summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java28
1 files changed, 13 insertions, 15 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
index 40cbdeb0..d1eb66a3 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
@@ -22,9 +22,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
+
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.provider.MetadataFilter;
@@ -32,6 +30,10 @@ import org.opensaml.xml.XMLObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
+
public abstract class AbstractMetadataSignatureFilter implements MetadataFilter {
private static final Logger log = LoggerFactory.getLogger(AbstractMetadataSignatureFilter.class);
@@ -42,28 +44,24 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter
final EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
if (entitiesDescriptor.getSignature() == null) {
throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"Root element of metadata file has to be signed"});
+ new Object[] { "Root element of metadata file has to be signed" });
}
processEntitiesDescriptor(entitiesDescriptor);
-
if (entitiesDescriptor.getEntityDescriptors().size() == 0) {
throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"No valid entity in metadata " + entitiesDescriptor.getName()});
+ new Object[] { "No valid entity in metadata " + entitiesDescriptor.getName() });
}
-
} else if (metadata instanceof EntityDescriptor) {
final EntityDescriptor entityDescriptor = (EntityDescriptor) metadata;
processEntityDescriptorr(entityDescriptor);
} else {
throw new Pvp2MetadataException("pvp2.26",
- new Object[] {"Invalid Metadata file Root element is unknown"});
+ new Object[] { "Invalid Metadata file Root element is unknown" });
}
-
-
log.info("Metadata signature policy check done OK");
} catch (final EaafException e) {
log.warn("Metadata signature policy check FAILED.", e);
@@ -76,7 +74,8 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter
* Signature verification of a SAML2 EntityDescriptor element.
*
* @param desc EntityDescriptor
- * @throws Pvp2MetadataException if the signature is not valid or can not verified
+ * @throws Pvp2MetadataException if the signature is not valid or can not
+ * verified
*/
protected abstract void verify(EntityDescriptor desc) throws Pvp2MetadataException;
@@ -84,7 +83,8 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter
* Signature verification of a SAML2 EntitiesDescriptor element.
*
* @param desc EntitiesDescriptor
- * @throws Pvp2MetadataException if the signature is not valid or can not verified
+ * @throws Pvp2MetadataException if the signature is not valid or can not
+ * verified
*/
protected abstract void verify(EntitiesDescriptor desc) throws Pvp2MetadataException;
@@ -92,13 +92,12 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter
* Verify a EntityDescriptor element of an EntitiesDescriptor.
*
* @param entity EntityDescriptor to verify
- * @param desc Full EntitiesDescriptor that contains the EntityDescriptor
+ * @param desc Full EntitiesDescriptor that contains the EntityDescriptor
* @throws Pvp2MetadataException In case of an verification error
*/
protected abstract void verify(EntityDescriptor entity, EntitiesDescriptor desc)
throws Pvp2MetadataException;
-
private void processEntityDescriptorr(final EntityDescriptor desc) throws EaafException {
verify(desc);
@@ -130,7 +129,6 @@ public abstract class AbstractMetadataSignatureFilter implements MetadataFilter
verifiedEntIT.add(entity);
log.debug("Metadata for entityID: " + entity.getEntityID() + " valid");
-
} catch (final Exception e) {
// remove entity of signature can not be verified.
log.info("Entity " + entity.getEntityID() + " is removed from metadata " + desc.getName()
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 23:55:41 +0000