1 files changed, 42 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java
new file mode 100644
index 000000000..db1241e6f
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.validation;
+
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.validation.ValidationException;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException;
+
+public class SAMLSignatureValidator implements ISAMLValidator {
+
+	public void validateRequest(RequestAbstractType request)
+			throws MOAIDException {
+		if (request.getSignature() == null) {
+			throw new SAMLRequestNotSignedException();
+		}
+
+		try {
+			SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+			sigValidator.validate(request.getSignature());
+		} catch (ValidationException e) {
+			e.printStackTrace();
+			throw new SAMLRequestNotSignedException(e);
+		}
+	}
+
+	public static void validateSignable(SignableSAMLObject signableObject)
+			throws MOAIDException {
+		if (signableObject.getSignature() == null) {
+			throw new SAMLRequestNotSignedException();
+		}
+
+		try {
+			SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+			sigValidator.validate(signableObject.getSignature());
+		} catch (ValidationException e) {
+			e.printStackTrace();
+			throw new SAMLRequestNotSignedException(e);
+		}
+	}
+}