diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java | 83 |
1 files changed, 68 insertions, 15 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index b38b862ef..e70830f93 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -1,46 +1,99 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.metadata; import java.io.File; +import java.security.cert.CertificateException; import java.util.Iterator; import java.util.List; +import java.util.Timer; import javax.xml.namespace.QName; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.protocol.Protocol; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.RoleDescriptor; import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider; import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.xml.XMLObject; import org.opensaml.xml.parse.BasicParserPool; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.MetadataSignatureFilter; +import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; public class MOAMetadataProvider implements MetadataProvider { + private static MOAMetadataProvider instance = null; + + private static Object mutex = new Object(); + + public static MOAMetadataProvider getInstance() { + if (instance == null) { + synchronized (mutex) { + if (instance == null) { + instance = new MOAMetadataProvider(); + } + } + } + return instance; + } + MetadataProvider internalProvider; - public MOAMetadataProvider() throws MetadataProviderException { + private MOAMetadataProvider() { ChainingMetadataProvider chainProvider = new ChainingMetadataProvider(); Logger.info("Loading metadata"); - List<String> files = PVPConfiguration.getInstance().getMetadataFiles(); - Iterator<String> fileIt = files.iterator(); - while (fileIt.hasNext()) { - String file = fileIt.next(); - Logger.info("Loading metadata file: " + file); - FilesystemMetadataProvider fsProvider = new FilesystemMetadataProvider( - new File(file)); - fsProvider.setParserPool(new BasicParserPool()); - fsProvider.setRequireValidMetadata(true); - MetadataFilter filter = new MetadataSignatureFilter(); - fsProvider.setMetadataFilter(filter); - chainProvider.addMetadataProvider(fsProvider); - fsProvider.initialize(); + List<OnlineApplication> oaList = ConfigurationDBRead + .getAllActiveOnlineApplications(); + Iterator<OnlineApplication> oaIt = oaList.iterator(); + while (oaIt.hasNext()) { + try { + OnlineApplication oa = oaIt.next(); + Logger.info("Loading metadata for: " + oa.getFriendlyName()); + OAPVP2 pvp2Config = oa.getAuthComponentOA().getOAPVP2(); + if (pvp2Config != null) { + String metadataURL = pvp2Config.getMetadataURL(); + try { + // TODO: use proper SSL checking + HTTPMetadataProvider httpProvider = new HTTPMetadataProvider( + metadataURL, 20000); + httpProvider.setParserPool(new BasicParserPool()); + httpProvider.setRequireValidMetadata(true); + MetadataFilter filter = new MetadataSignatureFilter( + metadataURL, pvp2Config.getCertificate()); + httpProvider.setMetadataFilter(filter); + chainProvider.addMetadataProvider(httpProvider); + httpProvider.initialize(); + } catch (MetadataProviderException e) { + Logger.error( + "Failed to add Metadata file for " + + oa.getFriendlyName() + "[ " + + e.getMessage() + " ]", e); + } catch (CertificateException e) { + Logger.error( + "Failed to add Metadata file for " + + oa.getFriendlyName() + "[ " + + e.getMessage() + " ]", e); + } + } else { + Logger.info(oa.getFriendlyName() + + " is not a PVP2 Application skipping"); + } + } catch (Throwable e) { + Logger.error( + "Failed to add Metadata (unhandled reason: " + + e.getMessage(), e); + } } internalProvider = chainProvider; } |