Class SwedishEidResponseValidator
java.lang.Object
se.swedenconnect.opensaml.common.validation.AbstractObjectValidator<Response>
se.swedenconnect.opensaml.common.validation.AbstractSignableObjectValidator<Response>
se.swedenconnect.opensaml.saml2.response.validation.ResponseValidator
se.swedenconnect.opensaml.sweid.saml2.validation.SwedishEidResponseValidator
- All Implemented Interfaces:
ObjectValidator<Response>
Extends the default response validator with requirements for the Swedish eID Framework.
Supports the following ValidationContext static parameters as described in ResponseValidator.
- Author:
- Martin Lindström (martin@idsec.se)
-
Field Summary
Fields inherited from class se.swedenconnect.opensaml.common.validation.AbstractSignableObjectValidator
signaturePrevalidator, trustEngineFields inherited from class se.swedenconnect.opensaml.common.validation.AbstractObjectValidator
DEFAULT_MAX_AGE_RECEIVED_MESSAGE -
Constructor Summary
ConstructorsConstructorDescriptionSwedishEidResponseValidator(SignatureTrustEngine trustEngine, SignaturePrevalidator signaturePrevalidator) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionvalidateAssertions(Response response, ValidationContext context) Checks according toResponseValidator.validateAssertions(Response, ValidationContext)and extends the check to validate that assertion is encrypted.protected ValidationResultvalidateSignature(Response token, ValidationContext context) Overrides the default signature validation by enforcing signature validation because a Response message MUST be signed according to the Swedish eID Framework.Methods inherited from class se.swedenconnect.opensaml.saml2.response.validation.ResponseValidator
getID, getIssuer, getObjectName, setUriComparator, validate, validateConsent, validateDestination, validateExtensions, validateID, validateInResponseTo, validateIssueInstant, validateIssuer, validateStatus, validateVersionMethods inherited from class se.swedenconnect.opensaml.common.validation.AbstractSignableObjectValidator
getSignatureValidationCriteriaSet, performSignatureValidationMethods inherited from class se.swedenconnect.opensaml.common.validation.AbstractObjectValidator
getAllowedClockSkew, getMaxAgeReceivedMessage, getReceiveInstant, isStrictValidation
-
Constructor Details
-
SwedishEidResponseValidator
public SwedishEidResponseValidator(SignatureTrustEngine trustEngine, SignaturePrevalidator signaturePrevalidator) throws IllegalArgumentException Constructor.- Parameters:
trustEngine- the trust used to validate the object's signaturesignaturePrevalidator- the signature pre-validator used to pre-validate the object's signature- Throws:
IllegalArgumentException- ifnullvalues are supplied
-
-
Method Details
-
validateSignature
Overrides the default signature validation by enforcing signature validation because a Response message MUST be signed according to the Swedish eID Framework.- Overrides:
validateSignaturein classAbstractSignableObjectValidator<Response>
-
validateAssertions
Checks according toResponseValidator.validateAssertions(Response, ValidationContext)and extends the check to validate that assertion is encrypted.- Overrides:
validateAssertionsin classResponseValidator
-