Skip to content
This repository has been archived by the owner on Jun 1, 2018. It is now read-only.
/ verify-validation Public archive

A library containing validation framework for Verify

License

Notifications You must be signed in to change notification settings

alphagov/verify-validation

Repository files navigation

Validation

Build Status

Library for performing validation on arbitrary objects.

class AuthResponseValidator extends CompositeValidator<AuthnResponse> {
    public AuthResponseValidator() {
        super(
            stopOnFirstError: true,
            new SignatureValidator<>(),
            new IssuerValidator(AuthnResponse::getIssuer),
            new IssueInstantValidator(),
            new AssertionValidator(),
            ...
        );
    }
}

Capabilities provided to any project:

  • Declarative specification of validations for a given object
  • Java 8 lambda-function friendly
  • All validators for a given object (e.g. AuthnRequest, AuthnResponse or AttributeQuery) are in one place.
  • Ability to 'compose' validations, story-to-story, feature-to-feature as validations can and do change.
  • Ability to conditionally carry out validations.
  • Greater ability to create common/generic validators through the optional provision of value provider lambda 'accessor' functions.
  • Can return multiple validation errors, without the 'wack-a-mole' scenario of exception throwing
  • Easy to read and maintain: validations follow the structure of the DOM of the given object
  • TDD built-in. All validators should be 100% unit testable.
  • JSR-303 validation API future compliance (e.g. public myEndpoint(@Valid AuthnResponse response) { ... })

Validator classes provided out-of-the-box:

  • interface Validator<T> - the superinterface of all validators.
  • interface ConditionalValidator<T> extends Validator - conditional validation. All out-of-the-box validators can be optionally configured with a conditions to 'turn on' or 'turn off' their validation logic.
  • class FixedErrorValidator<T> - always adds an error if a given condition is true.
  • class NotEmptyValidator<T> - adds an error if a given string is null or empty.
  • class PatternValidator<T> - adds an error if a given string does not match a regular expression.
  • class RequiredValidator<T> - adds an error if a given object is null.
  • class StringLengthValidator<T> - adds an error if a given string length does not lie within a given range.

Building the project

./gradlew clean build

Testing the project

./pre-commit

Licence

MIT Licence

This code is provided for informational purposes only and is not yet intended for use outside GOV.UK Verify

Support and raising issues

If you think you have discovered a security issue in this code please email disclosure@digital.cabinet-office.gov.uk with details.

For non-security related bugs and feature requests please raise an issue in the GitHub issue tracker.

About

A library containing validation framework for Verify

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published