Class AbstractEndpointResolver<EndpointType extends Endpoint>

Type Parameters:
EndpointType - type of endpoint
All Implemented Interfaces:
Component, DestructableComponent, IdentifiedComponent, InitializableComponent, Resolver<EndpointType,CriteriaSet>, EndpointResolver<EndpointType>
Direct Known Subclasses:

public abstract class AbstractEndpointResolver<EndpointType extends Endpoint> extends AbstractIdentifiedInitializableComponent implements EndpointResolver<EndpointType>
Base implementation that resolves and validates protocol/profile endpoints using a combination of supplied parameters and SAML metadata.

SAML metadata rules are followed for deriving candidate endpoints to evaluate. The base class implements only a subset of required functionality, then extracts a set of candidates from metadata if present, and delegates to a subclass to actually evaluate each one for acceptability.

The supported Criterion types and their use follows:

EndpointCriterion (required)
Contains a "template" for the eventual Endpoint(s) to resolve that identifies at minimum the type of endpoint object (via schema type or element name) to resolve. It MAY contain other attributes that will be used in matching candidate endpoints for suitability, such as index, binding, location, etc. If so marked, it may also be resolved as a trusted endpoint without additional verification required.
Prioritizes endpoint whose Location matches the most characters of the input criterion location. Only applied to the resolveSingle(CriteriaSet) method.
Ordered list of bindings to filter and sort the endpoints. This overrides the ordering from the metadata and possibly overrides the normal default endpoint in favor of higher-precedence bindings.
If present, provides access to the candidate endpoint(s) to attempt resolution against. Strictly optional, but if absent, the supplied endpoint (from EndpointCriterion) is returned as the sole result, whatever its completeness/usability, allowing for subclass validation.

Subclasses should override the {doCheckEndpoint(CriteriaSet, Endpoint) method to implement further criteria.

  • Field Details

    • log

      @Nonnull private org.slf4j.Logger log
      Class logger.
    • inMetadataOrder

      private boolean inMetadataOrder
      Sorting rule for results.
  • Constructor Details

    • AbstractEndpointResolver

      public AbstractEndpointResolver()
  • Method Details

    • isInMetadataOrder

      public boolean isInMetadataOrder()
      Get whether the results should be sorted by metadata order or based on the order of bindings provided to the lookup.
      true iff the BindingCriterion should be ignored for the purposes of sorting the results
    • setInMetadataOrder

      public void setInMetadataOrder(boolean flag)
      Set whether the results should be sorted by metadata order or based on the order of bindings provided to the lookup.

      Defaults to true

      flag - flag to set
    • resolve

      @Nonnull @NonnullElements public Iterable<EndpointType> resolve(@Nullable CriteriaSet criteria) throws ResolverException
      Specified by:
      resolve in interface Resolver<EndpointType extends Endpoint,CriteriaSet>
    • resolveSingle

      @Nullable public EndpointType resolveSingle(@Nullable CriteriaSet criteria) throws ResolverException
      Specified by:
      resolveSingle in interface Resolver<EndpointType extends Endpoint,CriteriaSet>
    • doCheckEndpoint

      protected boolean doCheckEndpoint(@Nonnull CriteriaSet criteria, @Nonnull EndpointType endpoint)
      Apply the supplied criteria to a candidate endpoint to determine its suitability.
      criteria - input criteria set
      endpoint - candidate endpoint
      true iff the endpoint meets the supplied criteria
    • validateCriteria

      private void validateCriteria(@Nullable CriteriaSet criteria) throws ResolverException
      Verify that the required EndpointCriterion is present.
      criteria - input criteria set
      ResolverException - if the input set is null or no EndpointCriterion is present
    • canUseRequestedEndpoint

      private boolean canUseRequestedEndpoint(@Nonnull CriteriaSet criteria)
      Optimize the case of resolving a single endpoint if a populated endpoint is supplied via criteria, and validation is unnecessary due to a signed request. Note that this endpoint may turn out to be unusable by the caller, but that's immaterial because the requester must have dictated the binding and location, so we're not allowed to ignore that.
      criteria - input criteria set
      true iff the supplied endpoint via EndpointCriterion should be returned
    • getCandidatesFromMetadata

      @Nonnull @NonnullElements private List<EndpointType> getCandidatesFromMetadata(@Nonnull CriteriaSet criteria)
      Get a mutable list of endpoints of a given type found in the metadata role contained in a RoleDescriptorCriterion (or an empty list if no metadata exists).

      The endpoint type to extract is based on the candidate endpoint in an EndpointCriterion. If the endpoints are indexed, the first list entry will contain the default endpoint to use in the absence of other limiting criteria.

      criteria - input criteria set
      mutable list of endpoints from the metadata
    • sortCandidates

      @Nonnull @NonnullElements private List<EndpointType> sortCandidates(@Nonnull @NonnullElements List<Endpoint> candidates)
      Copy and sort the endpoints such that the default endpoint by SAML rules comes first.
      candidates - input list of endpoints
      a new list containing the endpoints such that the default is first
    • getLogPrefix

      @Nonnull protected String getLogPrefix()
      Return a prefix for logging messages for this component.
      a string for insertion at the beginning of any log messages