Package org.opensaml.saml.common.binding

Class AbstractEndpointResolver<EndpointType extends Endpoint>

  • Type Parameters:
    EndpointType - type of endpoint
    All Implemented Interfaces:
    net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.IdentifiedComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, net.shibboleth.utilities.java.support.resolver.Resolver<EndpointType,​net.shibboleth.utilities.java.support.resolver.CriteriaSet>, EndpointResolver<EndpointType>
    public abstract class AbstractEndpointResolver<EndpointType extends Endpoint>
extends net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
implements EndpointResolver<EndpointType>
    Base implementation that resolves and validates protocol/profile endpoints using a combination of supplied parameters and SAML metadata.

    SAML metadata rules are followed for deriving candidate endpoints to evaluate. The base class implements only a subset of required functionality, then extracts a set of candidates from metadata if present, and delegates to a subclass to actually evaluate each one for acceptability.

    The supported Criterion types and their use follows:

    EndpointCriterion (required)
    Contains a "template" for the eventual Endpoint(s) to resolve that identifies at minimum the type of endpoint object (via schema type or element name) to resolve. It MAY contain other attributes that will be used in matching candidate endpoints for suitability, such as index, binding, location, etc. If so marked, it may also be resolved as a trusted endpoint without additional verification required.
    RoleDescriptorCriterion
    If present, provides access to the candidate endpoint(s) to attempt resolution against. Strictly optional, but if absent, the supplied endpoint (from EndpointCriterion) is returned as the sole result, whatever its completeness/usability, allowing for subclass validation.

    Subclasses should override the {doCheckEndpoint(CriteriaSet, Endpoint) method to implement further criteria.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private org.slf4j.Logger log
      Class logger.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private boolean canUseRequestedEndpoint​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
      Optimize the case of resolving a single endpoint if a populated endpoint is supplied via criteria, and validation is unnecessary due to a signed request.
      protected boolean doCheckEndpoint​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria, EndpointType endpoint)
      Apply the supplied criteria to a candidate endpoint to determine its suitability.
      private List<EndpointType> getCandidatesFromMetadata​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
      Get a mutable list of endpoints of a given type found in the metadata role contained in a RoleDescriptorCriterion (or an empty list if no metadata exists).
      protected String getLogPrefix()
      Return a prefix for logging messages for this component.
      Iterable<EndpointType> resolve​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
      EndpointType resolveSingle​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
      private List<EndpointType> sortCandidates​(List<Endpoint> candidates)
      Copy and sort the endpoints such that the default endpoint by SAML rules comes first.
      private void validateCriteria​(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
      Verify that the required EndpointCriterion is present.

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent

        doInitialize, getId, setId

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

        destroy, doDestroy, initialize, isDestroyed, isInitialized

    • Field Detail

      • log

        @Nonnull
private org.slf4j.Logger log
        Class logger.

    • Constructor Detail

      • AbstractEndpointResolver

        public AbstractEndpointResolver()
        Constructor.

    • Method Detail

      • resolve

        @Nonnull
@NonnullElements
public Iterable<EndpointType> resolve​(@Nullable
                                      net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
                               throws net.shibboleth.utilities.java.support.resolver.ResolverException
        Specified by:
        resolve in interface net.shibboleth.utilities.java.support.resolver.Resolver<EndpointType extends Endpoint,​net.shibboleth.utilities.java.support.resolver.CriteriaSet>
        Throws:
        net.shibboleth.utilities.java.support.resolver.ResolverException

      • resolveSingle

        @Nullable
public EndpointType resolveSingle​(@Nullable
                                  net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
                           throws net.shibboleth.utilities.java.support.resolver.ResolverException
        Specified by:
        resolveSingle in interface net.shibboleth.utilities.java.support.resolver.Resolver<EndpointType extends Endpoint,​net.shibboleth.utilities.java.support.resolver.CriteriaSet>
        Throws:
        net.shibboleth.utilities.java.support.resolver.ResolverException

      • doCheckEndpoint

        protected boolean doCheckEndpoint​(@Nonnull
                                  net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria,
                                  @Nonnull
                                  EndpointType endpoint)
        Apply the supplied criteria to a candidate endpoint to determine its suitability.
        Parameters:
        criteria - input criteria set
        endpoint - candidate endpoint
        Returns:
        true iff the endpoint meets the supplied criteria

      • validateCriteria

        private void validateCriteria​(@Nullable
                              net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
                       throws net.shibboleth.utilities.java.support.resolver.ResolverException
        Verify that the required EndpointCriterion is present.
        Parameters:
        criteria - input criteria set
        Throws:
        net.shibboleth.utilities.java.support.resolver.ResolverException - if the input set is null or no EndpointCriterion is present

      • canUseRequestedEndpoint

        private boolean canUseRequestedEndpoint​(@Nonnull
                                        net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
        Optimize the case of resolving a single endpoint if a populated endpoint is supplied via criteria, and validation is unnecessary due to a signed request. Note that this endpoint may turn out to be unusable by the caller, but that's immaterial because the requester must have dictated the binding and location, so we're not allowed to ignore that.
        Parameters:
        criteria - input criteria set
        Returns:
        true iff the supplied endpoint via EndpointCriterion should be returned

      • getCandidatesFromMetadata

        @Nonnull
@NonnullElements
private List<EndpointType> getCandidatesFromMetadata​(@Nonnull
                                                     net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
        Get a mutable list of endpoints of a given type found in the metadata role contained in a RoleDescriptorCriterion (or an empty list if no metadata exists).

        The endpoint type to extract is based on the candidate endpoint in an EndpointCriterion. If the endpoints are indexed, the first list entry will contain the default endpoint to use in the absence of other limiting criteria.

        Parameters:
        criteria - input criteria set
        Returns:
        mutable list of endpoints from the metadata

      • sortCandidates

        @Nonnull
@NonnullElements
private List<EndpointType> sortCandidates​(@Nonnull @NonnullElements
                                          List<Endpoint> candidates)
        Copy and sort the endpoints such that the default endpoint by SAML rules comes first.
        Parameters:
        candidates - input list of endpoints
        Returns:
        a new list containing the endpoints such that the default is first

      • getLogPrefix

        @Nonnull
protected String getLogPrefix()
        Return a prefix for logging messages for this component.
        Returns:
        a string for insertion at the beginning of any log messages