private boolean validateRelayState()

in src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java [568:579]

• 12 lines of code
• 4 McCabe index (conditional complexity)

    private boolean validateRelayState(HttpServletRequest req, MessageContext messageContext) {
        SAMLBindingContext bindingContext = messageContext.getSubcontext(SAMLBindingContext.class, true);
        String reportedRelayState = bindingContext.getRelayState();
        SessionStorage relayStateStore = new SessionStorage(this.getSaml2SessionAttr());
        String savedRelayState = relayStateStore.getString(req);
        if (savedRelayState == null || savedRelayState.isEmpty()){
            return false;
        } else if (savedRelayState.equals(reportedRelayState)){
            return true;
        }
        return false;
    }