final List<EntityDescriptor> entityDescriptors = descriptor.getEntityDescriptors(); if (!entityDescriptors.isEmpty()) { final List<EntityDescriptor> emptyEntityDescriptors = new ArrayList<>(); if (Direction.EXCLUDE.equals(direction) == condition.apply(entityDescriptor)) { log.trace("Filtering out entity {} from group {}", entityDescriptor.getEntityID(), descriptor.getName()); emptyEntityDescriptors.add(entityDescriptor); final List<EntitiesDescriptor> entitiesDescriptors = descriptor.getEntitiesDescriptors(); if (!entitiesDescriptors.isEmpty()) { final List<EntitiesDescriptor> emptyEntitiesDescriptors = new ArrayList<>(); if (getRemoveEmptyEntitiesDescriptors()) { if (entitiesDescriptor.getEntityDescriptors().isEmpty() && entitiesDescriptor.getEntitiesDescriptors().isEmpty()) { log.trace("Filtering out empty group {} from group {}", entitiesDescriptor.getName(), descriptor.getName()); emptyEntitiesDescriptors.add(entitiesDescriptor);
/** * Get the list of KeyAuthority's from an EntitiesDescriptor's Extensions. * * @param entitiesDescriptor the entities descriptor to process. * @return list of XMLObjects */ @Nonnull protected List<XMLObject> getKeyAuthorities(@Nonnull final EntitiesDescriptor entitiesDescriptor) { final Extensions extensions = entitiesDescriptor.getExtensions(); if (extensions == null) { return Collections.emptyList(); } final List<XMLObject> keyAuthorities = extensions.getUnknownXMLObjects(KeyAuthority.DEFAULT_ELEMENT_NAME); if (keyAuthorities == null) { return Collections.emptyList(); } else { return keyAuthorities; } }
if (entitiesDescriptor.getID() != null) { log.debug("Writing ID attribute to EntitiesDescriptor DOM element."); domElement.setAttributeNS(null, EntitiesDescriptor.ID_ATTRIB_NAME, entitiesDescriptor.getID()); domElement.setIdAttributeNS(null, EntitiesDescriptor.ID_ATTRIB_NAME, true); if (entitiesDescriptor.getValidUntil() != null) { log.debug("Writting validUntil attribute to EntitiesDescriptor DOM element"); String validUntilStr = SAMLConfigurationSupport.getSAMLDateFormatter().print(entitiesDescriptor.getValidUntil()); domElement.setAttributeNS(null, TimeBoundSAMLObject.VALID_UNTIL_ATTRIB_NAME, validUntilStr); if (entitiesDescriptor.getCacheDuration() != null) { log.debug("Writting cacheDuration attribute to EntitiesDescriptor DOM element"); String cacheDuration = DOMTypeSupport.longToDuration(entitiesDescriptor.getCacheDuration()); domElement.setAttributeNS(null, CacheableSAMLObject.CACHE_DURATION_ATTRIB_NAME, cacheDuration); if (entitiesDescriptor.getName() != null) { log.debug("Writting Name attribute to EntitiesDescriptor DOM element"); domElement.setAttributeNS(null, EntitiesDescriptor.NAME_ATTRIB_NAME, entitiesDescriptor.getName());
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) parentSAMLObject; if (childSAMLObject instanceof Extensions) { entitiesDescriptor.setExtensions((Extensions) childSAMLObject); } else if (childSAMLObject instanceof EntitiesDescriptor) { entitiesDescriptor.getEntitiesDescriptors().add((EntitiesDescriptor) childSAMLObject); } else if (childSAMLObject instanceof EntityDescriptor) { entitiesDescriptor.getEntityDescriptors().add((EntityDescriptor) childSAMLObject); } else if (childSAMLObject instanceof Signature) { entitiesDescriptor.setSignature((Signature) childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } }
/** * Get the group's name, or a suitable facsimile if not named. * * @param group the {@link EntitiesDescriptor} * * @return a suitable name to use for logging */ @Nonnull @NotEmpty protected String getGroupName(@Nonnull final EntitiesDescriptor group) { String name = group.getName(); if (name != null) { return name; } name = group.getID(); if (name != null) { return name; } return "(unnamed)"; }
/** * Filters entities descriptor. * * @param descriptor entities descriptor to filter */ protected void filterEntitiesDescriptor(@Nonnull final EntitiesDescriptor descriptor) { // First we check any contained EntitiesDescriptors. for (final EntitiesDescriptor group : descriptor.getEntitiesDescriptors()) { filterEntitiesDescriptor(group); } // Next, check contained EntityDescriptors. for (final EntityDescriptor entity : descriptor.getEntityDescriptors()) { filterEntityDescriptor(entity); } }
log.trace("Processing EntitiesDescriptor group: {}", name); if (entitiesDescriptor.isSigned()) { verifySignature(entitiesDescriptor, name, true); final Iterator<EntityDescriptor> entityIter = entitiesDescriptor.getEntityDescriptors().iterator(); while (entityIter.hasNext()) { final EntityDescriptor entityChild = entityIter.next(); entitiesDescriptor.getEntityDescriptors().removeAll(toRemove); toRemove.clear(); final Iterator<EntitiesDescriptor> entitiesIter = entitiesDescriptor.getEntitiesDescriptors().iterator(); while(entitiesIter.hasNext()) { final EntitiesDescriptor entitiesChild = entitiesIter.next(); entitiesDescriptor.getEntitiesDescriptors().removeAll(toRemove);
private List<EntityDescriptor> readEntityDescriptors(Reader reader) { Document entityDoc; try { entityDoc = StaxUtils.read(reader); } catch (Exception ex) { throw new IllegalArgumentException("Unable to read SAMLRequest as XML."); } XMLObject entityXmlObj; try { entityXmlObj = OpenSAMLUtil.fromDom(entityDoc.getDocumentElement()); } catch (WSSecurityException ex) { throw new IllegalArgumentException( "Unable to convert EntityDescriptor document to XMLObject."); } if (entityXmlObj instanceof EntitiesDescriptor) { return ((EntitiesDescriptor) entityXmlObj).getEntityDescriptors(); } else { return Collections.singletonList((EntityDescriptor) entityXmlObj); } }
/** * Create a CAS {@link Service} from an input service URL and the matching {@link EntityDescriptor} that was * resolved from the metadata source. * * @param serviceURL CAS service URL. * @param entity Entity resolved from metadata. * * @return CAS service created from inputs. */ @Nonnull protected Service create(@Nonnull final String serviceURL, @Nonnull final EntityDescriptor entity) { final XMLObject parent = entity.getParent(); final Service service = new Service( serviceURL, parent instanceof EntitiesDescriptor ? ((EntitiesDescriptor) parent).getName() : "unknown", isAuthorizedToProxy(entity), hasSingleLogoutService(entity)); service.setEntityDescriptor(entity); return service; }
extensions = group.getExtensions(); if (null != extensions) { for (final XMLObject object : extensions.getUnknownXMLObjects(RegistrationInfo.DEFAULT_ELEMENT_NAME)) { group = (EntitiesDescriptor) group.getParent();
/** * Pre-process the specified entities descriptor, updating the specified entity backing store instance as necessary. * * @param entitiesDescriptor the target entities descriptor to process * @param backingStore the backing store instance to update */ protected void preProcessEntitiesDescriptor(@Nonnull final EntitiesDescriptor entitiesDescriptor, final EntityBackingStore backingStore) { for (final XMLObject child : entitiesDescriptor.getOrderedChildren()) { if (child instanceof EntityDescriptor) { preProcessEntityDescriptor((EntityDescriptor) child, backingStore); } else if (child instanceof EntitiesDescriptor) { preProcessEntitiesDescriptor((EntitiesDescriptor) child, backingStore); } } }
/** * Filters entities descriptor. * * @param descriptor entities descriptor to filter */ protected void filterEntitiesDescriptor(@Nonnull final EntitiesDescriptor descriptor) { // First we check any contained EntitiesDescriptors. for (final EntitiesDescriptor group : descriptor.getEntitiesDescriptors()) { filterEntitiesDescriptor(group); } // Next, check contained EntityDescriptors. for (final EntityDescriptor entity : descriptor.getEntityDescriptors()) { filterEntityDescriptor(entity); } }
@Override public String getEntityId() { final XMLObject md = getEntityDescriptorElement(); if (md instanceof EntitiesDescriptor) { return ((EntitiesDescriptor) md).getEntityDescriptors().get(0).getEntityID(); } else if (md instanceof EntityDescriptor) { return ((EntityDescriptor) md).getEntityID(); } throw new SAMLException("No idp entityId found"); }
rawResult = Collections.singleton(((EntityDescriptor)input).getEntityID()); } else if (input instanceof EntitiesDescriptor) { rawResult = Collections.singleton(((EntitiesDescriptor)input).getName()); } else if (input instanceof RoleDescriptor) { XMLObject parent = input.getParent();
exts = group.getExtensions(); if (exts != null) { final List<XMLObject> children = exts.getUnknownXMLObjects(EntityAttributes.DEFAULT_ELEMENT_NAME); group = (EntitiesDescriptor) group.getParent();
List<EntityDescriptor> entityDescriptors = descriptor.getEntityDescriptors(); if (entityDescriptors != null && !entityDescriptors.isEmpty()) { List<EntityDescriptor> emptyEntityDescriptors = new ArrayList<>(); if (entityRoles == null || entityRoles.isEmpty()) { log.trace("Filtering out entity descriptor {} from entity group {}", entityDescriptor .getEntityID(), descriptor.getName()); emptyEntityDescriptors.add(entityDescriptor); List<EntitiesDescriptor> entitiesDescriptors = descriptor.getEntitiesDescriptors(); if (entitiesDescriptors != null && !entitiesDescriptors.isEmpty()) { List<EntitiesDescriptor> emptyEntitiesDescriptors = new ArrayList<>(); if (getRemoveEmptyEntitiesDescriptors()) { if ((entitiesDescriptor.getEntityDescriptors() == null || entitiesDescriptor.getEntityDescriptors() .isEmpty()) && (entitiesDescriptor.getEntitiesDescriptors() == null || entitiesDescriptor .getEntitiesDescriptors().isEmpty())) { log.trace("Filtering out entity descriptor {} from entity group {}", entitiesDescriptor .getName(), descriptor.getName()); emptyEntitiesDescriptors.add(entitiesDescriptor);
protected Metadata resolveMetadata(EntitiesDescriptor parsed, List<SimpleKey> verificationKeys, List<SimpleKey> localKeys) { Metadata result = null, current = null; for (EntityDescriptor desc : parsed.getEntityDescriptors()) { if (result == null) { result = resolveMetadata(desc); current = result; } else { Metadata m = resolveMetadata(desc); current.setNext(m); current = m; } Signature signature = validateSignature(desc, verificationKeys); current.setSignature(signature); } return result; }
/** {@inheritDoc} */ @Override public void process(XMLObject metadataNode) throws FilterException { if (metadataNode instanceof EntityDescriptor) { XMLObject currentParent = metadataNode.getParent(); while (currentParent != null) { if (currentParent instanceof EntitiesDescriptor) { String name = StringSupport.trimOrNull(((EntitiesDescriptor)currentParent).getName()); if (name != null) { if (log.isTraceEnabled()) { log.trace("Attaching EntityGroupName '{}' to EntityDescriptor: {}", name, ((EntityDescriptor)metadataNode).getEntityID()); } metadataNode.getObjectMetadata().put(new EntityGroupName(name)); } } currentParent = currentParent.getParent(); } } }