List of usage examples for java.io StringReader toString
public String toString()
From source file:org.openiam.idm.srvc.auth.sso.SAML2TokenModule.java
public boolean isTokenValid(String userId, String principal, String token) { StringReader reader = new StringReader(token.trim()); System.out.println("token in validate=" + reader.toString()); try {/*w w w . j a v a2 s .c om*/ BasicParserPool ppMgr = new BasicParserPool(); ppMgr.setNamespaceAware(true); Document inCommonMDDoc = ppMgr.parse(reader); Element metadataRoot = inCommonMDDoc.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(metadataRoot); Assertion samlAssertion = (Assertion) unmarshaller.unmarshall(metadataRoot); // carry out some basic validation List<AuthnStatement> authnStmtList = samlAssertion.getAuthnStatements(); if (authnStmtList == null || authnStmtList.size() == 0) { return false; } Subject sub = samlAssertion.getSubject(); if (sub == null) { return false; } if (sub.getNameID() == null || sub.getNameID().getValue() == null) { return false; } log.info("Token NameId=" + sub.getNameID().getValue()); if (!sub.getNameID().getValue().equalsIgnoreCase(principal)) { return false; } Conditions cond = samlAssertion.getConditions(); if (cond == null) { return false; } DateTime curTime = new DateTime(System.currentTimeMillis()); if (curTime.isBefore(cond.getNotBefore().getMillis())) { return false; } if (curTime.isAfter(cond.getNotOnOrAfter().getMillis())) { return false; } return true; } catch (Exception e) { log.error("Error during token validation: " + e); return false; } }