/** * Determine whether the SAML message represented by the message context is digitally signed. * * <p> * First the SAML protocol message is examined as to whether an XML signature is present. * If not, then the presence of a binding signature is evaluated by looking at * {@link SAMLBindingContext#hasBindingSignature()}. * </p> * * @param messageContext current message context * @return true if the message is considered to be digitally signed, false otherwise */ public static boolean isMessageSigned(@Nonnull final MessageContext<SAMLObject> messageContext) { final SAMLObject samlMessage = Constraint.isNotNull(messageContext.getMessage(), "SAML message was not present in message context"); if (samlMessage instanceof SignableSAMLObject && ((SignableSAMLObject)samlMessage).isSigned()) { return true; } else { final SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class, false); if (bindingContext != null) { return bindingContext.hasBindingSignature(); } else { return false; } } }
decodedCtx.getSAMLBindingContext().setHasBindingSignature(bindingContext.hasBindingSignature()); decodedCtx.getSAMLBindingContext().setIntendedDestinationEndpointURIRequired(bindingContext .isIntendedDestinationEndpointURIRequired());