/*******************************************************************************
 * Copyright 2017 Graz University of Technology
 * EAAF-Core Components has been developed in a cooperation between EGIZ,  
 * A-SIT+, A-SIT, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * https://joinup.ec.europa.eu/news/understanding-eupl-v12
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 *******************************************************************************/
/*******************************************************************************
 *******************************************************************************/
/*******************************************************************************
 *******************************************************************************/
package at.gv.egiz.eaaf.modules.pvp2.impl.verification;

import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule;
import org.opensaml.ws.transport.http.HTTPInTransport;
import org.opensaml.xml.util.DatatypeHelper;

/**
 * @author tlenz
 *
 */
public class PVPAuthRequestSignedRole extends SAML2AuthnRequestsSignedRule {

	@Override
    protected boolean isMessageSigned(SAMLMessageContext messageContext) {        
        // This handles HTTP-Redirect and HTTP-POST-SimpleSign bindings.
        HTTPInTransport inTransport = (HTTPInTransport) messageContext.getInboundMessageTransport();
        String sigParam = inTransport.getParameterValue("Signature");
        boolean isSigned = !DatatypeHelper.isEmpty(sigParam);
        
        String sigAlgParam = inTransport.getParameterValue("SigAlg");
        boolean isSigAlgExists = !DatatypeHelper.isEmpty(sigAlgParam);
        
        return isSigned && isSigAlgExists;
               
    }
}