1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.opensaml.saml2.metadata.validator;
22
23 import org.opensaml.saml2.metadata.IDPSSODescriptor;
24 import org.opensaml.xml.util.DatatypeHelper;
25 import org.opensaml.xml.validation.ValidationException;
26
27
28
29
30 public class IDPSSODescriptorSpecValidator extends SSODescriptorSpecValidator<IDPSSODescriptor> {
31
32
33 public IDPSSODescriptorSpecValidator() {
34
35 }
36
37 public void validate(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
38 super.validate(idpssoDescriptor);
39 validateSingleSign(idpssoDescriptor);
40 validateNameIDMapping(idpssoDescriptor);
41 }
42
43 protected void validateSingleSign(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
44 if (idpssoDescriptor.getSingleSignOnServices() != null && idpssoDescriptor.getSingleSignOnServices().size() > 0) {
45 for (int i = 0; i < idpssoDescriptor.getSingleSignOnServices().size(); i++) {
46 if (!DatatypeHelper.isEmpty(idpssoDescriptor.getSingleSignOnServices().get(i).getResponseLocation())) {
47 throw new ValidationException("ResponseLocation of all SingleSignOnServices must be null");
48 }
49 }
50 }
51 }
52
53 protected void validateNameIDMapping(IDPSSODescriptor idpssoDescriptor) throws ValidationException {
54 if (idpssoDescriptor.getNameIDMappingServices() != null
55 && idpssoDescriptor.getNameIDMappingServices().size() > 0) {
56 for (int i = 0; i < idpssoDescriptor.getNameIDMappingServices().size(); i++) {
57 if (!DatatypeHelper.isEmpty(idpssoDescriptor.getNameIDMappingServices().get(i).getResponseLocation())) {
58 throw new ValidationException("ResponseLocation of all NameIDMappingServices must be null");
59 }
60 }
61 }
62 }
63 }