001/*
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: SPAccountMapper.java,v 1.5 2008/08/19 19:11:15 veiming Exp $
026 *
027 * Portions Copyrighted 2015-2016 ForgeRock AS.
028 */
029package com.sun.identity.saml2.plugins;
030
031import com.sun.identity.saml2.assertion.Assertion;
032import com.sun.identity.saml2.common.SAML2Exception;
033import com.sun.identity.saml2.protocol.ManageNameIDRequest;
034
035/**
036 * The interface <code>SPAccountMapper</code> is used to identify the local identities that maps the <code>SAML</code>
037 * protocol objects such as <code>Assertion</code>, <code>ManageNameIDRequest</code> etc.
038 * This mapper interface is used to map the identities only at the <code>SAML Service Provider</code>.
039 * The implementation of this interface will be used by the <code>SAML</code> framework to retrieve the user identity
040 * information for the consumption of generating a user session, or manage the user account information while handling
041 * the <code>SAML</code> protocols and it is pluggable through local configuration in the <code>SAML2</code> plugin.
042 *
043 * @see com.sun.identity.saml2.plugins.IDPAccountMapper
044 *
045 * @supported.all.api
046 */ 
047public interface SPAccountMapper {
048
049    /**
050     * Returns the user's distinguished name or the universal ID for the corresponding <code>SAML Assertion</code>. This
051     * method will be invoked by the <code>SAML</code> framework while processing the <code>Assertion</code> and
052     * retrieves the identity information.
053     *
054     * @param assertion <code>SAML Assertion</code> that needs to be mapped to the user.
055     * @param hostEntityID <code>EntityID</code> of the hosted provider.
056     * @param realm Realm or the organization name that may be used to find the user information.
057     * @return User's distinguished name or the universal ID.
058     * @throws SAML2Exception If there was any failure.
059     */
060    public String getIdentity(Assertion assertion, String hostEntityID, String realm) throws SAML2Exception;
061
062
063    /**
064     * Returns the user's distinguished name or the universal ID for the corresponding
065     * <code>SAML ManageNameIDRequest</code>. This method will be invoked by the <code>SAML</code> framework for
066     * retrieving the user identity while processing the <code>ManageIDRequest</code>.
067     *
068     * @param manageNameIDRequest <code>SAML ManageNameIDRequest</code> that needs to be mapped to the user.
069     * @param hostEntityID <code>EntityID</code> of the hosted provider.
070     * @param realm Realm or the organization name that may be used to find the user information.
071     * @return User's distinguished name or the universal ID.
072     * @throws SAML2Exception If there was any failure.
073     */
074    public String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm)
075            throws SAML2Exception;
076
077    /**
078     * Tells whether the provided NameID-Format should be persisted in the user data store or not.
079     *
080     * @param realm The hosted SP's realm.
081     * @param hostEntityID The hosted SP's entityID.
082     * @param remoteEntityID The remote IdP's entityID.
083     * @param nameIDFormat The non-transient NameID-Format in question.
084     * @return <code>true</code> if the provided NameID-Format should be persisted in the user data store,
085     * <code>false</code> otherwise.
086     */
087    public boolean shouldPersistNameIDFormat(String realm, String hostEntityID, String remoteEntityID,
088            String nameIDFormat);
089}