/*
 * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
 * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
 * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
 * compliance with the Licence. You may obtain a copy of the Licence at:
 * https://joinup.ec.europa.eu/news/understanding-eupl-v12
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the Licence
 * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the Licence for the specific language governing permissions and limitations under
 * the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text file for details on the
 * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
 * works that you distribute must include a readable copy of the "NOTICE" text file.
*/

package at.gv.egiz.eaaf.modules.pvp2.api.validation;

import javax.servlet.http.HttpServletRequest;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;

import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.metadata.SPSSODescriptor;

/**
 * SAML2 Authn. request post-processor.
 *
 * <p>
 * Implementations of this interface are executed before user authentication
 * starts.
 * </p>
 *
 * @author tlenz
 *
 */
public interface IAuthnRequestPostProcessor {

  /**
   * Authn. request post-processor
   *
   * @param httpReq         http request
   * @param pendingReq      current pending request
   * @param authReq         received SAML2 authentication request
   * @param spSsoDescriptor Metadata descriptor of the requested SP
   * @throws AuthnRequestValidatorException In case of a validation error, if post
   *                                        processor implements additional
   *                                        validation
   */
  void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq,
      SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException;

}