1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.opensaml.saml2.core.validator;
21
22 import org.opensaml.saml2.core.RequestedAuthnContext;
23 import org.opensaml.xml.validation.ValidationException;
24 import org.opensaml.xml.validation.Validator;
25
26
27
28
29 public class RequestedAuthnContextSchemaValidator implements Validator<RequestedAuthnContext> {
30
31
32
33
34
35 public RequestedAuthnContextSchemaValidator() {
36 super();
37 }
38
39
40 public void validate(RequestedAuthnContext requestedAuthnContext) throws ValidationException {
41 validateChildren(requestedAuthnContext);
42 }
43
44
45
46
47
48
49
50 protected void validateChildren(RequestedAuthnContext rac) throws ValidationException {
51 int classRefCount = rac.getAuthnContextClassRefs().size();
52 int declRefCount = rac.getAuthnContextDeclRefs().size();
53
54 if (classRefCount == 0 && declRefCount == 0){
55 throw new ValidationException("At least one of either AuthnContextClassRef or AuthnContextDeclRef is required");
56 }
57
58 if (classRefCount > 0 && declRefCount > 0) {
59 throw new ValidationException("AuthnContextClassRef and AuthnContextDeclRef are mutually exclusive");
60 }
61 }
62
63 }