diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java | 34 |
1 files changed, 16 insertions, 18 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java index 41e9b70cf..d3acf9351 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java @@ -8,65 +8,63 @@ import org.opensaml.xml.signature.SignatureValidator; import org.opensaml.xml.validation.ValidationException; import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.protocols.pvp2x.SAMLRequestNotSignedException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; +import at.gv.egovernment.moa.logging.Logger; public class EntityVerifier { public static void verify(EntityDescriptor entityDescriptor) throws MOAIDException { if (entityDescriptor.getSignature() == null) { - throw new SAMLRequestNotSignedException("NOT SIGNED", - new Object[] {}); + throw new SAMLRequestNotSignedException(); } try { SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); sigValidator.validate(entityDescriptor.getSignature()); } catch (ValidationException e) { - e.printStackTrace(); - throw new MOAIDException("SIGNATURE VALIDATOR", new Object[] {}); + Logger.error("Failed to validate Signature", e); + throw new SAMLRequestNotSignedException(e); } Credential credential = CredentialProvider.getSPTrustedCredential(entityDescriptor.getEntityID()); if(credential == null) { - throw new MOAIDException("NO CREDENTIALS FOR " + entityDescriptor.getEntityID(), new Object[] {}); + throw new NoCredentialsException(entityDescriptor.getEntityID()); } SignatureValidator sigValidator = new SignatureValidator(credential); try { sigValidator.validate(entityDescriptor.getSignature()); } catch (ValidationException e) { - // Indicates signature was not cryptographically valid, or possibly a processing error - e.printStackTrace(); - throw new MOAIDException("FAILED TO VERIFY SIGNATURE", new Object[] {}); + Logger.error("Failed to verfiy Signature", e); + throw new SAMLRequestNotSignedException(e); } } public static void verify(EntitiesDescriptor entityDescriptor) throws MOAIDException { if (entityDescriptor.getSignature() == null) { - throw new SAMLRequestNotSignedException("NOT SIGNED", - new Object[] {}); + throw new SAMLRequestNotSignedException(); } try { SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); sigValidator.validate(entityDescriptor.getSignature()); } catch (ValidationException e) { - e.printStackTrace(); - throw new MOAIDException("SIGNATURE VALIDATOR", new Object[] {}); + Logger.error("Failed to validate Signature", e); + throw new SAMLRequestNotSignedException(e); } - Credential credential = CredentialProvider.getTrustedCredential(); + Credential credential = CredentialProvider.getSPTrustedCredential(entityDescriptor.getName()); if(credential == null) { - throw new MOAIDException("NO CREDENTIALS FOR ", new Object[] {}); + throw new NoCredentialsException("moaID IDP"); } SignatureValidator sigValidator = new SignatureValidator(credential); try { sigValidator.validate(entityDescriptor.getSignature()); } catch (ValidationException e) { - // Indicates signature was not cryptographically valid, or possibly a processing error - e.printStackTrace(); - throw new MOAIDException("FAILED TO VERIFY SIGNATURE", new Object[] {}); + Logger.error("Failed to verfiy Signature", e); + throw new SAMLRequestNotSignedException(e); } } |