refactor PVP2 IDP module to support more than one IPvpMetadataProvider in one application

1 files changed, 41 insertions, 0 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java
new file mode 100644
index 00000000..66393bb4
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java
@@ -0,0 +1,41 @@
+package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
+
+import org.opensaml.security.SecurityException;
+import org.opensaml.security.credential.Credential;
+import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
+import org.opensaml.xmlsec.signature.Signature;
+import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
+
+@AllArgsConstructor
+public class SignatureTrustEngineDecorator implements SignatureTrustEngine {
+
+  private SignatureTrustEngine trustEngine;
+  
+  @Getter
+  private IPvp2MetadataProvider metadataProvider;
+  
+  @Override
+  public boolean validate(Signature token, CriteriaSet trustBasisCriteria) throws SecurityException {
+    return trustEngine.validate(token, trustBasisCriteria);
+    
+  }
+
+  @Override
+  public boolean validate(byte[] signature, byte[] content, String algorithmUri,
+      CriteriaSet trustBasisCriteria, Credential candidateCredential) throws SecurityException {
+    return trustEngine.validate(signature, content, algorithmUri, trustBasisCriteria, candidateCredential);
+    
+  }
+
+  @Override
+  public KeyInfoCredentialResolver getKeyInfoResolver() {
+    return trustEngine.getKeyInfoResolver();
+    
+  }
+  
+}