diff options
Diffstat (limited to 'id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator')
4 files changed, 117 insertions, 91 deletions
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java index 4fce4df3f..a4015eed1 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java @@ -7,13 +7,15 @@ import org.opensaml.xml.validation.Validator; import eu.stork.peps.auth.engine.core.CustomAttributeQuery; public class CustomAttributeQueryValidator implements Validator<CustomAttributeQuery> { - + /** * Validate action. * - * @param attrQuery the attribute query to validate + * @param attrQuery + * the attribute query to validate * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ public final void validate(final CustomAttributeQuery attrQuery) throws ValidationException { validateAssertion(attrQuery); @@ -21,45 +23,54 @@ public class CustomAttributeQueryValidator implements Validator<CustomAttributeQ validateDestination(attrQuery); } - /** * Validate assertion. * - * @param attrQuery the attribute query + * @param attrQuery + * the attribute query * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ - protected final void validateAssertion(final CustomAttributeQuery attrQuery) - throws ValidationException { + protected final void validateAssertion(final CustomAttributeQuery attrQuery) throws ValidationException { if (DatatypeHelper.isEmpty(attrQuery.getAssertionConsumerServiceURL())) { throw new ValidationException("Consumer Service URL must be specified."); } } - + /** * Validate subject - * @param query the attribute query to validate - * @throws ValidationException the validation exception - */ + * + * @param query + * the attribute query to validate + * @throws ValidationException + * the validation exception + */ protected void validateSubject(CustomAttributeQuery query) throws ValidationException { - if (query.getSubject() == null) - throw new ValidationException("Subject is required"); - } - + if (query.getSubject() == null) + throw new ValidationException("Subject is required"); + } + /** * Validate the destination - * @param query the query to validate - * @throws ValidationException the validation exception + * + * @param query + * the query to validate + * @throws ValidationException + * the validation exception */ protected void validateDestination(CustomAttributeQuery query) throws ValidationException { - if (query.getDestination() == null) - throw new ValidationException("Destination is required"); - } - + if (query.getDestination() == null) + throw new ValidationException("Destination is required"); + } + /** * Validate the destination - * @param query the query to validate - * @throws ValidationException the validation exception + * + * @param query + * the query to validate + * @throws ValidationException + * the validation exception */ protected void validateTime(CustomAttributeQuery query) throws ValidationException { if (query.getIssueInstant().minusMinutes(5).isAfterNow()) diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java index 491549aac..6a709a7bc 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java @@ -31,31 +31,29 @@ import eu.stork.peps.auth.engine.core.QAAAttribute; */ public class ExtensionsSchemaValidator implements Validator<Extensions> { + /** + * validate the extensions. + * + * @param extensions + * the extensions + * + * @throws ValidationException + * the validation exception + */ + public final void validate(final Extensions extensions) throws ValidationException { + if (extensions.getUnknownXMLObjects() == null || extensions.getUnknownXMLObjects().size() <= 0) { + throw new ValidationException("Extension element is empty or not exist."); + } + + List<XMLObject> qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); + + if (qaa.size() == 1) { + final Validator<QAAAttribute> validatorQaa = new QAAAttributeSchemaValidator(); + validatorQaa.validate((QAAAttribute) qaa.get(0)); + } else { + throw new ValidationException("Extensions must contain only one element QAALevel."); + } - /** - * validate the extensions. - * - * @param extensions the extensions - * - * @throws ValidationException the validation exception - */ - public final void validate(final Extensions extensions) - throws ValidationException { - if (extensions.getUnknownXMLObjects() == null - || extensions.getUnknownXMLObjects().size() <= 0) { - throw new ValidationException("Extension element is empty or not exist."); } - - List<XMLObject> qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); - - if (qaa.size() == 1) { - final Validator<QAAAttribute> validatorQaa = new QAAAttributeSchemaValidator(); - validatorQaa.validate((QAAAttribute) qaa.get(0)); - } else { - throw new ValidationException( - "Extensions must contain only one element QAALevel."); - } - - } } diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java index 7e1242a88..9c8c1e6a1 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java @@ -4,63 +4,73 @@ import org.opensaml.saml2.core.Response; import org.opensaml.xml.validation.ValidationException; import org.opensaml.xml.validation.Validator; - public class MultipleAssertionResponseValidator implements Validator<Response> { - + /** * Validate action. * - * @param response the response to validate + * @param response + * the response to validate * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ public final void validate(final Response response) throws ValidationException { validateAssertion(response); validateConsent(response); - validateDestination(response); + validateDestination(response); validateTime(response); validateId(response); } - /** * Validate assertion. * - * @param response the attribute query + * @param response + * the attribute query * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ - protected final void validateAssertion(final Response response) - throws ValidationException { + protected final void validateAssertion(final Response response) throws ValidationException { if (response.getAssertions() == null || response.getAssertions().size() < 2) { throw new ValidationException("Multiple assertions must be specified."); } } - + /** * Validate the Consent - * @param response the response to validate - * @throws ValidationException the validation exception + * + * @param response + * the response to validate + * @throws ValidationException + * the validation exception */ protected void validateConsent(Response response) throws ValidationException { - if (response.getConsent() == null) - throw new ValidationException("Consent is required"); - } - + if (response.getConsent() == null) + throw new ValidationException("Consent is required"); + } + /** * Validate the destination - * @param response the response to validate - * @throws ValidationException the validation exception + * + * @param response + * the response to validate + * @throws ValidationException + * the validation exception */ protected void validateDestination(Response response) throws ValidationException { - if (response.getDestination() == null) - throw new ValidationException("Destination is required"); - } - + if (response.getDestination() == null) + throw new ValidationException("Destination is required"); + } + /** * Validate issue times - * @param response the response to validate - * @throws ValidationException the validation exception + * + * @param response + * the response to validate + * @throws ValidationException + * the validation exception */ protected void validateTime(Response response) throws ValidationException { if (response.getIssueInstant().minusMinutes(5).isAfterNow()) @@ -69,12 +79,15 @@ public class MultipleAssertionResponseValidator implements Validator<Response> { /** * Validate ids - * @param response the response to validate - * @throws ValidationException the validation exception + * + * @param response + * the response to validate + * @throws ValidationException + * the validation exception */ - protected void validateId(Response response) throws ValidationException { - if (response.getID() == null || response.getInResponseTo() == null) - throw new ValidationException("Id and response id is required"); - } + protected void validateId(Response response) throws ValidationException { + if (response.getID() == null || response.getInResponseTo() == null) + throw new ValidationException("Id and response id is required"); + } } diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java index 44c9db380..04ff153d3 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java @@ -28,37 +28,41 @@ import eu.stork.peps.auth.engine.core.QAAAttribute; */ public class QAAAttributeSchemaValidator implements Validator<QAAAttribute> { - /** * Validate action. * - * @param qaa the quality authentication assurance level attribute + * @param qaa + * the quality authentication assurance level attribute * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ public final void validate(final QAAAttribute qaa) throws ValidationException { validateAction(qaa); } - /** * Validate action. * - * @param qaaAttribute the quality authentication assurance level attribute. + * @param qaaAttribute + * the quality authentication assurance level attribute. * - * @throws ValidationException the validation exception + * @throws ValidationException + * the validation exception */ - protected final void validateAction(final QAAAttribute qaaAttribute) - throws ValidationException { + protected final void validateAction(final QAAAttribute qaaAttribute) throws ValidationException { if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) { throw new ValidationException("QAALevel label must be specified."); } - - final int qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); + int qaa = 0; + try { + qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); + } catch (Exception e) { + throw new ValidationException("QAALevel is not a valid number!"); + } if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) { - throw new ValidationException( - "QAALevel label must be greater than 0."); + throw new ValidationException("QAALevel label must be greater than 0."); } } |