Reload MOAMetadataProvider after config changes

2 files changed, 42 insertions, 4 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
index 12ab3f871..92323f02b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
@@ -1,10 +1,15 @@
 package at.gv.egovernment.moa.id.config.auth;
 
+import iaik.util.logging.Log;
+
 import java.util.Date;
 
+import org.bouncycastle.asn1.pkcs.Pfx;
+
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
 
@@ -20,6 +25,7 @@ public class AuthConfigLoader implements Runnable {
 				Logger.info("check for new config.");
 				MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
 				Date dbdate = moaidconfig.getTimestampItem();
+				Date pvprefresh = moaidconfig.getPvp2RefreshItem();
 				ConfigurationDBUtils.closeSession();
 
 				Date date = AuthConfigurationProvider.getTimeStamp();
@@ -28,6 +34,14 @@ public class AuthConfigLoader implements Runnable {
 					AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance();
 					instance.reloadDataBaseConfig();
 				}
+				
+				Date pvpdate = MOAMetadataProvider.getTimeStamp();
+				if (pvprefresh != null && pvprefresh.after(pvpdate)) {
+					MOAMetadataProvider metainst = MOAMetadataProvider.getInstance();
+					metainst.reInitialize();
+				}
+				
+				
 			} catch (Throwable e) {
 				Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e);
 			}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index a92ac8e7f..a61633e12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -1,11 +1,16 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
 
+import iaik.util.logging.Log;
+
 import java.security.cert.CertificateException;
+import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Timer;
 
 import javax.xml.namespace.QName;
 
+import org.apache.commons.httpclient.HttpClient;
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.RoleDescriptor;
@@ -29,7 +34,9 @@ public class MOAMetadataProvider implements MetadataProvider {
 	private static MOAMetadataProvider instance = null;
 
 	private static Object mutex = new Object();
-
+	private static Date timestamp;
+	
+	
 	public static MOAMetadataProvider getInstance() {
 		if (instance == null) {
 			synchronized (mutex) {
@@ -41,6 +48,17 @@ public class MOAMetadataProvider implements MetadataProvider {
 		return instance;
 	}
 
+	public static Date getTimeStamp() {
+		return timestamp;
+	}
+	
+	public void reInitialize() {
+		synchronized (mutex) {
+			Log.info("ReInitalize MOAMetaDataProvider.");
+			instance = new MOAMetadataProvider();
+		}
+	}
+	
 	MetadataProvider internalProvider;
 
 	private MOAMetadataProvider() {
@@ -59,15 +77,20 @@ public class MOAMetadataProvider implements MetadataProvider {
 					String metadataURL = pvp2Config.getMetadataURL();
 					try {
 						// TODO: use proper SSL checking
-						HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
-								metadataURL, 20000);
+						HTTPMetadataProvider httpProvider = 
+								new HTTPMetadataProvider(new Timer(), new HttpClient(), 
+										metadataURL);
 						httpProvider.setParserPool(new BasicParserPool());
 						httpProvider.setRequireValidMetadata(true);
+						httpProvider.setMinRefreshDelay(1000*60*5); //5min
+						httpProvider.setMaxRefreshDelay(1000*60*30); //30min
+						//httpProvider.setRefreshDelayFactor(0.1F);
 						MetadataFilter filter = new MetadataSignatureFilter(
 								metadataURL, pvp2Config.getCertificate());
 						httpProvider.setMetadataFilter(filter);
 						chainProvider.addMetadataProvider(httpProvider);
 						httpProvider.initialize();
+
 					} catch (MetadataProviderException e) {
 						Logger.error(
 								"Failed to add Metadata file for "
@@ -91,8 +114,9 @@ public class MOAMetadataProvider implements MetadataProvider {
 		}
 		
 		internalProvider = chainProvider;
+		timestamp = new Date();
 	}
-
+	
 	public boolean requireValidMetadata() {
 		return internalProvider.requireValidMetadata();
 	}