Wrap schema validator errors with a generic message.

[shibboleth/cpp-opensaml.git] / saml / saml2 / metadata / impl / DynamicMetadataProvider.cpp

diff --git a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
index b7b53f1..a11f5b9 100644 (file)
--- a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,10 +26,10 @@
 #include "saml2/metadata/DynamicMetadataProvider.h"
 
 #include <xercesc/framework/Wrapper4InputSource.hpp>
-#include <xercesc/framework/URLInputSource.hpp>
 #include <xercesc/util/XMLUniDefs.hpp>
 #include <xmltooling/logging.h>
 #include <xmltooling/util/XMLHelper.h>
+#include <xmltooling/validation/ValidatorSuite.h>
 
 using namespace opensaml::saml2md;
 using namespace xmltooling::logging;
@@ -86,8 +86,9 @@ pair<const EntityDescriptor*,const RoleDescriptor*> DynamicMetadataProvider::get
         auto_ptr_char temp(criteria.entityID_unicode);
         name = temp.get();
     }
-    else if (criteria.artifact)
+    else if (criteria.artifact) {
         name = criteria.artifact->getSource();
+    }
     else
         return entity;
 
@@ -100,17 +101,27 @@ pair<const EntityDescriptor*,const RoleDescriptor*> DynamicMetadataProvider::get
 
         // Verify the entityID.
         if (criteria.entityID_unicode && !XMLString::equals(criteria.entityID_unicode, entity2->getEntityID())) {
-            Category::getInstance(SAML_LOGCAT".MetadataProvider.Dynamic").error("metadata instance did not match expected entityID");
+            log.error("metadata instance did not match expected entityID");
             return entity;
         }
         else {
             auto_ptr_XMLCh temp2(name.c_str());
             if (!XMLString::equals(temp2.get(), entity2->getEntityID())) {
-                Category::getInstance(SAML_LOGCAT".MetadataProvider.Dynamic").error("metadata instance did not match expected entityID");
+                log.error("metadata instance did not match expected entityID");
                 return entity;
             }
         }
 
+        if (!m_validate) {
+            try {
+                SchemaValidators.validate(entity2.get());
+            }
+            catch (exception& ex) {
+                log.error("metadata intance failed manual schema validation checking: ", ex.what());
+                throw MetadataException("Metadata instance failed manual schema validation checking.");
+            }
+        }
+
         // Filter it, which may throw.
         doFilters(*entity2.get());
 
@@ -140,9 +151,7 @@ pair<const EntityDescriptor*,const RoleDescriptor*> DynamicMetadataProvider::get
         m_lock->rdlock();
     }
     catch (exception& e) {
-        Category::getInstance(SAML_LOGCAT".MetadataProvider.Dynamic").error(
-            "error while resolving entityID (%s): %s", name.c_str(), e.what()
-            );
+        log.error("error while resolving entityID (%s): %s", name.c_str(), e.what());
         return entity;
     }
 
@@ -153,14 +162,16 @@ pair<const EntityDescriptor*,const RoleDescriptor*> DynamicMetadataProvider::get
 EntityDescriptor* DynamicMetadataProvider::resolve(const Criteria& criteria) const
 {
     string name;
-    if (criteria.entityID_ascii)
+    if (criteria.entityID_ascii) {
         name = criteria.entityID_ascii;
+    }
     else if (criteria.entityID_unicode) {
         auto_ptr_char temp(criteria.entityID_unicode);
         name = temp.get();
     }
-    else if (criteria.artifact)
-        name = criteria.artifact->getSource();
+    else if (criteria.artifact) {
+        throw MetadataException("Unable to resolve metadata dynamically from an artifact.");
+    }
 
     try {
         DOMDocument* doc=NULL;