First cut at Origin side metadata implementation.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 25 Mar 2004 21:32:33 +0000 (21:32 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 25 Mar 2004 21:32:33 +0000 (21:32 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@929 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

13 files changed:
data/sites1.xml [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/AttributeConsumerRole.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/ContactPerson.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/Endpoint.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/KeyDescriptor.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/Metadata.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/MetadataException.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/Provider.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/ProviderRole.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/SPProviderRole.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadata.java [new file with mode: 0644]
src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadataLoadWrapper.java [new file with mode: 0644]
tests/edu/internet2/middleware/shibboleth/metadata/MetadataTests.java [new file with mode: 0644]

diff --git a/data/sites1.xml b/data/sites1.xml
new file mode 100644 (file)
index 0000000..984ae4c
--- /dev/null
@@ -0,0 +1,43 @@
+<SiteGroup Name="urn:mace:inqueue" xmlns="urn:mace:shibboleth:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:mace:shibboleth:1.0 shibboleth.xsd">
+       <OriginSite Name="urn:mace:inqueue:example.edu" ErrorURL="http://wayf.internet2.edu/InQueue/error.html">
+               <Alias>Example State University</Alias>
+               <Contact Type="technical" Name="Alfred E. Neuman" Email="(no email)"/>
+               <HandleService Location="https://wayf.internet2.edu/InQueue/HS" Name="wayf.internet2.edu"/>
+               <AttributeAuthority Location="https://wayf.internet2.edu/InQueue/AA" Name="wayf.internet2.edu"/>
+               <Domain>example.edu</Domain>
+       </OriginSite>
+
+       <OriginSite Name="urn:mace:inqueue:shibdev.edu">
+               <Alias>Shibboleth Development Origin</Alias>
+               <Contact Type="technical" Name="Scott Cantor" Email="cantor.2@osu.edu"/>
+               <HandleService Location="https://shib2.internet2.edu/shibboleth/HS" Name="shib2.internet2.edu"/>
+               <AttributeAuthority Location="https://shib2.internet2.edu/shibboleth/AA" Name="shib2.internet2.edu"/>
+               <Domain>shibdev.edu</Domain>
+       </OriginSite>
+
+       <SiteGroup Name="foofed">
+               <DestinationSite Name="bar">
+               <Alias>barman</Alias>
+                       <Contact Type="technical" Name="Walter Hoehn" Email="wassa@memphis.edu"/>
+                       <AssertionConsumerServiceURL Location="http://foo.com/SHIRE"/>
+                       <AttributeRequester Name="C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test.memphis.edu"/>
+               </DestinationSite>
+                       <SiteGroup Name="bahfed">
+                               <DestinationSite Name="bahsite">
+                               <Alias>bahman</Alias>
+                                       <Contact Type="technical" Name="Walter Hoehn" Email="wassa@memphis.edu"/>
+                                       <AssertionConsumerServiceURL Location="http://foo.com/SHIRE"/>
+                                       <AttributeRequester Name="C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test.memphis.edu"/>
+                               </DestinationSite>
+                       </SiteGroup>
+       </SiteGroup>
+       
+       <DestinationSite Name="rootsite">
+               <Alias>rootman</Alias>
+                       <Contact Type="technical" Name="Walter Hoehn" Email="wassa@memphis.edu"/>
+                       <AssertionConsumerServiceURL Location="http://foo.com/SHIRE"/>
+                       <AttributeRequester Name="C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test1.memphis.edu"/>
+                       <AttributeRequester Name="C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test2.memphis.edu"/>
+       </DestinationSite>
+
+</SiteGroup>
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/AttributeConsumerRole.java b/src/edu/internet2/middleware/shibboleth/metadata/AttributeConsumerRole.java
new file mode 100644 (file)
index 0000000..a9c5b78
--- /dev/null
@@ -0,0 +1,36 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface AttributeConsumerRole extends ProviderRole {
+       //Stub interface
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/ContactPerson.java b/src/edu/internet2/middleware/shibboleth/metadata/ContactPerson.java
new file mode 100644 (file)
index 0000000..207faf9
--- /dev/null
@@ -0,0 +1,49 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface ContactPerson {
+
+       public static int       TECHNICAL               = 0;
+       public static int       SUPPORT                 = 1;
+       public static int       ADMINISTRATIVE  = 2;
+       public static int       BILLING                 = 3;
+       public static int       OTHER                   = 4;
+
+       public int getType();
+
+       public String getName();
+
+       public String[] getEmails();
+
+       public String[] getTelephones();
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/Endpoint.java b/src/edu/internet2/middleware/shibboleth/metadata/Endpoint.java
new file mode 100644 (file)
index 0000000..96a56dd
--- /dev/null
@@ -0,0 +1,44 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface Endpoint {
+
+       public String getBinding();
+
+       public String getVersion();
+
+       public String getLocation();
+
+       public String getResponseLocation();
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/KeyDescriptor.java b/src/edu/internet2/middleware/shibboleth/metadata/KeyDescriptor.java
new file mode 100644 (file)
index 0000000..4dedfad
--- /dev/null
@@ -0,0 +1,48 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+import org.apache.xml.security.keys.KeyInfo;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface KeyDescriptor {
+
+       public static int       ENCRYPTION      = 0;
+       public static int       SIGNING         = 1;
+
+       public int getUse();
+
+       public String getEncryptionMethod();
+
+       public int getKeySize();
+
+       public KeyInfo[] getKeyInfo();
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/Metadata.java b/src/edu/internet2/middleware/shibboleth/metadata/Metadata.java
new file mode 100644 (file)
index 0000000..146cc0a
--- /dev/null
@@ -0,0 +1,37 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface Metadata {
+
+       Provider lookup(final String providerId);
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/MetadataException.java b/src/edu/internet2/middleware/shibboleth/metadata/MetadataException.java
new file mode 100644 (file)
index 0000000..e704c04
--- /dev/null
@@ -0,0 +1,39 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public class MetadataException extends Exception {
+
+       public MetadataException(String message) {
+               super(message);
+       }
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/Provider.java b/src/edu/internet2/middleware/shibboleth/metadata/Provider.java
new file mode 100644 (file)
index 0000000..6ea705a
--- /dev/null
@@ -0,0 +1,44 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface Provider {
+
+       public String getId();
+
+       public String[] getGroups();
+
+       public ContactPerson[] getContacts();
+
+       public ProviderRole[] getRoles();
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/ProviderRole.java b/src/edu/internet2/middleware/shibboleth/metadata/ProviderRole.java
new file mode 100644 (file)
index 0000000..fcd4386
--- /dev/null
@@ -0,0 +1,52 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+import java.net.URL;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface ProviderRole {
+
+       public Provider getProvider();
+
+       public String[] getProtocolSupport();
+
+       public boolean hasSupport(final String version);
+
+       public ContactPerson[] getContacts();
+
+       public KeyDescriptor[] getKeyDescriptors();
+
+       public Endpoint[] getDefaultEndpoints();
+
+       public URL getErrorURL();
+
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/SPProviderRole.java b/src/edu/internet2/middleware/shibboleth/metadata/SPProviderRole.java
new file mode 100644 (file)
index 0000000..4679998
--- /dev/null
@@ -0,0 +1,39 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+/**
+ * Ported from Scott Cantor's C++ interfaces
+ * 
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public interface SPProviderRole extends ProviderRole {
+
+       public boolean getAuthnRequestsSigned();
+
+       public Endpoint[] getAssertionConsumerServiceURLs();
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadata.java b/src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadata.java
new file mode 100644 (file)
index 0000000..0a6b229
--- /dev/null
@@ -0,0 +1,356 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata.provider;
+
+import java.net.URL;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Stack;
+
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.log4j.Logger;
+import org.apache.xml.security.Init;
+import org.apache.xml.security.keys.KeyInfo;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import edu.internet2.middleware.shibboleth.common.XML;
+import edu.internet2.middleware.shibboleth.metadata.AttributeConsumerRole;
+import edu.internet2.middleware.shibboleth.metadata.ContactPerson;
+import edu.internet2.middleware.shibboleth.metadata.Endpoint;
+import edu.internet2.middleware.shibboleth.metadata.KeyDescriptor;
+import edu.internet2.middleware.shibboleth.metadata.Metadata;
+import edu.internet2.middleware.shibboleth.metadata.MetadataException;
+import edu.internet2.middleware.shibboleth.metadata.Provider;
+import edu.internet2.middleware.shibboleth.metadata.ProviderRole;
+import edu.internet2.middleware.shibboleth.metadata.SPProviderRole;
+
+/**
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public class XMLMetadata implements Metadata {
+
+       private static Logger           log                     = Logger.getLogger(XMLMetadata.class.getName());
+       public static final String      namespace       = "urn:mace:shibboleth:1.0";
+       private Map                                     providers       = new HashMap();
+
+       public XMLMetadata(Element root) throws MetadataException {
+               try {
+                       new ShibGroup(root, new Stack(), providers);
+               } catch (XMLMetadataException e) {
+                       log.error("Encountered a problem loadign federation metadata: " + e);
+                       throw new MetadataException("Unable to load federation metadata.");
+               }
+       }
+
+       public Provider lookup(String providerId) {
+               if (providers.containsKey(providerId)) {
+                       return (Provider) providers.get(providerId);
+               }
+               return null;
+       }
+
+       private class ShibGroup {
+
+               private String  id;
+
+               ShibGroup(Element root, Stack parents, Map providers) throws XMLMetadataException {
+                       if (!root.getNodeName().equals("SiteGroup")) {
+                               throw new XMLMetadataException("Excpected \"SiteGroup\", found \"" + root.getNodeName() + "\".");
+                       }
+
+                       id = root.getAttribute("Name");
+                       if (id == null || id.equals("")) {
+                               throw new XMLMetadataException("A name must be specified for the site group.");
+                       }
+
+                       parents.push(id);
+                       NodeList nodes = root.getChildNodes();
+                       for (int i = 0; nodes.getLength() > i; i++) {
+                               if (nodes.item(i).getNodeType() == Node.ELEMENT_NODE) {
+
+                                       if (nodes.item(i).getNodeName().equals("SiteGroup")) {
+                                               new ShibGroup((Element) nodes.item(i), parents, providers);
+
+                                       } else if (nodes.item(i).getNodeName().equals("DestinationSite")) {
+
+                                               Provider provider = new ShibTargetXMLProvider((Element) nodes.item(i), (String[]) parents
+                                                               .toArray(new String[0]));
+                                               providers.put(provider.getId(), provider);
+
+                                       } else if (nodes.item(i).getNodeName().equals("OriginSite")) {
+                                               log.debug("Ignoring OriginSite.");
+                                       }
+                               }
+                       }
+                       parents.pop();
+               }
+       }
+
+       class ShibTargetXMLProvider implements Provider, ProviderRole, SPProviderRole, AttributeConsumerRole {
+
+               private String          id;
+               private HashSet         contacts;
+               private String[]        groups;
+               private HashSet         assertionConsumers      = new HashSet();
+               private HashSet         keyDescriptors          = new HashSet();
+
+               ShibTargetXMLProvider(Element element, String[] groups) throws XMLMetadataException {
+                       if (!element.getNodeName().equals("DestinationSite")) {
+                               log.error("This provider implementation can only marshall Shibboleth target metadata.");
+                               throw new XMLMetadataException("Unable to load provider.");
+                       }
+
+                       this.groups = groups;
+
+                       id = element.getAttribute("Name");
+                       if (id == null || id.equals("")) {
+                               log.error("No name set for provider.");
+                               throw new XMLMetadataException("Unable to load provider.");
+                       }
+
+                       NodeList contactNodes = element.getElementsByTagNameNS(namespace, "Contact");
+                       if (contactNodes.getLength() > 0) {
+                               contacts = new HashSet();
+                       }
+                       for (int i = 0; contactNodes.getLength() > i; i++) {
+                               try {
+                                       contacts.add(new XMLContactPerson((Element) contactNodes.item(i)));
+                               } catch (XMLMetadataException e) {
+                                       log.error("Error loading parsing contact person for provider (" + id + "): " + e.getMessage());
+                               }
+                       }
+
+                       NodeList consumerNodes = element.getElementsByTagNameNS(namespace, "AssertionConsumerServiceURL");
+                       for (int i = 0; consumerNodes.getLength() > i; i++) {
+                               String location = ((Element) consumerNodes.item(i)).getAttribute("Location");
+                               if (location == null || location.equals("")) {
+                                       log.error("Destination site (" + id + ") contained a malformed Assertion Consumer Service URL.");
+                                       continue;
+                               }
+                               assertionConsumers.add(new ShibEndpoint(location));
+                       }
+                       if (assertionConsumers.size() == 0) {
+                               log.error("No assertion consumer URLs specified for this provider.");
+                               throw new XMLMetadataException("Unable to load provider.");
+                       }
+
+                       NodeList requesterNodes = element.getElementsByTagNameNS(namespace, "AttributeRequester");
+                       for (int i = 0; requesterNodes.getLength() > i; i++) {
+                               String name = ((Element) requesterNodes.item(i)).getAttribute("Name");
+                               if (name == null || name.equals("")) {
+                                       log.error("Destination site (" + id + ") contained a malformed Attribute Requester name.");
+                                       continue;
+                               }
+
+                               DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
+                               try {
+                                       if (!Init.isInitialized()) {
+                                               org.apache.xml.security.Init.init();
+                                       }
+                                       KeyInfo keyInfo = new KeyInfo(docFactory.newDocumentBuilder().newDocument());
+                                       keyInfo.addKeyName(name);
+                                       keyDescriptors.add(new TargetKeyDescriptor(keyInfo));
+
+                               } catch (ParserConfigurationException e) {
+                                       log.error("Unable to create xml document needed for KeyInfo.");
+                               }
+                       }
+                       if (keyDescriptors.size() == 0) {
+                               log.error("No valid attribute requesters specified for this provider.");
+                               throw new XMLMetadataException("Unable to load provider.");
+                       }
+
+               }
+
+               public String getId() {
+                       return id;
+               }
+
+               public String[] getGroups() {
+                       return groups;
+               }
+
+               public ContactPerson[] getContacts() {
+                       if (contacts != null) {
+                               return (ContactPerson[]) contacts.toArray(new ContactPerson[0]);
+                       }
+                       return new ContactPerson[0];
+               }
+
+               public ProviderRole[] getRoles() {
+                       return new ProviderRole[]{this};
+               }
+
+               public Provider getProvider() {
+                       return this;
+               }
+
+               public String[] getProtocolSupport() {
+                       return new String[]{XML.SHIB_NS};
+               }
+
+               public boolean hasSupport(String version) {
+                       if (version.equals(XML.SHIB_NS)) {
+                               return true;
+                       } else {
+                               return false;
+                       }
+               }
+
+               public Endpoint[] getDefaultEndpoints() {
+                       return new Endpoint[0];
+               }
+
+               public URL getErrorURL() {
+                       return null;
+               }
+
+               public boolean getAuthnRequestsSigned() {
+                       return true;
+               }
+
+               public Endpoint[] getAssertionConsumerServiceURLs() {
+                       return (Endpoint[]) assertionConsumers.toArray(new Endpoint[0]);
+               }
+
+               public KeyDescriptor[] getKeyDescriptors() {
+                       return (KeyDescriptor[]) keyDescriptors.toArray(new KeyDescriptor[0]);
+               }
+
+               class ShibEndpoint implements Endpoint {
+
+                       private String  binding;
+                       private String  location;
+
+                       ShibEndpoint(String location) {
+                               this.location = location;
+                       }
+
+                       public String getBinding() {
+                               return XML.SHIB_NS;
+                       }
+
+                       public String getVersion() {
+                               return null;
+                       }
+
+                       public String getLocation() {
+                               return location;
+                       }
+
+                       public String getResponseLocation() {
+                               return null;
+                       }
+               }
+
+               class TargetKeyDescriptor implements KeyDescriptor {
+
+                       private KeyInfo keyInfo;
+
+                       TargetKeyDescriptor(KeyInfo keyInfo) {
+                               this.keyInfo = keyInfo;
+                       }
+
+                       public int getUse() {
+                               return ENCRYPTION;
+                       }
+
+                       public String getEncryptionMethod() {
+                               return null;
+                       }
+
+                       public int getKeySize() {
+                               return 0;
+                       }
+
+                       public KeyInfo[] getKeyInfo() {
+                               return new KeyInfo[]{keyInfo};
+                       }
+               }
+
+       }
+
+       class XMLContactPerson implements ContactPerson {
+
+               private int             type;
+               private String  name;
+               private String  email;
+
+               public XMLContactPerson(Element element) throws XMLMetadataException {
+                       String rawType = element.getAttribute("Type");
+                       if (rawType.equalsIgnoreCase("TECHNICAL")) {
+                               type = ContactPerson.TECHNICAL;
+                       } else if (rawType.equalsIgnoreCase("SUPPORT")) {
+                               type = ContactPerson.SUPPORT;
+                       } else if (rawType.equalsIgnoreCase("ADMINISTRATIVE")) {
+                               type = ContactPerson.ADMINISTRATIVE;
+                       } else if (rawType.equalsIgnoreCase("BILLING")) {
+                               type = ContactPerson.BILLING;
+                       } else if (rawType.equalsIgnoreCase("OTHER")) {
+                               type = ContactPerson.OTHER;
+                       } else {
+                               throw new XMLMetadataException("Unknown contact type.");
+                       }
+                       name = element.getAttribute("Name");
+                       if (name == null || name.equals("")) {
+                               throw new XMLMetadataException("No contact name.");
+                       }
+                       email = element.getAttribute("Email");
+               }
+
+               public int getType() {
+                       return type;
+               }
+
+               public String getName() {
+                       return name;
+               }
+
+               public String[] getEmails() {
+                       if (email != null & !email.equals("")) {
+                               return new String[]{email};
+                       }
+                       return new String[0];
+               }
+
+               public String[] getTelephones() {
+                       return new String[0];
+               }
+       }
+
+       class XMLMetadataException extends Exception {
+
+               XMLMetadataException(String message) {
+                       super(message);
+               }
+       }
+}
diff --git a/src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadataLoadWrapper.java b/src/edu/internet2/middleware/shibboleth/metadata/provider/XMLMetadataLoadWrapper.java
new file mode 100644 (file)
index 0000000..ae7c341
--- /dev/null
@@ -0,0 +1,119 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu>Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata.provider;
+
+import java.io.IOException;
+
+import org.apache.log4j.Logger;
+import org.apache.xerces.parsers.DOMParser;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+
+import edu.internet2.middleware.shibboleth.common.ResourceWatchdog;
+import edu.internet2.middleware.shibboleth.common.ResourceWatchdogExecutionException;
+import edu.internet2.middleware.shibboleth.common.ShibResource;
+import edu.internet2.middleware.shibboleth.common.ShibResource.ResourceNotAvailableException;
+import edu.internet2.middleware.shibboleth.metadata.Metadata;
+import edu.internet2.middleware.shibboleth.metadata.MetadataException;
+import edu.internet2.middleware.shibboleth.metadata.Provider;
+
+/**
+ * @author Walter Hoehn (wassa@columbia.edu)
+ */
+public class XMLMetadataLoadWrapper extends ResourceWatchdog implements Metadata {
+
+       private static Logger   log     = Logger.getLogger(XMLMetadataLoadWrapper.class.getName());
+       private Metadata                currentMeta;
+       private DOMParser               parser;
+
+       public XMLMetadataLoadWrapper(String sitesFileLocation) throws MetadataException, ResourceNotAvailableException {
+               super(new ShibResource(sitesFileLocation), 5000);
+
+               //TODO make validating
+               parser = new DOMParser();
+               try {
+                       ////parser.setFeature("http://xml.org/sax/features/validation", false);
+                       //parser.setFeature("http://apache.org/xml/features/validation/schema", false);
+                       parser.parse(new InputSource(resource.getInputStream()));
+               } catch (SAXException e) {
+                       // TODO Auto-generated catch block
+                       e.printStackTrace();
+               } catch (IOException e) {
+                       // TODO Auto-generated catch block
+                       e.printStackTrace();
+               }
+               currentMeta = new XMLMetadata(parser.getDocument().getDocumentElement());
+
+               //Start checking for metadata updates
+               start();
+
+       }
+
+       public Provider lookup(String providerId) {
+               synchronized (currentMeta) {
+                       return currentMeta.lookup(providerId);
+               }
+       }
+
+       protected void doOnChange() throws ResourceWatchdogExecutionException {
+               //Log
+               try {
+                       log.info("Detected a change in the federation metadata.  Reloading from (" + resource.getURL().toString()
+                                       + ").");
+               } catch (IOException e) {
+                       log.error("Encountered an error retrieving updated federation metadata, continuing to use stale copy.");
+                       return;
+               }
+
+               //Load new, but keep the old in place
+               try {
+                       parser.parse(new InputSource(resource.getInputStream()));
+               } catch (SAXException e) {
+                       log.error("Encountered an error parsing updated federation metadata, continuing to use stale copy.");
+                       return;
+               } catch (IOException e) {
+                       log.error("Encountered an error retrieving updated federation metadata, continuing to use stale copy.");
+                       return;
+               }
+
+               //If things went well, replace the live copy
+               Metadata newMeta = null;
+               try {
+                       newMeta = new XMLMetadata(parser.getDocument().getDocumentElement());
+               } catch (MetadataException e1) {
+                       log.error("Encountered an error loading updated federation metadata, continuing to use stale copy.");
+                       return;
+               }
+
+               if (newMeta != null) {
+                       synchronized (currentMeta) {
+                               currentMeta = newMeta;
+                       }
+               }
+       }
+
+}
diff --git a/tests/edu/internet2/middleware/shibboleth/metadata/MetadataTests.java b/tests/edu/internet2/middleware/shibboleth/metadata/MetadataTests.java
new file mode 100644 (file)
index 0000000..b36a836
--- /dev/null
@@ -0,0 +1,167 @@
+/*
+ * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
+ * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met: Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution, if any, must include the following acknowledgment: "This product includes
+ * software developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu> Internet2
+ * Project. Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
+ * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2,
+ * nor the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
+ * products derived from this software without specific prior written permission. For written permission, please
+ * contact shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2,
+ * UCAID, or the University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name,
+ * without prior written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS
+ * PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
+ * NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS
+ * WITH LICENSEE. IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED
+ * INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package edu.internet2.middleware.shibboleth.metadata;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+import java.util.Arrays;
+
+import junit.framework.TestCase;
+
+import org.apache.log4j.BasicConfigurator;
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.apache.xerces.parsers.DOMParser;
+import org.xml.sax.EntityResolver;
+import org.xml.sax.ErrorHandler;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+import edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadataLoadWrapper;
+
+/**
+ * Validation suite for the <code>Metadata</code> interface.
+ * 
+ * @author Walter Hoehn
+ */
+
+public class MetadataTests extends TestCase {
+
+       private DOMParser       parser  = new DOMParser();
+
+       public MetadataTests(String name) {
+               super(name);
+               BasicConfigurator.resetConfiguration();
+               BasicConfigurator.configure();
+               Logger.getRootLogger().setLevel(Level.OFF);
+       }
+
+       public static void main(String[] args) {
+               junit.textui.TestRunner.run(MetadataTests.class);
+               BasicConfigurator.configure();
+               Logger.getRootLogger().setLevel(Level.OFF);
+       }
+
+       protected void setUp() throws Exception {
+               super.setUp();
+               try {
+                       parser.setFeature("http://xml.org/sax/features/validation", true);
+                       parser.setFeature("http://apache.org/xml/features/validation/schema", true);
+                       parser.setEntityResolver(new EntityResolver() {
+
+                               public InputSource resolveEntity(String publicId, String systemId) throws SAXException {
+
+                                       if (systemId.endsWith("credentials.xsd")) {
+                                               InputStream stream;
+                                               try {
+                                                       stream = new FileInputStream("src/schemas/shibboleth.xsd");
+                                                       if (stream != null) {
+                                                               return new InputSource(stream);
+                                                       }
+                                                       throw new SAXException("Could not load entity: Null input stream");
+                                               } catch (FileNotFoundException e) {
+                                                       throw new SAXException("Could not load entity: " + e);
+                                               }
+                                       } else if (systemId.endsWith("xmldsig-core-schema.xsd")) {
+                                               InputStream stream;
+                                               try {
+                                                       stream = new FileInputStream("src/schemas/xmldsig-core-schema.xsd");
+                                                       if (stream != null) {
+                                                               return new InputSource(stream);
+                                                       }
+                                                       throw new SAXException("Could not load entity: Null input stream");
+                                               } catch (FileNotFoundException e) {
+                                                       throw new SAXException("Could not load entity: " + e);
+                                               }
+                                       } else {
+                                               return null;
+                                       }
+                               }
+                       });
+
+                       parser.setErrorHandler(new ErrorHandler() {
+
+                               public void error(SAXParseException arg0) throws SAXException {
+                                       throw new SAXException("Error parsing xml file: " + arg0);
+                               }
+
+                               public void fatalError(SAXParseException arg0) throws SAXException {
+                                       throw new SAXException("Error parsing xml file: " + arg0);
+                               }
+
+                               public void warning(SAXParseException arg0) throws SAXException {
+                                       throw new SAXException("Error parsing xml file: " + arg0);
+                               }
+                       });
+               } catch (Exception e) {
+                       fail("Failed to setup xml parser: " + e);
+               }
+
+       }
+
+       public void testBasicShibbolethXML() {
+
+               try {
+                       Metadata metadata = new XMLMetadataLoadWrapper(new File("data/sites1.xml").toURL().toString());
+
+                       assertNotNull("Unable to find test provider", metadata.lookup("bahsite"));
+                       assertNotNull("Unable to find test provider", metadata.lookup("rootsite"));
+
+                       assertTrue("Group list is incorrect or out of order.", Arrays.equals(new String[]{"urn:mace:inqueue",
+                                       "foofed", "bahfed"}, metadata.lookup("bahsite").getGroups()));
+
+                       //This should probably be made more robust at some point
+                       assertTrue("Incorrect provider role.", metadata.lookup("bahsite").getRoles()[0] instanceof SPProviderRole);
+                       assertTrue("Incorrect provider role.",
+                                       metadata.lookup("bahsite").getRoles()[0] instanceof AttributeConsumerRole);
+
+                       assertEquals("Incorrect parsing of assertion consumer URL.", ((SPProviderRole) metadata.lookup("bahsite")
+                                       .getRoles()[0]).getAssertionConsumerServiceURLs()[0].getLocation(), "http://foo.com/SHIRE");
+
+                       assertTrue("Incorrect attribute requester parsing.", metadata.lookup("rootsite").getRoles()[0]
+                                       .getKeyDescriptors().length == 2);
+
+                       String[] control = new String[]{
+                                       "C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test2.memphis.edu",
+                                       "C=US, ST=Tennessee, L=Memphis, O=The University of Memphis, OU=Information Systems, CN=test1.memphis.edu"};
+                       String[] meta = new String[]{
+                                       metadata.lookup("rootsite").getRoles()[0].getKeyDescriptors()[0].getKeyInfo()[0].itemKeyName(0)
+                                                       .getKeyName(),
+                                       metadata.lookup("rootsite").getRoles()[0].getKeyDescriptors()[1].getKeyInfo()[0].itemKeyName(0)
+                                                       .getKeyName()};
+                       Arrays.sort(meta);
+                       Arrays.sort(control);
+                       assertTrue("Encountered unexpected key names", Arrays.equals(control, meta));
+               } catch (Exception e) {
+                       fail("Failed to correctly load metadata: " + e);
+               }
+
+       }
+}