1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.opensaml.saml1.core.validator;
22
23 import javax.xml.namespace.QName;
24
25 import org.opensaml.common.xml.SAMLConstants;
26 import org.opensaml.saml1.core.StatusCode;
27 import org.opensaml.xml.validation.ValidationException;
28 import org.opensaml.xml.validation.Validator;
29
30
31
32
33 public class StatusCodeSchemaValidator implements Validator<StatusCode> {
34
35
36 public void validate(StatusCode statusCode) throws ValidationException {
37 validateValue(statusCode);
38 validateValueContent(statusCode);
39 }
40
41
42
43
44
45
46
47
48 protected void validateValue(StatusCode statusCode) throws ValidationException {
49 QName value = statusCode.getValue();
50 if (value == null) {
51 throw new ValidationException("No Value attribute present");
52 }
53 }
54
55
56
57
58
59
60
61
62 protected void validateValueContent(StatusCode statusCode) throws ValidationException {
63 QName statusValue = statusCode.getValue();
64
65 if (SAMLConstants.SAML10P_NS.equals(statusValue.getNamespaceURI())) {
66 if (!(statusValue.equals(StatusCode.SUCCESS)
67 || statusValue.equals(StatusCode.VERSION_MISMATCH)
68 || statusValue.equals(StatusCode.REQUESTER)
69 || statusValue.equals(StatusCode.RESPONDER)
70 || statusValue.equals(StatusCode.REQUEST_VERSION_TOO_HIGH)
71 || statusValue.equals(StatusCode.REQUEST_VERSION_TOO_LOW)
72 || statusValue.equals(StatusCode.REQUEST_VERSION_DEPRICATED)
73 || statusValue.equals(StatusCode.TOO_MANY_RESPONSES)
74 || statusValue.equals(StatusCode.REQUEST_DENIED)
75 || statusValue.equals(StatusCode.RESOURCE_NOT_RECOGNIZED))) {
76 throw new ValidationException(
77 "Status code value was in the SAML 1 protocol namespace but was not of an allowed value: "
78 + statusValue);
79 }
80 } else if (SAMLConstants.SAML1_NS.equals(statusValue.getNamespaceURI())) {
81 throw new ValidationException(
82 "Status code value was in the SAML 1 assertion namespace, no values are allowed in that namespace");
83 }
84 }
85 }