add chainging filter to MOAMetadataProvider

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-05 08:01:58 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-05 08:01:58 +0200
commit: ead506b950a862750ff361262dca82d96cdaea47 (patch)
tree: d52fe9ac1300d199ad79d92e0ab1c5c9d20ab3cb /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
parent: 79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa (diff)
download: moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.tar.gz
moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.tar.bz2
moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.zip
1 files changed, 27 insertions, 6 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index f2e3e7cb1..aa61172d1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -22,6 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
 
+import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
@@ -48,7 +49,9 @@ import org.opensaml.xml.parse.BasicParserPool;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.protocols.pvp2x.verification.MetadataSignatureFilter;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataFilterChain;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataSignatureFilter;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -156,11 +159,14 @@ public class MOAMetadataProvider implements MetadataProvider {
 						} else if ( MiscUtil.isNotEmpty(metadataurl) &&
 								!providersinuse.containsKey(metadataurl) ) {
 							//PVP2 OA is new, add it to MOAMetadataProvider
+													
 							Logger.info("Loading metadata for: " + oa.getFriendlyName());
 							httpProvider = createNewHTTPMetaDataProvider(
 									pvp2Config.getMetadataURL(), 
 									pvp2Config.getCertificate(),
-									oa.getFriendlyName());
+									oa.getFriendlyName(),
+									buildMetadataFilterChain(oa, pvp2Config.getMetadataURL(), 
+											pvp2Config.getCertificate()));
 							
 							if (httpProvider != null)
 								providersinuse.put(metadataurl, httpProvider);
@@ -266,7 +272,9 @@ public class MOAMetadataProvider implements MetadataProvider {
 						httpProvider = createNewHTTPMetaDataProvider(
 								metadataURL, 
 								pvp2Config.getCertificate(),
-								oa.getFriendlyName());
+								oa.getFriendlyName(),
+								buildMetadataFilterChain(oa, metadataURL, 
+										pvp2Config.getCertificate()));
 					
 						if (httpProvider != null)
 							providersinuse.put(metadataURL, httpProvider);
@@ -305,7 +313,19 @@ public class MOAMetadataProvider implements MetadataProvider {
 		timestamp = new Date();
 	}
 	
-	private HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, byte[] certificate, String oaName) {
+	private MetadataFilterChain buildMetadataFilterChain(OnlineApplication oa, String metadataURL, byte[] certificate) throws CertificateException {
+		MetadataFilterChain filterChain = new MetadataFilterChain(metadataURL, certificate);
+		
+		if (oa.isIsInterfederationIDP() != null && oa.isIsInterfederationIDP()) {
+			Logger.info("Online-Application is an interfederated IDP. Add addional Metadata policies");
+			filterChain.getFilters().add(new InterfederatedIDPPublicServiceFilter(metadataURL, oa.getType()));
+			
+		}
+		
+		return filterChain;		
+	}
+	
+	private HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, byte[] certificate, String oaName, MetadataFilterChain filter) {
 		HTTPMetadataProvider httpProvider = null;
 		Timer timer= null;
 		
@@ -321,8 +341,9 @@ public class MOAMetadataProvider implements MetadataProvider {
 			
 			// TODO: use proper SSL checking
 			
-			MetadataFilter filter = new MetadataSignatureFilter(
-					metadataURL, certificate);
+			if (filter == null) {			
+				filter = new MetadataFilterChain(metadataURL, certificate);
+			}
 			httpProvider.setMetadataFilter(filter);
 			httpProvider.initialize();
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-05 08:01:58 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-05 08:01:58 +0200
commit	ead506b950a862750ff361262dca82d96cdaea47 (patch)
tree	d52fe9ac1300d199ad79d92e0ab1c5c9d20ab3cb /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
parent	79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa (diff)
download	moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.tar.gz moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.tar.bz2 moa-id-spss-ead506b950a862750ff361262dca82d96cdaea47.zip