org.opensaml.saml2.metadata.provider.MetadataProvider Java Examples
The following examples show how to use
org.opensaml.saml2.metadata.provider.MetadataProvider.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: MetadataCredentialResolver.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor.
*
* @param metadataProvider provider of the metadata
*
* @throws IllegalArgumentException thrown if the supplied provider is null
*/
public MetadataCredentialResolver(MetadataProvider metadataProvider) {
super();
if (metadataProvider == null) {
throw new IllegalArgumentException("Metadata provider may not be null");
}
metadata = metadataProvider;
cache = new HashMap<MetadataCacheKey, SoftReference<Collection<Credential>>>();
keyInfoCredentialResolver = Configuration.getGlobalSecurityConfiguration()
.getDefaultKeyInfoCredentialResolver();
rwlock = new ReentrantReadWriteLock();
if (metadata instanceof ObservableMetadataProvider) {
ObservableMetadataProvider observable = (ObservableMetadataProvider) metadataProvider;
observable.getObservers().add(new MetadataProviderObserver());
}
}
Example #2
| Source File: BaseSAML1MessageDecoder.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* Populates the peer's entity metadata if a metadata provide is present in the message context. Populates the
* peer's role descriptor if the entity metadata was available and the role name is present in the message context.
*
* @param messageContext current message context
*
* @throws MessageDecodingException thrown if there is a problem populating the message context
*/
protected void populateRelyingPartyMetadata(SAMLMessageContext messageContext) throws MessageDecodingException {
MetadataProvider metadataProvider = messageContext.getMetadataProvider();
try {
if (metadataProvider != null) {
EntityDescriptor relyingPartyMD = metadataProvider.getEntityDescriptor(messageContext
.getInboundMessageIssuer());
messageContext.setPeerEntityMetadata(relyingPartyMD);
QName relyingPartyRole = messageContext.getPeerEntityRole();
if (relyingPartyMD != null && relyingPartyRole != null) {
List<RoleDescriptor> roles = relyingPartyMD.getRoleDescriptors(relyingPartyRole,
SAMLConstants.SAML11P_NS);
if (roles != null && roles.size() > 0) {
messageContext.setPeerEntityRoleMetadata(roles.get(0));
}
}
}
} catch (MetadataProviderException e) {
log.error("Error retrieving metadata for relying party " + messageContext.getInboundMessageIssuer(), e);
throw new MessageDecodingException("Error retrieving metadata for relying party "
+ messageContext.getInboundMessageIssuer(), e);
}
}
Example #3
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 6 votes |
|
@Test
public void configure_constructor() throws Exception {
MetadataManager metadataManager = mock(MetadataManager.class);
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer(metadataManager));
configurer.setBuilder(builder);
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer).createDefaultMetadataProvider(eq(idpConfiguration.getMetadataLocation()));
verify(configurer).createDefaultExtendedMetadataDelegate(any(ResourceBackedMetadataProvider.class), any());
verify(metadataManagerProperties, never()).getDefaultIdp();
verify(metadataManagerProperties, never()).getHostedSpName();
verify(metadataManagerProperties, never()).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isExactlyInstanceOf(ExtendedMetadataDelegate.class);
assertThat(((ExtendedMetadataDelegate) providers.get(0)).getDelegate()).isExactlyInstanceOf(ResourceBackedMetadataProvider.class);
}
Example #4
| Source File: BaseSAML2MessageDecoder.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* Populates the peer's entity metadata if a metadata provide is present in the message context. Populates the
* peer's role descriptor if the entity metadata was available and the role name is present in the message context.
*
* @param messageContext current message context
*
* @throws MessageDecodingException thrown if there is a problem populating the message context
*/
protected void populateRelyingPartyMetadata(SAMLMessageContext messageContext) throws MessageDecodingException {
MetadataProvider metadataProvider = messageContext.getMetadataProvider();
try {
if (metadataProvider != null) {
EntityDescriptor relyingPartyMD = metadataProvider.getEntityDescriptor(messageContext
.getInboundMessageIssuer());
messageContext.setPeerEntityMetadata(relyingPartyMD);
QName relyingPartyRole = messageContext.getPeerEntityRole();
if (relyingPartyMD != null && relyingPartyRole != null) {
List<RoleDescriptor> roles = relyingPartyMD.getRoleDescriptors(relyingPartyRole,
SAMLConstants.SAML11P_NS);
if (roles != null && roles.size() > 0) {
messageContext.setPeerEntityRoleMetadata(roles.get(0));
}
}
}
} catch (MetadataProviderException e) {
log.error("Error retrieving metadata for relying party " + messageContext.getInboundMessageIssuer(), e);
throw new MessageDecodingException("Error retrieving metadata for relying party "
+ messageContext.getInboundMessageIssuer(), e);
}
}
Example #5
| Source File: WebSecurityConfig.java From spring-boot-security-saml-sample with Apache License 2.0 | 5 votes |
|
@Bean
@Qualifier("metadata")
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
providers.add(ssoCircleExtendedMetadataProvider());
return new CachingMetadataManager(providers);
}
Example #6
| Source File: SAMLManager.java From blackduck-alert with Apache License 2.0 | 5 votes |
|
public void setupMetadataManager(String metadataURL, String entityId, String entityBaseUrl) throws MetadataProviderException {
logger.debug("SAML Setup MetaData Manager");
logger.debug("SAML - MetadataUrl: {}, EntityID: {}, EntityBaseUrl: {}", metadataURL, entityId, entityBaseUrl);
metadataGenerator.setEntityId(entityId);
metadataGenerator.setEntityBaseURL(entityBaseUrl);
Optional<ExtendedMetadataDelegate> httpProvider = createHttpProvider(metadataURL);
Optional<ExtendedMetadataDelegate> fileProvider = createFileProvider();
List<MetadataProvider> providers = List.of(httpProvider, fileProvider).stream()
.flatMap(Optional::stream)
.collect(Collectors.toList());
metadataManager.setProviders(providers);
metadataManager.afterPropertiesSet();
}
Example #7
| Source File: SAMLConfigurer.java From spring-security-saml-dsl with MIT License | 5 votes |
|
private MetadataProvider metadataProvider() {
if (metadataFilePath.startsWith("http")) {
return httpMetadataProvider();
} else {
return fileSystemMetadataProvider();
}
}
Example #8
| Source File: WebSecurityConfig.java From spring-tsers-auth with Apache License 2.0 | 5 votes |
|
@Bean
@Qualifier("metadata")
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
providers.add(ssoCircleExtendedMetadataProvider());
return new CachingMetadataManager(providers);
}
Example #9
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_defaults_withProviderLocation() throws Exception {
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer());
CachingMetadataManager metadataManager = mock(CachingMetadataManager.class);
when(configurer.createDefaultMetadataManager()).thenReturn(metadataManager);
configurer.setBuilder(builder);
configurer.metadataLocations("classpath:idp-provided.xml");
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer).createDefaultMetadataProvider(eq("classpath:idp-provided.xml"));
verify(configurer).createDefaultExtendedMetadataDelegate(any(ResourceBackedMetadataProvider.class), any());
verify(metadataManagerProperties).getDefaultIdp();
verify(metadataManagerProperties).getHostedSpName();
verify(metadataManagerProperties).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isExactlyInstanceOf(ExtendedMetadataDelegate.class);
assertThat(((ExtendedMetadataDelegate) providers.get(0)).getDelegate()).isExactlyInstanceOf(ResourceBackedMetadataProvider.class);
}
Example #10
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_defaults_withProviderDelegate() throws Exception {
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer());
CachingMetadataManager metadataManager = mock(CachingMetadataManager.class);
when(configurer.createDefaultMetadataManager()).thenReturn(metadataManager);
configurer.setBuilder(builder);
MetadataProvider provider = mock(ExtendedMetadataDelegate.class);
configurer.metadataProvider(provider);
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer, never()).createDefaultMetadataProvider(eq(idpConfiguration.getMetadataLocation()));
verify(configurer, never()).createDefaultExtendedMetadataDelegate(any(ResourceBackedMetadataProvider.class), any());
verify(metadataManagerProperties).getDefaultIdp();
verify(metadataManagerProperties).getHostedSpName();
verify(metadataManagerProperties).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties, never()).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties, never()).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties, never()).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties, never()).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties, never()).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isEqualTo(provider);
assertThat(((ExtendedMetadataDelegate) providers.get(0)).getDelegate()).isNull();
}
Example #11
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_defaults_withProvider() throws Exception {
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer());
CachingMetadataManager metadataManager = mock(CachingMetadataManager.class);
when(configurer.createDefaultMetadataManager()).thenReturn(metadataManager);
configurer.setBuilder(builder);
AbstractMetadataProvider provider = mock(AbstractMetadataProvider.class);
configurer.metadataProvider(provider);
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(provider).setParserPool(eq(parserPool));
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer, never()).createDefaultMetadataProvider(eq(idpConfiguration.getMetadataLocation()));
verify(configurer, never()).createDefaultExtendedMetadataDelegate(any(ResourceBackedMetadataProvider.class), any());
verify(metadataManagerProperties).getDefaultIdp();
verify(metadataManagerProperties).getHostedSpName();
verify(metadataManagerProperties).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isExactlyInstanceOf(ExtendedMetadataDelegate.class);
assertThat(((ExtendedMetadataDelegate) providers.get(0)).getDelegate()).isEqualTo(provider);
}
Example #12
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 5 votes |
|
@Test
public void configure_defaults() throws Exception {
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer());
CachingMetadataManager metadataManager = mock(CachingMetadataManager.class);
when(configurer.createDefaultMetadataManager()).thenReturn(metadataManager);
ExtendedMetadataDelegate delegate = mock(ExtendedMetadataDelegate.class);
doReturn(delegate).when(configurer).createDefaultExtendedMetadataDelegate(any(), any());
configurer.setBuilder(builder);
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer).createDefaultMetadataProvider(eq(idpConfiguration.getMetadataLocation()));
verify(configurer).createDefaultExtendedMetadataDelegate(any(ResourceBackedMetadataProvider.class), any());
verify(metadataManagerProperties).getDefaultIdp();
verify(metadataManagerProperties).getHostedSpName();
verify(metadataManagerProperties).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isEqualTo(delegate);
verify(metadataManager).setDefaultIDP(eq(metadataManagerProperties.getDefaultIdp()));
verify(metadataManager).setHostedSPName(eq(metadataManagerProperties.getHostedSpName()));
verify(metadataManager).setRefreshCheckInterval(eq(metadataManagerProperties.getRefreshCheckInterval()));
verify(delegate).setForceMetadataRevocationCheck(eq(extendedMetadataDelegateProperties.isForceMetadataRevocationCheck()));
verify(delegate).setMetadataRequireSignature(eq(extendedMetadataDelegateProperties.isMetadataRequireSignature()));
verify(delegate).setMetadataTrustCheck(eq(extendedMetadataDelegateProperties.isMetadataTrustCheck()));
verify(delegate).setMetadataTrustedKeys(eq(extendedMetadataDelegateProperties.getMetadataTrustedKeys()));
verify(delegate).setRequireValidMetadata(eq(extendedMetadataDelegateProperties.isRequireValidMetadata()));
verify(delegate).setMetadataFilter((MetadataFilter) isNull());
}
Example #13
| Source File: InsightsSecurityConfigurationAdapterSAML.java From Insights with Apache License 2.0 | 5 votes |
|
/**
* used to provide Metadata Manager
*
* @return
* @throws MetadataProviderException
*/
@Bean
@Qualifier("metadata")
@Conditional(InsightsSAMLBeanInitializationCondition.class)
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<>();
providers.add(idpMetadata());
return new CachingMetadataManager(providers);
}
Example #14
| Source File: MetadataCredentialResolver.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** {@inheritDoc} */
public void onEvent(MetadataProvider provider) {
Lock writeLock = getReadWriteLock().writeLock();
writeLock.lock();
log.trace("Write lock over cache acquired");
try {
cache.clear();
log.debug("Credential cache cleared");
} finally {
writeLock.unlock();
log.trace("Write lock over cache released");
}
}
Example #15
| Source File: BasicSAMLMessageContext.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public void setMetadataProvider(MetadataProvider provider) {
metdataProvider = provider;
}
Example #16
| Source File: BasicSAMLMessageContext.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
public MetadataProvider getMetadataProvider() {
return metdataProvider;
}
Example #17
| Source File: MetadataManagerConfigurerTest.java From spring-boot-security-saml with MIT License | 4 votes |
|
@Test
public void configure_arguments() throws Exception {
MetadataManagerConfigurer configurer = spy(new MetadataManagerConfigurer());
CachingMetadataManager metadataManager = mock(CachingMetadataManager.class);
when(configurer.createDefaultMetadataManager()).thenReturn(metadataManager);
ResourceBackedMetadataProvider provider = mock(ResourceBackedMetadataProvider.class);
doReturn(provider).when(configurer).createDefaultMetadataProvider("classpath:idp-provided.xml");
ExtendedMetadataDelegate delegate = mock(ExtendedMetadataDelegate.class);
doReturn(delegate).when(configurer).createDefaultExtendedMetadataDelegate(eq(provider), any(ExtendedMetadata.class));
MetadataFilter metadataFilter = mock(MetadataFilter.class);
configurer.setBuilder(builder);
configurer
.metadataLocations("classpath:idp-provided.xml")
.defaultIDP("default")
.hostedSPName("spname")
.refreshCheckInterval(999L)
.forceMetadataRevocationCheck(true)
.metadataRequireSignature(true)
.metadataTrustCheck(true)
.requireValidMetadata(true)
.metadataTrustedKeys("one", "two")
.metadataFilter(metadataFilter);
configurer.init(builder);
configurer.configure(builder);
verify(builder).setSharedObject(eq(MetadataManager.class), eq(metadataManager));
ArgumentCaptor<List> providersCaptor = ArgumentCaptor.forClass(List.class);
verify(metadataManager).setProviders((List<MetadataProvider>) providersCaptor.capture());
verify(configurer).createDefaultMetadataProvider(eq("classpath:idp-provided.xml"));
verify(configurer).createDefaultExtendedMetadataDelegate(eq(provider), any());
verify(metadataManagerProperties, never()).getDefaultIdp();
verify(metadataManagerProperties, never()).getHostedSpName();
verify(metadataManagerProperties, never()).getRefreshCheckInterval();
verify(extendedMetadataDelegateProperties, never()).isForceMetadataRevocationCheck();
verify(extendedMetadataDelegateProperties, never()).isMetadataRequireSignature();
verify(extendedMetadataDelegateProperties, never()).isMetadataTrustCheck();
verify(extendedMetadataDelegateProperties, never()).isRequireValidMetadata();
verify(extendedMetadataDelegateProperties, never()).getMetadataTrustedKeys();
List<MetadataProvider> providers = providersCaptor.getValue();
assertThat(providers).hasSize(1);
assertThat(providers.get(0)).isEqualTo(delegate);
verify(metadataManager).setDefaultIDP(eq("default"));
verify(metadataManager).setHostedSPName(eq("spname"));
verify(metadataManager).setRefreshCheckInterval(eq(999L));
verify(delegate).setForceMetadataRevocationCheck(eq(true));
verify(delegate).setMetadataRequireSignature(eq(true));
verify(delegate).setMetadataTrustCheck(eq(true));
verify(delegate).setMetadataTrustedKeys((Set<String>) MockitoHamcrest.argThat(contains("one", "two")));
verify(delegate).setRequireValidMetadata(eq(true));
verify(delegate).setMetadataFilter(eq(metadataFilter));
}
Example #18
| Source File: MetadataCredentialResolverFactory.java From lams with GNU General Public License v2.0 | 4 votes |
|
/** {@inheritDoc} */
protected MetadataCredentialResolver createNewInstance(MetadataProvider metadataProvider) {
return new MetadataCredentialResolver(metadataProvider);
}
Example #19
| Source File: SAMLConfigDefaults.java From spring-boot-security-saml-samples with MIT License | 4 votes |
|
@Bean
public CachingMetadataManager metadataManager(List<MetadataProvider> metadataProviders) throws MetadataProviderException {
return new CachingMetadataManager(metadataProviders);
}
Example #20
| Source File: SAMLManager.java From blackduck-alert with Apache License 2.0 | 4 votes |
|
private ExtendedMetadataDelegate createDelegate(MetadataProvider provider) {
ExtendedMetadataDelegate delegate = new ExtendedMetadataDelegate(provider, extendedMetadata);
delegate.setMetadataTrustCheck(true);
delegate.setMetadataRequireSignature(false);
return delegate;
}
Example #21
| Source File: DSLMetadataManager.java From spring-boot-security-saml with MIT License | 2 votes |
|
/**
* Creates new metadata manager, automatically registers itself for notifications from metadata changes and calls
* reload upon a change. Also registers timer which verifies whether metadata needs to be reloaded in a specified
* time interval.
* <p>
* It is mandatory that method afterPropertiesSet is called after the construction.
*
* @param providers providers to include, mustn't be null or empty
* @throws MetadataProviderException error during initialization
*/
public DSLMetadataManager(List<MetadataProvider> providers) throws MetadataProviderException {
super(providers);
}
Example #22
| Source File: AbstractEndpointSelector.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Sets the metadata provider used to look up entity information.
*
* @param provider metadata provider used to look up entity information
*/
public void setMetadataProvider(MetadataProvider provider) {
metadataProvider = provider;
}
Example #23
| Source File: AbstractEndpointSelector.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Gets the metadata provider used to look up entity information.
*
* @return metadata provider used to look up entity information
*/
public MetadataProvider getMetadataProvider() {
return metadataProvider;
}
Example #24
| Source File: SAMLMessageContext.java From lams with GNU General Public License v2.0 | 2 votes |
|
/** * Sets the metadata provider used to lookup information entity information. * * @param provider metadata provider used to lookup information entity information */ public void setMetadataProvider(MetadataProvider provider);
Example #25
| Source File: SAMLMessageContext.java From lams with GNU General Public License v2.0 | 2 votes |
|
/** * Gets the metadata provider used to lookup information entity information. * * @return metadata provider used to lookup information entity information */ public MetadataProvider getMetadataProvider();
Example #26
| Source File: MetadataCredentialResolver.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Get the metadata provider instance used by this resolver.
*
* @return the resolver's metadata provider instance
*/
public MetadataProvider getMetadataProvider() {
return metadata;
}
