diff options
Diffstat (limited to 'id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java')
-rw-r--r-- | id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java | 137 |
1 files changed, 0 insertions, 137 deletions
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java deleted file mode 100644 index 0e8722d55..000000000 --- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright 2011 by Graz University of Technology, Austria - * The Austrian STORK Modules have been developed by the E-Government - * Innovation Center EGIZ, a joint initiative of the Federal Chancellery - * Austria and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package eu.stork.vidp.messages.validation;
-
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.core.validator.AuthnRequestSchemaValidator;
-import org.opensaml.xml.util.XMLHelper;
-import org.opensaml.xml.validation.ValidationException;
-
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-
-public class StorkAuthnRequestValidator extends AuthnRequestSchemaValidator {
-
- private static final String ALLOWED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unspecified";
- private static final String ALLOWED_PROTOCOL_BINDING_1 = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
- private static final String ALLOWED_PROTOCOL_BINDING_2 = "urn:oasis:names:tc:SAML:2.0:bindings:SOAP";
-
- private static final int MAX_SIZE = 131072;
-
- /**
- * Constructor
- *
- */
- public StorkAuthnRequestValidator() {
-
- super();
- }
-
- @Override
- public void validate(AuthnRequest req) throws ValidationException {
-
- if (XMLHelper.prettyPrintXML(req.getDOM()).getBytes().length > MAX_SIZE) {
- throw new ValidationException("SAML AuthnRequest exceeds max size.");
- }
-
- super.validate(req);
-
- STORKAuthnRequest request = (STORKAuthnRequest) req;
-
- if (request.getID() == null) {
-
- throw new ValidationException("ID is required.");
- }
-
- if (request.getVersion() == null) {
-
- throw new ValidationException("Version is required.");
- } else {
-
- if (!request.getVersion().equals(SAMLVersion.VERSION_20)) {
-
- throw new ValidationException("Version is invalid.");
- }
- }
-
- if (request.getIssueInstant() == null) {
-
- throw new ValidationException("IssueInstant is required.");
- }
-
- if (request.getConsent() != null) {
-
- if (!request.getConsent().equals(ALLOWED_CONSENT)) {
-
- throw new ValidationException("Consent is invalid.");
- }
- }
-
- if (request.isForceAuthn() == null) {
-
- throw new ValidationException("ForceAuthn is required.");
- } else if (!request.isForceAuthn()) {
-
- throw new ValidationException("ForceAuthn is invalid.");
- }
-
- if (request.isPassive() == null) {
-
- throw new ValidationException("IsPassive is required.");
- } else if (request.isPassive()) {
-
- throw new ValidationException("IsPassive is invalid.");
- }
-
- if (request.getProtocolBinding() == null) {
-
- throw new ValidationException("ProtocolBinding is required.");
- } else {
- if (!request.getProtocolBinding()
- .equals(ALLOWED_PROTOCOL_BINDING_1)
- && !request.getProtocolBinding().equals(
- ALLOWED_PROTOCOL_BINDING_2)) {
-
- throw new ValidationException("ProtocolBinding is invalid.");
- }
-
- }
-
- if(request.getAssertionConsumerServiceURL() == null) {
-
- throw new ValidationException("AssertionConsumerServiceURL is required.");
- }
-
- if(request.getProviderName() == null) {
-
- throw new ValidationException("ProviderName is required.");
- }
-
-
-
- }
-
-}
|