Merge branch '76-add-timeout-for-attributequeries' into 'branch-2.6'

Resolve "Add Timeout for AttributeQueries" Closes #76 See merge request simon/reg-app!10

Merge branch '76-add-timeout-for-attributequeries' into 'branch-2.6'
Resolve "Add Timeout for AttributeQueries" Closes #76 See merge request simon/reg-app!10
0561c779 · michael.simon · 0229665f · e24261b2 · 0561c779 · 0561c779
Commit 0561c779 authored Jun 12, 2019 by michael.simon
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/AttributeQueryHelper.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/AttributeQueryHelper.java
@@ -22,6 +22,7 @@ import javax.inject.Inject;
 import javax.inject.Named;

 import org.apache.http.client.HttpClient;
+import org.apache.http.client.config.RequestConfig;
 import org.apache.http.impl.client.HttpClients;
 import org.joda.time.DateTime;
 import org.opensaml.core.xml.XMLObject;
@@ -61,6 +62,7 @@ import org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion;
 import org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration;
 import org.slf4j.Logger;

+import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
 import edu.kit.scc.webreg.entity.SamlMetadataEntity;
 import edu.kit.scc.webreg.entity.SamlSpConfigurationEntity;
 import edu.kit.scc.webreg.entity.SamlUserEntity;
@@ -85,6 +87,9 @@ public class AttributeQueryHelper implements Serializable {
 	
 	@Inject 
 	private CryptoHelper cryptoHelper;
+	
+	@Inject
+	ApplicationConfig appConfig;

 	public Response query(String persistentId, SamlMetadataEntity idpEntity, 
 			EntityDescriptor idpEntityDescriptor, SamlSpConfigurationEntity spEntity) throws Exception {
@@ -144,7 +149,8 @@ public class AttributeQueryHelper implements Serializable {
 		
 		SAMLMessageSecuritySupport.signMessage(outbound);
 		
-		HttpClient client = HttpClients.custom().build();
+		RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(getConnectTimeout()).build();
+		HttpClient client = HttpClients.custom().setDefaultRequestConfig(requestConfig).build();

 		PipelineFactoryHttpSOAPClient<SAMLObject, SAMLObject> pf = new PipelineFactoryHttpSOAPClient<SAMLObject, SAMLObject>();
 		pf.setHttpClient(client);
@@ -206,4 +212,11 @@ public class AttributeQueryHelper implements Serializable {
 		return subject;
 	}

+	private int getConnectTimeout() {
+		String aqString = appConfig.getConfigValue("attributequery_timeout");
+		if (aqString == null)
+			return 30*1000;
+		else 
+			return Integer.parseInt(aqString);
+	}
 }
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/MetadataHelper.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/MetadataHelper.java
@@ -25,11 +25,9 @@ import javax.inject.Inject;
 import javax.inject.Named;
 import javax.xml.namespace.QName;

-import net.shibboleth.utilities.java.support.xml.BasicParserPool;
-import net.shibboleth.utilities.java.support.xml.XMLParserException;
-
 import org.apache.http.HttpEntity;
 import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.CloseableHttpClient;
@@ -55,8 +53,11 @@ import org.opensaml.saml.saml2.metadata.SingleSignOnService;
 import org.slf4j.Logger;
 import org.w3c.dom.Document;

+import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
 import edu.kit.scc.webreg.entity.SamlIdpMetadataEntity;
 import edu.kit.scc.webreg.entity.SamlIdpScopeEntity;
+import net.shibboleth.utilities.java.support.xml.BasicParserPool;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;


 @Named("metadataHelper")
@@ -71,8 +72,12 @@ public class MetadataHelper implements Serializable {
 	@Inject
 	private SamlHelper samlHelper;
 	
+	@Inject
+	private ApplicationConfig appConfig;
+	
 	public EntitiesDescriptor fetchMetadata(String url) {
-		CloseableHttpClient httpclient = HttpClients.createDefault();
+		RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(getConnectTimeout()).build();
+		CloseableHttpClient httpclient = HttpClients.custom().setDefaultRequestConfig(requestConfig).build();
 		HttpGet httpGet = new HttpGet(url);
 		
 		try {
@@ -306,4 +311,12 @@ public class MetadataHelper implements Serializable {
 			convertEntities(entityList, entitiesInEntities);
 		}		
 	}
+	
+	private int getConnectTimeout() {
+		String aqString = appConfig.getConfigValue("metadata_timeout");
+		if (aqString == null)
+			return 30*1000;
+		else 
+			return Integer.parseInt(aqString);
+	}
 }