fix(unit test): fix idPMetadataParserTest

* seems that `try.onelogin.com` is replaced by `try-demo.onelogin.com`

feat(metadata): make validUntil and cacheDuration optional

* follow XSD and don't add xml attribute when value is not set

Relates to [#106](#106)

format using tabs

Author: laurentleseigneur

core/src/main/java/com/onelogin/saml2/settings/Metadata.java

@@ -28,52 +28,47 @@
 
 /**
  * Metadata class of OneLogin's Java Toolkit.
- *
+ * <p>
  * A class that contains methods related to the metadata of the SP
  */
 public class Metadata {
 	/**
-     * Private property to construct a logger for this class.
-     */
+	 * Private property to construct a logger for this class.
+	 */
 	private static final Logger LOGGER = LoggerFactory.getLogger(Metadata.class);
-	
+
 	// Constants
 	private static final int N_DAYS_VALID_UNTIL = 2;
 	private static final int SECONDS_CACHED = 604800; // 1 week
 
 	/**
-     * AttributeConsumingService 
-     */
+	 * AttributeConsumingService
+	 */
 	private AttributeConsumingService attributeConsumingService = null;
-	
+
 	/**
-     * Generated metadata in string format
-     */
+	 * Generated metadata in string format
+	 */
 	private final String metadataString;
 
 	/**
-     * validUntilTime of the metadata. How long the metadata is valid
-     */
+	 * validUntilTime of the metadata. How long the metadata is valid
+	 */
 	private final Calendar validUntilTime;
 
 	/**
-     * cacheDuration of the metadata. Duration of the cache in seconds
-     */
+	 * cacheDuration of the metadata. Duration of the cache in seconds
+	 */
 	private final Integer cacheDuration;
 
 	/**
 	 * Constructs the Metadata object.
-	 * 
-	 * @param settings
-	 * 				Saml2Settings object. Setting data  
-	 * @param validUntilTime 
-	 * 				Metadata's valid time 
-	 * @param cacheDuration
-	 * 				Duration of the cache in seconds
-	 * @param attributeConsumingService
-	 * 				AttributeConsumingService of service provider
-	 * 
-	 * @throws CertificateEncodingException 
+	 *
+	 * @param settings                  Saml2Settings object. Setting data
+	 * @param validUntilTime            Metadata's valid time
+	 * @param cacheDuration             Duration of the cache in seconds
+	 * @param attributeConsumingService AttributeConsumingService of service provider
+	 * @throws CertificateEncodingException
 	 */
 	public Metadata(Saml2Settings settings, Calendar validUntilTime, Integer cacheDuration, AttributeConsumingService attributeConsumingService) throws CertificateEncodingException {
 		if (validUntilTime == null) {
@@ -82,7 +77,7 @@ public Metadata(Saml2Settings settings, Calendar validUntilTime, Integer cacheDu
 		} else {
 			this.validUntilTime = validUntilTime;
 		}
-		
+
 		this.attributeConsumingService = attributeConsumingService;
 
 		if (cacheDuration == null) {
@@ -92,53 +87,45 @@ public Metadata(Saml2Settings settings, Calendar validUntilTime, Integer cacheDu
 		}
 
 		StrSubstitutor substitutor = generateSubstitutor(settings);
-		String unsignedMetadataString = substitutor.replace(getMetadataTemplate());
+		String unsignedMetadataString = substitutor.replace(getMetadataTemplate(validUntilTime, cacheDuration));
 
-    	LOGGER.debug("metadata --> " + unsignedMetadataString);
-    	metadataString = unsignedMetadataString;
+		LOGGER.debug("metadata --> " + unsignedMetadataString);
+		metadataString = unsignedMetadataString;
 	}
 
 	/**
 	 * Constructs the Metadata object.
-	 * 
-	 * @param settings
-	 * 				Saml2Settings object. Setting data  
-	 * @param validUntilTime 
-	 * 				Metadata's valid time 
-	 * @param cacheDuration
-	 * 				Duration of the cache in seconds
-	 * 
-	 * @throws CertificateEncodingException 
+	 *
+	 * @param settings       Saml2Settings object. Setting data
+	 * @param validUntilTime Metadata's valid time
+	 * @param cacheDuration  Duration of the cache in seconds
+	 * @throws CertificateEncodingException
 	 */
 	public Metadata(Saml2Settings settings, Calendar validUntilTime, Integer cacheDuration) throws CertificateEncodingException {
 		this(settings, validUntilTime, cacheDuration, null);
 	}
-		
+
 	/**
 	 * Constructs the Metadata object.
 	 *
-	 * @param settings
-	 * 				Saml2Settings object. Setting data  
-	 *
-	 * @throws CertificateEncodingException 
+	 * @param settings Saml2Settings object. Setting data
+	 * @throws CertificateEncodingException
 	 */
 	public Metadata(Saml2Settings settings) throws CertificateEncodingException {
 		this(settings, null, null);
 	}
-	
+
 	/**
 	 * Substitutes metadata variables within a string by values.
 	 *
-	 * @param settings
-	 * 				Saml2Settings object. Setting data
-	 * 
-	 * @return the StrSubstitutor object of the metadata 
-	 */ 
+	 * @param settings Saml2Settings object. Setting data
+	 * @return the StrSubstitutor object of the metadata
+	 */
 	private StrSubstitutor generateSubstitutor(Saml2Settings settings) throws CertificateEncodingException {
 
 		Map<String, String> valueMap = new HashMap<String, String>();
-		Boolean wantsEncrypted = settings.getWantAssertionsEncrypted() || settings.getWantNameIdEncrypted(); 
-		
+		Boolean wantsEncrypted = settings.getWantAssertionsEncrypted() || settings.getWantNameIdEncrypted();
+
 		valueMap.put("id", Util.generateUniqueID(settings.getUniqueIDPrefix()));
 		valueMap.put("validUntilTime", Util.formatDateTime(validUntilTime.getTimeInMillis()));
 		valueMap.put("cacheDuration", String.valueOf(cacheDuration));
@@ -151,7 +138,7 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) throws Certif
 		valueMap.put("sls", toSLSXml(settings.getSpSingleLogoutServiceUrl(), settings.getSpSingleLogoutServiceBinding()));
 
 		valueMap.put("strAttributeConsumingService", getAttributeConsumingServiceXml());
-		
+
 		valueMap.put("strKeyDescriptor", toX509KeyDescriptorsXML(settings.getSPcert(), wantsEncrypted));
 		valueMap.put("strContacts", toContactsXml(settings.getContacts()));
 		valueMap.put("strOrganization", toOrganizationXml(settings.getOrganization()));
@@ -160,15 +147,21 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) throws Certif
 	}
 
 	/**
+	 * @param validUntil
+	 * @param cacheDuration
 	 * @return the metadata's template
 	 */
-	private static StringBuilder getMetadataTemplate() {
+	private static StringBuilder getMetadataTemplate(Calendar validUntil, Integer cacheDuration) {
 
 		StringBuilder template = new StringBuilder();
 		template.append("<?xml version=\"1.0\"?>");
 		template.append("<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"");
-		template.append(" validUntil=\"${validUntilTime}\"");
-		template.append(" cacheDuration=\"PT${cacheDuration}S\"");
+		if (validUntil != null) {
+			template.append(" validUntil=\"${validUntilTime}\"");
+		}
+		if (cacheDuration != null) {
+			template.append(" cacheDuration=\"PT${cacheDuration}S\"");
+		}
 		template.append(" entityID=\"${spEntityId}\"");
 		template.append(" ID=\"${id}\">");
 		template.append("<md:SPSSODescriptor AuthnRequestsSigned=\"${strAuthnsign}\" WantAssertionsSigned=\"${strWsign}\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">");
@@ -187,7 +180,6 @@ private static StringBuilder getMetadataTemplate() {
 	/**
 	 * Generates the AttributeConsumingService section of the metadata's template
 	 *
-	 *
 	 * @return the AttributeConsumingService section of the metadata's template
 	 */
 	private String getAttributeConsumingServiceXml() {
@@ -210,10 +202,10 @@ private String getAttributeConsumingServiceXml() {
 					String friendlyName = requestedAttribute.getFriendlyName();
 					String nameFormat = requestedAttribute.getNameFormat();
 					Boolean isRequired = requestedAttribute.isRequired();
-					List<String> attrValues = requestedAttribute.getAttributeValues() ;
+					List<String> attrValues = requestedAttribute.getAttributeValues();
+
+					String contentStr = "<md:RequestedAttribute";
 
-					String contentStr = "<md:RequestedAttribute";					
-					
 					if (name != null && !name.isEmpty()) {
 						contentStr += " Name=\"" + name + "\"";
 					}
@@ -229,7 +221,7 @@ private String getAttributeConsumingServiceXml() {
 					if (isRequired != null) {
 						contentStr += " isRequired=\"" + isRequired.toString() + "\"";
 					}
-					
+
 					if (attrValues != null && !attrValues.isEmpty()) {
 						contentStr += ">";
 						for (String attrValue : attrValues) {
@@ -243,16 +235,14 @@ private String getAttributeConsumingServiceXml() {
 			}
 			attributeConsumingServiceXML.append("</md:AttributeConsumingService>");
 		}
-		
+
 		return attributeConsumingServiceXML.toString();
 	}
-	
+
 	/**
 	 * Generates the contact section of the metadata's template
 	 *
-	 * @param contacts
-	 * 				List of contact objects
-	 *
+	 * @param contacts List of contact objects
 	 * @return the contact section of the metadata's template
 	 */
 	private String toContactsXml(List<Contact> contacts) {
@@ -271,9 +261,8 @@ private String toContactsXml(List<Contact> contacts) {
 	/**
 	 * Generates the organization section of the metadata's template
 	 *
-	 * @param organization
-	 * 				organization object
-	 *  @return the organization section of the metadata's template
+	 * @param organization organization object
+	 * @return the organization section of the metadata's template
 	 */
 	private String toOrganizationXml(Organization organization) {
 		String orgXml = "";
@@ -290,12 +279,9 @@ private String toOrganizationXml(Organization organization) {
 
 	/**
 	 * Generates the KeyDescriptor section of the metadata's template
-	 * 
-	 * @param cert
-	 * 				the public cert that will be used by the SP to sign and encrypt
-	 * @param wantsEncrypted
-	 * 				Whether to include the KeyDescriptor for encryption
 	 *
+	 * @param cert           the public cert that will be used by the SP to sign and encrypt
+	 * @param wantsEncrypted Whether to include the KeyDescriptor for encryption
 	 * @return the KeyDescriptor section of the metadata's template
 	 */
 	private String toX509KeyDescriptorsXML(X509Certificate cert, Boolean wantsEncrypted) throws CertificateEncodingException {
@@ -309,7 +295,7 @@ private String toX509KeyDescriptorsXML(X509Certificate cert, Boolean wantsEncryp
 			keyDescriptorXml.append("<md:KeyDescriptor use=\"signing\">");
 			keyDescriptorXml.append("<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">");
 			keyDescriptorXml.append("<ds:X509Data>");
-			keyDescriptorXml.append("<ds:X509Certificate>"+certString+"</ds:X509Certificate>");
+			keyDescriptorXml.append("<ds:X509Certificate>" + certString + "</ds:X509Certificate>");
 			keyDescriptorXml.append("</ds:X509Data>");
 			keyDescriptorXml.append("</ds:KeyInfo>");
 			keyDescriptorXml.append("</md:KeyDescriptor>");
@@ -318,7 +304,7 @@ private String toX509KeyDescriptorsXML(X509Certificate cert, Boolean wantsEncryp
 				keyDescriptorXml.append("<md:KeyDescriptor use=\"encryption\">");
 				keyDescriptorXml.append("<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">");
 				keyDescriptorXml.append("<ds:X509Data>");
-				keyDescriptorXml.append("<ds:X509Certificate>"+certString+"</ds:X509Certificate>");
+				keyDescriptorXml.append("<ds:X509Certificate>" + certString + "</ds:X509Certificate>");
 				keyDescriptorXml.append("</ds:X509Data>");
 				keyDescriptorXml.append("</ds:KeyInfo>");
 				keyDescriptorXml.append("</md:KeyDescriptor>");
@@ -330,25 +316,23 @@ private String toX509KeyDescriptorsXML(X509Certificate cert, Boolean wantsEncryp
 
 	/**
 	 * Generates the KeyDescriptor section of the metadata's template
-	 * 
-	 * @param cert
-	 * 				the public cert that will be used by the SP to sign and encrypt
 	 *
+	 * @param cert the public cert that will be used by the SP to sign and encrypt
 	 * @return the KeyDescriptor section of the metadata's template
 	 */
 	private String toX509KeyDescriptorsXML(X509Certificate cert) throws CertificateEncodingException {
 		return toX509KeyDescriptorsXML(cert, true);
 	}
-	
+
 	/**
 	 * @return the md:SingleLogoutService section of the metadata's template
 	 */
 	private String toSLSXml(URL spSingleLogoutServiceUrl, String spSingleLogoutServiceBinding) {
 		StringBuilder slsXml = new StringBuilder();
-		
+
 		if (spSingleLogoutServiceUrl != null) {
-			slsXml.append("<md:SingleLogoutService Binding=\""+spSingleLogoutServiceBinding+"\"");
-			slsXml.append(" Location=\""+spSingleLogoutServiceUrl.toString()+"\"/>");
+			slsXml.append("<md:SingleLogoutService Binding=\"" + spSingleLogoutServiceBinding + "\"");
+			slsXml.append(" Location=\"" + spSingleLogoutServiceUrl.toString() + "\"/>");
 		}
 		return slsXml.toString();
 	}
@@ -360,50 +344,37 @@ public final String getMetadataString() {
 		return metadataString;
 	}
 
-    /**
-     * Signs the metadata with the key/cert provided
-     *
-     * @param metadata
-     * 				SAML Metadata XML
-     * @param key
-     *       		Private Key
-     * @param cert
-     *      		x509 Public certificate
-     * @param signAlgorithm
-	 * 				Signature Algorithm
-     *
-     * @return string Signed Metadata
-     * @throws XMLSecurityException
-     * @throws XPathExpressionException
-     */
-    public static String signMetadata(String metadata, PrivateKey key, X509Certificate cert, String signAlgorithm) throws XPathExpressionException, XMLSecurityException
-    {
-        return signMetadata(metadata, key, cert, signAlgorithm, Constants.SHA1);
-    }
-
-    /**
-     * Signs the metadata with the key/cert provided
-     *
-     * @param metadata
-     * 				SAML Metadata XML
-     * @param key
-     *       		Private Key
-     * @param cert
-     *      		x509 Public certificate
-     * @param signAlgorithm
-	 * 				Signature Algorithm
-     * @param digestAlgorithm
-	 * 				Digest Algorithm
-     *
-     * @return string Signed Metadata
-     * @throws XMLSecurityException
-     * @throws XPathExpressionException
-     */
-    public static String signMetadata(String metadata, PrivateKey key, X509Certificate cert, String signAlgorithm, String digestAlgorithm) throws XPathExpressionException, XMLSecurityException
-    {
-        Document metadataDoc = Util.loadXML(metadata);
-        String signedMetadata = Util.addSign(metadataDoc, key, cert, signAlgorithm, digestAlgorithm);
-        LOGGER.debug("Signed metadata --> " + signedMetadata);
-        return signedMetadata;
-    }
+	/**
+	 * Signs the metadata with the key/cert provided
+	 *
+	 * @param metadata      SAML Metadata XML
+	 * @param key           Private Key
+	 * @param cert          x509 Public certificate
+	 * @param signAlgorithm Signature Algorithm
+	 * @return string Signed Metadata
+	 * @throws XMLSecurityException
+	 * @throws XPathExpressionException
+	 */
+	public static String signMetadata(String metadata, PrivateKey key, X509Certificate cert, String signAlgorithm) throws XPathExpressionException, XMLSecurityException {
+		return signMetadata(metadata, key, cert, signAlgorithm, Constants.SHA1);
+	}
+
+	/**
+	 * Signs the metadata with the key/cert provided
+	 *
+	 * @param metadata        SAML Metadata XML
+	 * @param key             Private Key
+	 * @param cert            x509 Public certificate
+	 * @param signAlgorithm   Signature Algorithm
+	 * @param digestAlgorithm Digest Algorithm
+	 * @return string Signed Metadata
+	 * @throws XMLSecurityException
+	 * @throws XPathExpressionException
+	 */
+	public static String signMetadata(String metadata, PrivateKey key, X509Certificate cert, String signAlgorithm, String digestAlgorithm) throws XPathExpressionException, XMLSecurityException {
+		Document metadataDoc = Util.loadXML(metadata);
+		String signedMetadata = Util.addSign(metadataDoc, key, cert, signAlgorithm, digestAlgorithm);
+		LOGGER.debug("Signed metadata --> " + signedMetadata);
+		return signedMetadata;
+	}
 }