org.opensaml.soap.client.http

Class AbstractPipelineHttpSOAPClient<OutboundMessageType,InboundMessageType>

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.soap.client.http.AbstractPipelineHttpSOAPClient<OutboundMessageType,InboundMessageType>

Type Parameters:

OutboundMessageType - the outbound message type

InboundMessageType - the inbound message type

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, SOAPClient

Direct Known Subclasses:

PipelineFactoryHttpSOAPClient

@ThreadSafe
public abstract class AbstractPipelineHttpSOAPClient<OutboundMessageType,InboundMessageType>
extends net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
implements SOAPClient

SOAP client that is based on HttpClientMessagePipeline.

Nested Class Summary

Nested classes/interfaces inherited from interface org.opensaml.soap.client.SOAPClient

SOAPClient.SOAPRequestParameters

Field Summary

Fields

Modifier and Type	Field and Description
private HttpClient	httpClient HTTP client used to send requests and receive responses.
private org.opensaml.security.httpclient.HttpClientSecurityParameters	httpClientSecurityParameters HTTP client security parameters.
private Logger	log Class logger.
private Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet>	tlsCriteriaSetStrategy Strategy for building the criteria set which is input to the TLS trust engine.

Constructor Summary

Constructors

Constructor and Description
AbstractPipelineHttpSOAPClient() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected HttpClientContext	buildHttpContext(HttpUriRequest request, InOutOperationContext operationContext) Build the HttpClientContext instance to be used by the HttpClient.
protected HttpUriRequest	buildHttpRequest(String endpoint, InOutOperationContext operationContext) Build the HttpUriRequest instance to be executed by the HttpClient.
protected net.shibboleth.utilities.java.support.resolver.CriteriaSet	buildTLSCriteriaSet(HttpUriRequest request, InOutOperationContext operationContext) Build the dynamic CriteriaSet instance to be used for TLS trust evaluation.
protected void	checkTLSCredentialTrusted(HttpClientContext context, HttpUriRequest request) Deprecated. use HttpClientSecuritySupport.checkTLSCredentialEvaluated(HttpClientContext, String)
protected void	doDestroy()
protected void	doInitialize()
HttpClient	getHttpClient() Get the client used to make outbound HTTP requests.
org.opensaml.security.httpclient.HttpClientSecurityParameters	getHttpClientSecurityParameters() Get the optional client security parameters.
Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet>	getTLSCriteriaSetStrategy() Get the strategy function which builds the dynamically-populated criteria set which is input to the TLS TrustEngine, if no static criteria set is supplied either via context or locally-configured HttpClientSecurityParameters.
protected abstract HttpClientMessagePipeline<InboundMessageType,OutboundMessageType>	newPipeline() Get a new instance of the HttpClientMessagePipeline to be processed.
protected HttpClientContext	resolveClientContext(InOutOperationContext operationContext) Resolve the effective HttpClientContext instance to use for the current request.
protected org.opensaml.security.httpclient.HttpClientSecurityParameters	resolveContextSecurityParameters(InOutOperationContext operationContext) Resolve the HttpClientSecurityParameters instance present in the current operation context.
protected HttpClientMessagePipeline<InboundMessageType,OutboundMessageType>	resolvePipeline(InOutOperationContext operationContext) Resolve and return a new instance of the HttpClientMessagePipeline to be processed.
void	send(String endpoint, InOutOperationContext operationContext) Sends a message and waits for a response.
void	setHttpClient(HttpClient client) Set the client used to make outbound HTTP requests.
void	setHttpClientSecurityParameters(org.opensaml.security.httpclient.HttpClientSecurityParameters params) Set the optional client security parameters.
void	setTLSCriteriaSetStrategy(Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet> function) Set the strategy function which builds the dynamically-populated criteria set which is input to the TLS TrustEngine, if no static criteria set is supplied either via context or locally-configured HttpClientSecurityParameters.

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

@Nonnull
private final Logger log

Class logger.

httpClient

@NonnullAfterInit
private HttpClient httpClient

HTTP client used to send requests and receive responses.

httpClientSecurityParameters

@Nullable
private org.opensaml.security.httpclient.HttpClientSecurityParameters httpClientSecurityParameters

HTTP client security parameters.

tlsCriteriaSetStrategy

@Nullable
private Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet> tlsCriteriaSetStrategy

Strategy for building the criteria set which is input to the TLS trust engine.

Constructor Detail

AbstractPipelineHttpSOAPClient

public AbstractPipelineHttpSOAPClient()

Constructor.

Method Detail

doInitialize

protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException

Overrides:

doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Throws:

net.shibboleth.utilities.java.support.component.ComponentInitializationException

doDestroy

protected void doDestroy()

Overrides:

doDestroy in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

getHttpClient

@Nonnull
public HttpClient getHttpClient()

Get the client used to make outbound HTTP requests.

Returns:

the client instance

setHttpClient

public void setHttpClient(@Nonnull
                 HttpClient client)

Set the client used to make outbound HTTP requests.

This client SHOULD employ a thread-safe HttpClient and may be shared with other objects.

Parameters:

client - client object

getHttpClientSecurityParameters

@Nullable
public org.opensaml.security.httpclient.HttpClientSecurityParameters getHttpClientSecurityParameters()

Get the optional client security parameters.

Returns:

the client security parameters, or null

setHttpClientSecurityParameters

public void setHttpClientSecurityParameters(@Nullable
                                   org.opensaml.security.httpclient.HttpClientSecurityParameters params)

Set the optional client security parameters.

Parameters:

params - the new client security parameters

getTLSCriteriaSetStrategy

@Nullable
public Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet> getTLSCriteriaSetStrategy()

Get the strategy function which builds the dynamically-populated criteria set which is input to the TLS TrustEngine, if no static criteria set is supplied either via context or locally-configured HttpClientSecurityParameters.

Returns:

the strategy function, or null

setTLSCriteriaSetStrategy

public void setTLSCriteriaSetStrategy(@Nullable
                             Function<InOutOperationContext<?,?>,net.shibboleth.utilities.java.support.resolver.CriteriaSet> function)

Set the strategy function which builds the dynamically-populated criteria set which is input to the TLS TrustEngine, if no static criteria set is supplied either via context or locally-configured HttpClientSecurityParameters.

Parameters:

function - the strategy function, or null

send

public void send(@Nonnull@NotEmpty
        String endpoint,
        @Nonnull
        InOutOperationContext operationContext)
          throws SOAPException,
                 org.opensaml.security.SecurityException

Sends a message and waits for a response.

Specified by:

send in interface SOAPClient

Parameters:

endpoint - the endpoint to which to send the message

operationContext - the operation context containing the outbound SOAP message

Throws:

SOAPException - thrown if there is a problem sending the message or receiving the response or if the response is a SOAP fault

org.opensaml.security.SecurityException - thrown if the response does not meet any security policy associated with the message context

resolvePipeline

@Nonnull
protected HttpClientMessagePipeline<InboundMessageType,OutboundMessageType> resolvePipeline(@Nonnull
                                                                                        InOutOperationContext operationContext)
                                                                                     throws SOAPException

Resolve and return a new instance of the HttpClientMessagePipeline to be processed.

Each call to this (factory) method MUST produce a new instance of the pipeline.

The default behavior is to simply call newPipeline().

Parameters:

operationContext - the current operation context

Returns:

a new pipeline instance

Throws:

SOAPException - if there is an error obtaining a new pipeline instance

newPipeline

@Nonnull
protected abstract HttpClientMessagePipeline<InboundMessageType,OutboundMessageType> newPipeline()
                                                                                          throws SOAPException

Get a new instance of the HttpClientMessagePipeline to be processed.

Each call to this (factory) method MUST produce a new instance of the pipeline.

Returns:

the new pipeline instance

Throws:

SOAPException - if there is an error obtaining a new pipeline instance

checkTLSCredentialTrusted

@Deprecated
protected void checkTLSCredentialTrusted(@Nonnull
                                        HttpClientContext context,
                                        @Nonnull
                                        HttpUriRequest request)
                                  throws SSLPeerUnverifiedException

Deprecated. use HttpClientSecuritySupport.checkTLSCredentialEvaluated(HttpClientContext, String)

Check that trust engine evaluation of the server TLS credential was actually performed.

Parameters:

context - the current HTTP context instance in use

request - the HTTP URI request

Throws:

SSLPeerUnverifiedException - thrown if the TLS credential was not actually evaluated by the trust engine

buildHttpRequest

@Nonnull
protected HttpUriRequest buildHttpRequest(@Nonnull@NotEmpty
                                      String endpoint,
                                      @Nonnull
                                      InOutOperationContext operationContext)

Build the HttpUriRequest instance to be executed by the HttpClient.

Parameters:

endpoint - the endpoint to which the message will be sent

operationContext - the current operation context

Returns:

the HTTP request to be executed

buildHttpContext

@Nonnull
protected HttpClientContext buildHttpContext(@Nonnull
                                         HttpUriRequest request,
                                         @Nonnull
                                         InOutOperationContext operationContext)

Build the HttpClientContext instance to be used by the HttpClient.

Parameters:

request - the HTTP client request

operationContext - the current operation context

Returns:

the client context instance

resolveContextSecurityParameters

protected org.opensaml.security.httpclient.HttpClientSecurityParameters resolveContextSecurityParameters(@Nonnull
                                                                                             InOutOperationContext operationContext)

Resolve the HttpClientSecurityParameters instance present in the current operation context.

The default implementation returns the outbound subcontext value HttpClientSecurityContext.getSecurityParameters().

Note that any values supplied via this instance will override those supplied locally via setHttpClientSecurityParameters(HttpClientSecurityParameters).

Parameters:

operationContext - the current operation context

Returns:

the client security parameters resolved from the current operation context, or null

resolveClientContext

@Nonnull
protected HttpClientContext resolveClientContext(@Nonnull
                                             InOutOperationContext operationContext)

Resolve the effective HttpClientContext instance to use for the current request.

The default implementation first attempts to resolve the outbound subcontext value HttpClientRequestContext.getHttpClientContext(). If no context value is present, a new empty context instance will be returned via HttpClientContext.create().

Note that any security-related attributes supplied directly the client context returned here will override the corresponding values supplied via both operation context and locally-configured instances of HttpClientSecurityParameters.

Parameters:

operationContext - the current operation context

Returns:

the effective client context instance to use

buildTLSCriteriaSet

@Nonnull
protected net.shibboleth.utilities.java.support.resolver.CriteriaSet buildTLSCriteriaSet(@Nonnull
                                                                                     HttpUriRequest request,
                                                                                     @Nonnull
                                                                                     InOutOperationContext operationContext)

Build the dynamic CriteriaSet instance to be used for TLS trust evaluation.

Parameters:

request - the HTTP client request

operationContext - the current operation context

Returns:

the new criteria set instance