public ValidationResults validate(Attribute<?, ?> attribute) {
ValidationResults results = new ValidationResults();
if (!attribute.isEmpty()) {
validateAttributeValue(attribute, results);
if (!results.hasErrors()) {
validateAttributeChecks(attribute, results);
}
}
return results;
}
private void validateCodeAttributeValue(CodeAttribute attribute, ValidationResults results) {
CodeParentValidator parentValidator = new CodeParentValidator();
ValidationResultFlag validParent = parentValidator.evaluate(attribute);
if (validParent == ValidationResultFlag.OK) {
CodeValidator codeValidator = new CodeValidator();
ValidationResultFlag result = codeValidator.evaluate(attribute);
results.addResult(codeValidator, result);
} else {
results.addResult(parentValidator, ValidationResultFlag.WARNING);
}
}
/**
* POST api/authentication?token=xxx
*
* <p>This action is called after signing the nonce on the client-side with the user's
* certificate. We'll once again use the Authentication class to do the actual work.
*/
@RequestMapping(
value = "/api/authentication",
method = {RequestMethod.POST})
public AuthenticationPostResponse post(
@RequestParam(value = "token", required = true) String token) throws RestException {
// Instantiate the Authentication class
Authentication auth = new Authentication(Util.getRestPkiClient());
// Call the completeWithWebPki() method, which finalizes the authentication process. It receives
// as input
// only the token that was yielded previously (which we sent to the page and the page sent us
// back on the URL).
// The call yields a ValidationResults which denotes whether the authentication was successful
// or not.
ValidationResults vr = auth.completeWithWebPki(token);
AuthenticationPostResponse response = new AuthenticationPostResponse();
// Check the authentication result
if (!vr.isValid()) {
// If the authentication failed, inform the page
response.setSuccess(false);
response.setMessage("Authentication failed");
response.setValidationResults(vr.toString());
return response;
}
// At this point, you have assurance that the certificate is valid according to the
// SecurityContext passed on the first step (see method get()) and that the user is indeed the
// certificate's
// subject. Now, you'd typically query your database for a user that matches one of the
// certificate's fields, such as cert.getEmailAddress() or cert.getPkiBrazil().getCpf() (the
// actual field
// to be used as key depends on your application's business logic) and set the user
// as authenticated with whatever web security framework your application uses.
// For demonstration purposes, we'll just return a success and put on the message something
// to show that we have access to the certificate's fields.
PKCertificate userCert = auth.getPKCertificate();
StringBuilder message = new StringBuilder();
message.append("Welcome, " + userCert.getSubjectName().getCommonName() + "!");
if (!StringUtils.isEmpty(userCert.getEmailAddress())) {
message.append(" Your email address is " + userCert.getEmailAddress());
}
if (!StringUtils.isEmpty(userCert.getPkiBrazil().getCpf())) {
message.append(" and your CPF is " + userCert.getPkiBrazil().getCpf());
}
// Return success to the page
response.setSuccess(true);
response.setMessage(message.toString());
return response;
}
protected void validateRealRangeAttributeValue(
RealRangeAttribute attribute, ValidationResults results) {
RealRangeValidator validator = new RealRangeValidator();
ValidationResultFlag result = validator.evaluate(attribute);
results.addResult(validator, result);
validateNumericRangeUnit(attribute, results);
}
@SuppressWarnings("rawtypes")
protected void validateAttributeChecks(Attribute<?, ?> attribute, ValidationResults results) {
// Attribute<? extends AttributeDefinition, ?> attribute = (Attribute<? extends
// AttributeDefinition, ?>) nodeState.getNode();
AttributeDefinition defn = attribute.getDefinition();
List<Check<?>> checks = defn.getChecks();
for (Check check : checks) {
if (evaluateCheckCondition(attribute, check.getCondition())) {
@SuppressWarnings("unchecked")
ValidationResultFlag result = check.evaluate(attribute);
results.addResult(check, result);
}
}
}
protected void validateNumericRangeUnit(
NumericRangeAttribute<?, ?> attribute, ValidationResults results) {
NumericRangeUnitValidator unitValidator = new NumericRangeUnitValidator();
ValidationResultFlag unitValidationResult = unitValidator.evaluate(attribute);
results.addResult(unitValidator, unitValidationResult);
}
protected void validateNumericAttributeUnit(
NumberAttribute<?, ?> attribute, ValidationResults results) {
NumberValueUnitValidator validator = new NumberValueUnitValidator();
ValidationResultFlag result = validator.evaluate(attribute);
results.addResult(validator, result);
}
private void validateCoordinateAttributeValue(
CoordinateAttribute attribute, ValidationResults results) {
CoordinateValidator validator = new CoordinateValidator();
ValidationResultFlag result = validator.evaluate(attribute);
results.addResult(validator, result);
}
private void validateTimeAttributeValue(TimeAttribute timeAttribute, ValidationResults results) {
TimeValidator validator = new TimeValidator();
ValidationResultFlag result = validator.evaluate(timeAttribute);
results.addResult(validator, result);
}