Package se.swedenconnect.opensaml.sweid.saml2.validation

Class SwedishEidAttributeStatementValidator

java.lang.Object
se.swedenconnect.opensaml.saml2.assertion.validation.AbstractAttributeStatementValidator
se.swedenconnect.opensaml.sweid.saml2.validation.SwedishEidAttributeStatementValidator
All Implemented Interfaces:
org.opensaml.saml.saml2.assertion.StatementValidator
public class SwedishEidAttributeStatementValidator extends AbstractAttributeStatementValidator
Validator for AttributeStatements.

Supports the following ValidationContext static parameters:

Note that the two above parameters may be combined. If no parameter for requested attributes is passed, no validation will be performed.

Author:
Martin Lindström (martin@idsec.se)

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    REQUIRED_ATTRIBUTE_SET
    Key for a validation context parameter.
    static final String
    REQUIRED_ATTRIBUTES
    Key for a validation context parameter.
    static final String
    SCOPED_ATTRIBUTES
    Key for a validation context parameter.

  • Constructor Summary

    Constructors
    Constructor
    Description
    SwedishEidAttributeStatementValidator()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected Collection<String>
    getRequiredAttributes(org.opensaml.saml.common.assertion.ValidationContext context)
    Returns the required attributes.
    org.opensaml.saml.common.assertion.ValidationResult
    validate(org.opensaml.saml.saml2.core.Statement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)
    protected org.opensaml.saml.common.assertion.ValidationResult
    validateRequiredAttributes(List<org.opensaml.saml.saml2.core.Attribute> attributes, org.opensaml.saml.saml2.core.AttributeStatement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)
    Validates that the required attributes have been received by using the optional context parameter REQUIRED_ATTRIBUTE_SET that holds an AttributeSet and/or the list of attribute names from the parameter REQUIRED_ATTRIBUTES.
    protected org.opensaml.saml.common.assertion.ValidationResult
    validateScopedAttributes(List<org.opensaml.saml.saml2.core.Attribute> attributes, org.opensaml.saml.saml2.core.AttributeStatement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)
    Validates that the issuing IdP has been authorized to issue scoped attributes.

    Methods inherited from class se.swedenconnect.opensaml.saml2.assertion.validation.AbstractAttributeStatementValidator

    getServicedStatement

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • REQUIRED_ATTRIBUTE_SET

      public static final String REQUIRED_ATTRIBUTE_SET
      Key for a validation context parameter. Carries a AttributeSet holding the required attributes.
      See Also:

    • REQUIRED_ATTRIBUTES

      public static final String REQUIRED_ATTRIBUTES
      Key for a validation context parameter. Carries a Collection of strings holding attribute names of requested attributes.
      See Also:

    • SCOPED_ATTRIBUTES

      public static final String SCOPED_ATTRIBUTES
      Key for a validation context parameter. Carries a Collection of strings holding the attribute names for attributes that are "scoped".
      See Also:

  • Constructor Details

    • SwedishEidAttributeStatementValidator

      public SwedishEidAttributeStatementValidator()

  • Method Details

    • validate

      public org.opensaml.saml.common.assertion.ValidationResult validate(org.opensaml.saml.saml2.core.Statement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context) throws org.opensaml.saml.common.assertion.AssertionValidationException
      Specified by:
      validate in interface org.opensaml.saml.saml2.assertion.StatementValidator
      Overrides:
      validate in class AbstractAttributeStatementValidator
      Throws:
      org.opensaml.saml.common.assertion.AssertionValidationException

    • validateRequiredAttributes

      protected org.opensaml.saml.common.assertion.ValidationResult validateRequiredAttributes(List<org.opensaml.saml.saml2.core.Attribute> attributes, org.opensaml.saml.saml2.core.AttributeStatement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)
      Validates that the required attributes have been received by using the optional context parameter REQUIRED_ATTRIBUTE_SET that holds an AttributeSet and/or the list of attribute names from the parameter REQUIRED_ATTRIBUTES.
      Specified by:
      validateRequiredAttributes in class AbstractAttributeStatementValidator

    • getRequiredAttributes

      protected Collection<String> getRequiredAttributes(org.opensaml.saml.common.assertion.ValidationContext context)
      Returns the required attributes.
      Parameters:
      context - the validation context
      Returns:
      a collection of attribute names (never null)

    • validateScopedAttributes

      protected org.opensaml.saml.common.assertion.ValidationResult validateScopedAttributes(List<org.opensaml.saml.saml2.core.Attribute> attributes, org.opensaml.saml.saml2.core.AttributeStatement statement, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)
      Validates that the issuing IdP has been authorized to issue scoped attributes.
      Parameters:
      attributes - a list of the attributes
      statement - the statement
      assertion - the assertion
      context - the validation context
      Returns:
      a validation result