X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fmetadata%2Fimpl%2FChainingMetadataProvider.cpp;h=e8dcf15213251960205c344777ff67d4f785639d;hb=3f107084066988f951c36f1671d5ef5b19e498a1;hp=f70fa74b0312ee7d7bc029f6185f2baf3b5fbf0e;hpb=e9554c255ad3c91c7c4976e7a1a54905903e66a2;p=shibboleth%2Fcpp-opensaml.git diff --git a/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp b/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp index f70fa74..e8dcf15 100644 --- a/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp +++ b/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2010 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -24,10 +28,14 @@ #include "exceptions.h" #include "saml/binding/SAMLArtifact.h" #include "saml2/metadata/Metadata.h" +#include "saml2/metadata/DiscoverableMetadataProvider.h" #include "saml2/metadata/ObservableMetadataProvider.h" #include "saml2/metadata/MetadataCredentialCriteria.h" #include +#include +#include +#include #include #include #include @@ -39,6 +47,7 @@ using namespace opensaml; using namespace xmlsignature; using namespace xmltooling::logging; using namespace xmltooling; +using namespace boost; using namespace std; namespace opensaml { @@ -48,7 +57,7 @@ namespace opensaml { struct SAML_DLLLOCAL tracker_t; class SAML_DLLLOCAL ChainingMetadataProvider - : public ObservableMetadataProvider, public ObservableMetadataProvider::Observer { + : public DiscoverableMetadataProvider, public ObservableMetadataProvider, public ObservableMetadataProvider::Observer { public: ChainingMetadataProvider(const xercesc::DOMElement* e=nullptr); virtual ~ChainingMetadataProvider(); @@ -59,19 +68,52 @@ namespace opensaml { Lockable* lock(); void unlock(); void init(); + void outputStatus(ostream& os) const; const XMLObject* getMetadata() const; const EntitiesDescriptor* getEntitiesDescriptor(const char* name, bool requireValidMetadata=true) const; pair getEntityDescriptor(const Criteria& criteria) const; - void onEvent(const ObservableMetadataProvider& provider) const; const Credential* resolve(const CredentialCriteria* criteria=nullptr) const; vector::size_type resolve(vector& results, const CredentialCriteria* criteria=nullptr) const; + string getCacheTag() const { + Lock lock(m_trackerLock); + return m_feedTag; + } + + void outputFeed(ostream& os, bool& first, bool wrapArray=true) const { + if (wrapArray) + os << '['; + // Lock each provider in turn and suck in its feed. + for (ptr_vector::iterator m = m_providers.begin(); m != m_providers.end(); ++m) { + DiscoverableMetadataProvider* d = dynamic_cast(&(*m)); + if (d) { + Locker locker(d); + d->outputFeed(os, first, false); + } + } + if (wrapArray) + os << "\n]"; + } + + void onEvent(const ObservableMetadataProvider& provider) const { + // Reset the cache tag for the feed. + Lock lock(m_trackerLock); + SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4); + m_feedTag = SAMLArtifact::toHex(m_feedTag); + emitChangeEvent(); + } + + protected: + void generateFeed() { + // No-op. + } + private: bool m_firstMatch; - mutable Mutex* m_trackerLock; - ThreadKey* m_tlsKey; - vector m_providers; + mutable auto_ptr m_trackerLock; + auto_ptr m_tlsKey; + mutable ptr_vector m_providers; mutable set m_trackers; static void tracker_cleanup(void*); Category& m_log; @@ -134,58 +176,57 @@ void ChainingMetadataProvider::tracker_cleanup(void* ptr) } ChainingMetadataProvider::ChainingMetadataProvider(const DOMElement* e) - : ObservableMetadataProvider(e), m_firstMatch(true), m_trackerLock(nullptr), m_tlsKey(nullptr), + : ObservableMetadataProvider(e), m_firstMatch(true), m_trackerLock(Mutex::create()), m_tlsKey(ThreadKey::create(tracker_cleanup)), m_log(Category::getInstance(SAML_LOGCAT".Metadata.Chaining")) { if (XMLString::equals(e ? e->getAttributeNS(nullptr, precedence) : nullptr, last)) m_firstMatch = false; - e = e ? XMLHelper::getFirstChildElement(e, _MetadataProvider) : nullptr; + e = XMLHelper::getFirstChildElement(e, _MetadataProvider); while (e) { - auto_ptr_char temp(e->getAttributeNS(nullptr, _type)); - if (temp.get() && *temp.get()) { + string t = XMLHelper::getAttrString(e, nullptr, _type); + if (!t.empty()) { try { - m_log.info("building MetadataProvider of type %s", temp.get()); - auto_ptr provider(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(temp.get(), e)); + m_log.info("building MetadataProvider of type %s", t.c_str()); + auto_ptr provider(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(t.c_str(), e)); ObservableMetadataProvider* obs = dynamic_cast(provider.get()); if (obs) obs->addObserver(this); m_providers.push_back(provider.get()); provider.release(); } - catch (exception& ex) { + catch (std::exception& ex) { m_log.error("error building MetadataProvider: %s", ex.what()); } } e = XMLHelper::getNextSiblingElement(e, _MetadataProvider); } - m_trackerLock = Mutex::create(); - m_tlsKey = ThreadKey::create(tracker_cleanup); } ChainingMetadataProvider::~ChainingMetadataProvider() { - delete m_tlsKey; - delete m_trackerLock; for_each(m_trackers.begin(), m_trackers.end(), xmltooling::cleanup()); - for_each(m_providers.begin(), m_providers.end(), xmltooling::cleanup()); -} - -void ChainingMetadataProvider::onEvent(const ObservableMetadataProvider& provider) const -{ - emitChangeEvent(); } void ChainingMetadataProvider::init() { - for (vector::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) { + for (ptr_vector::iterator i = m_providers.begin(); i != m_providers.end(); ++i) { try { - (*i)->init(); + i->init(); } - catch (exception& ex) { + catch (std::exception& ex) { m_log.crit("failure initializing MetadataProvider: %s", ex.what()); } } + + // Set an initial cache tag for the state of the plugins. + SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4); + m_feedTag = SAMLArtifact::toHex(m_feedTag); +} + +void ChainingMetadataProvider::outputStatus(ostream& os) const +{ + for_each(m_providers.begin(), m_providers.end(), boost::bind(&MetadataProvider::outputStatus, _1, boost::ref(os))); } Lockable* ChainingMetadataProvider::lock() @@ -199,7 +240,7 @@ void ChainingMetadataProvider::unlock() void* ptr=m_tlsKey->getData(); if (ptr) { tracker_t* t = reinterpret_cast(ptr); - for_each(t->m_locked.begin(), t->m_locked.end(), mem_fun(&Lockable::unlock)); + for_each(t->m_locked.begin(), t->m_locked.end(), mem_fun(&Lockable::unlock)); t->m_locked.clear(); t->m_objectMap.clear(); } @@ -226,13 +267,13 @@ const EntitiesDescriptor* ChainingMetadataProvider::getEntitiesDescriptor(const MetadataProvider* held = nullptr; const EntitiesDescriptor* ret = nullptr; const EntitiesDescriptor* cur = nullptr; - for (vector::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) { - tracker->lock_if(*i); - if (cur=(*i)->getEntitiesDescriptor(name,requireValidMetadata)) { + for (ptr_vector::iterator i = m_providers.begin(); i != m_providers.end(); ++i) { + tracker->lock_if(&(*i)); + if (cur=i->getEntitiesDescriptor(name,requireValidMetadata)) { // Are we using a first match policy? if (m_firstMatch) { // Save locked provider. - tracker->remember(*i); + tracker->remember(&(*i)); return cur; } @@ -243,12 +284,12 @@ const EntitiesDescriptor* ChainingMetadataProvider::getEntitiesDescriptor(const } // Save off the latest match. - held = *i; + held = &(*i); ret = cur; } else { // No match, so just unlock this one and move on. - tracker->unlock_if(*i); + tracker->unlock_if(&(*i)); } } @@ -275,9 +316,9 @@ pair ChainingMetadataProvider::ge MetadataProvider* held = nullptr; pair ret = pair(nullptr,nullptr); pair cur = ret; - for (vector::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) { - tracker->lock_if(*i); - cur = (*i)->getEntityDescriptor(criteria); + for (ptr_vector::iterator i = m_providers.begin(); i != m_providers.end(); ++i) { + tracker->lock_if(&(*i)); + cur = i->getEntityDescriptor(criteria); if (cur.first) { if (criteria.role) { // We want a role also. Did we find one? @@ -288,7 +329,7 @@ pair ChainingMetadataProvider::ge if (held) tracker->unlock_if(held); // Save locked provider and role mapping. - tracker->remember(*i, cur.first); + tracker->remember(&(*i), cur.first); return cur; } @@ -314,7 +355,7 @@ pair ChainingMetadataProvider::ge } // Save off the latest match. - held = *i; + held = &(*i); ret = cur; } else { @@ -322,13 +363,13 @@ pair ChainingMetadataProvider::ge // but save this one if we didn't have the role yet. if (ret.second) { // We already had a role, so let's stick with that. - tracker->unlock_if(*i); + tracker->unlock_if(&(*i)); } else { // This is at least as good, so toss anything we had and keep it. if (held) tracker->unlock_if(held); - held = *i; + held = &(*i); ret = cur; } } @@ -341,7 +382,7 @@ pair ChainingMetadataProvider::ge tracker->unlock_if(held); // Save locked provider. - tracker->remember(*i, cur.first); + tracker->remember(&(*i), cur.first); return cur; } @@ -362,13 +403,13 @@ pair ChainingMetadataProvider::ge } // Save off the latest match. - held = *i; + held = &(*i); ret = cur; } } else { // No match, so just unlock this one and move on. - tracker->unlock_if(*i); + tracker->unlock_if(&(*i)); } }