1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.persistence.jpa.validation.entity;
20
21 import javax.validation.ConstraintValidatorContext;
22 import org.apache.syncope.common.lib.to.Item;
23 import org.apache.syncope.common.lib.types.EntityViolationType;
24 import org.apache.syncope.core.persistence.api.entity.SAML2SP4UIIdP;
25
26 public class SAML2SP4UIIdPValidator extends AbstractValidator<SAML2SP4UIIdPCheck, SAML2SP4UIIdP> {
27
28 @Override
29 public boolean isValid(final SAML2SP4UIIdP saml2IdP, final ConstraintValidatorContext context) {
30 context.disableDefaultConstraintViolation();
31
32 if (isHtml(saml2IdP.getKey())) {
33 context.buildConstraintViolationWithTemplate(
34 getTemplate(EntityViolationType.InvalidKey, saml2IdP.getKey())).
35 addPropertyNode("key").addConstraintViolation();
36
37 return false;
38 }
39
40 if (saml2IdP.isSelfRegUnmatching() && saml2IdP.isCreateUnmatching()) {
41 context.buildConstraintViolationWithTemplate(
42 getTemplate(EntityViolationType.Standard,
43 "Either selfRegUnmatching or createUnmatching, not both")).
44 addPropertyNode("selfRegUnmatching").
45 addPropertyNode("createUnmatching").addConstraintViolation();
46
47 return false;
48 }
49
50 long connObjectKeys = saml2IdP.getItems().stream().filter(Item::isConnObjectKey).count();
51 if (!saml2IdP.getItems().isEmpty() && connObjectKeys != 1) {
52 context.buildConstraintViolationWithTemplate(
53 getTemplate(EntityViolationType.InvalidMapping, "Single ConnObjectKey mapping is required")).
54 addPropertyNode("connObjectKey.size").addConstraintViolation();
55
56 return false;
57 }
58
59 boolean[] isValid = new boolean[] { true };
60
61 long passwords = saml2IdP.getItems().stream().filter(Item::isPassword).count();
62 if (passwords > 0) {
63 context.buildConstraintViolationWithTemplate(
64 getTemplate(EntityViolationType.InvalidMapping, "No password mapping is allowed")).
65 addPropertyNode("password.size").addConstraintViolation();
66 isValid[0] = false;
67 }
68
69 return isValid[0];
70 }
71 }