Package se.swedenconnect.opensaml.saml2.metadata.provider

Class AbstractMetadataProvider

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
se.swedenconnect.opensaml.saml2.metadata.provider.AbstractMetadataProvider
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, MetadataProvider
Direct Known Subclasses:
CompositeMetadataProvider, FilesystemMetadataProvider, HTTPMetadataProvider, MDQMetadataProvider, ProxyMetadataProvider, StaticMetadataProvider
public abstract class AbstractMetadataProvider extends AbstractInitializableComponent implements MetadataProvider
Abstract base class for the MetadataProvider interface.
Author:
Martin Lindström (martin@idsec.se)

  • Constructor Details

    • AbstractMetadataProvider

      public AbstractMetadataProvider()

  • Method Details

    • getMetadata

      public XMLObject getMetadata()
      Returns the XML element making up the metadata for the federation. This element is either an EntityDescriptor or an EntitiesDescriptor.
      Specified by:
      getMetadata in interface MetadataProvider
      Returns:
      an XML element

    • getMetadataDOM

      public Element getMetadataDOM() throws MarshallingException
      Returns the DOM element making up the metadata for the federation.
      Specified by:
      getMetadataDOM in interface MetadataProvider
      Returns:
      a DOM element
      Throws:
      MarshallingException - for XML marshalling errors

    • getLastUpdate

      public Instant getLastUpdate()
      Returns the time the currently available metadata was last updated.
      Specified by:
      getLastUpdate in interface MetadataProvider
      Returns:
      time when the currently metadata was last updated, or null if no metadata has been successfully loaded

    • refresh

      public void refresh() throws ResolverException
      Refresh the metadata handled by the provider.

      An implementation that does not support refresh should implement this operation as a no-op. Implementations that do support refresh of metadata should typically be either synchronized or make use other locking mechanisms to protect against concurrent access.

      Specified by:
      refresh in interface MetadataProvider
      Throws:
      ResolverException - if the refresh operation was unsuccessful

    • iterator

      public Iterable<EntityDescriptor> iterator()
      Returns an iterator for all entity descriptors held by the provider.
      Specified by:
      iterator in interface MetadataProvider
      Returns:
      an iterator for all entity descriptors

    • iterator

      public Iterable<EntityDescriptor> iterator(QName role)
      Returns an iterator for all entity descriptors having the given role.

      To list all IdP:s and SP:s do: 

       
 idps = provider.iterator(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
 sps = provider.iterator(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
      Specified by:
      iterator in interface MetadataProvider
      Parameters:
      role - role descriptor
      Returns:
      an iterator for all matching entity descriptors
      See Also:

    • getEntityDescriptor

      public EntityDescriptor getEntityDescriptor(String entityID) throws ResolverException
      Returns the entity descriptor identified by the given entityID.
      Specified by:
      getEntityDescriptor in interface MetadataProvider
      Parameters:
      entityID - the unique entityID for the entry
      Returns:
      an entity descriptor or null if no entry is found
      Throws:
      ResolverException - for underlying metadata errors

    • getEntityDescriptor

      public EntityDescriptor getEntityDescriptor(String entityID, QName role) throws ResolverException
      Returns the entity descriptor identified by the given entityID and given role.
      Specified by:
      getEntityDescriptor in interface MetadataProvider
      Parameters:
      entityID - the entity ID
      role - the role descriptor
      Returns:
      an entity descriptor or null if no matching entry is found
      Throws:
      ResolverException - for underlying metadata errors

    • getIdentityProviders

      public List<EntityDescriptor> getIdentityProviders() throws ResolverException
      Utility method that returns a list of entity descriptors for Identity Providers found in the metadata.
      Specified by:
      getIdentityProviders in interface MetadataProvider
      Returns:
      a list of entity descriptors
      Throws:
      ResolverException - for metadata errors

    • getServiceProviders

      public List<EntityDescriptor> getServiceProviders() throws ResolverException
      Utility method that returns a list of entity descriptors for Service Providers found in the metadata.
      Specified by:
      getServiceProviders in interface MetadataProvider
      Returns:
      a list of entity descriptors
      Throws:
      ResolverException - for metadata errors

    • setMetadata

      protected void setMetadata(XMLObject metadata)
      Assigns the metadata that was downloaded.
      Parameters:
      metadata - metadata object

    • doInitialize

      protected final void doInitialize() throws ComponentInitializationException
      Overrides:
      doInitialize in class AbstractInitializableComponent
      Throws:
      ComponentInitializationException

    • createFilter

      protected MetadataFilter createFilter() throws ComponentInitializationException
      Creates the filter(s) that this instance should be configured with.
      Returns:
      a metadata filter
      Throws:
      ComponentInitializationException - if filters fails to initialize

    • doDestroy

      protected void doDestroy()
      Overrides:
      doDestroy in class AbstractInitializableComponent

    • createMetadataResolver

      protected abstract void createMetadataResolver(boolean requireValidMetadata, boolean failFastInitialization, MetadataFilter filter) throws ResolverException
      Creates the specific MetadataResolver instance for the provider implementation.

      The filter parameter is a MetadataFilter that must be installed for the resolver. Any other filters that should be installed by the specific instance should be placed last in a filter chain.

      Parameters:
      requireValidMetadata - should be passed into MetadataResolver.setRequireValidMetadata(boolean)
      failFastInitialization - should be passed into AbstractMetadataResolver.setFailFastInitialization(boolean) (if applicable)
      filter - filter that must be installed for the resolver
      Throws:
      ResolverException - for errors creating the resolver

    • initializeMetadataResolver

      protected abstract void initializeMetadataResolver() throws ComponentInitializationException
      Initializes the metadata resolver.
      Throws:
      ComponentInitializationException - for initialization errors

    • destroyMetadataResolver

      protected abstract void destroyMetadataResolver()
      Destroys the metadata resolver.

    • setRequireValidMetadata

      public void setRequireValidMetadata(boolean requireValidMetadata)
      Sets whether the metadata returned by queries must be valid.
      Parameters:
      requireValidMetadata - whether the metadata returned by queries must be valid

    • setFailFastInitialization

      public void setFailFastInitialization(boolean failFast)
      Sets whether problems during initialization should cause the provider to fail or go on without metadata. The assumption being that in most cases a provider will recover at some point in the future.
      Parameters:
      failFast - whether problems during initialization should cause the provider to fail

    • setSignatureVerificationCertificate

      public void setSignatureVerificationCertificate(X509Certificate signatureVerificationCertificate)
      Assigns the certificate that is to be used when verifying the signature on downloaded metadata. If this attribute is assigned the provider is configured to expect a valid signature on downloaded metadata.
      Parameters:
      signatureVerificationCertificate - the certificate to assign

    • setSignatureVerificationCertificates

      public void setSignatureVerificationCertificates(List<X509Certificate> signatureVerificationCertificates)
      Assigns the certificates that are to be used when verifying the signature on downloaded metadata. If this attribute is assigned the provider is configured to expect a valid signature on downloaded metadata.

      The reason that more than one certificate may be assigned is that we want to be able to handle signing certificate updates in a smooth way.

      Parameters:
      signatureVerificationCertificates - the certificates to assign

    • getSignatureVerificationCertificates

      public List<X509Certificate> getSignatureVerificationCertificates()
      Gets the certificate that is to be used when verifying the signature on downloaded metadata.
      Returns:
      the certificates or null

    • setPerformSchemaValidation

      public void setPerformSchemaValidation(boolean performSchemaValidation)
      Assigns whether XML schema validation should be performed on downloaded metadata.
      Parameters:
      performSchemaValidation - whether schema validation should be performed

    • setKeepOnlySpAndIdps

      public void setKeepOnlySpAndIdps(boolean keepOnlySpAndIdps)
      Tells whether we should keep only SP and IdP role descriptors. The default is true.
      Parameters:
      keepOnlySpAndIdps - whether to keep only SPs and IdPs.

    • setInclusionPredicates

      public void setInclusionPredicates(List<Predicate<EntityDescriptor>> inclusionPredicates)
      Assigns a list of inclusion predicates that will be applied to downloaded metadata.
      Parameters:
      inclusionPredicates - predicates
      See Also:

    • setExclusionPredicates

      public void setExclusionPredicates(List<Predicate<EntityDescriptor>> exclusionPredicates)
      Assigns a list of exclusion predicates that will be applied to downloaded metadata.
      Parameters:
      exclusionPredicates - predicates
      See Also: