/******************************************************************************* *******************************************************************************/ package at.gv.egiz.eaaf.modules.pvp2.api.metadata; import java.util.Collection; import java.util.List; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.metadata.ContactPerson; import org.opensaml.saml2.metadata.Organization; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.xml.security.credential.Credential; import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; /** * @author tlenz * */ public interface IPVPMetadataBuilderConfiguration { /** * Defines a unique name for this PVP Service-provider, which is used for logging * * @return */ public String getSPNameForLogging(); /** * Set metadata valid area * * @return valid until in hours [h] */ public int getMetadataValidUntil(); /** * Build a SAML2 Entities element as metadata root element * * @return true, if the metadata should start with entities element */ public boolean buildEntitiesDescriptorAsRootElement(); /** * * * @return true, if an IDP SSO-descriptor element should be generated */ public boolean buildIDPSSODescriptor(); /** * * * @return true, if an SP SSO-descriptor element should be generated */ public boolean buildSPSSODescriptor(); /** * Set the PVP entityID for this SAML2 metadata. * The entityID must be an URL and must be start with the public-URL prefix of the server * * @return PVP entityID postfix as String */ public String getEntityID(); /** * Set a friendlyName for this PVP entity * * @return */ public String getEntityFriendlyName(); /** * Set the contact information for this metadata entity * * @return */ public List getContactPersonInformation(); /** * Set organisation information for this metadata entity * * @return */ public Organization getOrgansiationInformation(); /** * Set the credential for metadata signing * * @return * @throws CredentialsNotAvailableException */ public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException; /** * Set the credential for request/response signing * IDP metadata: this credential is used for SAML2 response signing * SP metadata: this credential is used for SAML2 response signing * * @return * @throws CredentialsNotAvailableException */ public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException; /** * Set the credential for response encryption * * @return * @throws CredentialsNotAvailableException */ public Credential getEncryptionCredentials() throws CredentialsNotAvailableException; /** * Set the IDP Post-Binding URL for WebSSO * * @return */ public String getIDPWebSSOPostBindingURL(); /** * Set the IDP Redirect-Binding URL for WebSSO * * @return */ public String getIDPWebSSORedirectBindingURL(); /** * Set the IDP Post-Binding URL for Single LogOut * * @return */ public String getIDPSLOPostBindingURL(); /** * Set the IDP Redirect-Binding URL for Single LogOut * * @return */ public String getIDPSLORedirectBindingURL(); /** * Set the SP Post-Binding URL for for the Assertion-Consumer Service * * @return */ public String getSPAssertionConsumerServicePostBindingURL(); /** * Set the SP Redirect-Binding URL for the Assertion-Consumer Service * * @return */ public String getSPAssertionConsumerServiceRedirectBindingURL(); /** * Set the SP Post-Binding URL for Single LogOut * * @return */ public String getSPSLOPostBindingURL(); /** * Set the SP Redirect-Binding URL for Single LogOut * * @return */ public String getSPSLORedirectBindingURL(); /** * Set the SP SOAP-Binding URL for Single LogOut * * @return */ public String getSPSLOSOAPBindingURL(); /** * Set all SAML2 attributes which could be provided by this IDP * * @return */ public List getIDPPossibleAttributes(); /** * Set all nameID types which could be provided by this IDP * * @return a List of SAML2 nameID types */ public List getIDPPossibleNameITTypes(); /** * Set all SAML2 attributes which are required by the SP * * @return */ public Collection getSPRequiredAttributes(); /** * Set all nameID types which allowed from the SP * * @return a List of SAML2 nameID types */ public List getSPAllowedNameITTypes(); /** * Set the 'wantAssertionSigned' attribute in SP metadata * * @return */ public boolean wantAssertionSigned(); /** * Set the 'wantAuthnRequestSigned' attribute * * @return */ public boolean wantAuthnRequestSigned(); }