Class AbstractMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
java.lang.Object
se.swedenconnect.opensaml.saml2.metadata.AbstractMetadataContainer<T>
- Type Parameters:
T
- the contained type
- All Implemented Interfaces:
MetadataContainer<T>
- Direct Known Subclasses:
EntitiesDescriptorContainer
,EntityDescriptorContainer
public abstract class AbstractMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
extends Object
implements MetadataContainer<T>
Abstract base class for the
MetadataContainer
interface.- Author:
- Martin Lindström (martin@idsec.se)
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
Default size for the ID attribute string.static final float
The default update factor for the metadata - 0,75 (75%), i.e.static final Duration
The default validity for metadata - one week.protected T
The encapsulated descriptor element.protected int
The size of the ID attribute string.protected org.opensaml.security.x509.X509Credential
The signature credentials for signing the metadata entry.protected org.opensaml.xmlsec.SignatureSigningConfiguration
Optional signing configuration.protected float
The update factor.protected Duration
The validity time for created entries. -
Constructor Summary
ConstructorDescriptionAbstractMetadataContainer
(T descriptor, org.opensaml.security.x509.X509Credential signatureCredentials) Constructor assigning the encapsulated descriptor element. -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract void
Assigns the supplied id to the ID attribute of the descriptor.Returns a deep clone of the descriptor element that is encapsulated by this object.Returns the metadata element that is encapsulated by this object.protected abstract String
Returns the ID attribute of the supplied descriptor.int
Returns the size of the ID attribute that is generated.protected abstract String
getLogString
(T descriptor) Returns a log string of the supplied descriptor.float
Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor.Returns the duration of the validity that the encapsulated descriptor has.marshall()
Marshals the encapsulated descriptor into its XML representation.void
setIdSize
(int idSize) Assigns the size of the ID attribute that is generated.void
setSigningConfiguration
(org.opensaml.xmlsec.SignatureSigningConfiguration signingConfiguration) Assigns a customSignatureSigningConfiguration
.void
setUpdateFactor
(float updateFactor) Assigns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor.void
setValidity
(Duration validity) Assigns the duration of the validity that the encapsulatedEntityDescriptor
should have.sign()
Signs the encapsulated descriptor using the signature credentials configured for this object.update
(boolean sign) Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.boolean
updateRequired
(boolean signatureRequired) Predicate that returnstrue
if the contained descriptor needs to be updated regarding its signature status and validity.
-
Field Details
-
DEFAULT_VALIDITY
The default validity for metadata - one week. -
DEFAULT_UPDATE_FACTOR
public static final float DEFAULT_UPDATE_FACTORThe default update factor for the metadata - 0,75 (75%), i.e. "update the metadata when less than 75% of its original validity time remains".- See Also:
-
DEFAULT_DESCRIPTOR_ID_SIZE
public static final int DEFAULT_DESCRIPTOR_ID_SIZEDefault size for the ID attribute string.- See Also:
-
descriptor
protected T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject descriptorThe encapsulated descriptor element. -
validity
The validity time for created entries. -
updateFactor
protected float updateFactorThe update factor. -
idSize
protected int idSizeThe size of the ID attribute string. -
signatureCredentials
protected org.opensaml.security.x509.X509Credential signatureCredentialsThe signature credentials for signing the metadata entry. -
signingConfiguration
protected org.opensaml.xmlsec.SignatureSigningConfiguration signingConfigurationOptional signing configuration.
-
-
Constructor Details
-
AbstractMetadataContainer
public AbstractMetadataContainer(T descriptor, org.opensaml.security.x509.X509Credential signatureCredentials) Constructor assigning the encapsulated descriptor element.- Parameters:
descriptor
- the descriptor objectsignatureCredentials
- the signature credentials for signing the descriptor. May be null, but then no signing will be possible
-
-
Method Details
-
getDescriptor
Returns the metadata element that is encapsulated by this object.- Specified by:
getDescriptor
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- a descriptor object
-
cloneDescriptor
public T cloneDescriptor() throws org.opensaml.core.xml.io.MarshallingException, org.opensaml.core.xml.io.UnmarshallingExceptionReturns a deep clone of the descriptor element that is encapsulated by this object.- Specified by:
cloneDescriptor
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- an copied descriptor object
- Throws:
org.opensaml.core.xml.io.MarshallingException
- for marshalling errors of the objectorg.opensaml.core.xml.io.UnmarshallingException
- for unmarshalling errors of the object
-
updateRequired
public boolean updateRequired(boolean signatureRequired) Predicate that returnstrue
if the contained descriptor needs to be updated regarding its signature status and validity. The method will also take into account the update interval configured for this instance of the container.- Specified by:
updateRequired
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Parameters:
signatureRequired
- should be set if signatures are required for a entry to be regarded valid- Returns:
- if the encapsulated descriptor needs to be updated true is returned, otherwise false
-
update
public T update(boolean sign) throws org.opensaml.xmlsec.signature.support.SignatureException, org.opensaml.core.xml.io.MarshallingException Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.- Specified by:
update
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Parameters:
sign
- flag that should be set if the metadata is to be signed- Returns:
- a reference to the resulting descriptor object
- Throws:
org.opensaml.xmlsec.signature.support.SignatureException
- for signature errorsorg.opensaml.core.xml.io.MarshallingException
- for marshalling errors- See Also:
-
sign
public T sign() throws org.opensaml.xmlsec.signature.support.SignatureException, org.opensaml.core.xml.io.MarshallingExceptionSigns the encapsulated descriptor using the signature credentials configured for this object.- Specified by:
sign
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- a reference to the resulting descriptor object
- Throws:
org.opensaml.xmlsec.signature.support.SignatureException
- for signature errorsorg.opensaml.core.xml.io.MarshallingException
- for marshalling errors- See Also:
-
marshall
Marshals the encapsulated descriptor into its XML representation.- Specified by:
marshall
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- an XML element
- Throws:
org.opensaml.core.xml.io.MarshallingException
- for marshalling errors
-
getValidity
Returns the duration of the validity that the encapsulated descriptor has.- Specified by:
getValidity
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- the validity time for the metadata
-
setValidity
Assigns the duration of the validity that the encapsulatedEntityDescriptor
should have.The default value is
DEFAULT_VALIDITY
.- Parameters:
validity
- the validity
-
getUpdateFactor
public float getUpdateFactor()Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor. The higher the factor, the more often the metadata is updated. The "is update required" computation is calculated as follows:
The easiest way to get the meaning of the update factor is perhaps using words. Suppose the update factor is 0,5, then the meaning is: "update the metadata when less than 50% of its original validity time remains".if (expireInstant > now) { return <update-required> } else { return (updateFactor * getValidity()) > (expireInstant - now) ? <update-required> : <no-update-required> }
- Specified by:
getUpdateFactor
in interfaceMetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
- Returns:
- the update factor
-
setUpdateFactor
public void setUpdateFactor(float updateFactor) Assigns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor.The default value is
DEFAULT_UPDATE_FACTOR
.- Parameters:
updateFactor
- the update factor- See Also:
-
getIdSize
public int getIdSize()Returns the size of the ID attribute that is generated.- Returns:
- the size
-
setIdSize
public void setIdSize(int idSize) Assigns the size of the ID attribute that is generated.The default value is
DEFAULT_DESCRIPTOR_ID_SIZE
.- Parameters:
idSize
- the size
-
setSigningConfiguration
public void setSigningConfiguration(org.opensaml.xmlsec.SignatureSigningConfiguration signingConfiguration) Assigns a customSignatureSigningConfiguration
.- Parameters:
signingConfiguration
- aSignatureSigningConfiguration
-
getID
Returns the ID attribute of the supplied descriptor.- Parameters:
descriptor
- the descriptor- Returns:
- the ID attribute
-
assignID
Assigns the supplied id to the ID attribute of the descriptor.- Parameters:
descriptor
- the descriptorid
- the ID attribute value
-
getLogString
Returns a log string of the supplied descriptor.- Parameters:
descriptor
- the descriptor- Returns:
- the log string
-