diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-12 14:34:01 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-12 14:34:01 +0100 |
commit | a2ee5133c2593b8f0e4e1a8e929d83bbd26c60ca (patch) | |
tree | 0d0f9bc420221b70b1eeab31ed29c4cb6c6240c0 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2 | |
parent | 8fb857388f087643480d755f112175cdcb335cca (diff) | |
download | EAAF-Components-a2ee5133c2593b8f0e4e1a8e929d83bbd26c60ca.tar.gz EAAF-Components-a2ee5133c2593b8f0e4e1a8e929d83bbd26c60ca.tar.bz2 EAAF-Components-a2ee5133c2593b8f0e4e1a8e929d83bbd26c60ca.zip |
refactor PVP2 IDP to allow generic post-processing of SAML2 AuthnRequests
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2')
-rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java (renamed from eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java) | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java index 90195f1d..b23c230e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java @@ -21,15 +21,35 @@ package at.gv.egiz.eaaf.modules.pvp2.api.validation; import javax.servlet.http.HttpServletRequest; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.metadata.SPSSODescriptor; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; -public interface IAuthnRequestValidator { +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.metadata.SPSSODescriptor; + +/** + * SAML2 Authn. request post-processor. + * + * <p> + * Implementations of this interface are executed before user authentication starts. + * </p> + * + * @author tlenz + * + */ +public interface IAuthnRequestPostProcessor { - void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq, + /** + * Authn. request post-processor + * + * @param httpReq http request + * @param pendingReq current pending request + * @param authReq received SAML2 authentication request + * @param spSsoDescriptor Metadata descriptor of the requested SP + * @throws AuthnRequestValidatorException In case of a validation error, + * if post processor implements additional validation + */ + void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq, SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException; } |