diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java
index aca3d8bee..c5d64dc5b 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java
@@ -15,8 +15,10 @@
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import java.time.Duration;
import java.time.Instant;
+import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toPositiveNonZeroDuration;
import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toTimeDuration;
import static edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers.placeholderResolverService;
@@ -48,7 +50,9 @@ public OpenSamlFileBackedHTTPMetadataResolver(ParserPool parserPool,
sourceResolver.getReloadableMetadataResolverAttributes(), parserPool);
this.setBackupFile(placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackingFile()));
- this.setBackupFileInitNextRefreshDelay(toTimeDuration(placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackupFileInitNextRefreshDelay())));
+ this.setBackupFileInitNextRefreshDelay(toPositiveNonZeroDuration(
+ placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackupFileInitNextRefreshDelay()),
+ Duration.ofSeconds(5)));
if (sourceResolver.getInitializeFromBackupFile() != null) {
this.setInitializeFromBackupFile(sourceResolver.getInitializeFromBackupFile());
}
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java
index 942a92380..548c14eb6 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java
@@ -4,11 +4,13 @@
import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.HttpMetadataResolverAttributes;
import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes;
import net.shibboleth.utilities.java.support.xml.ParserPool;
-import org.apache.commons.lang3.StringUtils;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.AbstractReloadingMetadataResolver;
+import java.time.Duration;
+
+import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toPositiveNonZeroDuration;
import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toTimeDuration;
import static edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers.placeholderResolverService;
@@ -102,16 +104,14 @@ public static void updateOpenSamlMetadataResolverFromReloadableMetadataResolverA
.setExpirationWarningThreshold(toTimeDuration(placeholderResolverService()
.resolveValueFromPossibleTokenPlaceholder(attributes.getExpirationWarningThreshold())));
}
- if (attributes.getMaxRefreshDelay() != null) {
- reloadingMetadataResolver.setMaxRefreshDelay(toTimeDuration(placeholderResolverService()
- .resolveValueFromPossibleTokenPlaceholder(attributes.getMaxRefreshDelay())));
- }
- if (attributes.getMinRefreshDelay() != null) {
- String minRefreshString = placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(attributes.getMinRefreshDelay());
- if (StringUtils.isNotBlank(minRefreshString)) {
- reloadingMetadataResolver.setMinRefreshDelay(toTimeDuration(minRefreshString));
- }
- }
+
+ // Open SAML 4.x libarry requires values non-null, greater than zero for min and max refresh rates
+ reloadingMetadataResolver.setMaxRefreshDelay(toPositiveNonZeroDuration(
+ placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(attributes.getMaxRefreshDelay()),
+ Duration.ofHours(4)));
+ reloadingMetadataResolver.setMinRefreshDelay(toPositiveNonZeroDuration(
+ placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(attributes.getMinRefreshDelay()),
+ Duration.ofMinutes(5)));
if (attributes.getResolveViaPredicatesOnly() != null) {
reloadingMetadataResolver.setResolveViaPredicatesOnly(attributes.getResolveViaPredicatesOnly());
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/DurationUtility.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/DurationUtility.java
index ccd756244..0d531321a 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/DurationUtility.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/DurationUtility.java
@@ -41,4 +41,9 @@ public static java.time.Duration toTimeDuration(String xmlDuration) {
long value = toMillis(xmlDuration);
return java.time.Duration.ofMillis(value);
}
+
+ public static java.time.Duration toPositiveNonZeroDuration (String xmlDuration, java.time.Duration defaultDuration) {
+ long value = toMillis(xmlDuration);
+ return value > 0 ? java.time.Duration.ofMillis(value) : defaultDuration;
+ }
}
\ No newline at end of file
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
index 5dbd8fedc..594ee6750 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
@@ -94,10 +94,8 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
givenName
employeeNumber
+ testme
-
- testme
-
@@ -132,7 +130,9 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
assert metadataResolverRepository.findAll().size() > 0
def ed = metadataResolver.resolveSingle(new CriteriaSet(new EntityIdCriterion('http://test.scaldingspoon.org/test1')))
def resultString = openSamlObjects.marshalToXmlString(ed)
+ println("RESULTSTRING:")
println(resultString)
+ // line 99 above being added to release all values, not its own thing
def diff = DiffBuilder.compare(Input.fromString(expectedXML)).withTest(Input.fromString(resultString)).ignoreComments().ignoreWhitespace().build()
!diff.hasDifferences()
}