Package com.onelogin.saml2.settings

Class Metadata

  • public class Metadata
extends java.lang.Object
    Metadata class of OneLogin's Java Toolkit. A class that contains methods related to the metadata of the SP

    • Constructor Summary

      Constructors 
      Constructor Description
      Metadata​(Saml2Settings settings)
      Constructs the Metadata object.
      Metadata​(Saml2Settings settings, java.util.Calendar validUntilTime, java.lang.Integer cacheDuration)
      Constructs the Metadata object.
      Metadata​(Saml2Settings settings, java.util.Calendar validUntilTime, java.lang.Integer cacheDuration, AttributeConsumingService attributeConsumingService)
      Constructs the Metadata object.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private org.apache.commons.lang3.text.StrSubstitutor generateSubstitutor​(Saml2Settings settings)
      Substitutes metadata variables within a string by values.
      private java.lang.String getAttributeConsumingServiceXml()
      Generates the AttributeConsumingService section of the metadata's template
      java.lang.String getMetadataString()  
      private static java.lang.StringBuilder getMetadataTemplate()  
      protected java.lang.String postProcessXml​(java.lang.String metadataXml, Saml2Settings settings)
      Allows for an extension class to post-process the SAML metadata XML generated for this metadata instance, in order to customize the result.
      static java.lang.String signMetadata​(java.lang.String metadata, java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String signAlgorithm)
      Signs the metadata with the key/cert provided
      static java.lang.String signMetadata​(java.lang.String metadata, java.security.PrivateKey key, java.security.cert.X509Certificate cert, java.lang.String signAlgorithm, java.lang.String digestAlgorithm)
      Signs the metadata with the key/cert provided
      private java.lang.String toContactsXml​(java.util.List<Contact> contacts)
      Generates the contact section of the metadata's template
      private java.lang.String toOrganizationXml​(Organization organization)
      Generates the organization section of the metadata's template
      private java.lang.String toSLSXml​(java.net.URL spSingleLogoutServiceUrl, java.lang.String spSingleLogoutServiceBinding)  
      private java.lang.String toX509KeyDescriptorsXML​(java.security.cert.X509Certificate cert, java.lang.Boolean wantsEncrypted)
      Generates the KeyDescriptor section of the metadata's template
      private java.lang.String toX509KeyDescriptorsXML​(java.security.cert.X509Certificate certCurrent, java.security.cert.X509Certificate certNew, java.lang.Boolean wantsEncrypted)
      Generates the KeyDescriptor section of the metadata's template

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • LOGGER

        private static final org.slf4j.Logger LOGGER
        Private property to construct a logger for this class.

      • metadataString

        private final java.lang.String metadataString
        Generated metadata in string format

      • validUntilTime

        private final java.util.Calendar validUntilTime
        validUntilTime of the metadata. How long the metadata is valid

      • cacheDuration

        private final java.lang.Integer cacheDuration
        cacheDuration of the metadata. Duration of the cache in seconds

    • Constructor Detail

      • Metadata

        public Metadata​(Saml2Settings settings,
                java.util.Calendar validUntilTime,
                java.lang.Integer cacheDuration,
                AttributeConsumingService attributeConsumingService)
         throws java.security.cert.CertificateEncodingException
        Constructs the Metadata object.
        Parameters:
        settings - Saml2Settings object. Setting data
        validUntilTime - Metadata's valid time
        cacheDuration - Duration of the cache in seconds
        attributeConsumingService - AttributeConsumingService of service provider
        Throws:
        java.security.cert.CertificateEncodingException

      • Metadata

        public Metadata​(Saml2Settings settings,
                java.util.Calendar validUntilTime,
                java.lang.Integer cacheDuration)
         throws java.security.cert.CertificateEncodingException
        Constructs the Metadata object.
        Parameters:
        settings - Saml2Settings object. Setting data
        validUntilTime - Metadata's valid time
        cacheDuration - Duration of the cache in seconds
        Throws:
        java.security.cert.CertificateEncodingException

      • Metadata

        public Metadata​(Saml2Settings settings)
         throws java.security.cert.CertificateEncodingException
        Constructs the Metadata object.
        Parameters:
        settings - Saml2Settings object. Setting data
        Throws:
        java.security.cert.CertificateEncodingException

    • Method Detail

      • postProcessXml

        protected java.lang.String postProcessXml​(java.lang.String metadataXml,
                                          Saml2Settings settings)
        Allows for an extension class to post-process the SAML metadata XML generated for this metadata instance, in order to customize the result.

        This method is invoked at construction time, after all the other fields of this class have already been initialised. Its default implementation simply returns the input XML as-is, with no change.

        Parameters:
        metadataXml - the XML produced for this metadata instance by the standard implementation provided by Metadata
        settings - the settings
        Returns:
        the post-processed XML for this metadata instance, which will then be returned by any call to getMetadataString()

      • generateSubstitutor

        private org.apache.commons.lang3.text.StrSubstitutor generateSubstitutor​(Saml2Settings settings)
                                                                  throws java.security.cert.CertificateEncodingException
        Substitutes metadata variables within a string by values.
        Parameters:
        settings - Saml2Settings object. Setting data
        Returns:
        the StrSubstitutor object of the metadata
        Throws:
        java.security.cert.CertificateEncodingException

      • getMetadataTemplate

        private static java.lang.StringBuilder getMetadataTemplate()
        Returns:
        the metadata's template

      • getAttributeConsumingServiceXml

        private java.lang.String getAttributeConsumingServiceXml()
        Generates the AttributeConsumingService section of the metadata's template
        Returns:
        the AttributeConsumingService section of the metadata's template

      • toContactsXml

        private java.lang.String toContactsXml​(java.util.List<Contact> contacts)
        Generates the contact section of the metadata's template
        Parameters:
        contacts - List of contact objects
        Returns:
        the contact section of the metadata's template

      • toOrganizationXml

        private java.lang.String toOrganizationXml​(Organization organization)
        Generates the organization section of the metadata's template
        Parameters:
        organization - organization object
        Returns:
        the organization section of the metadata's template

      • toX509KeyDescriptorsXML

        private java.lang.String toX509KeyDescriptorsXML​(java.security.cert.X509Certificate cert,
                                                 java.lang.Boolean wantsEncrypted)
                                          throws java.security.cert.CertificateEncodingException
        Generates the KeyDescriptor section of the metadata's template
        Parameters:
        cert - the public cert that will be used by the SP to sign and encrypt
        wantsEncrypted - Whether to include the KeyDescriptor for encryption
        Returns:
        the KeyDescriptor section of the metadata's template
        Throws:
        java.security.cert.CertificateEncodingException

      • toX509KeyDescriptorsXML

        private java.lang.String toX509KeyDescriptorsXML​(java.security.cert.X509Certificate certCurrent,
                                                 java.security.cert.X509Certificate certNew,
                                                 java.lang.Boolean wantsEncrypted)
                                          throws java.security.cert.CertificateEncodingException
        Generates the KeyDescriptor section of the metadata's template
        Parameters:
        certCurrent - the public cert that will be used by the SP to sign and encrypt
        certNew - the public cert that will be used by the SP to sign and encrypt in future
        wantsEncrypted - Whether to include the KeyDescriptor for encryption
        Returns:
        the KeyDescriptor section of the metadata's template
        Throws:
        java.security.cert.CertificateEncodingException

      • toSLSXml

        private java.lang.String toSLSXml​(java.net.URL spSingleLogoutServiceUrl,
                                  java.lang.String spSingleLogoutServiceBinding)
        Returns:
        the md:SingleLogoutService section of the metadata's template

      • getMetadataString

        public final java.lang.String getMetadataString()
        Returns:
        the metadata

      • signMetadata

        public static java.lang.String signMetadata​(java.lang.String metadata,
                                            java.security.PrivateKey key,
                                            java.security.cert.X509Certificate cert,
                                            java.lang.String signAlgorithm)
                                     throws javax.xml.xpath.XPathExpressionException,
                                            org.apache.xml.security.exceptions.XMLSecurityException
        Signs the metadata with the key/cert provided
        Parameters:
        metadata - SAML Metadata XML
        key - Private Key
        cert - x509 Public certificate
        signAlgorithm - Signature Algorithm
        Returns:
        string Signed Metadata
        Throws:
        org.apache.xml.security.exceptions.XMLSecurityException
        javax.xml.xpath.XPathExpressionException

      • signMetadata

        public static java.lang.String signMetadata​(java.lang.String metadata,
                                            java.security.PrivateKey key,
                                            java.security.cert.X509Certificate cert,
                                            java.lang.String signAlgorithm,
                                            java.lang.String digestAlgorithm)
                                     throws javax.xml.xpath.XPathExpressionException,
                                            org.apache.xml.security.exceptions.XMLSecurityException
        Signs the metadata with the key/cert provided
        Parameters:
        metadata - SAML Metadata XML
        key - Private Key
        cert - x509 Public certificate
        signAlgorithm - Signature Algorithm
        digestAlgorithm - Digest Algorithm
        Returns:
        string Signed Metadata
        Throws:
        org.apache.xml.security.exceptions.XMLSecurityException
        javax.xml.xpath.XPathExpressionException