Package net.shibboleth.oidc.metadata.impl

Class HTTPProviderConfigurationFetchingStrategy.OIDCProviderMetadataResponseHandler

java.lang.Object

net.shibboleth.oidc.metadata.impl.HTTPProviderConfigurationFetchingStrategy.OIDCProviderMetadataResponseHandler

All Implemented Interfaces:

org.apache.http.client.ResponseHandler<com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata>

Enclosing class:

HTTPProviderConfigurationFetchingStrategy

@Immutable
@ThreadSafe
public static final class HTTPProviderConfigurationFetchingStrategy.OIDCProviderMetadataResponseHandler
extends Object
implements org.apache.http.client.ResponseHandler<com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata>

The response handler for parsing the providers's configuration information into OIDCProviderMetadata.

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
OIDCProviderMetadataResponseHandler()

Method Summary

Modifier and Type	Method	Description
com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata	handleResponse(org.apache.http.HttpResponse response)
private boolean	metadataValid(com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata metadata, String issuerURL)	Check the Issuer in the metadata is identical to the Issuer URL used to retrieve the metadata.
protected void	validateHttpResponse(org.apache.http.HttpResponse response)	Validate the received HTTP response instance, such as checking for supported content types.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Detail

OIDCProviderMetadataResponseHandler

public OIDCProviderMetadataResponseHandler()

Method Detail

handleResponse

@Nullable
public com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata handleResponse(org.apache.http.HttpResponse response)
                                                                       throws IOException

Specified by:

handleResponse in interface org.apache.http.client.ResponseHandler<com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata>

Throws:

IOException

metadataValid

private final boolean metadataValid(@Nonnull
                                    com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata metadata,
                                    @Nullable
                                    String issuerURL)

Check the Issuer in the metadata is identical to the Issuer URL used to retrieve the metadata. *Note*, this just checks the Issuer URL starts with the Issuer value from the returned metadata, otherwise these values will never be equal. It is hard to make sense of section 4.3 OpenID Discovery 1.0.

Parameters:

metadata - the OpenID Provider metadata

issuerURL - the issuerURL used to retrieve the metadata

Returns:

true if valid, false otherwise.

validateHttpResponse

protected void validateHttpResponse(@Nonnull
                                    org.apache.http.HttpResponse response)
                             throws ResolverException

Validate the received HTTP response instance, such as checking for supported content types.

Parameters:

response - the received response

Throws:

ResolverException - if the response was not valid, or if there is a fatal error validating the response