The HS now validates providerId -> authN consumer URL unions against federation metadata.
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / metadata / provider / XMLMetadataLoadWrapper.java
1 /*
2  * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
3  * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
4  * provided that the following conditions are met: Redistributions of source code must retain the above copyright
5  * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
6  * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
7  * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
8  * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
9  * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
10  * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
11  * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
12  * products derived from this software without specific prior written permission. For written permission, please
13  * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
14  * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
15  * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
16  * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
17  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
18  * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
19  * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
20  * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
22  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
23  * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
24  * POSSIBILITY OF SUCH DAMAGE.
25  */
26
27 package edu.internet2.middleware.shibboleth.metadata.provider;
28
29 import java.io.IOException;
30 import java.io.InputStream;
31 import java.util.StringTokenizer;
32
33 import org.apache.log4j.Logger;
34 import org.apache.xerces.parsers.DOMParser;
35 import org.w3c.dom.Element;
36 import org.xml.sax.EntityResolver;
37 import org.xml.sax.ErrorHandler;
38 import org.xml.sax.InputSource;
39 import org.xml.sax.SAXException;
40 import org.xml.sax.SAXParseException;
41
42 import edu.internet2.middleware.shibboleth.common.ResourceWatchdog;
43 import edu.internet2.middleware.shibboleth.common.ResourceWatchdogExecutionException;
44 import edu.internet2.middleware.shibboleth.common.ShibResource;
45 import edu.internet2.middleware.shibboleth.common.ShibResource.ResourceNotAvailableException;
46 import edu.internet2.middleware.shibboleth.metadata.Metadata;
47 import edu.internet2.middleware.shibboleth.metadata.MetadataException;
48 import edu.internet2.middleware.shibboleth.metadata.Provider;
49
50 /**
51  * @author Walter Hoehn (wassa@columbia.edu)
52  */
53 public class XMLMetadataLoadWrapper extends ResourceWatchdog implements Metadata {
54
55         private static Logger   log     = Logger.getLogger(XMLMetadataLoadWrapper.class.getName());
56         private Metadata                currentMeta;
57         private DOMParser               parser;
58
59         public XMLMetadataLoadWrapper(Element configuration) throws MetadataException, ResourceNotAvailableException {
60                 this(configuration.getAttribute("uri"));
61         }
62
63         public XMLMetadataLoadWrapper(String sitesFileLocation) throws MetadataException, ResourceNotAvailableException {
64                 super(new ShibResource(sitesFileLocation, XMLMetadataLoadWrapper.class));
65
66                 parser = new DOMParser();
67                 try {
68                         parser.setFeature("http://xml.org/sax/features/validation", true);
69                         parser.setFeature("http://apache.org/xml/features/validation/schema", true);
70
71                         parser.setEntityResolver(new EntityResolver() {
72
73                                 public InputSource resolveEntity(String publicId, String systemId) throws SAXException {
74                                         log.debug("Resolving entity for System ID: " + systemId);
75                                         if (systemId != null) {
76                                                 StringTokenizer tokenString = new StringTokenizer(systemId, "/");
77                                                 String xsdFile = "";
78                                                 while (tokenString.hasMoreTokens()) {
79                                                         xsdFile = tokenString.nextToken();
80                                                 }
81                                                 if (xsdFile.endsWith(".xsd")) {
82                                                         InputStream stream;
83                                                         try {
84                                                                 stream = new ShibResource("/schemas/" + xsdFile, this.getClass()).getInputStream();
85                                                         } catch (IOException ioe) {
86                                                                 log.error("Error loading schema: " + xsdFile + ": " + ioe);
87                                                                 return null;
88                                                         }
89                                                         if (stream != null) {
90                                                                 return new InputSource(stream);
91                                                         }
92                                                 }
93                                         }
94                                         return null;
95                                 }
96                         });
97
98                         parser.setErrorHandler(new ErrorHandler() {
99
100                                 public void error(SAXParseException arg0) throws SAXException {
101                                         throw new SAXException("Error parsing xml file: " + arg0);
102                                 }
103
104                                 public void fatalError(SAXParseException arg0) throws SAXException {
105                                         throw new SAXException("Error parsing xml file: " + arg0);
106                                 }
107
108                                 public void warning(SAXParseException arg0) throws SAXException {
109                                         throw new SAXException("Error parsing xml file: " + arg0);
110                                 }
111                         });
112
113                         parser.parse(new InputSource(resource.getInputStream()));
114
115                 } catch (SAXException e) {
116                         log.error("Encountered a problem parsing federation metadata source: " + e);
117                         throw new MetadataException("Unable to parse federation metadata.");
118                 } catch (IOException e) {
119                         log.error("Encountered a problem reading federation metadata source: " + e);
120                         throw new MetadataException("Unable to read federation metadata.");
121                 }
122
123                 currentMeta = new XMLMetadata(parser.getDocument().getDocumentElement());
124
125                 //Start checking for metadata updates
126                 start();
127
128         }
129
130         public Provider lookup(String providerId) {
131                 synchronized (currentMeta) {
132                         return currentMeta.lookup(providerId);
133                 }
134         }
135
136         protected void doOnChange() throws ResourceWatchdogExecutionException {
137                 //Log
138                 try {
139                         log.info("Detected a change in the federation metadata.  Reloading from (" + resource.getURL().toString()
140                                         + ").");
141                 } catch (IOException e) {
142                         log.error("Encountered an error retrieving updated federation metadata, continuing to use stale copy.");
143                         return;
144                 }
145
146                 //Load new, but keep the old in place
147                 try {
148                         parser.parse(new InputSource(resource.getInputStream()));
149                 } catch (SAXException e) {
150                         log.error("Encountered an error parsing updated federation metadata, continuing to use stale copy.");
151                         return;
152                 } catch (IOException e) {
153                         log.error("Encountered an error retrieving updated federation metadata, continuing to use stale copy.");
154                         return;
155                 }
156
157                 //If things went well, replace the live copy
158                 Metadata newMeta = null;
159                 try {
160                         newMeta = new XMLMetadata(parser.getDocument().getDocumentElement());
161                 } catch (MetadataException e1) {
162                         log.error("Encountered an error loading updated federation metadata, continuing to use stale copy.");
163                         return;
164                 }
165
166                 if (newMeta != null) {
167                         synchronized (currentMeta) {
168                                 currentMeta = newMeta;
169                         }
170                 }
171         }
172
173 }