/******************************************************************************* *******************************************************************************/ package at.gv.egiz.eidas.specific.connector.provider; import java.io.IOException; import java.security.cert.CertificateException; import java.util.List; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.params.HttpClientParams; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.xml.parse.BasicParserPool; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PVPEntityCategoryFilter; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; import at.gv.egiz.eidas.specific.connector.MSeIDASNodeConstants; @Service("PVPMetadataProvider") public class PVPMetadataProvider extends AbstractChainingMetadataProvider{ private static final Logger log = LoggerFactory.getLogger(PVPMetadataProvider.class); @Autowired(required=true) IConfiguration basicConfig; @Override protected String getMetadataURL(String entityId) throws EAAFConfigurationException { ISPConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); if (spConfig != null) { return spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); } else log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); return null; } @Override protected MetadataProvider createNewMetadataProvider(String entityId) throws EAAFConfigurationException, IOException, CertificateException { ISPConfiguration spConfig = basicConfig.getServiceProviderConfiguration(entityId); if (spConfig != null) { String metadataURL = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_URL); String trustStoreUrl = spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_PVP2_METADATA_TRUSTSTORE); return createNewSimpleMetadataProvider(metadataURL, buildMetadataFilterChain(spConfig, metadataURL, trustStoreUrl), spConfig.getConfigurationValue(MSeIDASNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER), getTimer(), new BasicParserPool(), createHttpClient(metadataURL)); } else log.info("No ServiceProvider with entityId: " + entityId + " in configuration."); return null; } @Override protected List getAllMetadataURLsFromConfiguration() throws EAAFConfigurationException { // TODO Auto-generated method stub return null; } private HttpClient createHttpClient(String metadataURL) { HttpClient httpClient = new HttpClient(); HttpClientParams httpClientParams = new HttpClientParams(); httpClientParams.setSoTimeout(MSeIDASNodeConstants.METADATA_SOCKED_TIMEOUT); httpClient.setParams(httpClientParams); return httpClient; } private MetadataFilterChain buildMetadataFilterChain(ISPConfiguration oaParam, String metadataURL, String trustStoreUrl) throws CertificateException{ MetadataFilterChain filterChain = new MetadataFilterChain(); filterChain.getFilters().add(new SchemaValidationFilter( basicConfig.getBasicMOAIDConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_SCHEME_VALIDATION, true))); //TODO: add signature validation filter filterChain.getFilters().add(new PVPEntityCategoryFilter( basicConfig.getBasicMOAIDConfigurationBoolean(MSeIDASNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES, true))); return filterChain; } }