View Javadoc

1   /*
2    * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  /**
18   * 
19   */
20  
21  package org.opensaml.saml2.core.validator;
22  
23  import java.util.HashSet;
24  import java.util.List;
25  
26  import org.opensaml.saml2.core.Attribute;
27  import org.opensaml.saml2.core.AttributeQuery;
28  import org.opensaml.xml.util.DatatypeHelper;
29  import org.opensaml.xml.util.Pair;
30  import org.opensaml.xml.validation.ValidationException;
31  
32  /**
33   * Checks {@link org.opensaml.saml2.core.AttributeQuery} for Schema compliance.
34   */
35  public class AttributeQuerySchemaValidator extends SubjectQuerySchemaValidator<AttributeQuery> {
36  
37      /**
38       * Constructor.
39       */
40      public AttributeQuerySchemaValidator() {
41          super();
42      }
43  
44      /** {@inheritDoc} */
45      public void validate(AttributeQuery query) throws ValidationException {
46          super.validate(query);
47          validateUniqueAttributeIdentifiers(query);
48      }
49  
50      /**
51       * Checks that all the attributes have a unique Name/NameFormat pair.
52       * 
53       * @param query the attribute query to validate
54       * 
55       * @throws ValidationException thrown if more than on Name/NameFormat pair is found in the list of attributes in
56       *             this query
57       */
58      protected void validateUniqueAttributeIdentifiers(AttributeQuery query) throws ValidationException {
59          List<Attribute> attributes = query.getAttributes();
60  
61          HashSet<Pair<String, String>> encounteredNames = new HashSet<Pair<String, String>>();
62          String attributeName;
63          String attributeNameFormat;
64          for (Attribute attribute : attributes) {
65              attributeName = attribute.getName();
66              attributeNameFormat = attribute.getNameFormat();
67              if (DatatypeHelper.isEmpty(attributeNameFormat)) {
68                  // SAML 2 core, sec. 2.7.3.1, if no format is specified,
69                  // unspecified is in effect. This avoids bug in processing null value.
70                  attributeNameFormat = Attribute.UNSPECIFIED;
71              }
72              
73              Pair<String, String> pair = new Pair<String, String>(attributeName, attributeNameFormat);
74              if (encounteredNames.contains(pair)) {
75                  throw new ValidationException(
76                          "Attribute query contains more than one attribute with the same Name and NameFormat");
77              } else {
78                  encounteredNames.add(pair);
79              }
80          }
81      }
82  }