Uploaded image for project: 'Metadata Aggregator'
  1. Metadata Aggregator
  2. MDA-209

simplify XMLSignatureSigningStage API

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 0.9.2
    • Fix Version/s: 0.10.0
    • Component/s: DOM Metadata
    • Labels:
      None

      Description

      It looks like the API for XMLSignatureSigningStage was a little rushed, and we can and should simplify it for the future:

      There are a lot of public static final string constants representing things like signature algorithms. There's really no reason for these to be part of the stage's API, as they are never input to anything; if they were to be defined at all, it would be in a support class of some kind. My guess is that they were in fact just copy-and-pasted from such a support class elsewhere, probably OpenSAML. They should at least be made private or protected.

      It would be better, if possible, to acquire these standard version from some other support class. In fact some of them (at least things like TRANSFORM_ENVELOPED_SIGNATURE are available from the Santuario API and that seems like the obvious source.

      The local fields sigAlgo and digestAlgo are exposed through getters, but there are no setters and they are initialised solely through the SHA variant in use. We should refactor this to avoid the fields entirely, by moving the algorithms used into SHAVariant. It's not obvious that there's any real use for the getters, either, and I'm sure we could just discard those.

       

        Attachments

          Activity

            People

            Assignee:
            ian@iay.org.uk Ian Young
            Reporter:
            ian@iay.org.uk Ian Young
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: