View Javadoc

1   /*
2    * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  /**
18   * 
19   */
20  
21  package org.opensaml.saml2.metadata.validator;
22  
23  import org.opensaml.saml2.metadata.IDPSSODescriptor;
24  import org.opensaml.xml.util.DatatypeHelper;
25  import org.opensaml.xml.validation.ValidationException;
26  
27  /**
28   * Checks {@link org.opensaml.saml2.metadata.IDPSSODescriptor} for Spec compliance.
29   */
30  public class IDPSSODescriptorSpecValidator extends SSODescriptorSpecValidator<IDPSSODescriptor> {
31  
32      /** Constructor */
33      public IDPSSODescriptorSpecValidator() {
34  
35      }
36  
37      public void validate(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
38          super.validate(idpssoDescriptor);
39          validateSingleSign(idpssoDescriptor);
40          validateNameIDMapping(idpssoDescriptor);
41      }
42  
43      protected void validateSingleSign(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
44          if (idpssoDescriptor.getSingleSignOnServices() != null && idpssoDescriptor.getSingleSignOnServices().size() > 0) {
45              for (int i = 0; i < idpssoDescriptor.getSingleSignOnServices().size(); i++) {
46                  if (!DatatypeHelper.isEmpty(idpssoDescriptor.getSingleSignOnServices().get(i).getResponseLocation())) {
47                      throw new ValidationException("ResponseLocation of all SingleSignOnServices must be null");
48                  }
49              }
50          }
51      }
52  
53      protected void validateNameIDMapping(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
54          if (idpssoDescriptor.getNameIDMappingServices() != null
55                  && idpssoDescriptor.getNameIDMappingServices().size() > 0) {
56              for (int i = 0; i < idpssoDescriptor.getNameIDMappingServices().size(); i++) {
57                  if (!DatatypeHelper.isEmpty(idpssoDescriptor.getNameIDMappingServices().get(i).getResponseLocation())) {
58                      throw new ValidationException("ResponseLocation of all NameIDMappingServices must be null");
59                  }
60              }
61          }
62      }
63  }