299    *        within the Element.
300    * @return A String representation
301    * @exception SAML2Exception if something is wrong during conversion
302     */
303    public String toXMLString(boolean includeNSPrefix, boolean declareNS)
304     throws SAML2Exception;
305
306   /**
307    * Returns a String representation
308    *
309    * @return A String representation
310    * @exception SAML2Exception if something is wrong during conversion
311    */
312    public String toXMLString() throws SAML2Exception;
313
314   /**
315    * Makes the object immutable
316    */
317    public void makeImmutable();
318
319   /**
320    * Returns true if the object is mutable
321    *
322    * @return true if the object is mutable
323    */
324    public boolean isMutable();
325
326}




























































Copyright © 2010-2017, ForgeRock All Rights Reserved.