/*
- * Copyright 2001-2006 Internet2
+ * Copyright 2001-2007 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <saml/saml2/metadata/ObservableMetadataProvider.h>
-namespace opensaml {
+#include <xmltooling/security/Credential.h>
+#include <xmltooling/security/CredentialCriteria.h>
+#include <xmltooling/util/Threads.h>
+namespace opensaml {
namespace saml2md {
+ class SAML_API MetadataFilter;
+
/**
* Base class for caching metadata providers.
*/
* Constructor.
*
* If a DOM is supplied, a set of default logic will be used to identify
- * and build a KeyResolver plugin and install it into the provider.
+ * and build a KeyInfoResolver plugin and install it into the provider.
*
* The following XML content is supported:
*
* <ul>
- * <li><KeyResolver> elements with a type attribute
+ * <li><KeyInfoResolver> elements with a type attribute
* </ul>
*
* XML namespaces are ignored in the processing of these elements.
*
* @param e DOM to supply configuration for provider
*/
- AbstractMetadataProvider(const DOMElement* e=NULL);
-
- void emitChangeEvent();
+ AbstractMetadataProvider(const xercesc::DOMElement* e=NULL);
public:
virtual ~AbstractMetadataProvider();
- virtual const xmlsignature::KeyResolver* getKeyResolver() const {
- return m_resolver;
- }
-
- virtual const EntityDescriptor* getEntityDescriptor(const char* id, bool requireValidMetadata=true) const;
- virtual const EntityDescriptor* getEntityDescriptor(const SAMLArtifact* artifact) const;
- virtual const EntitiesDescriptor* getEntitiesDescriptor(const char* name, bool requireValidMetadata=true) const;
+ using MetadataProvider::getEntityDescriptor;
+ using MetadataProvider::getEntitiesDescriptor;
+
+ void emitChangeEvent() const;
+ const EntityDescriptor* getEntityDescriptor(const char* id, bool requireValidMetadata=true) const;
+ const EntityDescriptor* getEntityDescriptor(const SAMLArtifact* artifact) const;
+ const EntitiesDescriptor* getEntitiesDescriptor(const char* name, bool requireValidMetadata=true) const;
+ const xmltooling::Credential* resolve(const xmltooling::CredentialCriteria* criteria=NULL) const;
+ std::vector<const xmltooling::Credential*>::size_type resolve(
+ std::vector<const xmltooling::Credential*>& results, const xmltooling::CredentialCriteria* criteria=NULL
+ ) const;
protected:
- /** Embedded KeyResolver instance. */
- xmlsignature::KeyResolver* m_resolver;
+ /** Embedded KeyInfoResolver instance. */
+ xmltooling::KeyInfoResolver* m_resolver;
/**
* Loads an entity into the cache for faster lookup. This includes
* Clear the cache of known entities and groups.
*/
virtual void clearDescriptorIndex();
-
- private:
- std::vector<MetadataFilter*> m_filters;
+ private:
typedef std::multimap<std::string,const EntityDescriptor*> sitemap_t;
typedef std::multimap<std::string,const EntitiesDescriptor*> groupmap_t;
sitemap_t m_sites;
sitemap_t m_sources;
groupmap_t m_groups;
+
+ mutable xmltooling::Mutex* m_credentialLock;
+ typedef std::map< const RoleDescriptor*, std::vector<xmltooling::Credential*> > credmap_t;
+ mutable credmap_t m_credentialMap;
+ const credmap_t::mapped_type& resolveCredentials(const RoleDescriptor& role) const;
};
};
projects / shibboleth / cpp-opensaml.git / blobdiff