@Override
  public RequestSecurityTokenResponseType renew(String tenantName, Request req) {
    assert tenantName != null;
    assert req != null;

    STS sts = stsFactory.getSTS(tenantName);
    try {
      return sts.renew(req);
    } catch (InvalidSignatureException e) {
      throw new InvalidCredentialsException(e.getMessage(), e);
    }
  }
  @Override
  public RequestSecurityTokenResponseType validate(String tenantName, Request req) {
    assert tenantName != null;
    assert req != null;

    STS sts = stsFactory.getSTS(tenantName);
    try {
      return sts.validate(req);
    } catch (InvalidSignatureException e) {
      return RSTRBuilder.createValidateResponse(req, false);
    }
  }
  @Override
  public RequestSecurityTokenResponseCollectionType challenge(
      String tenantName,
      RequestSecurityTokenResponseType requestSecurityTokenResponse,
      SecurityHeaderType headerInfo) {
    assert tenantName != null;
    assert requestSecurityTokenResponse != null;
    assert headerInfo != null;

    STS sts = stsFactory.getSTS(tenantName);
    try {
      return sts.challenge(requestSecurityTokenResponse, headerInfo);
    } catch (InvalidSignatureException e) {
      throw new InvalidCredentialsException(e.getMessage(), e);
    }
  }