1 /*
2 * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /**
18 *
19 */
20
21 package org.opensaml.saml2.core.validator;
22
23 import java.util.HashSet;
24 import java.util.List;
25
26 import org.opensaml.saml2.core.Attribute;
27 import org.opensaml.saml2.core.AttributeQuery;
28 import org.opensaml.xml.util.DatatypeHelper;
29 import org.opensaml.xml.util.Pair;
30 import org.opensaml.xml.validation.ValidationException;
31
32 /**
33 * Checks {@link org.opensaml.saml2.core.AttributeQuery} for Schema compliance.
34 */
35 public class AttributeQuerySchemaValidator extends SubjectQuerySchemaValidator<AttributeQuery> {
36
37 /**
38 * Constructor.
39 */
40 public AttributeQuerySchemaValidator() {
41 super();
42 }
43
44 /** {@inheritDoc} */
45 public void validate(AttributeQuery query) throws ValidationException {
46 super.validate(query);
47 validateUniqueAttributeIdentifiers(query);
48 }
49
50 /**
51 * Checks that all the attributes have a unique Name/NameFormat pair.
52 *
53 * @param query the attribute query to validate
54 *
55 * @throws ValidationException thrown if more than on Name/NameFormat pair is found in the list of attributes in
56 * this query
57 */
58 protected void validateUniqueAttributeIdentifiers(AttributeQuery query) throws ValidationException {
59 List<Attribute> attributes = query.getAttributes();
60
61 HashSet<Pair<String, String>> encounteredNames = new HashSet<Pair<String, String>>();
62 String attributeName;
63 String attributeNameFormat;
64 for (Attribute attribute : attributes) {
65 attributeName = attribute.getName();
66 attributeNameFormat = attribute.getNameFormat();
67 if (DatatypeHelper.isEmpty(attributeNameFormat)) {
68 // SAML 2 core, sec. 2.7.3.1, if no format is specified,
69 // unspecified is in effect. This avoids bug in processing null value.
70 attributeNameFormat = Attribute.UNSPECIFIED;
71 }
72
73 Pair<String, String> pair = new Pair<String, String>(attributeName, attributeNameFormat);
74 if (encounteredNames.contains(pair)) {
75 throw new ValidationException(
76 "Attribute query contains more than one attribute with the same Name and NameFormat");
77 } else {
78 encounteredNames.add(pair);
79 }
80 }
81 }
82 }