Set service provider metadata path to plugin data directory Change-Id: I1423dce5cc75ab3a3f0ef16851b0aa5f3f2d11ba

commit: e6c0065f0c476a4d62936839c5a107666dc8296b [log] [tgz]
author: David Ostrovsky <david@ostrovsky.org> Tue Feb 12 08:22:12 2019 +0000
committer: Luca Milanesio <luca.milanesio@gmail.com> Tue Feb 12 21:40:39 2019 +0000
tree: 724052c3acd9c65ebd85cecff576874829fab7a1
parent: 356be7909f6fc836a6202f3b4708270f6fbd2b47 [diff]
diff --git a/src/main/java/com/thesamet/gerrit/plugins/saml/SamlWebFilter.java b/src/main/java/com/thesamet/gerrit/plugins/saml/SamlWebFilter.java
index b00a190..df30139 100644
--- a/src/main/java/com/thesamet/gerrit/plugins/saml/SamlWebFilter.java
+++ b/src/main/java/com/thesamet/gerrit/plugins/saml/SamlWebFilter.java

@@ -18,9 +18,12 @@
 import com.google.common.collect.Sets;
 import com.google.gerrit.extensions.restapi.Url;
 import com.google.gerrit.server.config.GerritServerConfig;
+import com.google.gerrit.server.config.SitePaths;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
 import java.util.Enumeration;
 import java.util.HashSet;
 import java.util.List;
@@ -67,7 +70,8 @@
   private final HashSet<String> authHeaders;
 
   @Inject
-  SamlWebFilter(@GerritServerConfig Config gerritConfig, SamlConfig samlConfig) {
+  SamlWebFilter(@GerritServerConfig Config gerritConfig, SitePaths sitePaths, SamlConfig samlConfig)
+      throws IOException {
     this.samlConfig = samlConfig;
     log.debug("Max Authentication Lifetime: " + samlConfig.getMaxAuthLifetimeAttr());
     SAML2Configuration samlClientConfig =
@@ -75,6 +79,9 @@
             samlConfig.getKeystorePath(), samlConfig.getKeystorePassword(),
             samlConfig.getPrivateKeyPassword(), samlConfig.getMetadataPath());
     samlClientConfig.setMaximumAuthenticationLifetime(samlConfig.getMaxAuthLifetimeAttr());
+    samlClientConfig.setServiceProviderMetadataPath(
+        ensureExists(sitePaths.data_dir).resolve("sp-metadata.xml").toString());
+
     saml2Client = new SAML2Client(samlClientConfig);
     String callbackUrl = gerritConfig.getString("gerrit", null, "canonicalWebUrl") + SAML_CALLBACK;
     httpUserNameHeader = getHeaderFromConfig(gerritConfig, "httpHeader");
@@ -250,6 +257,10 @@
     return getAttributeOrElseId(user, samlConfig.getUserNameAttr());
   }
 
+  private static Path ensureExists(Path dataDir) throws IOException {
+    return Files.createDirectories(dataDir.resolve(SAML));
+  }
+
   private class AuthenticatedHttpRequest extends HttpServletRequestWrapper {
     private AuthenticatedUser user;
commit	e6c0065f0c476a4d62936839c5a107666dc8296b	[log] [tgz]
author	David Ostrovsky <david@ostrovsky.org>	Tue Feb 12 08:22:12 2019 +0000
committer	Luca Milanesio <luca.milanesio@gmail.com>	Tue Feb 12 21:40:39 2019 +0000
tree	724052c3acd9c65ebd85cecff576874829fab7a1
parent	356be7909f6fc836a6202f3b4708270f6fbd2b47 [diff]