/**
* Validates issuer info
*
* @param verifier
* @return Whether issue validation successful or not.
* @throws Exception
*/
protected boolean validateIssuerInfoPolicy(SAMLTokenVerifier verifier, RelyingPartyData data)
throws RelyingPartyException {
String issuerName = verifier.getIssuerName();
String issuerPolicy = data.getIssuerPolicy();
try {
if (IdentityConstants.SELF_ISSUED_ISSUER.equals(issuerName)) {
if (issuerPolicy == null
|| issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY)
|| issuerPolicy.equals(TokenVerifierConstants.SELF_AND_MANGED)) {
return true;
} else {
return false;
}
} else if (issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY)) {
// not a self issued card when self only
return false;
} else {
return true;
}
} catch (Exception e) {
log.error("Error in issuer policy validation", e);
throw new RelyingPartyException("errorValidatingIssuerPolicy", e);
}
}
/**
* The control flow is 1) Verify 2) Validate policies 3) Inject parameters into the
* HttpServletRequest
*
* @param request
* @param xmlToken
* @param data
* @throws RelyingPartyException
*/
public void setInfocardSessionAttributes(
HttpServletRequest request, String xmlToken, RelyingPartyData data)
throws RelyingPartyException {
SAMLTokenVerifier verifier = new SAMLTokenVerifier();
Element plainTokenElem = verifier.decryptToken(xmlToken, data.getPrivateKey());
boolean isAllSuccess = false;
if (verifier.verifyDecryptedToken(plainTokenElem, data)) {
if (validateIssuerInfoPolicy(verifier, data)) {
isAllSuccess = true;
}
}
if (isAllSuccess == false) {
injectDataToRequestOnFailure(verifier, request);
} else {
injectDataToRequestOnSuccess(verifier, request);
}
}
