Example 21 with SamlException
use of org.apereo.cas.support.saml.SamlException in project cas by apereo.
the class UrlResourceMetadataResolver method resolve.
@Override
public Collection<? extends MetadataResolver> resolve(final SamlRegisteredService service, final CriteriaSet criteriaSet) {
HttpResponse response = null;
try {
RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service);
val metadataLocation = getMetadataLocationForService(service, criteriaSet);
LOGGER.info("Loading SAML metadata from [{}]", metadataLocation);
val metadataResource = new UrlResource(metadataLocation);
val backupFile = getMetadataBackupFile(metadataResource, service);
if (backupFile.exists() && samlIdPProperties.getMetadata().getHttp().isForceMetadataRefresh()) {
cleanUpExpiredBackupMetadataFilesFor(metadataResource, service);
}
val canonicalPath = backupFile.getCanonicalPath();
LOGGER.debug("Metadata backup file will be at [{}]", canonicalPath);
FileUtils.forceMkdirParent(backupFile);
response = fetchMetadata(service, metadataLocation, criteriaSet, backupFile);
val status = HttpStatus.valueOf(response.getStatusLine().getStatusCode());
if (shouldHttpResponseStatusBeProcessed(status)) {
val metadataProvider = getMetadataResolverFromResponse(response, backupFile);
configureAndInitializeSingleMetadataResolver(metadataProvider, service);
return CollectionUtils.wrap(metadataProvider);
}
} catch (final UnauthorizedServiceException e) {
LoggingUtils.error(LOGGER, e);
throw new SamlException(e.getMessage(), e);
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
} finally {
HttpUtils.close(response);
}
return new ArrayList<>(0);
}
Also used :
lombok.val(lombok.val)
UrlResource(org.springframework.core.io.UrlResource)
ArrayList(java.util.ArrayList)
HttpResponse(org.apache.http.HttpResponse)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
SamlException(org.apereo.cas.support.saml.SamlException)
SamlException(org.apereo.cas.support.saml.SamlException)
UnauthorizedServiceException(org.apereo.cas.services.UnauthorizedServiceException)
IOException(java.io.IOException)
Aggregations
SamlException (org.apereo.cas.support.saml.SamlException)21
lombok.val (lombok.val)10
ArrayList (java.util.ArrayList)5
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)5
EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)4
MessageContext (org.opensaml.messaging.context.MessageContext)4
Synchronized (lombok.Synchronized)3
UnauthorizedServiceException (org.apereo.cas.services.UnauthorizedServiceException)3
SAMLException (org.opensaml.saml.common.SAMLException)3
EntityRoleCriterion (org.opensaml.saml.criterion.EntityRoleCriterion)3
ChainingMetadataResolver (org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)3
SneakyThrows (lombok.SneakyThrows)2
Slf4j (lombok.extern.slf4j.Slf4j)2
HttpResponse (org.apache.http.HttpResponse)2
OpenSamlConfigBean (org.apereo.cas.support.saml.OpenSamlConfigBean)2
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)2
MetadataResolver (org.opensaml.saml.metadata.resolver.MetadataResolver)2
SAML2HTTPRedirectDeflateSignatureSecurityHandler (org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler)2
SAMLSignatureProfileValidator (org.opensaml.saml.security.impl.SAMLSignatureProfileValidator)2
Credential (org.opensaml.security.credential.Credential)2
