use of com.sun.identity.saml2.jaxb.metadata.SingleLogoutServiceElement in project OpenAM by OpenRock.
the class LogoutUtil method getMostAppropriateSLOServiceLocation.
/**
* Based on the preferred SAML binding this method tries to choose the most appropriate
* {@link SingleLogoutServiceElement} that can be used to send the logout request to. The algorithm itself is
* simple:
* <ul>
* <li>When asynchronous binding was used with the initial logout request, it is preferred to use asynchronous
* bindings, but if they are not available, a synchronous binding should be used.</li>
* <li>When synchronous binding is used with the initial request, only synchronous bindings can be used for the
* rest of the entities.</li>
* </ul>
*
* @param sloList The list of SLO endpoints for a given entity.
* @param preferredBinding The binding that was used to initiate the logout request.
* @return The most appropriate SLO service location that can be used for sending the logout request. If there is
* no appropriate logout endpoint, null is returned.
*/
public static SingleLogoutServiceElement getMostAppropriateSLOServiceLocation(List<SingleLogoutServiceElement> sloList, String preferredBinding) {
//shortcut for the case when SLO isn't supported at all
if (sloList.isEmpty()) {
return null;
}
Map<String, SingleLogoutServiceElement> sloBindings = new HashMap<String, SingleLogoutServiceElement>(sloList.size());
for (SingleLogoutServiceElement sloEndpoint : sloList) {
sloBindings.put(sloEndpoint.getBinding(), sloEndpoint);
}
SingleLogoutServiceElement endpoint = sloBindings.get(preferredBinding);
if (endpoint == null) {
//if the requested binding isn't supported let's try to find the most appropriate SLO endpoint
if (preferredBinding.equals(SAML2Constants.HTTP_POST)) {
endpoint = sloBindings.get(SAML2Constants.HTTP_REDIRECT);
} else if (preferredBinding.equals(SAML2Constants.HTTP_REDIRECT)) {
endpoint = sloBindings.get(SAML2Constants.HTTP_POST);
}
if (endpoint == null) {
//we ran out of asynchronous bindings, so our only chance is to try to use SOAP binding
//in case the preferred binding was SOAP from the beginning, then this code will just return null again
endpoint = sloBindings.get(SAML2Constants.SOAP);
}
}
return endpoint;
}
Aggregations