Package se.litsec.opensaml.saml2.metadata

Interface MetadataContainer<T extends TimeBoundSAMLObject & SignableSAMLObject & CacheableSAMLObject>

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      T cloneDescriptor()
      Returns a deep clone of the descriptor element that is encapsulated by this object.
      T getDescriptor()
      Returns the metadata element that is encapsulated by this object.
      float getUpdateFactor()
      Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor.
      Duration getValidity()
      Returns the duration of the validity that the encapsulated descriptor has.
      Element marshall()
      Marshals the encapsulated descriptor into its XML representation.
      T sign()
      Signs the encapsulated descriptor using the signature credentials configured for this object.
      T update​(boolean sign)
      Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.
      boolean updateRequired​(boolean signatureRequired)
      Predicate that returns true if the contained descriptor needs to be updated regarding its signature status and validity.

    • Method Detail

      • getDescriptor

        T getDescriptor()
        Returns the metadata element that is encapsulated by this object.
        Returns:
        a descriptor object

      • updateRequired

        boolean updateRequired​(boolean signatureRequired)
        Predicate that returns true if the contained descriptor needs to be updated regarding its signature status and validity. The method will also take into account the update interval configured for this instance of the container.
        Parameters:
        signatureRequired - should be set if signatures are required for a entry to be regarded valid
        Returns:
        if the encapsulated descriptor needs to be updated true is returned, otherwise false

      • update

        T update​(boolean sign)
  throws SignatureException,
         MarshallingException
        Updates the encapsulated descriptor with a newly generated ID, a validity time according to this object's configuration, and then optionally signs the record.
        Parameters:
        sign - flag that should be set if the metadata is to be signed
        Returns:
        a reference to the resulting descriptor object
        Throws:
        SignatureException - for signature errors
        MarshallingException - for marshalling errors
        See Also:
        sign()

      • getValidity

        Duration getValidity()
        Returns the duration of the validity that the encapsulated descriptor has.
        Returns:
        the validity time for the metadata

      • getUpdateFactor

        float getUpdateFactor()
        Returns the factor (between 0 and 1) that is used to compute whether it is time to update the contained descriptor. The higher the factor, the more often the metadata is updated. The "is update required" computation is calculated as follows: 
        
 if (expireInstant > now) {
   return <update-required>
 }
 else {
   return (updateFactor * getValidity()) > (expireInstant - now) ? <update-required> : <no-update-required>
 }
        The easiest way to get the meaning of the update factor is perhaps using words. Suppose the update factor is 0,5, then the meaning is: "update the metadata when less than 50% of its original validity time remains".
        Returns:
        the update factor