Package org.opensaml.saml.saml2.assertion.impl

Class AbstractSubjectConfirmationValidator

java.lang.Object
org.opensaml.saml.saml2.assertion.impl.AbstractSubjectConfirmationValidator
All Implemented Interfaces:
SubjectConfirmationValidator
Direct Known Subclasses:
BearerSubjectConfirmationValidator, HolderOfKeySubjectConfirmationValidator, SenderVouchersSubjectConfirmationValidator
@ThreadSafe public abstract class AbstractSubjectConfirmationValidator extends Object implements SubjectConfirmationValidator
A base class for SubjectConfirmationValidator implementations.

This class takes care of processing the NotBefore, NotOnOrAfter, Recipient, and Address checks.

Supports the following ValidationContext static parameters:

Supports the following ValidationContext dynamic parameters:

  • None.

  • Field Details

    • log

      @Nonnull private org.slf4j.Logger log
      Class logger.

  • Constructor Details

    • AbstractSubjectConfirmationValidator

      public AbstractSubjectConfirmationValidator()

  • Method Details

    • validate

      @Nonnull public ValidationResult validate(@Nonnull SubjectConfirmation confirmation, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException
      Confirms the Subject by means of the given SubjectConfirmation.
      Specified by:
      validate in interface SubjectConfirmationValidator
      Parameters:
      confirmation - the subject confirmation information
      assertion - the assertion bearing the subject
      context - the current Assertion validation context
      Returns:
      the validation result
      Throws:
      AssertionValidationException - if there is a problem processing the validation operation

    • isAddressRequired

      protected boolean isAddressRequired(ValidationContext context)
      Determine whether Address is required.
      Parameters:
      context - current validation context
      Returns:
      true if required, false if not

    • isRecipientRequired

      protected boolean isRecipientRequired(ValidationContext context)
      Determine whether Recipient is required.
      Parameters:
      context - current validation context
      Returns:
      true if required, false if not

    • isNotBeforeRequired

      protected boolean isNotBeforeRequired(ValidationContext context)
      Determine whether NotBefore is required.
      Parameters:
      context - current validation context
      Returns:
      true if required, false if not

    • isNotOnOrAfterRequired

      protected boolean isNotOnOrAfterRequired(ValidationContext context)
      Determine whether NotOnOrAfter is required.
      Parameters:
      context - current validation context
      Returns:
      true if required, false if not

    • isInResponseToRequired

      protected boolean isInResponseToRequired(ValidationContext context)
      Determine whether InResponseTo is required.
      Parameters:
      context - current validation context
      Returns:
      true if required, false if not

    • validateInResponseTo

      @Nonnull protected ValidationResult validateInResponseTo(@Nonnull SubjectConfirmationData confirmationData, @Nonnull Assertion assertion, @Nonnull ValidationContext context, boolean required) throws AssertionValidationException
      Validates the InResponseTo condition of the SubjectConfirmationData, if any is present.
      Parameters:
      confirmationData - confirmation data being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      required - whether the InResponseTo value is required
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if there is a problem determining the validity of the NotBefore

    • validateNotBefore

      @Nonnull protected ValidationResult validateNotBefore(@Nonnull SubjectConfirmationData confirmationData, @Nonnull Assertion assertion, @Nonnull ValidationContext context, boolean required) throws AssertionValidationException
      Validates the NotBefore condition of the SubjectConfirmationData, if any is present.
      Parameters:
      confirmationData - confirmation data being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      required - whether the NotBefore value is required
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if there is a problem determining the validity of the NotBefore

    • validateNotOnOrAfter

      @Nonnull protected ValidationResult validateNotOnOrAfter(@Nonnull SubjectConfirmationData confirmationData, @Nonnull Assertion assertion, @Nonnull ValidationContext context, boolean required) throws AssertionValidationException
      Validates the NotOnOrAfter condition of the SubjectConfirmationData, if any is present.
      Parameters:
      confirmationData - confirmation data being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      required - whether the NotOnOrAfter value is required
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if there is a problem determining the validity of the NotOnOrAFter

    • validateRecipient

      @Nonnull protected ValidationResult validateRecipient(@Nonnull SubjectConfirmationData confirmationData, @Nonnull Assertion assertion, @Nonnull ValidationContext context, boolean required) throws AssertionValidationException
      Validates the Recipient condition of the SubjectConfirmationData, if any is present.
      Parameters:
      confirmationData - confirmation data being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      required - whether the Recipient value is required
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if there is a problem determining the validity of the recipient

    • validateAddress

      @Nonnull protected ValidationResult validateAddress(@Nonnull SubjectConfirmationData confirmationData, @Nonnull Assertion assertion, @Nonnull ValidationContext context, boolean required) throws AssertionValidationException
      Validates the Address condition of the SubjectConfirmationData, if any is present.
      Parameters:
      confirmationData - confirmation data being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      required - whether the Address value is required
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if there is a problem determining the validity of the address

    • doValidate

      @Nonnull protected abstract ValidationResult doValidate(@Nonnull SubjectConfirmation confirmation, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException
      Performs any further validation required for the specific confirmation method implementation.
      Parameters:
      confirmation - confirmation method being validated
      assertion - assertion bearing the confirmation method
      context - current validation context
      Returns:
      the result of the validation evaluation
      Throws:
      AssertionValidationException - thrown if further validation finds the confirmation method to be invalid