@Nullable @Override public Credential apply(String keyName) { final CriteriaSet cs = new CriteriaSet(); cs.add(new EntityIdCriterion(keyName)); try { return resolver.resolveSingle(cs); } catch (Throwable cause) { return Exceptions.throwUnsafely(cause); } } }
/** * Verify that the required {@link EndpointCriterion} is present. * * @param criteria input criteria set * * @throws ResolverException if the input set is null or no {@link EndpointCriterion} is present */ private void validateCriteria(@Nullable final CriteriaSet criteria) throws ResolverException { if (criteria == null) { throw new ResolverException("CriteriaSet cannot be null"); } final EndpointCriterion epCriterion = criteria.get(EndpointCriterion.class); if (epCriterion == null) { throw new ResolverException("EndpointCriterion not supplied"); } }
/** * Determine if have entity role criteria. * * @param criteria the current criteria set * * @return true if have role criteria, false otherwise */ protected boolean haveRoleCriteria(@Nonnull final CriteriaSet criteria) { return criteria.contains(EntityRoleCriterion.class); }
/** * Adapt saml metadata and parse. Acts as a facade. * * @param resolver the resolver * @param registeredService the service * @param entityID the entity id * @return the saml metadata adaptor */ public static Optional<SamlRegisteredServiceServiceProviderMetadataFacade> get(final SamlRegisteredServiceCachingMetadataResolver resolver, final SamlRegisteredService registeredService, final String entityID) { return get(resolver, registeredService, entityID, new CriteriaSet()); }
/** * Build entity criteria for signing credential. * * @param profileRequest the profile request * @param criteriaSet the criteria set */ protected void buildEntityCriteriaForSigningCredential(final RequestAbstractType profileRequest, final CriteriaSet criteriaSet) { criteriaSet.add(new EntityIdCriterion(SamlIdPUtils.getIssuerFromSamlObject(profileRequest))); criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME)); }
/** * Resolve the RoleDescriptor from the criteria. * * @param criteria the input criteria * @return the input role descriptor criterion or null if could not be resolved */ private RoleDescriptor resolveRoleDescriptor(@Nonnull final CriteriaSet criteria) { if (criteria.contains(RoleDescriptorCriterion.class)) { return criteria.get(RoleDescriptorCriterion.class).getRole(); } return null; }
/** {@inheritDoc} */ public String apply(CriteriaSet input) { if (input == null) { return null; } EntityIdCriterion entityIDCrit = input.get(EntityIdCriterion.class); if (entityIDCrit == null) { return null; } return entityIDCrit.getEntityId(); }
/** * Constructor. * * @param backgroundTaskTimer timer used to schedule background metadata refresh tasks * @param client HTTP client used to pull in remote metadata * @param metadataURL URL to the remove remote metadata * * @throws ResolverException thrown if the HTTP client is null or the metadata URL provided is invalid */ public HTTPMetadataResolver(final Timer backgroundTaskTimer, final HttpClient client, final String metadataURL) throws ResolverException { super(backgroundTaskTimer); if (client == null) { throw new ResolverException("HTTP client may not be null"); } httpClient = client; try { metadataURI = new URI(metadataURL); } catch (final URISyntaxException e) { throw new ResolverException("Illegal URL syntax", e); } }
@Override public final Credential getCredential() { try { final CriteriaSet cs = new CriteriaSet(); final EntityIdCriterion criteria = new EntityIdCriterion(this.privateKey); cs.add(criteria); final X509Credential creds = (X509Credential) this.credentialResolver.resolveSingle(cs); return creds; } catch (final ResolverException e) { throw new SAMLException("Can't obtain SP private key", e); } }
@Override public CriteriaSet apply(final ProfileRequestContext input) { return new CriteriaSet(new HttpServletRequestCriterion()); } };
@Override protected void buildEntityCriteriaForSigningCredential(final RequestAbstractType profileRequest, final CriteriaSet criteriaSet) { criteriaSet.add(new EntityIdCriterion(casSamlIdPMetadataResolver.getId())); criteriaSet.add(new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME)); } }
/** * Get the effective {@link UsageType} input to use. * * @param criteriaSet the criteria set being processed * @return the effective usage value */ @Nonnull protected UsageType getEffectiveUsageInput(@Nonnull final CriteriaSet criteriaSet) { final UsageCriterion usageCriteria = criteriaSet.get(UsageCriterion.class); if (usageCriteria != null) { return usageCriteria.getUsage(); } else { return UsageType.UNSPECIFIED; } }
/** * Validate the basic properties of the specified metadata file, for example that it exists; * that it is a file; and that it is readable. * * @param file the file to evaluate * @throws ResolverException if file does not pass basic properties required of a metadata file */ protected void validateMetadataFile(@Nonnull final File file) throws ResolverException { if (!file.exists()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' does not exist"); } if (!file.isFile()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' is not a file"); } if (!file.canRead()) { throw new ResolverException("Metadata file '" + file.getAbsolutePath() + "' is not readable"); } }
public Credential getCredential(SimpleKey key, KeyStoreCredentialResolver resolver) { try { CriteriaSet cs = new CriteriaSet(); EntityIdCriterion criteria = new EntityIdCriterion(key.getName()); cs.add(criteria); return resolver.resolveSingle(cs); } catch (ResolverException e) { throw new SamlKeyException("Can't obtain SP private key", e); } }
@Override public CriteriaSet apply(final ProfileRequestContext input) { return new CriteriaSet(new HttpServletRequestCriterion()); } };
/** {@inheritDoc} */ @Override protected boolean doCheckEndpoint(@Nonnull final CriteriaSet criteria, @Nonnull final EndpointType endpoint) { // Make sure the candidate binding, if set, is one of the bindings specified. final BindingCriterion bindingCriterion = criteria.get(BindingCriterion.class); if (bindingCriterion != null && !checkBindingCriterion(bindingCriterion, endpoint)) { return false; } // Compare individual fields to a comparison template. final EndpointCriterion<EndpointType> epCriterion = criteria.get(EndpointCriterion.class); if (epCriterion != null && !checkEndpointCriterion(epCriterion, endpoint)) { return false; } return true; }
@Override @SneakyThrows public EntityDescriptor getEntityDescriptorForEntityId(final String entityId) { val criterions = new CriteriaSet(new EntityIdCriterion(entityId)); if (this.metadataResolver != null) { return this.metadataResolver.resolveSingle(criterions); } return null; }
/** * Resolve an entity descriptor based on entityID using the wrapped metadata resolver. * * @param entityID the entityID of the EntityDescriptor to resolve. * @return the resolved EntityDescriptor, or null if not found * @throws ResolverException if there is a problem resolving the EntityDescriptor */ protected EntityDescriptor doGetEntityDescriptor(final String entityID) throws ResolverException { //TODO should perhaps pass through the entire original CriteriaSet return entityDescriptorResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion(entityID))); }
@Override public CriteriaSet apply(final ProfileRequestContext input) { if (logoutRequest != null && logoutRequest.getIssuer() != null && logoutRequest.getNameID() != null) { return new CriteriaSet(new SPSessionCriterion(logoutRequest.getIssuer().getValue(), logoutRequest.getNameID().getValue())); } else { return new CriteriaSet(); } } };
@Override public XMLObject getEntityDescriptorElement() { try { return resolve().resolveSingle(new CriteriaSet(new EntityIdCriterion(getEntityId()))); } catch (final ResolverException e) { throw new SAMLException("Error initializing idpMetadataProvider", e); } } }