From d4c3a64c4a416dd664ef28fa4437de1d5c7851f4 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 4 Jan 2007 02:53:18 +0000
Subject: [PATCH 1/1] Detect bad metadata, override validity check of remote
 data.

---
 saml/saml2/metadata/impl/XMLMetadataProvider.cpp | 71 ++++++++++++------------
 1 file changed, 35 insertions(+), 36 deletions(-)

diff --git a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
index d47a1d4..49f8c2c 100644
--- a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
@@ -27,7 +27,6 @@
 #include <log4cpp/Category.hh>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/ReloadableXMLFile.h>
-#include <xmltooling/util/XMLConstants.h>
 
 using namespace opensaml::saml2md;
 using namespace xmltooling;
@@ -54,12 +53,18 @@ namespace opensaml {
                 load(); // guarantees an exception or the metadata is loaded
             }
             
-            pair<bool,DOMElement*> load();
-
             const XMLObject* getMetadata() const {
                 return m_object;
             }
 
+        protected:
+            pair<bool,DOMElement*> load();
+
+            bool isValid() const {
+                const TimeBoundSAMLObject* bound=dynamic_cast<const TimeBoundSAMLObject*>(m_object);
+                return bound ? bound->isValid() : false;
+            }
+
         private:
             void index();
         
@@ -80,40 +85,34 @@ namespace opensaml {
 
 pair<bool,DOMElement*> XMLMetadataProvider::load()
 {
-#ifdef _DEBUG
-    NDC ndc("load");
-#endif
+    // Load from source using base class.
+    pair<bool,DOMElement*> raw = ReloadableXMLFile::load();
     
-    try {
-        // Load from source using base class.
-        pair<bool,DOMElement*> raw = ReloadableXMLFile::load();
-        
-        // If we own it, wrap it for now.
-        XercesJanitor<DOMDocument> docjanitor(raw.first ? raw.second->getOwnerDocument() : NULL);
-                
-        // Unmarshall objects, binding the document.
-        XMLObject* xmlObject=XMLObjectBuilder::buildOneFromElement(raw.second, true);
-        docjanitor.release();
-        
-        // Preprocess the metadata.
-        auto_ptr<XMLObject> xmlObjectPtr(xmlObject);
-        doFilters(*xmlObject);
-        xmlObjectPtr->releaseThisAndChildrenDOM();
-        xmlObjectPtr->setDocument(NULL);
-        
-        // Swap it in.
-        bool changed = m_object!=NULL;
-        delete m_object;
-        m_object = xmlObjectPtr.release();
-        index();
-        if (changed)
-            emitChangeEvent();
-        return make_pair(false,(DOMElement*)NULL);
-    }
-    catch (XMLToolingException& e) {
-        Category::getInstance(SAML_LOGCAT".Metadata").error("error while loading metadata: %s", e.what());
-        throw;
-    }
+    // If we own it, wrap it for now.
+    XercesJanitor<DOMDocument> docjanitor(raw.first ? raw.second->getOwnerDocument() : NULL);
+            
+    // Unmarshall objects, binding the document.
+    auto_ptr<XMLObject> xmlObject(XMLObjectBuilder::buildOneFromElement(raw.second, true));
+    docjanitor.release();
+
+    if (!dynamic_cast<const EntitiesDescriptor*>(xmlObject.get()) && !dynamic_cast<const EntityDescriptor*>(xmlObject.get()))
+        throw MetadataException(
+            "Root of metadata instance not recognized: $1", params(1,xmlObject->getElementQName().toString().c_str())
+            );
+    
+    // Preprocess the metadata.
+    doFilters(*xmlObject.get());
+    xmlObject->releaseThisAndChildrenDOM();
+    xmlObject->setDocument(NULL);
+    
+    // Swap it in.
+    bool changed = m_object!=NULL;
+    delete m_object;
+    m_object = xmlObject.release();
+    index();
+    if (changed)
+        emitChangeEvent();
+    return make_pair(false,(DOMElement*)NULL);
 }
 
 void XMLMetadataProvider::index()
-- 
2.1.4