a lot of more OpenSAML3 refactoring staff

This version is also NOT stable!
author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2020-01-31 20:41:54 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2020-01-31 20:41:54 +0100
commit: d41afe91ee59daf6b5f5037cecac52900fe2ccb2 (patch)
tree: 3a19e1818d276d701574758ce6166b2f3a7e2030 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata
parent: 0cf9926282ba4aa46bad3f4e8020cec72683492f (diff)
download: EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.tar.gz
EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.tar.bz2
EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.zip
3 files changed, 163 insertions, 270 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
index 4a9bb89a..ec59b1df 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
@@ -21,48 +21,59 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.metadata;
 
 import java.io.IOException;
 import java.security.cert.CertificateException;
-import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Timer;
+import java.util.UUID;
 
+import javax.annotation.Nonnull;
+import javax.naming.ConfigurationException;
 import javax.xml.namespace.QName;
 
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.RoleDescriptor;
-import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider;
-import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
-import org.opensaml.saml2.metadata.provider.MetadataFilter;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.saml2.metadata.provider.MetadataProviderException;
-import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider;
-import org.opensaml.xml.XMLObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import at.gv.egiz.components.spring.api.IDestroyableObject;
 import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
 import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
 
-public abstract class AbstractChainingMetadataProvider extends SimpleMetadataProvider
-    implements ObservableMetadataProvider, IGarbageCollectorProcessing,
-    IRefreshableMetadataProvider, IDestroyableObject, IPvpMetadataProvider {
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.saml.metadata.resolver.ClearableMetadataResolver;
+import org.opensaml.saml.metadata.resolver.MetadataResolver;
+import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver;
+import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
+import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
+import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml.saml2.metadata.RoleDescriptor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements;
+import net.shibboleth.utilities.java.support.component.IdentifiedComponent;
+import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+
+public abstract class AbstractChainingMetadataProvider extends SimpleMetadataResolver
+    implements IGarbageCollectorProcessing, IRefreshableMetadataProvider, IDestroyableObject, IPvp2MetadataProvider,
+    RefreshableMetadataResolver, ClearableMetadataResolver {
 
   private static final Logger log = LoggerFactory.getLogger(AbstractChainingMetadataProvider.class);
 
-  private MetadataProvider internalProvider = null;
+  @Nonnull @NonnullElements private final List<MetadataResolver> internalResolvers;
   private static Object mutex = new Object();
   private Timer timer = null;
 
+  /**
+   * Build a chaining metadata resolver that requires valid metadata.
+   *
+   */
   public AbstractChainingMetadataProvider() {
-    internalProvider = new ChainingMetadataProvider();
+    internalResolvers = Collections.synchronizedList(Collections.emptyList());
 
   }
 
@@ -102,30 +113,34 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
 
   }
 
+
+
   @Override
-  public synchronized boolean refreshMetadataProvider(final String entityID) {
+  public synchronized boolean refreshMetadataProvider(final String entityId) {
     try {
       // check if metadata provider is already loaded
       try {
-        if (internalProvider.getEntityDescriptor(entityID) != null) {
+        if (resolveEntityDescripor(entityId) != null) {
           return true;
+
         }
 
-      } catch (final MetadataProviderException e) {
-        log.debug("Metadata for EntityId: {} is not valid. Starting refresh ... ", entityID);
+      } catch (final ResolverException e) {
+        log.debug("Metadata for EntityId: {} is not valid. Starting refresh ... ", entityId);
 
       }
 
       // reload metadata provider
-      final String metadataUrl = getMetadataUrl(entityID);
+      final String metadataUrl = getMetadataUrl(entityId);
       if (StringUtils.isNotEmpty(metadataUrl)) {
-        final Map<String, HTTPMetadataProvider> actuallyLoadedProviders =
-            getAllActuallyLoadedProviders();
+        final Map<String, MetadataResolver> actuallyLoadedResolver =
+            getAllActuallyLoadedResolvers();
 
         // check if MetadataProvider is actually loaded
-        if (actuallyLoadedProviders.containsKey(metadataUrl)) {
-          actuallyLoadedProviders.get(metadataUrl).refresh();
-          log.info("SAML2 metadata for service provider: " + entityID + " is refreshed.");
+        final MetadataResolver loadedResover = actuallyLoadedResolver.get(metadataUrl);
+        if (loadedResover instanceof RefreshableMetadataResolver) {
+          ((RefreshableMetadataResolver)loadedResover).refresh();
+          log.info("SAML2 metadata for service provider: " + entityId + " is refreshed.");
           return true;
 
         } else {
@@ -134,32 +149,20 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
             timer = new Timer(true);
           }
 
-          final ChainingMetadataProvider chainProvider =
-              (ChainingMetadataProvider) internalProvider;
-          chainProvider.addMetadataProvider(createNewMetadataProvider(entityID));
+          internalResolvers.add(createNewMetadataProvider(metadataUrl));
 
-          emitChangeEvent();
-          log.info("SAML2 metadata for service provider: " + entityID + " is added.");
+          log.info("SAML2 metadata for service provider: " + entityId + " is added.");
           return true;
 
         }
 
       } else {
         log.debug(
-            "Can not refresh SAML2 metadata: NO SAML2 metadata URL for SP with Id: " + entityID);
+            "Can not refresh SAML2 metadata: NO SAML2 metadata URL for SP with Id: " + entityId);
       }
 
-    } catch (final MetadataProviderException e) {
-      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
-
-    } catch (final IOException e) {
-      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
-
-    } catch (final EaafConfigurationException e) {
-      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
-
-    } catch (final CertificateException e) {
-      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
+    } catch (final IOException | ResolverException | EaafConfigurationException | CertificateException e) {
+      log.warn("Refresh SAML2 metadata for service provider: " + entityId + " FAILED.", e);
 
     }
 
@@ -172,55 +175,20 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
    *
    */
   public void internalDestroy() {
-    if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
-      log.info("Destrorying PVP-Authentication MetaDataProvider.");
-      final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
-
-      final List<MetadataProvider> providers = chainProvider.getProviders();
-      for (final MetadataProvider provider : providers) {
-        if (provider instanceof HTTPMetadataProvider) {
-          final HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
-          log.debug("Destroy HTTPMetadataProvider +" + httpprovider.getMetadataURI());
-          httpprovider.destroy();
+      log.info("Destroying chained metadata resolvers ...");
 
-        } else {
-          log.warn("MetadataProvider can not be destroyed.");
-        }
+      for (final MetadataResolver resolver : internalResolvers) {
+        destroyMetadataResolver(resolver);
       }
 
-      internalProvider = new ChainingMetadataProvider();
+      internalResolvers.clear();
 
       if (timer != null) {
         timer.cancel();
       }
 
-    } else {
-      log.warn(
-          "ReInitalize MOAMetaDataProvider is not possible! MOA-ID Instance has to be restarted manualy");
-    }
   }
 
-  /*
-   * (non-Javadoc)
-   *
-   * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#
-   * requireValidMetadata()
-   */
-  @Override
-  public boolean requireValidMetadata() {
-    return internalProvider.requireValidMetadata();
-  }
-
-  /*
-   * (non-Javadoc)
-   *
-   * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#
-   * setRequireValidMetadata (boolean)
-   */
-  @Override
-  public void setRequireValidMetadata(final boolean requireValidMetadata) {
-    internalProvider.setRequireValidMetadata(requireValidMetadata);
-  }
 
   /*
    * (non-Javadoc)
@@ -359,18 +327,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
     return result;
   }
 
-  /*
-   * (non-Javadoc)
-   *
-   * @see
-   * org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers(
-   * )
-   */
-  @Override
-  public List<Observer> getObservers() {
-    return ((ChainingMetadataProvider) internalProvider).getObservers();
-  }
-
   /**
    * Get the URL to metadata for a specific entityID.
    *
@@ -384,13 +340,13 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
    * Creates a new implementation specific SAML2 metadata provider.
    *
    * @param entityId EntityId
-   * @return MetadataProvider
+   * @return MetadataResolver
    * @throws EaafConfigurationException In case of an error
    * @throws IOException                In case of an error
    * @throws CertificateException       In case of an error
    * @throws ConfigurationException     In case of an error
    */
-  protected abstract MetadataProvider createNewMetadataProvider(String entityId)
+  protected abstract MetadataResolver createNewMetadataProvider(String entityId)
       throws EaafConfigurationException, IOException, CertificateException;
 
   /**
@@ -398,33 +354,25 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
    *
    * @throws EaafConfigurationException In case of an error
    */
+  @Nonnull
   protected abstract List<String> getAllMetadataUrlsFromConfiguration()
       throws EaafConfigurationException;
 
-  protected void emitChangeEvent() {
-    if (getObservers() == null || getObservers().size() == 0) {
-      return;
-    }
-
-    final List<Observer> tempObserverList = new ArrayList<>(getObservers());
-    for (final ObservableMetadataProvider.Observer observer : tempObserverList) {
-      if (observer != null) {
-        observer.onEvent(this);
-      }
-    }
-  }
 
-  private Map<String, HTTPMetadataProvider> getAllActuallyLoadedProviders() {
-    final Map<String, HTTPMetadataProvider> loadedproviders =
+  private Map<String, MetadataResolver> getAllActuallyLoadedResolvers() {
+    final Map<String, MetadataResolver> loadedproviders =
         new HashMap<>();
-    final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
 
     // make a Map of all actually loaded HTTPMetadataProvider
-    final List<MetadataProvider> providers = chainProvider.getProviders();
-    for (final MetadataProvider provider : providers) {
-      if (provider instanceof HTTPMetadataProvider) {
-        final HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
-        loadedproviders.put(httpprovider.getMetadataURI(), httpprovider);
+    for (final MetadataResolver resolver : internalResolvers) {
+      if (resolver instanceof IdentifiedComponent) {
+        loadedproviders.put(((IdentifiedComponent) resolver).getId(), resolver);
+
+      } else {
+        final String uuid = UUID.randomUUID().toString();
+        loadedproviders.put(uuid, resolver);
+        log.debug("MetadatenResolver is not of type: {}. Mark it with id: {}",
+            IdentifiedComponent.class.getSimpleName(), uuid);
 
       }
     }
@@ -433,19 +381,17 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
   }
 
   private void addAndRemoveMetadataProvider() throws EaafConfigurationException {
-    if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
-      log.info("Reload MOAMetaDataProvider.");
+      log.info("EAAF chaining metadata resolver starting internal managment task .... ");
 
       /*
        * OpenSAML ChainingMetadataProvider can not remove a MetadataProvider
        * (UnsupportedOperationException) The ChainingMetadataProvider use internal a
        * unmodifiableList to hold all registrated MetadataProviders.
        */
-      final Map<String, MetadataProvider> providersinuse = new HashMap<>();
-      final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
+      final Map<String, MetadataResolver> providersinuse = new HashMap<>();
 
       // get all actually loaded metadata providers
-      final Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders();
+      final Map<String, MetadataResolver> loadedproviders = getAllActuallyLoadedResolvers();
 
       /*
        * TODO: maybe add metadata provider destroy after timeout. But could be a
@@ -460,7 +406,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
       // compare actually loaded Providers with configured SAML2 SPs
       final List<String> allMetadataUrls = getAllMetadataUrlsFromConfiguration();
 
-      if (allMetadataUrls != null) {
         final Iterator<String> metadataUrlInterator = allMetadataUrls.iterator();
         while (metadataUrlInterator.hasNext()) {
           final String metadataurl = metadataUrlInterator.next();
@@ -477,15 +422,15 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
 
           }
         }
-      }
+
 
       // remove all actually loaded MetadataProviders with are not in ConfigurationDB
       // any more
-      final Collection<HTTPMetadataProvider> notusedproviders = loadedproviders.values();
-      for (final HTTPMetadataProvider provider : notusedproviders) {
-        final String metadataurl = provider.getMetadataURI();
-        try {
-          provider.destroy();
+      final Collection<MetadataResolver> notusedproviders = loadedproviders.values();
+      for (final MetadataResolver resolver : notusedproviders) {
+        log.info("Remove not used MetadataProvider with MetadataURL " + resolver.getId());
+        destroyMetadataResolver(resolver);
+        internalResolvers.remove(resolver);
 
           /*
            * OpenSAML ChainingMetadataProvider can not remove a MetadataProvider
@@ -493,31 +438,43 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro
            * unmodifiableList to hold all registrated MetadataProviders.
            */
           // chainProvider.removeMetadataProvider(provider);
-          log.info("Remove not used MetadataProvider with MetadataURL " + metadataurl);
 
-        } catch (final Throwable e) {
-          log.error("HTTPMetadataProvider with URL " + metadataurl
-              + " can not be removed from the list of actually loaded Providers.", e);
-
-        }
 
       }
 
+  }
+
+  private EntityDescriptor resolveEntityDescripor(String entityId) throws ResolverException {
+    final CriteriaSet criteria = new CriteriaSet();
+    criteria.add(new EntityIdCriterion(entityId));
+    for (final MetadataResolver resolver : internalResolvers) {
       try {
-        chainProvider.setProviders(new ArrayList<>(providersinuse.values()));
-        emitChangeEvent();
+          final EntityDescriptor descriptors = resolver.resolveSingle(criteria);
+          if (descriptors != null) {
+              return descriptors;
+          }
 
-      } catch (final MetadataProviderException e) {
-        log.warn(
-            "ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy",
-            e);
+      } catch (final ResolverException e) {
+          continue;
 
       }
 
-    } else {
-      log.warn(
-          "ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy");
     }
 
+    return null;
+
+  }
+
+  private void destroyMetadataResolver(MetadataResolver resolver) {
+    if (resolver instanceof AbstractMetadataResolver) {
+      final AbstractMetadataResolver httpprovider = (AbstractMetadataResolver) resolver;
+      log.debug("Destroy metadata resolver with id: {}", httpprovider.getId());
+      httpprovider.destroy();
+
+    } else {
+      log.warn("Metadata resolver: {} can not be destroyed. Reason: unsupported type: {}",
+          resolver.getId(), resolver.getClass().getName());
+
+    }
   }
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java
deleted file mode 100644
index ebc057df..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
- * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
- * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
- * compliance with the Licence. You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the Licence
- * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the Licence for the specific language governing permissions and limitations under
- * the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text file for details on the
- * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
- * works that you distribute must include a readable copy of the "NOTICE" text file.
-*/
-
-package at.gv.egiz.eaaf.modules.pvp2.impl.metadata;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.provider.FilterException;
-import org.opensaml.saml2.metadata.provider.MetadataFilter;
-import org.opensaml.xml.XMLObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Metadata filter-chain implementation.
- *
- * @author tlenz
- *
- */
-public class MetadataFilterChain implements MetadataFilter {
-  private static final Logger log = LoggerFactory.getLogger(MetadataFilterChain.class);
-
-  private final List<MetadataFilter> filters = new ArrayList<>();
-
-  /**
-   * Return all actually used Metadata filters.
-   *
-   * @return List of Metadata filters
-   */
-  public List<MetadataFilter> getFilters() {
-    return filters;
-  }
-
-  /**
-   * Add a new Metadata filter to filterchain.
-   *
-   * @param filter add a metadata filter
-   */
-  public void addFilter(final MetadataFilter filter) {
-    filters.add(filter);
-  }
-
-  /*
-   * (non-Javadoc)
-   *
-   * @see
-   * org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml
-   * .XMLObject)
-   */
-  @Override
-  public void doFilter(final XMLObject arg0) throws FilterException {
-    for (final MetadataFilter filter : filters) {
-      log.trace("Use EAAFMetadataFilter " + filter.getClass().getName());
-      filter.doFilter(arg0);
-    }
-
-  }
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataResolver.java
index d63950cb..35ad3f97 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataResolver.java
@@ -25,30 +25,29 @@ import java.util.Timer;
 
 import javax.net.ssl.SSLHandshakeException;
 
-import org.apache.commons.httpclient.HttpClient;
-import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
-import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
-import org.opensaml.saml2.metadata.provider.MetadataFilter;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.xml.parse.ParserPool;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
 import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
 
+import org.apache.http.client.HttpClient;
+import org.opensaml.saml.metadata.resolver.MetadataResolver;
+import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
+import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver;
+import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import lombok.extern.slf4j.Slf4j;
+import net.shibboleth.utilities.java.support.xml.ParserPool;
+
 /**
  * Simple SAML2 metadata provider.
  *
  * @author tlenz
  *
  */
-public abstract class SimpleMetadataProvider implements MetadataProvider {
-  private static final Logger log = LoggerFactory.getLogger(SimpleMetadataProvider.class);
-
+@Slf4j
+public abstract class SimpleMetadataResolver implements MetadataResolver {
   private static final String URI_PREFIX_HTTP = "http:";
   private static final String URI_PREFIX_HTTPS = "https:";
   private static final String URI_PREFIX_FILE = "file:";
@@ -56,6 +55,21 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
   @Autowired
   protected IConfiguration authConfig;
 
+  @Override
+  public final boolean isRequireValidMetadata() {
+    return true;
+
+  }
+
+  @Override
+  public final void setRequireValidMetadata(final boolean requireValidMetadata) {
+    log.warn("EAAF {} requires always valid metadata. Setting will be ignored",
+        SimpleMetadataResolver.class.getSimpleName());
+
+  }
+
+
+
   /**
    * Create a single SAML2 metadata provider.
    *
@@ -74,7 +88,7 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
    * @return SAML2 Metadata Provider, or null if the metadata provider can not
    *         initialized
    */
-  protected MetadataProvider createNewSimpleMetadataProvider(final String metadataLocation,
+  protected MetadataResolver createNewSimpleMetadataProvider(final String metadataLocation,
       final MetadataFilter filter, final String idForLogging, final Timer timer,
       final ParserPool pool, final HttpClient httpClient) {
     if (metadataLocation.startsWith(URI_PREFIX_HTTP)
@@ -130,24 +144,24 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
    *
    * @return SAML2 Metadata Provider
    */
-  private MetadataProvider createNewFileSystemMetaDataProvider(final File metadataFile,
+  private MetadataResolver createNewFileSystemMetaDataProvider(final File metadataFile,
       final MetadataFilter filter, final String idForLogging, final Timer timer,
       final ParserPool pool) {
-    FilesystemMetadataProvider fileSystemProvider = null;
+    FilesystemMetadataResolver fileSystemResolver = null;
     try {
-      fileSystemProvider = new FilesystemMetadataProvider(timer, metadataFile);
-      fileSystemProvider.setParserPool(pool);
-      fileSystemProvider.setRequireValidMetadata(true);
-      fileSystemProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
-      fileSystemProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
-      // httpProvider.setRefreshDelayFactor(0.1F);
+      fileSystemResolver = new FilesystemMetadataResolver(timer, metadataFile);
+      fileSystemResolver.setParserPool(pool);
+      fileSystemResolver.setRequireValidMetadata(true);
+      fileSystemResolver.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
+      fileSystemResolver.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
 
-      fileSystemProvider.setMetadataFilter(filter);
-      fileSystemProvider.initialize();
+      fileSystemResolver.setMetadataFilter(filter);
+      fileSystemResolver.initialize();
+      fileSystemResolver.setId(metadataFile.getAbsolutePath());
 
-      fileSystemProvider.setRequireValidMetadata(true);
+      fileSystemResolver.setRequireValidMetadata(true);
 
-      return fileSystemProvider;
+      return fileSystemResolver;
 
     } catch (final Exception e) {
       log.warn("Failed to load Metadata file for " + idForLogging + "[ " + "File: "
@@ -156,8 +170,9 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
       log.warn("Can not initialize SAML2 metadata provider from filesystem: "
           + metadataFile.getAbsolutePath() + " Reason: " + e.getMessage(), e);
 
-      if (fileSystemProvider != null) {
-        fileSystemProvider.destroy();
+      if (fileSystemResolver != null) {
+        fileSystemResolver.destroy();
+
       }
 
     }
@@ -178,24 +193,25 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
    *
    * @return SAML2 Metadata Provider
    */
-  private MetadataProvider createNewHttpMetaDataProvider(final String metadataUrl,
+  private MetadataResolver createNewHttpMetaDataProvider(final String metadataUrl,
       final MetadataFilter filter, final String idForLogging, final Timer timer,
       final ParserPool pool, final HttpClient httpClient) {
-    HTTPMetadataProvider httpProvider = null;
+    HTTPMetadataResolver httpMetadataResolver = null;
     try {
-      httpProvider = new HTTPMetadataProvider(timer, httpClient, metadataUrl);
-      httpProvider.setParserPool(pool);
-      httpProvider.setRequireValidMetadata(true);
-      httpProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
-      httpProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
+      httpMetadataResolver = new HTTPMetadataResolver(timer, httpClient, metadataUrl);
+      httpMetadataResolver.setParserPool(pool);
+      httpMetadataResolver.setRequireValidMetadata(true);
+      httpMetadataResolver.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
+      httpMetadataResolver.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
       // httpProvider.setRefreshDelayFactor(0.1F);
 
-      httpProvider.setMetadataFilter(filter);
-      httpProvider.initialize();
+      httpMetadataResolver.setMetadataFilter(filter);
+      httpMetadataResolver.setId(metadataUrl);
+      httpMetadataResolver.initialize();
 
-      httpProvider.setRequireValidMetadata(true);
+      httpMetadataResolver.setRequireValidMetadata(true);
 
-      return httpProvider;
+      return httpMetadataResolver;
 
     } catch (final Throwable e) {
       if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
@@ -213,15 +229,11 @@ public abstract class SimpleMetadataProvider implements MetadataProvider {
       log.warn("Failed to load Metadata file for " + idForLogging + "[ " + e.getMessage() + " ]",
           e);
 
-      if (httpProvider != null) {
+      if (httpMetadataResolver != null) {
         log.debug("Destroy failed Metadata provider");
-        httpProvider.destroy();
-      }
+        httpMetadataResolver.destroy();
 
-      // if (timer != null) {
-      // log.debug("Destroy Timer.");
-      // timer.cancel();
-      // }
+      }
 
     }
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2020-01-31 20:41:54 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2020-01-31 20:41:54 +0100
commit	d41afe91ee59daf6b5f5037cecac52900fe2ccb2 (patch)
tree	3a19e1818d276d701574758ce6166b2f3a7e2030 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata
parent	0cf9926282ba4aa46bad3f4e8020cec72683492f (diff)
download	EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.tar.gz EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.tar.bz2 EAAF-Components-d41afe91ee59daf6b5f5037cecac52900fe2ccb2.zip