private void writeSAMLSSOMetadata()

in services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java [189:244]

• 42 lines of code
• 2 McCabe index (conditional complexity)

    private void writeSAMLSSOMetadata(
        XMLStreamWriter writer, Idp config, Crypto crypto
    ) throws XMLStreamException {

        writer.writeStartElement("md", "IDPSSODescriptor", SAML2_METADATA_NS);
        writer.writeAttribute("WantAuthnRequestsSigned", "true");
        writer.writeAttribute("protocolSupportEnumeration", "urn:oasis:names:tc:SAML:2.0:protocol");

        //KeyDescriptor
        writer.writeStartElement("md", "KeyDescriptor", SAML2_METADATA_NS);
        writer.writeAttribute("use", "signing");
        writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
        writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
        writer.writeStartElement("ds", "X509Data", "http://www.w3.org/2000/09/xmldsig#");
        writer.writeStartElement("ds", "X509Certificate", "http://www.w3.org/2000/09/xmldsig#");

        try {
            String keyAlias = crypto.getDefaultX509Identifier();
            X509Certificate cert = CertsUtils.getX509CertificateFromCrypto(crypto, keyAlias);
            writer.writeCharacters(Base64.getEncoder().encodeToString(cert.getEncoded()));
        } catch (Exception ex) {
            LOG.error("Failed to add certificate information to metadata. Metadata incomplete", ex);
        }

        writer.writeEndElement(); // X509Certificate
        writer.writeEndElement(); // X509Data
        writer.writeEndElement(); // KeyInfo
        writer.writeEndElement(); // KeyDescriptor


        writer.writeStartElement("md", "NameIDFormat", SAML2_METADATA_NS);
        writer.writeCharacters("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        writer.writeEndElement(); // NameIDFormat

        writer.writeStartElement("md", "NameIDFormat", SAML2_METADATA_NS);
        writer.writeCharacters("urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
        writer.writeEndElement(); // NameIDFormat

        writer.writeStartElement("md", "NameIDFormat", SAML2_METADATA_NS);
        writer.writeCharacters("urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress");
        writer.writeEndElement(); // NameIDFormat

        // SingleSignOnService
        writer.writeStartElement("md", "SingleSignOnService", SAML2_METADATA_NS);
        writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
        writer.writeAttribute("Location", config.getIdpUrl().toString());
        writer.writeEndElement(); // SingleSignOnService

        // SingleSignOnService
        writer.writeStartElement("md", "SingleSignOnService", SAML2_METADATA_NS);
        writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
        writer.writeAttribute("Location", config.getIdpUrl().toString());
        writer.writeEndElement(); // SingleSignOnService

        writer.writeEndElement(); // IDPSSODescriptor
    }