From 41ea2fdf782cd64d7d29f73c2e83f9c255810818 Mon Sep 17 00:00:00 2001 From: Thomas Date: Sun, 2 Feb 2020 19:32:21 +0100 Subject: some more OpenSAML3 refactoring stuff --- .../metadata/AbstractChainingMetadataProvider.java | 318 ++++++++++++--------- 1 file changed, 175 insertions(+), 143 deletions(-) (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java') diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index ec59b1df..3fc675e9 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -27,46 +27,41 @@ import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; -import java.util.Timer; import java.util.UUID; import javax.annotation.Nonnull; +import javax.annotation.Nullable; import javax.naming.ConfigurationException; -import javax.xml.namespace.QName; - -import at.gv.egiz.components.spring.api.IDestroyableObject; -import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; import org.apache.commons.lang3.StringUtils; +import org.joda.time.DateTime; import org.opensaml.core.criterion.EntityIdCriterion; import org.opensaml.saml.metadata.resolver.ClearableMetadataResolver; import org.opensaml.saml.metadata.resolver.MetadataResolver; import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver; import org.opensaml.saml.metadata.resolver.filter.MetadataFilter; import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver; -import org.opensaml.saml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml.saml2.metadata.EntityDescriptor; -import org.opensaml.saml.saml2.metadata.RoleDescriptor; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import at.gv.egiz.components.spring.api.IDestroyableObject; +import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; +import lombok.extern.slf4j.Slf4j; import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements; import net.shibboleth.utilities.java.support.component.IdentifiedComponent; import net.shibboleth.utilities.java.support.resolver.CriteriaSet; import net.shibboleth.utilities.java.support.resolver.ResolverException; -public abstract class AbstractChainingMetadataProvider extends SimpleMetadataResolver - implements IGarbageCollectorProcessing, IRefreshableMetadataProvider, IDestroyableObject, IPvp2MetadataProvider, - RefreshableMetadataResolver, ClearableMetadataResolver { - - private static final Logger log = LoggerFactory.getLogger(AbstractChainingMetadataProvider.class); - +@Slf4j +public abstract class AbstractChainingMetadataProvider implements IGarbageCollectorProcessing, IRefreshableMetadataProvider, + IDestroyableObject, IPvp2MetadataProvider, ClearableMetadataResolver { + @Nonnull @NonnullElements private final List internalResolvers; + private DateTime lastRefeshTimestamp; + private boolean lastRefeshSuccessful; private static Object mutex = new Object(); - private Timer timer = null; /** * Build a chaining metadata resolver that requires valid metadata. @@ -77,10 +72,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes } - public final Timer getTimer() { - return this.timer; - - } /* * (non-Javadoc) @@ -145,10 +136,6 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes } else { // load new Metadata Provider - if (timer == null) { - timer = new Timer(true); - } - internalResolvers.add(createNewMetadataProvider(metadataUrl)); log.info("SAML2 metadata for service provider: " + entityId + " is added."); @@ -183,78 +170,22 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes internalResolvers.clear(); - if (timer != null) { - timer.cancel(); - } - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * getMetadataFilter() - */ - @Override - public MetadataFilter getMetadataFilter() { - return internalProvider.getMetadataFilter(); - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * setMetadataFilter(org. opensaml.saml2.metadata.provider.MetadataFilter) - */ - @Override - public void setMetadataFilter(final MetadataFilter newFilter) throws MetadataProviderException { - internalProvider.setMetadataFilter(newFilter); - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * getMetadata() - */ - @Override - public XMLObject getMetadata() throws MetadataProviderException { - return internalProvider.getMetadata(); + /** {@inheritDoc} */ + @Override + public final MetadataFilter getMetadataFilter() { + log.warn("{} does NOT support {}", AbstractChainingMetadataProvider.class.getName(), + MetadataFilter.class.getName()); + return null; } - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * getEntitiesDescriptor( java.lang.String) - */ - @Override - public EntitiesDescriptor getEntitiesDescriptor(final String entitiesID) - throws MetadataProviderException { - EntitiesDescriptor entitiesDesc = null; - try { - entitiesDesc = internalProvider.getEntitiesDescriptor(entitiesID); - - if (entitiesDesc == null) { - log.debug("Can not find PVP metadata for entityID: " + entitiesID - + " Start refreshing process ..."); - if (refreshMetadataProvider(entitiesID)) { - return internalProvider.getEntitiesDescriptor(entitiesID); - } - - } - - } catch (final MetadataProviderException e) { - log.debug("Can not find PVP metadata for entityID: " + entitiesID - + " Start refreshing process ..."); - if (refreshMetadataProvider(entitiesID)) { - return internalProvider.getEntitiesDescriptor(entitiesID); - } - - } - - return entitiesDesc; + /** {@inheritDoc} */ + @Override + public final void setMetadataFilter(final MetadataFilter newFilter) { + log.warn("{} does NOT support {}", AbstractChainingMetadataProvider.class.getName(), + MetadataFilter.class.getName()); + throw new UnsupportedOperationException("Metadata filters are not supported on AbstractChainingMetadataProvider"); } /* @@ -265,68 +196,133 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes */ @Override public EntityDescriptor getEntityDescriptor(final String entityID) - throws MetadataProviderException { + throws ResolverException { EntityDescriptor entityDesc = null; try { - entityDesc = internalProvider.getEntityDescriptor(entityID); + entityDesc = resolveEntityDescripor(entityID); if (entityDesc == null) { log.debug("Can not find PVP metadata for entityID: " + entityID + " Start refreshing process ..."); if (refreshMetadataProvider(entityID)) { - return internalProvider.getEntityDescriptor(entityID); + return resolveEntityDescripor(entityID); } - } - } catch (final MetadataProviderException e) { + } catch (final ResolverException e) { log.debug( "Can not find PVP metadata for entityID: " + entityID + " Start refreshing process ..."); if (refreshMetadataProvider(entityID)) { - return internalProvider.getEntityDescriptor(entityID); + return resolveEntityDescripor(entityID); } } - // if (entityDesc != null) - // lastAccess.put(entityID, new Date()); - return entityDesc; } - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * getRole(java.lang. String, javax.xml.namespace.QName) - */ @Override - public List getRole(final String entityID, final QName roleName) - throws MetadataProviderException { - final List result = internalProvider.getRole(entityID, roleName); + @Nullable + public final EntityDescriptor resolveSingle(@Nullable final CriteriaSet criteria) throws ResolverException { + for (final MetadataResolver resolver : internalResolvers) { + try { + final EntityDescriptor descriptors = resolver.resolveSingle(criteria); + if (descriptors != null) { + return descriptors; + } + + } catch (final ResolverException e) { + continue; + + } - // if (result != null) - // lastAccess.put(entityID, new Date()); + } + + return null; - return result; } - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider# - * getRole(java.lang. String, javax.xml.namespace.QName, java.lang.String) - */ @Override - public RoleDescriptor getRole(final String entityID, final QName roleName, - final String supportedProtocol) throws MetadataProviderException { - final RoleDescriptor result = internalProvider.getRole(entityID, roleName, supportedProtocol); + @Nonnull + public final Iterable resolve(@Nullable final CriteriaSet criteria) throws ResolverException { + for (final MetadataResolver resolver : internalResolvers) { + try { + final Iterable descriptors = resolver.resolve(criteria); + if (descriptors != null && descriptors.iterator().hasNext()) { + return descriptors; + + } + + } catch (final ResolverException e) { + continue; + + } + } + + return Collections.emptyList(); + } + + @Override + public final void clear() throws ResolverException { + for (final MetadataResolver resolver : internalResolvers) { + if (resolver instanceof ClearableMetadataResolver) { + ((ClearableMetadataResolver) resolver).clear(); + } + } + } + + @Override + public final void clear(String entityID) throws ResolverException { + for (final MetadataResolver resolver : internalResolvers) { + if (resolver instanceof ClearableMetadataResolver) { + ((ClearableMetadataResolver) resolver).clear(entityID); + } + } + } - // if (result != null) - // lastAccess.put(entityID, new Date()); + @Override final public void refresh() throws ResolverException { + this.lastRefeshSuccessful = false; + for (final MetadataResolver resolver : internalResolvers) { + if (resolver instanceof RefreshableMetadataResolver) { + ((RefreshableMetadataResolver) resolver).refresh(); + + } + } + + this.lastRefeshTimestamp = DateTime.now(); + this.lastRefeshSuccessful = true; + } - return result; + @Override + @Nullable public DateTime getLastUpdate() { + DateTime ret = null; + for (final MetadataResolver resolver : internalResolvers) { + if (resolver instanceof RefreshableMetadataResolver) { + final DateTime lastUpdate = ((RefreshableMetadataResolver) resolver).getLastUpdate(); + if (ret == null || ret.isBefore(lastUpdate)) { + ret = lastUpdate; + } + } + } + + return ret; } + @Override + @Nullable final public DateTime getLastRefresh() { + DateTime ret = null; + for (final MetadataResolver resolver : internalResolvers) { + if (resolver instanceof RefreshableMetadataResolver) { + final DateTime lastRefresh = ((RefreshableMetadataResolver) resolver).getLastRefresh(); + if (ret == null || ret.isBefore(lastRefresh)) { + ret = lastRefresh; + } + } + } + + return ret; + } + + /** * Get the URL to metadata for a specific entityID. * @@ -359,6 +355,20 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes throws EaafConfigurationException; + /** + * Get a Id for this metadata provider. + * + * @return + */ + @Nonnull + protected abstract String getMetadataProviderId(); + + protected final MetadataResolver getMetadataResolver() { + log.warn("{} does NOT support 'getMetadataResolver'", AbstractChainingMetadataProvider.class.getName()); + return null; + + } + private Map getAllActuallyLoadedResolvers() { final Map loadedproviders = new HashMap<>(); @@ -447,21 +457,7 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes private EntityDescriptor resolveEntityDescripor(String entityId) throws ResolverException { final CriteriaSet criteria = new CriteriaSet(); criteria.add(new EntityIdCriterion(entityId)); - for (final MetadataResolver resolver : internalResolvers) { - try { - final EntityDescriptor descriptors = resolver.resolveSingle(criteria); - if (descriptors != null) { - return descriptors; - } - - } catch (final ResolverException e) { - continue; - - } - - } - - return null; + return resolveSingle(criteria); } @@ -477,4 +473,40 @@ public abstract class AbstractChainingMetadataProvider extends SimpleMetadataRes } } + + + + @Override + public DateTime getLastSuccessfulRefresh() { + return this.lastRefeshTimestamp; + + } + + + @Override + public Boolean wasLastRefreshSuccess() { + return this.lastRefeshSuccessful; + + } + + + + /** {@inheritDoc} */ + @Override public boolean isRequireValidMetadata() { + log.warn("Attempt to access unsupported requireValidMetadata property on ChainingMetadataResolver"); + return false; + } + + /** {@inheritDoc} */ + @Override public void setRequireValidMetadata(final boolean requireValidMetadata) { + throw new UnsupportedOperationException("Setting requireValidMetadata is not supported on chaining resolver"); + } + + + @Override + public String getId() { + return getMetadataProviderId(); + + } + } -- cgit v1.2.3