/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.protocols.pvp2x.validation;

import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.NameIDPolicy;

import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException;
import at.gv.egovernment.moaspss.logging.Logger;

/**
 * @author tlenz
 *
 */
public class AuthnRequestValidator {

	public static void validate(AuthnRequest req) throws AuthnRequestValidatorException{

		//validate NameIDPolicy
		NameIDPolicy nameIDPolicy = req.getNameIDPolicy();
		if (nameIDPolicy != null) {
			String nameIDFormat = nameIDPolicy.getFormat();
			if (nameIDFormat != null) {
				if ( !(NameID.TRANSIENT.equals(nameIDFormat) ||
						NameID.PERSISTENT.equals(nameIDFormat) ||
						NameID.UNSPECIFIED.equals(nameIDFormat)) ) {
				
					throw new NameIDFormatNotSupportedException(nameIDFormat);
					
				}
				
			} else
				Logger.trace("Find NameIDPolicy, but NameIDFormat is 'null'");							
		} else
			Logger.trace("AuthnRequest includes no 'NameIDPolicy'");
			
		
		
	}
}