/** * Constructor. * * @param backgroundTaskTimer timer used to schedule background metadata refresh tasks * @param client HTTP client used to pull in remote metadata * @param metadataURL URL to the remove remote metadata * * @throws ResolverException thrown if the HTTP client is null or the metadata URL provided is invalid */ public HTTPMetadataResolver(final Timer backgroundTaskTimer, final HttpClient client, final String metadataURL) throws ResolverException { super(backgroundTaskTimer); if (client == null) { throw new ResolverException("HTTP client may not be null"); } httpClient = client; try { metadataURI = new URI(metadataURL); } catch (final URISyntaxException e) { throw new ResolverException("Illegal URL syntax", e); } }
log.error("{} Error refreshing/clearing metadata resolver: '{}'", getLogPrefix(), id, e); try { getHttpServletResponse().sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } catch (final IOException e2) { log.error("{} I/O error responding to request", getLogPrefix(), e2);
/** * Verify that the required {@link EndpointCriterion} is present. * * @param criteria input criteria set * * @throws ResolverException if the input set is null or no {@link EndpointCriterion} is present */ private void validateCriteria(@Nullable final CriteriaSet criteria) throws ResolverException { if (criteria == null) { throw new ResolverException("CriteriaSet cannot be null"); } final EndpointCriterion epCriterion = criteria.get(EndpointCriterion.class); if (epCriterion == null) { throw new ResolverException("EndpointCriterion not supplied"); } }
/** * Validate the basic properties of the specified metadata file, for example that it exists; * that it is a file; and that it is readable. * * @param file the file to evaluate * @throws ResolverException if file does not pass basic properties required of a metadata file */ protected void validateMetadataFile(@Nonnull final File file) throws ResolverException { if (!file.exists()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' does not exist"); } if (!file.isFile()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' is not a file"); } if (!file.canRead()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' is not readable"); } }
/** * Converts an InputStream into a byte array. * * @param ins input stream to convert * * @return resultant byte array * * @throws ResolverException thrown if there is a problem reading the resultant byte array */ protected byte[] inputstreamToByteArray(final InputStream ins) throws ResolverException { try { // 1 MB read buffer final byte[] buffer = new byte[1024 * 1024]; final ByteArrayOutputStream output = new ByteArrayOutputStream(); int n = 0; while (-1 != (n = ins.read(buffer))) { output.write(buffer, 0, n); } ins.close(); return output.toByteArray(); } catch (final IOException e) { throw new ResolverException(e); } }
@Nullable @Override public Service lookup(final @Nonnull String serviceURL) { try { final List<EntityDescriptor> entities = Lists.newArrayList(metadataResolver.resolve(criteria(serviceURL))); if (entities.size() > 1) { throw new ResolverException("Multiple results found"); } else if (entities.size() == 1) { return create(serviceURL, entities.get(0)); } } catch (final ResolverException e) { log.warn("Metadata resolution failed for {}", serviceURL, e); } return null; }
/** * Unmarshalls the given metadata bytes. * * @param metadataBytes raw metadata bytes * * @return the metadata * * @throws ResolverException thrown if the metadata can not be unmarshalled */ protected XMLObject unmarshallMetadata(final byte[] metadataBytes) throws ResolverException { try { return unmarshallMetadata(new ByteArrayInputStream(metadataBytes)); } catch (final UnmarshallingException e) { final String errorMsg = "Unable to unmarshall metadata"; log.error("{} " + errorMsg, getLogPrefix(), e); throw new ResolverException(errorMsg, e); } }
final String msg = "Unable to create backup file " + backupFile.getAbsolutePath(); log.error("{} " + msg, getLogPrefix(), e); throw new ResolverException(msg, e); } finally { throw new ResolverException("Filepath " + backupFile.getAbsolutePath() + " is a directory and may not be used as a backup metadata file"); throw new ResolverException("Filepath " + backupFile.getAbsolutePath() + " exists but can not be read by this user"); throw new ResolverException("Filepath " + backupFile.getAbsolutePath() + " exists but can not be written to by this user");
/** * Get the list of resolver role descriptors which match the given entityID, role and protocol. * * @param criteriaSet the criteria set being processed * @param entityID entity ID of the resolver entity descriptor to resolve * @param role role in which the entity is operating * @param protocol protocol over which the entity is operating (may be null) * @return a list of role descriptors matching the given parameters, or null * @throws ResolverException thrown if there is an error retrieving role descriptors from the resolver provider */ protected Iterable<RoleDescriptor> getRoleDescriptors(final CriteriaSet criteriaSet, final String entityID, final QName role, final String protocol) throws ResolverException { try { if (log.isDebugEnabled()) { log.debug("Retrieving role descriptor metadata for entity '{}' in role '{}' for protocol '{}'", new Object[] {entityID, role, protocol}); } return getRoleDescriptorResolver().resolve(criteriaSet); } catch (final ResolverException e) { log.error("Unable to resolve information from metadata", e); throw new ResolverException("Unable to resolve unformation from metadata", e); } }
log.error("Exception while querying for session ID {}", sessionId, e); if (!maskStorageFailure) { throw new ResolverException("Exception while querying for session", e);
/** * Validate the received HTTP response instance, such as checking for supported content types. * * @param response the received response * @throws ResolverException if the response was not valid, or if there is a fatal error validating the response */ protected void validateHttpResponse(@Nonnull final HttpResponse response) throws ResolverException { if (!getSupportedMediaTypes().isEmpty()) { String contentTypeValue = null; final Header contentType = response.getEntity().getContentType(); if (contentType != null && contentType.getValue() != null) { contentTypeValue = StringSupport.trimOrNull(contentType.getValue()); } log.debug("{} Saw raw Content-Type from response header '{}'", getLogPrefix(), contentTypeValue); if (!MediaTypeSupport.validateContentType(contentTypeValue, getSupportedMediaTypes(), true, false)) { throw new ResolverException("HTTP response specified an unsupported Content-Type MIME type: " + contentTypeValue); } } }
throw new ResolverException("Error resolving PKIXValidationInformation for shibmd:KeyAuthority", e); } finally { rwlock.writeLock().unlock();
/** * Extracts the raw metadata bytes from the response taking in to account possible deflate and GZip compression. * * @param response GetMethod containing a valid HTTP response * * @return the raw metadata bytes * * @throws ResolverException thrown if there is a problem getting the raw metadata bytes from the response */ protected byte[] getMetadataBytesFromResponse(final HttpResponse response) throws ResolverException { log.debug("{} Attempting to extract metadata from response to request for metadata from '{}'", getLogPrefix(), getMetadataURI()); try { final InputStream ins = response.getEntity().getContent(); return inputstreamToByteArray(ins); } catch (final IOException e) { log.error("{} Unable to read response", getLogPrefix(), e); throw new ResolverException("Unable to read response", e); } finally { // Make sure entity has been completely consumed. EntityUtils.consumeQuietly(response.getEntity()); } } }
/** {@inheritDoc} */ @Override protected byte[] fetchMetadata() throws ResolverException { try { validateMetadataFile(metadataFile); final DateTime metadataUpdateTime = new DateTime(metadataFile.lastModified(), ISOChronology.getInstanceUTC()); if (getLastRefresh() == null || getLastUpdate() == null || metadataUpdateTime.isAfter(getLastUpdate())) { return inputstreamToByteArray(new FileInputStream(metadataFile)); } return null; } catch (final IOException e) { final String errMsg = "Unable to read metadata file " + metadataFile.getAbsolutePath(); log.error("{} " + errMsg, getLogPrefix(), e); throw new ResolverException(errMsg, e); } }
throws ResolverException { if (!isInitialized()) { throw new ResolverException("Metadata resolver has not been initialized");
throw new ResolverException("HttpServletRequest is null"); if (serviceCriterion != null) { if (!secondaryServiceIndex) { throw new ResolverException( "Secondary service index is disabled (must be enabled for SAML logout)"); throw new ResolverException("No supported criterion supplied");
+ metadataBackupFile.getAbsolutePath(); log.error("{} " + errMsg, getLogPrefix(), ioe); throw new ResolverException(errMsg, ioe); throw new ResolverException("Unable to read metadata from remote server and backup does not exist");
throw new ResolverException("No RoleDescriptorResolver is configured"); throw new ResolverException("Unable to resolve information from metadata", e);
nextRefresh = new DateTime(ISOChronology.getInstanceUTC()).plus(minRefreshDelay); if (t instanceof Exception) { throw new ResolverException((Exception) t); } else { throw new ResolverException(String.format("Saw an error of type '%s' with message '%s'", t.getClass().getName(), t.getMessage()));
/** {@inheritDoc} */ @Override protected byte[] fetchMetadata() throws ResolverException { try { final DateTime metadataUpdateTime = new DateTime(metadataResource.lastModified()); log.debug("{} Resource {} was last modified {}", getLogPrefix(), metadataResource.getDescription(), metadataUpdateTime); if (getLastRefresh() == null || metadataUpdateTime.isAfter(getLastRefresh())) { return inputstreamToByteArray(metadataResource.getInputStream()); } return null; } catch (final IOException e) { final String errorMsg = "Unable to read metadata file"; log.error("{} " + errorMsg, getLogPrefix(), e); throw new ResolverException(errorMsg, e); } } }