@Override public byte[] fetchMetadata() throws MetadataProviderException { return super.fetchMetadata(); } }
private void validateMetadataURL(String metadataURL) throws MetadataProviderException { try { new URI(metadataURL); } catch (URISyntaxException e) { throw new MetadataProviderException("Illegal URL syntax", e); } }
@ExceptionHandler(MetadataProviderException.class) public ResponseEntity<String> handleMetadataProviderException(MetadataProviderException e) { if (e.getMessage().contains("Duplicate")) { return new ResponseEntity<>(e.getMessage(), CONFLICT); } else { return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST); } }
/** Constructor. */ public ChainingEntitiesDescriptor() throws MetadataProviderException { childDescriptors = new ArrayList<XMLObject>(); for (MetadataProvider provider : getProviders()) { childDescriptors.add(provider.getMetadata()); } }
@Override protected void initializeProviderFilters(ExtendedMetadataDelegate provider) throws MetadataProviderException { boolean requireSignature = provider.isMetadataRequireSignature(); SignatureTrustEngine trustEngine = getTrustEngine(provider); SignatureValidationFilter filter = new SignatureValidationFilter(trustEngine); filter.setRequireSignature(requireSignature); log.debug("Created new trust manager for metadata provider {}", provider); // Combine any existing filters with the signature verification MetadataFilter currentFilter = provider.getMetadataFilter(); if (currentFilter != null) { if (currentFilter instanceof MetadataFilterChain) { log.debug("Adding signature filter into existing chain"); MetadataFilterChain chain = (MetadataFilterChain) currentFilter; chain.getFilters().add(filter); } else { log.debug("Combining signature filter with the existing in a new chain"); MetadataFilterChain chain = new MetadataFilterChain(); chain.getFilters().add(currentFilter); chain.getFilters().add(filter); } } else { log.debug("Adding signature filter"); provider.setMetadataFilter(filter); } }
@Override public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException { EntityDescriptor descriptor = null; for (MetadataProvider provider : getProviders()) { log.debug("Checking child metadata provider for entity descriptor with entity ID: {}", entityID); try { descriptor = provider.getEntityDescriptor(entityID); if (descriptor != null) { break; } } catch (MetadataProviderException e) { log.warn("Error retrieving metadata from provider of type {}, proceeding to next provider", provider.getClass().getName(), e); continue; } } return descriptor; }
public EntitiesDescriptor getEntitiesDescriptor(String name) throws MetadataProviderException { EntitiesDescriptor descriptor = null; for (MetadataProvider provider : getProviders()) { log.debug("Checking child metadata provider for entities descriptor with name: {}", name); try { descriptor = provider.getEntitiesDescriptor(name); if (descriptor != null) { break; } } catch (MetadataProviderException e) { log.warn("Error retrieving metadata from provider of type {}, proceeding to next provider", provider.getClass().getName(), e); continue; } } return descriptor; }
@Override public String getDefaultIDP() throws MetadataProviderException { Iterator<String> iterator = getIDPEntityNames().iterator(); if (iterator.hasNext()) { return iterator.next(); } else { throw new MetadataProviderException("No IDP was configured, please update included metadata with at least one IDP"); } }
/** {@inheritDoc} */ public List<XMLObject> getOrderedChildren() { ArrayList<XMLObject> descriptors = new ArrayList<>(); try { for (MetadataProvider provider : getProviders()) { descriptors.add(provider.getMetadata()); } } catch (MetadataProviderException e) { log.error("Unable to generate list of child descriptors", e); } return descriptors; }
/** {@inheritDoc} */ public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException { EntityDescriptor descriptor = null; for (MetadataProvider provider : getProviders()) { log.debug("Checking child metadata provider for entity descriptor with entity ID: {}", entityID); try { descriptor = provider.getEntityDescriptor(entityID); if (descriptor != null) { break; } } catch (MetadataProviderException e) { log.warn("Error retrieving metadata from provider of type {}, proceeding to next provider", provider.getClass().getName(), e); continue; } } return descriptor; }
@ExceptionHandler(MetadataProviderException.class) public ResponseEntity<String> handleMetadataProviderException(MetadataProviderException e) { if (e.getMessage().contains("Duplicate")) { return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT); } else { return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST); } }
@Override public String getDefaultIDP() throws MetadataProviderException { Iterator<String> iterator = getIDPEntityNames().iterator(); if (iterator.hasNext()) { return iterator.next(); } else { throw new MetadataProviderException("No IDP was configured, please update included metadata with at least one IDP"); } }
@Override protected List<String> parseProvider(MetadataProvider provider) throws MetadataProviderException { List<String> result = new LinkedList<String>(); XMLObject object = provider.getMetadata(); if (object instanceof EntityDescriptor) { addDescriptor(result, (EntityDescriptor) object); } else if (object instanceof EntitiesDescriptor) { addDescriptors(result, (EntitiesDescriptor) object); } return result; }
@Override protected SingleSignOnService getSingleSignOnService(WebSSOProfileOptions options, IDPSSODescriptor idpssoDescriptor, SPSSODescriptor spDescriptor) throws MetadataProviderException { try { return super.getSingleSignOnService(options, idpssoDescriptor, spDescriptor); } catch (MetadataProviderException e) { throw new SamlBindingNotSupportedException(e.getMessage(), e); } } }
@Override public XMLObject doGetMetadata() throws MetadataProviderException { InputStream stream = new ByteArrayInputStream(metadata.getBytes(StandardCharsets.UTF_8)); try { return unmarshallMetadata(stream); } catch (UnmarshallingException e) { log.error("Unable to unmarshall metadata", e); throw new MetadataProviderException(e); } }
@Override public String getEntityIdForAlias(String entityAlias) throws MetadataProviderException { if (entityAlias == null) { return null; } String entityId = null; for (String idp : getIDPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(idp); if (extendedMetadata.isLocal() && entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(idp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + idp); } else { entityId = idp; } } } for (String sp : getSPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(sp); if (extendedMetadata.isLocal() && entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(sp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + sp); } else { entityId = sp; } } } return entityId; }
protected void populatePeerContext(SAMLMessageContext samlContext) throws MetadataProviderException { String peerEntityId = samlContext.getPeerEntityId(); QName peerEntityRole = samlContext.getPeerEntityRole(); if (peerEntityId == null) { throw new MetadataProviderException("Peer entity ID wasn't specified, but is requested"); } EntityDescriptor entityDescriptor = metadataManager.getEntityDescriptor(peerEntityId); RoleDescriptor roleDescriptor = metadataManager.getRole(peerEntityId, peerEntityRole, SAMLConstants.SAML20P_NS); ExtendedMetadata extendedMetadata = metadataManager.getExtendedMetadata(peerEntityId); if (entityDescriptor == null || roleDescriptor == null) { throw new MetadataProviderException( "Metadata for entity " + peerEntityId + " and role " + peerEntityRole + " wasn't found"); } samlContext.setPeerEntityMetadata(entityDescriptor); samlContext.setPeerEntityRoleMetadata(roleDescriptor); samlContext.setPeerExtendedMetadata(extendedMetadata); }
public ExtendedMetadataDelegate getExtendedMetadataDelegate(SamlIdentityProviderDefinition def) throws MetadataProviderException { ExtendedMetadataDelegate metadata; switch (def.getType()) { case DATA: { metadata = configureXMLMetadata(def); break; } case URL: { metadata = configureURLMetadata(def); break; } default: { throw new MetadataProviderException("Invalid metadata type for alias[" + def.getIdpEntityAlias() + "]:" + def.getMetaDataLocation()); } } return metadata; }
protected ExtendedMetadataDelegate configureURLMetadata(SamlIdentityProviderDefinition def) throws MetadataProviderException { try { def = def.clone(); String adjustedMetatadataURIForPort = adjustURIForPort(def.getMetaDataLocation()); byte[] metadata = fixedHttpMetaDataProvider.fetchMetadata(adjustedMetatadataURIForPort, def.isSkipSslValidation()); def.setMetaDataLocation(new String(metadata, StandardCharsets.UTF_8)); return configureXMLMetadata(def); } catch (URISyntaxException e) { throw new MetadataProviderException("Invalid socket factory(invalid URI):" + def.getMetaDataLocation(), e); } }
public ExtendedMetadataDelegate getExtendedMetadataDelegate(SamlServiceProvider provider) throws MetadataProviderException { ExtendedMetadataDelegate metadata; switch (provider.getConfig().getType()) { case DATA: { metadata = configureXMLMetadata(provider); break; } case URL: { metadata = configureURLMetadata(provider); break; } default: { throw new MetadataProviderException("Invalid metadata type for alias[" + provider.getEntityId() + "]:" + provider.getConfig().getMetaDataLocation()); } } return metadata; }