diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata')
3 files changed, 76 insertions, 71 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index 8a6105bc..4a9bb89a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -28,12 +28,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Timer; + import javax.xml.namespace.QName; -import at.gv.egiz.components.spring.api.IDestroyableObject; -import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + import org.apache.commons.lang3.StringUtils; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; @@ -48,6 +45,12 @@ import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.components.spring.api.IDestroyableObject; +import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + public abstract class AbstractChainingMetadataProvider extends SimpleMetadataProvider implements ObservableMetadataProvider, IGarbageCollectorProcessing, IRefreshableMetadataProvider, IDestroyableObject, IPvpMetadataProvider { @@ -58,7 +61,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro private static Object mutex = new Object(); private Timer timer = null; - public AbstractChainingMetadataProvider() { internalProvider = new ChainingMetadataProvider(); @@ -72,12 +74,16 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() + * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing# + * runGarbageCollector() */ @Override public void runGarbageCollector() { synchronized (mutex) { - /* add new Metadataprovider or remove Metadataprovider which are not in use any more. */ + /* + * add new Metadataprovider or remove Metadataprovider which are not in use any + * more. + */ try { log.trace("Check consistence of PVP2X metadata"); addAndRemoveMetadataProvider(); @@ -110,7 +116,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } - // reload metadata provider final String metadataUrl = getMetadataUrl(entityID); if (StringUtils.isNotEmpty(metadataUrl)) { @@ -195,12 +200,11 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } } - /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#requireValidMetadata() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * requireValidMetadata() */ @Override public boolean requireValidMetadata() { @@ -210,9 +214,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setRequireValidMetadata - * (boolean) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * setRequireValidMetadata (boolean) */ @Override public void setRequireValidMetadata(final boolean requireValidMetadata) { @@ -222,8 +225,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadataFilter() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getMetadataFilter() */ @Override public MetadataFilter getMetadataFilter() { @@ -233,9 +236,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setMetadataFilter(org. - * opensaml.saml2.metadata.provider.MetadataFilter) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * setMetadataFilter(org. opensaml.saml2.metadata.provider.MetadataFilter) */ @Override public void setMetadataFilter(final MetadataFilter newFilter) throws MetadataProviderException { @@ -245,7 +247,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadata() + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getMetadata() */ @Override public XMLObject getMetadata() throws MetadataProviderException { @@ -255,9 +258,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntitiesDescriptor( - * java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getEntitiesDescriptor( java.lang.String) */ @Override public EntitiesDescriptor getEntitiesDescriptor(final String entitiesID) @@ -290,9 +292,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see - * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntityDescriptor( - * java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getEntityDescriptor( java.lang.String) */ @Override public EntityDescriptor getEntityDescriptor(final String entityID) @@ -327,8 +328,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang. - * String, javax.xml.namespace.QName) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getRole(java.lang. String, javax.xml.namespace.QName) */ @Override public List<RoleDescriptor> getRole(final String entityID, final QName roleName) @@ -344,8 +345,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang. - * String, javax.xml.namespace.QName, java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# + * getRole(java.lang. String, javax.xml.namespace.QName, java.lang.String) */ @Override public RoleDescriptor getRole(final String entityID, final QName roleName, @@ -361,14 +362,15 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers() + * @see + * org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers( + * ) */ @Override public List<Observer> getObservers() { return ((ChainingMetadataProvider) internalProvider).getObservers(); } - /** * Get the URL to metadata for a specific entityID. * @@ -384,9 +386,9 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro * @param entityId EntityId * @return MetadataProvider * @throws EaafConfigurationException In case of an error - * @throws IOException In case of an error - * @throws CertificateException In case of an error - * @throws ConfigurationException In case of an error + * @throws IOException In case of an error + * @throws CertificateException In case of an error + * @throws ConfigurationException In case of an error */ protected abstract MetadataProvider createNewMetadataProvider(String entityId) throws EaafConfigurationException, IOException, CertificateException; @@ -399,7 +401,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro protected abstract List<String> getAllMetadataUrlsFromConfiguration() throws EaafConfigurationException; - protected void emitChangeEvent() { if (getObservers() == null || getObservers().size() == 0) { return; @@ -447,9 +448,10 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro final Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders(); /* - * TODO: maybe add metadata provider destroy after timeout. But could be a problem if one - * Metadataprovider load an EntitiesDescriptor with more the multiple EntityDescriptors. If - * one of this EntityDesciptors are expired the full EntitiesDescriptor is removed. + * TODO: maybe add metadata provider destroy after timeout. But could be a + * problem if one Metadataprovider load an EntitiesDescriptor with more the + * multiple EntityDescriptors. If one of this EntityDesciptors are expired the + * full EntitiesDescriptor is removed. * * Timeout requires a better solution in this case! */ @@ -464,7 +466,7 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro final String metadataurl = metadataUrlInterator.next(); try { if (StringUtils.isNotEmpty(metadataurl) - && loadedproviders.containsKey(metadataurl)) { + && loadedproviders.containsKey(metadataurl)) { // SAML2 SP is actually loaded, to nothing providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); loadedproviders.remove(metadataurl); @@ -477,7 +479,8 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataPro } } - // remove all actually loaded MetadataProviders with are not in ConfigurationDB any more + // remove all actually loaded MetadataProviders with are not in ConfigurationDB + // any more final Collection<HTTPMetadataProvider> notusedproviders = loadedproviders.values(); for (final HTTPMetadataProvider provider : notusedproviders) { final String metadataurl = provider.getMetadataURI(); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java index 04c1dcb8..ebc057df 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java @@ -21,13 +21,13 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.metadata; import java.util.ArrayList; import java.util.List; + import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; - /** * Metadata filter-chain implementation. * @@ -37,7 +37,6 @@ import org.slf4j.LoggerFactory; public class MetadataFilterChain implements MetadataFilter { private static final Logger log = LoggerFactory.getLogger(MetadataFilterChain.class); - private final List<MetadataFilter> filters = new ArrayList<>(); /** @@ -58,11 +57,12 @@ public class MetadataFilterChain implements MetadataFilter { filters.add(filter); } - /* * (non-Javadoc) * - * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + * @see + * org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml + * .XMLObject) */ @Override public void doFilter(final XMLObject arg0) throws FilterException { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java index 67dd1d35..d63950cb 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java @@ -22,11 +22,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.metadata; import java.io.File; import java.net.MalformedURLException; import java.util.Timer; + import javax.net.ssl.SSLHandshakeException; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + import org.apache.commons.httpclient.HttpClient; import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; @@ -37,6 +35,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; + /** * Simple SAML2 metadata provider. * @@ -50,23 +53,26 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { private static final String URI_PREFIX_HTTPS = "https:"; private static final String URI_PREFIX_FILE = "file:"; - @Autowired protected IConfiguration authConfig; - /** * Create a single SAML2 metadata provider. * - * @param metadataLocation where the metadata should be loaded, but never null. If the location - * starts with http(s):, than a http based metadata provider is used. If the location - * starts with file:, than a filesystem based metadata provider is used - * @param filter Filters, which should be used to validate the metadata - * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations - * @param httpClient Apache commons 3.x http client + * @param metadataLocation where the metadata should be loaded, but never null. + * If the location starts with http(s):, than a http + * based metadata provider is used. If the location + * starts with file:, than a filesystem based metadata + * provider is used + * @param filter Filters, which should be used to validate the + * metadata + * @param idForLogging Id, which is used for Logging + * @param timer {@link Timer} which is used to schedule metadata + * refresh operations + * @param httpClient Apache commons 3.x http client * - * @return SAML2 Metadata Provider, or null if the metadata provider can not initialized + * @return SAML2 Metadata Provider, or null if the metadata provider can not + * initialized */ protected MetadataProvider createNewSimpleMetadataProvider(final String metadataLocation, final MetadataFilter filter, final String idForLogging, final Timer timer, @@ -100,7 +106,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - } catch (final MalformedURLException e) { log.warn("SAML2 metadata URL is invalid: " + metadataLocation, e); @@ -113,14 +118,14 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - /** * Create a single SAML2 filesystem based metadata provider. * * @param metadataFile File, where the metadata should be loaded - * @param filter Filters, which should be used to validate the metadata + * @param filter Filters, which should be used to validate the metadata * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations + * @param timer {@link Timer} which is used to schedule metadata refresh + * operations * @param pool * * @return SAML2 Metadata Provider @@ -148,7 +153,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { log.warn("Failed to load Metadata file for " + idForLogging + "[ " + "File: " + metadataFile.getAbsolutePath() + " Msg: " + e.getMessage() + " ]", e); - log.warn("Can not initialize SAML2 metadata provider from filesystem: " + metadataFile.getAbsolutePath() + " Reason: " + e.getMessage(), e); @@ -162,15 +166,14 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { } - - /** * Create a single SAML2 HTTP metadata provider. * - * @param metadataUrl URL, where the metadata should be loaded - * @param filter Filters, which should be used to validate the metadata + * @param metadataUrl URL, where the metadata should be loaded + * @param filter Filters, which should be used to validate the metadata * @param idForLogging Id, which is used for Logging - * @param timer {@link Timer} which is used to schedule metadata refresh operations + * @param timer {@link Timer} which is used to schedule metadata refresh + * operations * @param pool * * @return SAML2 Metadata Provider @@ -220,7 +223,6 @@ public abstract class SimpleMetadataProvider implements MetadataProvider { // timer.cancel(); // } - } return null; |