PVP2 basic authnrequest handling and assertion building

3 files changed, 64 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java
new file mode 100644
index 000000000..bf30c72cb
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java
@@ -0,0 +1,28 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.validation;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.opensaml.saml2.core.RequestAbstractType;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+
+public class ChainSAMLValidator implements ISAMLValidator {
+
+private List<ISAMLValidator> validator = new ArrayList<ISAMLValidator>();
+	
+	public void addValidator(ISAMLValidator validator) {
+		this.validator.add(validator);
+	}
+	
+	public void validateRequest(RequestAbstractType request)
+			throws MOAIDException {
+		Iterator<ISAMLValidator> validatorIterator = validator.iterator();
+		while(validatorIterator.hasNext()) {
+			ISAMLValidator validator = validatorIterator.next();
+			validator.validateRequest(request);
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java
new file mode 100644
index 000000000..525a0870e
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java
@@ -0,0 +1,9 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.validation;
+
+import org.opensaml.saml2.core.RequestAbstractType;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+
+public interface ISAMLValidator {
+	public void validateRequest(RequestAbstractType request) throws MOAIDException;
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java
new file mode 100644
index 000000000..95c548389
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java
@@ -0,0 +1,27 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.validation;
+
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.validation.ValidationException;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.SAMLRequestNotSignedException;
+
+public class SAMLSignatureValidator implements ISAMLValidator {
+
+	public void validateRequest(RequestAbstractType request)
+			throws MOAIDException {
+		if(request.getSignature() == null) {
+			throw new SAMLRequestNotSignedException("NOT SIGNED", new Object[] {});
+		}
+		
+		try {
+			SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+			sigValidator.validate(request.getSignature());
+		} catch (ValidationException e) {
+			e.printStackTrace();
+			throw new MOAIDException("SIGNATURE VALIDATOR", new Object[] {});
+		}
+	}
+
+}