Package se.swedenconnect.opensaml.saml2.metadata

Interface MetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>

Type Parameters:
T - the contained type
All Known Implementing Classes:
AbstractMetadataContainer, EntitiesDescriptorContainer, EntityDescriptorContainer
public interface MetadataContainer<T extends org.opensaml.saml.saml2.common.TimeBoundSAMLObject & org.opensaml.saml.common.SignableSAMLObject & org.opensaml.saml.saml2.common.CacheableSAMLObject>
An interface that encapsulates an EntityDescriptor or EntitiesDescriptor in a container and defines useful method - mainly for publishing the metadata for an entity or a federation.
Author:
Martin Lindström (martin@idsec.se)

  • Method Summary

    Modifier and Type
    Method
    Description
    T
    cloneDescriptor()
    Returns a deep clone of the descriptor element that is encapsulated by this object.
    T
    getDescriptor()
    Returns the metadata element that is encapsulated by this object.
    float
    getUpdateFactor()
    Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor.
    Duration
    getValidity()
    Returns the duration of the validity that the encapsulated descriptor has.
    Element
    marshall()
    Marshals the encapsulated descriptor into its XML representation.
    T
    sign()
    Signs the encapsulated descriptor using the signature credentials configured for this object.
    T
    update(boolean sign)
    Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.
    boolean
    updateRequired(boolean signatureRequired)
    Predicate that returns true if the contained descriptor needs to be updated regarding its signature status and validity.

  • Method Details

    • getDescriptor

      T getDescriptor()
      Returns the metadata element that is encapsulated by this object.
      Returns:
      a descriptor object

    • cloneDescriptor

      T cloneDescriptor() throws org.opensaml.core.xml.io.MarshallingException, org.opensaml.core.xml.io.UnmarshallingException
      Returns a deep clone of the descriptor element that is encapsulated by this object.
      Returns:
      an copied descriptor object
      Throws:
      org.opensaml.core.xml.io.MarshallingException - for marshalling errors of the object
      org.opensaml.core.xml.io.UnmarshallingException - for unmarshalling errors of the object

    • updateRequired

      boolean updateRequired(boolean signatureRequired)
      Predicate that returns true if the contained descriptor needs to be updated regarding its signature status and validity. The method will also take into account the update interval configured for this instance of the container.
      Parameters:
      signatureRequired - should be set if signatures are required for an entry to be regarded valid
      Returns:
      if the encapsulated descriptor needs to be updated true is returned, otherwise false

    • update

      T update(boolean sign) throws org.opensaml.xmlsec.signature.support.SignatureException, org.opensaml.core.xml.io.MarshallingException
      Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.
      Parameters:
      sign - flag that should be set if the metadata is to be signed
      Returns:
      a reference to the resulting descriptor object
      Throws:
      org.opensaml.xmlsec.signature.support.SignatureException - for signature errors
      org.opensaml.core.xml.io.MarshallingException - for marshalling errors
      See Also:

    • sign

      T sign() throws org.opensaml.xmlsec.signature.support.SignatureException, org.opensaml.core.xml.io.MarshallingException
      Signs the encapsulated descriptor using the signature credentials configured for this object.
      Returns:
      a reference to the resulting descriptor object
      Throws:
      org.opensaml.xmlsec.signature.support.SignatureException - for signature errors
      org.opensaml.core.xml.io.MarshallingException - for marshalling errors
      See Also:

    • marshall

      Element marshall() throws org.opensaml.core.xml.io.MarshallingException
      Marshals the encapsulated descriptor into its XML representation.
      Returns:
      an XML element
      Throws:
      org.opensaml.core.xml.io.MarshallingException - for marshalling errors

    • getValidity

      Duration getValidity()
      Returns the duration of the validity that the encapsulated descriptor has.
      Returns:
      the validity time for the metadata

    • getUpdateFactor

      float getUpdateFactor()
      Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor. The higher the factor, the more often the metadata is updated. The "is update required" computation is calculated as follows: 
      
 if (expireInstant > now) {
   return <update-required>
 }
 else {
   return (updateFactor * getValidity()) > (expireInstant - now) ? <update-required> : <no-update-required>
 }
      The easiest way to get the meaning of the update factor is perhaps using words. Suppose the update factor is 0,5, then the meaning is: "update the metadata when less than 50% of its original validity time remains".
      Returns:
      the update factor