Package se.swedenconnect.opensaml.common.validation

Class AbstractSignableObjectValidator<T extends SignableXMLObject>

java.lang.Object
se.swedenconnect.opensaml.common.validation.AbstractObjectValidator<T>
se.swedenconnect.opensaml.common.validation.AbstractSignableObjectValidator<T>
Type Parameters:
T - the type of the object that is to be validated
All Implemented Interfaces:
ObjectValidator<T>
Direct Known Subclasses:
AssertionValidator, ResponseValidator
public abstract class AbstractSignableObjectValidator<T extends SignableXMLObject> extends AbstractObjectValidator<T>
Abstract object validator that supports validating signatures.

Supports the following ValidationContext static parameters:

Author:
Martin Lindström (martin@idsec.se)

  • Field Details

    • trustEngine

      protected SignatureTrustEngine trustEngine
      Trust engine for signature evaluation.

    • signaturePrevalidator

      protected SignaturePrevalidator signaturePrevalidator
      SAML signature profile validator.

  • Constructor Details

    • AbstractSignableObjectValidator

      public AbstractSignableObjectValidator(SignatureTrustEngine trustEngine, SignaturePrevalidator signaturePrevalidator)
      Constructor.
      Parameters:
      trustEngine - the trust used to validate the object's signature
      signaturePrevalidator - the signature pre-validator used to pre-validate the object's signature

  • Method Details

    • validateSignature

      protected ValidationResult validateSignature(T token, ValidationContext context)
      Validates the signature of the assertion, if it is signed.
      Parameters:
      token - assertion whose signature will be validated
      context - current validation context
      Returns:
      the result of the signature validation

    • performSignatureValidation

      protected ValidationResult performSignatureValidation(T token, ValidationContext context)
      Handles the actual signature validation.
      Parameters:
      token - object whose signature will be validated
      context - current validation context
      Returns:
      the validation result

    • getSignatureValidationCriteriaSet

      protected CriteriaSet getSignatureValidationCriteriaSet(T token, ValidationContext context)
      Get the criteria set that will be used in evaluating the Assertion signature via the supplied trust engine.
      Parameters:
      token - object whose signature will be validated
      context - current validation context
      Returns:
      the criteria set to use

    • getIssuer

      protected abstract String getIssuer(T signableObject)
      Returns the issuer of the signable object.
      Parameters:
      signableObject - the object being verified
      Returns:
      the issuer

    • getID

      protected abstract String getID(T signableObject)
      Returns the ID of the signable object.
      Parameters:
      signableObject - the object being verified
      Returns:
      the ID

    • getObjectName

      protected abstract String getObjectName()
      Returns the name of the object being validated, e.g. "Assertion". Used for logging.
      Returns:
      the object name