/**
   * Validates issuer info
   *
   * @param verifier
   * @return Whether issue validation successful or not.
   * @throws Exception
   */
  protected boolean validateIssuerInfoPolicy(SAMLTokenVerifier verifier, RelyingPartyData data)
      throws RelyingPartyException {
    String issuerName = verifier.getIssuerName();
    String issuerPolicy = data.getIssuerPolicy();

    try {
      if (IdentityConstants.SELF_ISSUED_ISSUER.equals(issuerName)) {
        if (issuerPolicy == null
            || issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY)
            || issuerPolicy.equals(TokenVerifierConstants.SELF_AND_MANGED)) {
          return true;
        } else {
          return false;
        }
      } else if (issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY)) {
        // not a self issued card when self only
        return false;
      } else {
        return true;
      }
    } catch (Exception e) {
      log.error("Error in issuer policy validation", e);
      throw new RelyingPartyException("errorValidatingIssuerPolicy", e);
    }
  }
  /**
   * The control flow is 1) Verify 2) Validate policies 3) Inject parameters into the
   * HttpServletRequest
   *
   * @param request
   * @param xmlToken
   * @param data
   * @throws RelyingPartyException
   */
  public void setInfocardSessionAttributes(
      HttpServletRequest request, String xmlToken, RelyingPartyData data)
      throws RelyingPartyException {

    SAMLTokenVerifier verifier = new SAMLTokenVerifier();
    Element plainTokenElem = verifier.decryptToken(xmlToken, data.getPrivateKey());
    boolean isAllSuccess = false;

    if (verifier.verifyDecryptedToken(plainTokenElem, data)) {
      if (validateIssuerInfoPolicy(verifier, data)) {
        isAllSuccess = true;
      }
    }

    if (isAllSuccess == false) {
      injectDataToRequestOnFailure(verifier, request);
    } else {
      injectDataToRequestOnSuccess(verifier, request);
    }
  }