temporarily commit to save state

1 files changed, 10 insertions, 103 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index 03fa686f9..6e87abb06 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -31,12 +31,9 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
-import java.util.Timer;
 
-import javax.net.ssl.SSLHandshakeException;
 import javax.xml.namespace.QName;
 
-import org.apache.commons.httpclient.MOAHttpClient;
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.RoleDescriptor;
@@ -47,20 +44,13 @@ import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider;
 import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.parse.BasicParserPool;
 
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
-import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing;
 import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.PVPMetadataFilterChain;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter;
@@ -68,7 +58,8 @@ import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.MiscUtil;
 
-public class MOAMetadataProvider implements ObservableMetadataProvider, IGarbageCollectorProcessing {
+public class MOAMetadataProvider extends SimpleMOAMetadataProvider
+	implements ObservableMetadataProvider, IGarbageCollectorProcessing {
 
 	private static MOAMetadataProvider instance = null;
 	private static Object mutex = new Object();
@@ -151,10 +142,9 @@ public class MOAMetadataProvider implements ObservableMetadataProvider, IGarbage
 						String oaFriendlyName = oaParam.getFriendlyName();
 					
 						ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;						
-						HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, 
-								cert, oaFriendlyName, 
-								buildMetadataFilterChain(oaParam, metadataURL, 
-										cert));
+						HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, 								 
+								buildMetadataFilterChain(oaParam, metadataURL, cert), 
+								oaFriendlyName);
 						
 						chainProvider.addMetadataProvider(newMetadataProvider);
 						
@@ -264,11 +254,9 @@ public class MOAMetadataProvider implements ObservableMetadataProvider, IGarbage
 									
 										Logger.info("Loading metadata for: " + oaFriendlyName);
 										httpProvider = createNewHTTPMetaDataProvider(
-												metadataurl, 
-												cert,
-												oaFriendlyName,
-												buildMetadataFilterChain(oaParam, metadataurl, 
-														cert));
+												metadataurl, 												
+												buildMetadataFilterChain(oaParam, metadataurl, cert),
+												oaFriendlyName);
 							
 										if (httpProvider != null)
 											providersinuse.put(metadataurl, httpProvider);
@@ -389,10 +377,8 @@ public class MOAMetadataProvider implements ObservableMetadataProvider, IGarbage
 								if (!providersinuse.containsKey(metadataurl)) {					
 									httpProvider = createNewHTTPMetaDataProvider(
 											metadataurl, 
-											cert,
-											oaFriendlyName,
-											buildMetadataFilterChain(oaParam, metadataurl, 
-													cert));
+											buildMetadataFilterChain(oaParam, metadataurl, cert),
+											oaFriendlyName);
 						
 									if (httpProvider != null)
 										providersinuse.put(metadataurl, httpProvider);
@@ -450,86 +436,7 @@ public class MOAMetadataProvider implements ObservableMetadataProvider, IGarbage
 		
 		return filterChain;		
 	}
-	
-	private HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, byte[] certificate, String oaName, PVPMetadataFilterChain filter) {
-		HTTPMetadataProvider httpProvider = null;
-		Timer timer= null;
-		MOAHttpClient httpClient = null;
-		try {			
-			httpClient = new MOAHttpClient();
-			
-			if (metadataURL.startsWith("https:")) {
-				try {
-					MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
-							PVPConstants.SSLSOCKETFACTORYNAME, 
-							AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), 
-							AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(),
-							null,
-							AuthConfiguration.DEFAULT_X509_CHAININGMODE, 
-							AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking());
-					
-					httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory);
-
-				} catch (MOAHttpProtocolSocketFactoryException e) {
-					Logger.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.");
-					
-				}
-			}
-			
-			timer = new Timer();
-			httpProvider = new HTTPMetadataProvider(timer, httpClient, 
-					metadataURL);
-			httpProvider.setParserPool(new BasicParserPool());
-			httpProvider.setRequireValidMetadata(true);
-			httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes
-			httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours
-			//httpProvider.setRefreshDelayFactor(0.1F);
-			
-			if (filter == null) {			
-				filter = new PVPMetadataFilterChain(metadataURL, certificate);
-			}
-			httpProvider.setMetadataFilter(filter);
-			httpProvider.initialize();
-			
-			httpProvider.setRequireValidMetadata(true);
-			
-			return httpProvider;
-						
-		} catch (Throwable e) {			
-			if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
-				Logger.warn("SSL-Server certificate for metadata " 
-						+ metadataURL + " not trusted.", e);
-				
-			} if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {				
-				Logger.warn("Signature verification for metadata" 
-						+ metadataURL + " FAILED.", e);
-			
-			} if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
-				Logger.warn("Schema validation for metadata " 
-						+ metadataURL + " FAILED.", e);								
-			}
-			
-			Logger.error(
-					"Failed to add Metadata file for "
-							+ oaName + "[ "
-							+ e.getMessage() + " ]", e);
-						
-			if (httpProvider != null) {
-				Logger.debug("Destroy failed Metadata provider");
-				httpProvider.destroy();
-			}
-			
-			if (timer != null) {
-				Logger.debug("Destroy Timer.");
-				timer.cancel();
-			}
-
-			
-		}
 		
-		return null;	
-	}
-	
 	public boolean requireValidMetadata() {
 		return internalProvider.requireValidMetadata();
 	}