From 94545775545ed8d3516b4fd149972e63e615628a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 24 Jan 2022 08:57:33 -0700 Subject: [PATCH 01/24] SHIBUI-2262 Adding addition driver for SQL Server --- backend/build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/build.gradle b/backend/build.gradle index f41778d28..15b192774 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -170,6 +170,7 @@ dependencies { runtimeOnly "org.postgresql:postgresql:42.2.20" runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:2.2.0' runtimeOnly 'mysql:mysql-connector-java:5.1.48' + runtimeOnly 'com.microsoft.sqlserver:mssql-jdbc:9.4.1.jre11' //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' From 08f5d5e4b93aa409721a3959405660833da2f5c7 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 10 Mar 2022 11:36:42 -0700 Subject: [PATCH 02/24] SHIBUI-2262 Changes to work with SQLServer --- .../envers/MetadataResolverEnversVersioningTests.groovy | 7 +++---- .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy | 2 +- .../tier/shibboleth/admin/ui/domain/AbstractAuditable.java | 6 +++--- .../ui/domain/resolvers/ClasspathMetadataResource.java | 6 +++--- .../ui/service/MetadataResolverConverterServiceImpl.java | 4 ++-- .../OpenSamlResourceBackedMetadataResolverTests.groovy | 4 ++-- .../ui/service/JPAMetadataResolverServiceImplTests.groovy | 4 ++-- .../shibboleth/admin/ui/util/TestObjectGenerator.groovy | 3 +-- 8 files changed, 17 insertions(+), 19 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy index b468a2ffa..85e854d3d 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy @@ -14,7 +14,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetad import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme -import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.domain.EntityScan @@ -269,7 +268,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: ResourceBackedMetadataResolver resolver = new ResourceBackedMetadataResolver(name: 'rbmr').with { it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes(taskTimerRef: 'taskTimerRef') - it.classpathMetadataResource = new ClasspathMetadataResource(file: 'metadata.xml') + it.classpathMetadataResource = new ClasspathMetadataResource(setFileResource: 'metadata.xml') it } @@ -291,7 +290,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: resolver.name = 'rbmrUPDATED' resolver.reloadableMetadataResolverAttributes.taskTimerRef = 'taskTimerRefUPDATED' - resolver.classpathMetadataResource.file = 'metadataUPDATED.xml' + resolver.classpathMetadataResource.fileResource = 'metadataUPDATED.xml' resolverHistory = updateAndGetRevisionHistoryOfMetadataResolver(resolver, metadataResolverRepository, @@ -315,4 +314,4 @@ class MetadataResolverEnversVersioningTests extends Specification { getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L } -} +} \ No newline at end of file diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 79420f6d0..c82ff3480 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -419,7 +419,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { MetadataResource( 'xmlns:resource': 'urn:mace:shibboleth:2.0:resource', 'xsi:type': 'resource:ClasspathResource', - 'file': resolver.classpathMetadataResource.file) + 'file': resolver.classpathMetadataResource.fileResource) } childNodes() diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java index 6600307af..56d740240 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAuditable.java @@ -42,13 +42,13 @@ public abstract class AbstractAuditable implements Auditable { @CreationTimestamp @CreatedDate - @Column(nullable = false, updatable = false, columnDefinition = "DATETIME(6)") + @Column(nullable = false, updatable = false, columnDefinition = "DATETIME") @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSSSS") private LocalDateTime createdDate; @UpdateTimestamp @LastModifiedDate - @Column(nullable = false, columnDefinition = "DATETIME(6)") + @Column(nullable = false, columnDefinition = "DATETIME") @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSSSS") private LocalDateTime modifiedDate; @@ -134,4 +134,4 @@ private static ZonedDateTime toZonedDateTime(LocalDateTime localDateTime) { .toZonedDateTime() .truncatedTo(ChronoUnit.MILLIS); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java index a3dc076ab..a76943378 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/ClasspathMetadataResource.java @@ -15,6 +15,6 @@ @Setter @EqualsAndHashCode public class ClasspathMetadataResource { - - private String file; -} + // renamed from "file" to work with SQLServer + private String fileResource; +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java index 2343206a7..d0d20bd61 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java @@ -99,7 +99,7 @@ private OpenSamlResourceBackedMetadataResolver convertToOpenSamlRepresentation(R break; case CLASSPATH: resource = ResourceHelper.of(new ClassPathResource(placeholderResolverService() - .resolveValueFromPossibleTokenPlaceholder(resolver.getClasspathMetadataResource().getFile()))); + .resolveValueFromPossibleTokenPlaceholder(resolver.getClasspathMetadataResource().getFileResource()))); break; default: throw new RuntimeException("Unsupported resource type!"); @@ -153,4 +153,4 @@ public boolean isDirectory() { return true; } } -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy index 28223b2f8..52ae52374 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/OpenSamlResourceBackedMetadataResolverTests.groovy @@ -15,10 +15,10 @@ class OpenSamlResourceBackedMetadataResolverTests extends Specification { def 'test refresh'() { when: def rbmr = new ResourceBackedMetadataResolver(name: 'test', xmlId: 'test', classpathMetadataResource: new ClasspathMetadataResource('metadata/metadata.xml')) - def x = new OpenSamlResourceBackedMetadataResolver(openSamlObjects.parserPool, null, rbmr, ResourceHelper.of(new ClassPathResource(rbmr.classpathMetadataResource.file))) + def x = new OpenSamlResourceBackedMetadataResolver(openSamlObjects.parserPool, null, rbmr, ResourceHelper.of(new ClassPathResource(rbmr.classpathMetadataResource.fileResource))) x.refilter() then: noExceptionThrown() } -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy index 703e44f7a..1550069b6 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy @@ -109,7 +109,7 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest { it.resourceId = "testme" it.name = "testme" it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = "metadata/aggregate.xml" + it.fileResource = "metadata/aggregate.xml" it } it.metadataFilters.add(new EntityAttributesFilter().with { @@ -274,7 +274,7 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest { def resolver = new edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver().with { it.xmlId = 'ClasspathResourceMetadata' it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = '/path/to/a/classpath/location/metadata.xml' + it.fileResource = '/path/to/a/classpath/location/metadata.xml' it } it diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy index bf17b107e..7b2865462 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy @@ -30,7 +30,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProt import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.SvnMetadataResource import edu.internet2.tier.shibboleth.admin.util.AttributeUtility import edu.internet2.tier.shibboleth.admin.util.MDDCConstants import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions @@ -607,7 +606,7 @@ class TestObjectGenerator { it.name = 'ClasspathResourceMetadata' it.xmlId = 'ClasspathResourceMetadata' it.classpathMetadataResource = new ClasspathMetadataResource().with { - it.file = 'metadata/metadata.xml' + it.fileResource = 'metadata/metadata.xml' it } it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes().with { From 279974c1d2ac292ef4a55749284ae8435cd8c556 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 10 Mar 2022 11:40:21 -0700 Subject: [PATCH 03/24] SHIBUI-2262 Testbed files for sqlserver --- testbed/sqlServer/conf/application.yml | 138 ++++++++++++++++++ testbed/sqlServer/conf/keystore.p12 | Bin 0 -> 2591 bytes testbed/sqlServer/conf/users.csv | 2 + testbed/sqlServer/docker-compose.yml | 29 ++++ testbed/sqlServer/docker/Dockerfile | 9 ++ .../sqlServer/docker/scripts/entrypoint.sh | 22 +++ testbed/sqlServer/docker/scripts/setup.sql | 10 ++ 7 files changed, 210 insertions(+) create mode 100644 testbed/sqlServer/conf/application.yml create mode 100644 testbed/sqlServer/conf/keystore.p12 create mode 100644 testbed/sqlServer/conf/users.csv create mode 100644 testbed/sqlServer/docker-compose.yml create mode 100644 testbed/sqlServer/docker/Dockerfile create mode 100755 testbed/sqlServer/docker/scripts/entrypoint.sh create mode 100644 testbed/sqlServer/docker/scripts/setup.sql diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml new file mode 100644 index 000000000..1e48abf4d --- /dev/null +++ b/testbed/sqlServer/conf/application.yml @@ -0,0 +1,138 @@ +spring: + profiles: + include: + datasource: + platform: sqlserver + driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver + url: jdbc:sqlserver://db:1433 + username: sa + password: Password1 + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.SQLServerDialect +#server: +# port: 8443 +# ssl: +# key-store: "/conf/keystore.p12" +# key-store-password: "changeit" +# keyStoreType: "PKCS12" +# keyAlias: "tomcat" +shibui: + user-bootstrap-resource: file:/conf/users.csv + roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_PONY +custom: + attributes: + # Default attributes + - name: eduPersonPrincipalName + displayName: label.attribute-eduPersonPrincipalName + - name: uid + displayName: label.attribute-uid + - name: mail + displayName: label.attribute-mail + - name: surname + displayName: label.attribute-surname + - name: givenName + displayName: label.attribute-givenName + - name: eduPersonAffiliation + displayName: label.attribute-eduPersonAffiliation + - name: eduPersonScopedAffiliation + displayName: label.attribute-eduPersonScopedAffiliation + - name: eduPersonPrimaryAffiliation + displayName: label.attribute-eduPersonPrimaryAffiliation + - name: eduPersonEntitlement + displayName: label.attribute-eduPersonEntitlement + - name: eduPersonAssurance + displayName: label.attribute-eduPersonAssurance + - name: eduPersonUniqueId + displayName: label.attribute-eduPersonUniqueId + - name: employeeNumber + displayName: label.attribute-employeeNumber + # Custom attributes + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + defaultValue: false + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + defaultValue: false + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + defaultValue: false + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + defaultValue: false + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + defaultValue: false + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + defaultValue: false + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + - name: responderId + displayName: label.responder-id + displayType: string + defaultValue: null + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + defaultValue: false + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn +logging: + level: + org.pac4j: "TRACE" + org.opensaml: "INFO" \ No newline at end of file diff --git a/testbed/sqlServer/conf/keystore.p12 b/testbed/sqlServer/conf/keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..57f9c162a6953c21e77cf24451d52a9d3fa5cd54 GIT binary patch literal 2591 zcmY+EXEYlM8^+#;9KJd*1inb3Z)iIp_EPKhMV>97D|oBqN7osHVVFVlnzLKj_FP$qF%41Q3R* z^9r}YF%+)Wm1*z9WVf@%JDMN3TvEX07$;TX^lxG0$V|M==T7l`GEyXPdw zXm@Syfq*ghPdN9rC^82iIiSk~gaP$MoHrr;heS_|UuGmN=cS{B0tJIUb0I?8*yTo7 z<;eF;9*tyN_u(*2@@PrdCWF2Dy0D}1o_X_!#ZZ`{?D%G$xW!6I082tT@kNaVWLI$y zQ?{iJZ+N@ftfv2ER`h<1Ps33b3x`zD#Xa^Yls;WQ*yFh6Z4hzUNZY5VhP!2ryOY5V zKGpR+arsS!Krgf}A<6#C2})#Ie`zQ4&PMp_lE|YAC+E}i=UDu!=&HTo~B0gi(9cejrUwu@8hK)P4Ppc|?PGVI38Hao~@kTe57RrfAV`uiHpU&|;rw>h&9Ew=! zLMynJ&c~u{@IoN*@p6@(O;6g*)m@_r4f!y92e%+LL89f0jf2D#yd<5tn%y@)<=-63 z6_0Wk384``Yo}vPAw_V9)L#x);zJ`87Rrq4-DfRRQ`^s@Lrj#H(Pe=Mp7Po8fC#js zcSJ_PtVsY!pJk}CFP;k7O zc_`Dqty6pqp_B4@A5ys8D~azqv>9f*uX6D_`SXt6#4yP$g|~+Vfroy_?Yb-~gYqI0 z5mLA&`cD56Gh6EF>7>Bz6Bov(Oh|U|)q=+_KUMmMQaoWc_bHRFt>yS2`2PdR_MWAzBqHlq;FHp;4?3i-pX#W148gm~V-UUZ|n*JjzAkUSFq zttV7Z>+Y5zw~xD0q0bHr6tPBYk<@ZRYqSC5C5LJiSzj9x*Jfz5<(#IULa0K099m|`{ksz@rub0J!&%HoKuFUrr zWXg;<+Bqmkm+RPThvHeaFl2lIUw}{=`hIFH2F^riQ@cgPRe##VOlhq{C!$y zVj2oh;|;i+c{#2fJ1b-;B#$QNMnLR@eci$$qQ-ms7bc++#f`<^nCMftG;_6g7RkDG zS)Avgii(ZQLOp!MllH-jXVki-(HWhVnKy&7Tl@B)y!#8xCT>ULqi)rNN;h#Q7CxqR zte=q-)bmc(SCU!-g{|J;c?pUaD+SJP9LH%`RA><;$y;@hzcxf~7(I>Z(q(f{zf_Xe zf^+??N-7p<2rn(b58wsx0N4W_0sP?n|Aeg4EFh+Pt{#q1X?a;iWkm%Ac?CFJ`bwTg zf0ro1S3Xt0Ldrlgz}1rZCn5WnVZr|~tkqHEp57>;w2?YVbCA+_xIaH;_`imYz>t%= zKLnhg96NO9Of%ipR@Ct?o8CRsk7X;lAXwe>=H7+*|55nmS)}2Ts|&f1Nl>z1 zPp%bXaadZ_SSnSH-ijLuA8bkgxt3k0e=KaXxvasg01EAO&U?ELSmNRS@Vih`O`n~! zm(iL%2^WSEvkM+EsF_lT1D_e@M-l3VUhD?z3@NL5yD$To`Q|y$2lZz@8Gr zH4a-TtEoQ|2cur+F-BXgKL4tkHyAja?^>!LPV8%yz$IX7t45YvZQo#J^&uiR-_S?` zVVZok0mHxl`d(kE5k+c?f|#$W$oE!N?wV_-Lx@?LcLHxvUivKu_Ty)u3Fn#qSoD1Z z)q5K^gp<}bKZ1pR>6t{YF4aubO9b>EsG|8Ic|MxD@?c@p>&n6>r)Kdcl7DnwQx*!? zqN|mP_On)F72tRv9Ka}`BR`D!)Z6uX6A@!OR6q&@dJtSP&2tHt*YNx*)eyv6=1@=1 z0Ny4nsx!gKdBZ)?43Q@1JQD0EntJm%-;=l00}SIaB7KE>E%tK`$J1|Vk{ZzCy#=0( zrOIhoXp~QXrmT;gp5{^Jz8Ls+TQIjTzYevT&yv94>ouv1?~>VU#n%gf$6Xt~E(ERD zK;m4byGfL*a9YtUngDy?_Brb@jq?t0C5>?`p)fW$*MQBkF|Ww#RnhSC@RkIWjKknZ zBLec1=wR==k~K5LiB(-Ox;}hz-_=vlV^IAz9_d%ru;Fawb=wBT7=0Z)%sJL=ETE z1K}_i-IeO_F;spY)>~=*tiy^f*X(CwGuxLIb|s@IL$=*RKp0_k{sq}UzfGV^$P=R# z0ouf)?@zmvOBRng}=n%+lMZ$8fk6z%zIgz@9-Z^#c&dEhz zjy_f~4KC~7h);(y-@3i8#%7D{ip3I?%)J>p*up#)iL;26E8bS&fw=+*E z&@<&p2yJD Date: Thu, 10 Mar 2022 11:41:25 -0700 Subject: [PATCH 04/24] SHIBUI-2262 Unofficial SQLServer build for Citrus From a85650c97bb075a3b7d7ae3a8e406cf483dcf08f Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 9 Jun 2022 13:46:08 -0700 Subject: [PATCH 05/24] SHIBUI-2262 Merge develop to branch with test fix --- .../envers/MetadataResolverEnversVersioningTests.groovy | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy index 85e854d3d..6d976a033 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy @@ -268,7 +268,7 @@ class MetadataResolverEnversVersioningTests extends Specification { when: ResourceBackedMetadataResolver resolver = new ResourceBackedMetadataResolver(name: 'rbmr').with { it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes(taskTimerRef: 'taskTimerRef') - it.classpathMetadataResource = new ClasspathMetadataResource(setFileResource: 'metadata.xml') + it.classpathMetadataResource = new ClasspathMetadataResource(fileResource: 'metadata.xml') it } @@ -282,7 +282,7 @@ class MetadataResolverEnversVersioningTests extends Specification { resolverHistory.size() == 1 getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr' getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef' - getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml' + getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml' getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L getModifiedEntityNames(resolverHistory, 0).sort() == expectedModifiedPersistentEntities.sort() @@ -302,7 +302,7 @@ class MetadataResolverEnversVersioningTests extends Specification { resolverHistory.size() == 2 getTargetEntityForRevisionIndex(resolverHistory, 1).name == 'rbmrUPDATED' getTargetEntityForRevisionIndex(resolverHistory, 1).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRefUPDATED' - getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.file == 'metadataUPDATED.xml' + getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.fileResource == 'metadataUPDATED.xml' getRevisionEntityForRevisionIndex(resolverHistory, 1).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 1).timestamp > 0L getModifiedEntityNames(resolverHistory, 1).sort() == expectedModifiedPersistentEntities.sort() @@ -310,7 +310,7 @@ class MetadataResolverEnversVersioningTests extends Specification { //Check the original revision is intact getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr' getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef' - getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml' + getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml' getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser' getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L } From 99977aeb68b2c6dd861c74abce120dd498e7fb9f Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 09:53:13 -0700 Subject: [PATCH 06/24] SHIBUI-2273 --- backend/build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/build.gradle b/backend/build.gradle index 55549097e..887d2e86e 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -174,6 +174,7 @@ dependencies { runtimeOnly 'org.postgresql:postgresql:42.3.4' runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:3.0.4' runtimeOnly 'mysql:mysql-connector-java:8.0.29' + //SQL Server? //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' From f33954a15f9bab6fbb7f8057674587f85ba0aa80 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 10:16:02 -0700 Subject: [PATCH 07/24] SHIBUI-2273 merging shibui-2262 --- backend/build.gradle | 8 ++++---- gradle.properties | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/backend/build.gradle b/backend/build.gradle index 90cc83503..e2c4936e0 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -171,10 +171,10 @@ dependencies { runtimeOnly 'org.glassfish.jaxb:jaxb-runtime:2.3.0' compile "com.h2database:h2" - runtimeOnly 'org.postgresql:postgresql:42.3.4' - runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:3.0.4' - runtimeOnly 'mysql:mysql-connector-java:8.0.29' - runtimeOnly 'com.microsoft.sqlserver:mssql-jdbc:9.4.1.jre11' + runtimeOnly "org.postgresql:postgresql:${project.'postgresVersion'}" + runtimeOnly "org.mariadb.jdbc:mariadb-java-client:${project.'mariadbVersion'}" + runtimeOnly "mysql:mysql-connector-java:${project.'mysqlVersion'}" + runtimeOnly "com.microsoft.sqlserver:mssql-jdbc:${project.'sqlserverVersion'}" //Swagger compile 'io.springfox:springfox-swagger2:2.9.2' diff --git a/gradle.properties b/gradle.properties index f645de2d4..9fb07eccf 100644 --- a/gradle.properties +++ b/gradle.properties @@ -19,6 +19,12 @@ springbootVersion=2.5.12 springSecurityVersion=5.6.3 # springSecurityVersion=5.7.1 +### DB Driver Versions ### +mariadbVersion=3.0.4 +mysqlVersion=8.0.29 +postgresVersion=42.3.4 +sqlserverVersion=9.4.1.jre11 + org.gradle.jvmargs=-Xmx1g -XX:-UseGCOverheadLimit # set token in personal global From c5f6475bf52751df2421cdb33266b375d89aa02a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 15:41:48 -0700 Subject: [PATCH 08/24] SHIBUI-2273 Setup liquidbase to run for SQL SERVER --- .../CustomEntityAttributeDefinition.java | 4 +-- .../admin/ui/domain/LocalizedName.java | 4 ++- .../admin/ui/domain/OrganizationURL.java | 2 +- .../src/main/resources/application.properties | 3 +- .../main/resources/db/changelog/changelog.sql | 29 +++++++++++++++++++ 5 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 backend/src/main/resources/db/changelog/changelog.sql diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java index f1d14911a..6e7ced3e2 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java @@ -35,7 +35,7 @@ public class CustomEntityAttributeDefinition implements IRelyingPartyOverridePro @ElementCollection @CollectionTable(name = "custom_entity_attr_list_items", joinColumns = @JoinColumn(name = "name")) @Fetch(FetchMode.JOIN) - @Column(name = "value", nullable = false) + @Column(name = "item_value", nullable = false) Set customAttrListDefinitions = new HashSet<>(); @Column(name = "default_value", nullable = true) @@ -114,4 +114,4 @@ public void setName(String name) { public void updateExamplesList() { examples = customAttrListDefinitions; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java index e0a54d494..3f7dcb48e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/LocalizedName.java @@ -3,6 +3,7 @@ import org.hibernate.envers.Audited; import javax.annotation.Nullable; +import javax.persistence.Column; import javax.persistence.MappedSuperclass; @MappedSuperclass @@ -11,6 +12,7 @@ public class LocalizedName extends AbstractXMLObject implements org.opensaml.sam private String xMLLang; + @Column(name = "name_value") private String value; @Nullable @@ -34,4 +36,4 @@ public String getValue() { public void setValue(@Nullable String value) { this.value = value; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java index c8e556695..625e96379 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/OrganizationURL.java @@ -14,7 +14,7 @@ public class OrganizationURL extends AbstractXMLObject implements org.opensaml.s private String xMLLang; - @Column(name="value") + @Column(name="uri_value") private String uri; @Nullable diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 0556e5b45..a0d50725f 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -37,7 +37,8 @@ spring.jackson.mapper.accept-case-insensitive-enums=true #spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect # Liquibase properties -spring.liquibase.enabled=false +spring.liquibase.enabled=true +spring.liquibase.change-log=db/changelog/changelog.sql # Hibernate properties # for production never ever use create, create-drop. It's BEST to use validate diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql new file mode 100644 index 000000000..cfdf5bc02 --- /dev/null +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -0,0 +1,29 @@ +-- liquibase formatted sql + +-- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT 1 FROM users +-- comment: /* we don't need to run this if the system is new */ +ALTER TABLE resource_backed_metadata_resolver + RENAME file TO file_resource; +GO +ALTER TABLE organizationurl + RENAME 'value' TO 'uri_value'; +GO + +-- changeset liquibase:1.11.0 dbms:mssql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ +EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' +GO +EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'organization_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_description.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_name.value', name_value, 'COLUMN' +GO \ No newline at end of file From 4c2bd1712d099ff30786dd4f0dc0629ee4cdbf33 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 16:45:04 -0700 Subject: [PATCH 09/24] SHIBUI-2273 Setup liquidbase to run for POSTGRES --- .../main/resources/db/changelog/changelog.sql | 18 +++++++++++++++--- testbed/postgres/docker-compose.yml | 2 +- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index cfdf5bc02..3b3c84fb3 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -2,13 +2,25 @@ -- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql -- preconditions onFail:MARK_RAN --- precondition-sql-check expectedResult:1 SELECT 1 FROM users +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ ALTER TABLE resource_backed_metadata_resolver - RENAME file TO file_resource; + RENAME "file" TO "file_resource"; GO ALTER TABLE organizationurl - RENAME 'value' TO 'uri_value'; + RENAME "value" TO "uri_value"; +GO +ALTER TABLE organization_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE organization_display_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE service_description + RENAME "value" TO "name_value"; +GO +ALTER TABLE service_name + RENAME "value" TO "name_value"; GO -- changeset liquibase:1.11.0 dbms:mssql diff --git a/testbed/postgres/docker-compose.yml b/testbed/postgres/docker-compose.yml index 593ceb1fc..c66b591a8 100644 --- a/testbed/postgres/docker-compose.yml +++ b/testbed/postgres/docker-compose.yml @@ -11,7 +11,7 @@ services: networks: - front ports: - - 3306:3306 + - 5432:5432 shibui: image: unicon/shibui ports: From b04c2678d4e33b4df43711e5fcb207c76f5b4d16 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 17:11:32 -0700 Subject: [PATCH 10/24] SHIBUI-2273 Readme for liquibase --- .../src/main/resources/db/changelog/README.txt | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 backend/src/main/resources/db/changelog/README.txt diff --git a/backend/src/main/resources/db/changelog/README.txt b/backend/src/main/resources/db/changelog/README.txt new file mode 100644 index 000000000..2ebb5d59f --- /dev/null +++ b/backend/src/main/resources/db/changelog/README.txt @@ -0,0 +1,18 @@ +Understanding the liquidbase changelog.sql file + +" -- liquibase formatted sql" - this is required at the top of this file " + +" -- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql " +This indicates a change set and the version - please use the release version that the change matches so that looking at the DB should +give a good indication of what has been run. + +The dbms section indicates which DBs the changeset that follows is valid to be run on. If this is not present, Liquidbase will try +to run the changeset always. + +" -- preconditions onFail:MARK_RAN " +" -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' " + +@see - https://docs.liquibase.com/concepts/changelogs/preconditions.html +The check here is looking to see if the schema has been built out yet. If it has not, then the db is new and will be created +correctly without needing to be updated, so MARK_RAN ensures that the given changeset will not be run, but will be added to the +liquibase changesetlog table indicating that it was checked. \ No newline at end of file From e1d3f30555988137cd758734e647b4787e87246a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 14 Jun 2022 17:20:41 -0700 Subject: [PATCH 11/24] SHIBUI-2273 Removing the war file from the codebase - the war was originally given to Citrus College and added to the project as a matter of record, but we don't want it in the main branch of code From 70d7ecdd2ff121a9a8161f10606b4721f713d273 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 15 Jun 2022 10:05:10 -0700 Subject: [PATCH 12/24] SHIBUI-2273 Updates: added missing tables and aud tables to the sql updates, updated the springboot and hibernate versions to newer versions, updated the settings to work with the newer version of springboot which uses a different library for path pattern matching. --- .../filters/EntityAttributesFilterTarget.java | 2 +- .../filters/NameIdFormatFilterTarget.java | 2 + .../src/main/resources/application.properties | 4 ++ .../main/resources/db/changelog/changelog.sql | 67 +++++++++++++++++-- gradle.properties | 8 +-- 5 files changed, 73 insertions(+), 10 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java index a7959dbbf..e2ed028a0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilterTarget.java @@ -26,7 +26,7 @@ public class EntityAttributesFilterTarget extends AbstractAuditable implements I @ElementCollection (fetch = FetchType.EAGER) @OrderColumn - @Column(length = 760) + @Column(length = 760, name="target_value") private List value; public EntityAttributesFilterTargetType getEntityAttributesFilterTargetType() { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java index 90445ff75..3a5bfe9da 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilterTarget.java @@ -8,6 +8,7 @@ import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; +import javax.persistence.Column; import javax.persistence.ElementCollection; import javax.persistence.Entity; import javax.persistence.OrderColumn; @@ -27,6 +28,7 @@ public class NameIdFormatFilterTarget extends AbstractAuditable implements IFilt @ElementCollection @OrderColumn + @Column(name="target_value") private List value; public NameIdFormatFilterTargetType getNameIdFormatFilterTargetType() { diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index b126439d5..dd02864b0 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -9,6 +9,9 @@ logging.level.org.springframework=INFO logging.level.edu.internet2.tier.shibboleth.admin.ui=INFO spring.main.allow-bean-definition-overriding=true +# "In Spring MVC, the path was previously analyzed by AntPathMatcher, but it was changed to use PathPatternParser introduced in WebFlux from Spring 5.3.0." +# we still have the option to use ant path matcher thus keeping existing configuration from having to change +spring.mvc.pathmatch.matching-strategy=ant_path_matcher # Database Credentials spring.datasource.username=shibui @@ -109,6 +112,7 @@ shibui.roles.authenticated=ADMIN,ENABLE,USER #docker container shibui.beacon-enabled=true +### Swagger/Springdoc patterns springdoc.use-management-port=true springdoc.swagger-ui.tagsSorter: alpha springdoc.writer-with-order-by-keys: true diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 3b3c84fb3..911f36cb9 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -4,38 +4,95 @@ -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ -ALTER TABLE resource_backed_metadata_resolver - RENAME "file" TO "file_resource"; +ALTER TABLE custom_entity_attr_list_items + RENAME "value" TO "item_value"; +GO +ALTER TABLE custom_entity_attr_list_items_aud + RENAME "value" TO "item_value"; +GO +ALTER TABLE entity_attributes_filter_target_value + RENAME "value" TO "target_value"; +GO +ALTER TABLE entity_attributes_filter_target_value_aud + RENAME "value" TO "target_value"; +GO +ALTER TABLE name_id_format_filter_target_value + RENAME "value" TO "target_value"; +GO +ALTER TABLE name_id_format_filter_target_value_aud + RENAME "value" TO "target_value"; GO ALTER TABLE organizationurl RENAME "value" TO "uri_value"; GO +ALTER TABLE organizationurl_aud + RENAME "value" TO "uri_value"; +GO +ALTER TABLE organization_display_name + RENAME "value" TO "name_value"; +GO +ALTER TABLE organization_display_name_aud + RENAME "value" TO "name_value"; +GO ALTER TABLE organization_name RENAME "value" TO "name_value"; GO -ALTER TABLE organization_display_name +ALTER TABLE organization_name_aud RENAME "value" TO "name_value"; GO +ALTER TABLE resource_backed_metadata_resolver + RENAME "file" TO "file_resource"; +GO +ALTER TABLE resource_backed_metadata_resolver_aud + RENAME "file" TO "file_resource"; +GO ALTER TABLE service_description RENAME "value" TO "name_value"; GO +ALTER TABLE service_description_aud + RENAME "value" TO "name_value"; +GO ALTER TABLE service_name RENAME "value" TO "name_value"; GO +ALTER TABLE service_name_aud + RENAME "value" TO "name_value"; +GO + -- changeset liquibase:1.11.0 dbms:mssql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ +EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'custom_entity_attr_list_items_aud.value', item_value, 'COLUMN' +GO +EXEC sp_rename 'entity_attributes_filter_target_value.value', target_value, 'COLUMN' +GO +EXEC sp_rename 'entity_attributes_filter_target_value_aud.value', target_value, 'COLUMN' +GO +EXEC sp_rename 'name_id_format_filter_target_value', target_value, 'COLUMN' +GO +EXEC sp_rename 'name_id_format_filter_target_value_aud', target_value, 'COLUMN' +GO EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' GO -EXEC sp_rename 'custom_entity_attr_list_items.value', item_value, 'COLUMN' +EXEC sp_rename 'organizationurl_aud.value', uri_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'organization_display_name_aud.value', name_value, 'COLUMN' GO EXEC sp_rename 'organization_name.value', name_value, 'COLUMN' GO -EXEC sp_rename 'organization_display_name.value', name_value, 'COLUMN' +EXEC sp_rename 'organization_name_aud.value', name_value, 'COLUMN' GO EXEC sp_rename 'service_description.value', name_value, 'COLUMN' GO +EXEC sp_rename 'service_description_aud.value', name_value, 'COLUMN' +GO EXEC sp_rename 'service_name.value', name_value, 'COLUMN' +GO +EXEC sp_rename 'service_name_aud.value', name_value, 'COLUMN' GO \ No newline at end of file diff --git a/gradle.properties b/gradle.properties index 9fb07eccf..fdbf3f56a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,8 +5,8 @@ version=1.11.0-SNAPSHOT ### library versions ### commonsCollections4Version=4.4 cryptacularVersion=1.2.4 -hibernateVersion=5.5.0.Final -#hibernateVersion=5.6.9.Final +#hibernateVersion=5.5.0.Final +hibernateVersion=5.6.9.Final luceneVersion=8.1.1 log4JVersion=2.17.2 lombokVersion=5.3.3.3 @@ -14,8 +14,8 @@ opensamlVersion=4.2.0 pac4JVersion=5.4.3 pac4jSpringSecurityVersion=7.0.3 shibbolethVersion=4.2.1 -springbootVersion=2.5.12 -#springbootVersion=2.7.0 +#springbootVersion=2.5.12 +springbootVersion=2.7.0 springSecurityVersion=5.6.3 # springSecurityVersion=5.7.1 From f9e675b4ac162703033b851dafe773a1d743ceff Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 15 Jun 2022 10:55:04 -0700 Subject: [PATCH 13/24] SHIBUI-2273 update version of spring security properties file cleanup --- backend/src/main/resources/application.properties | 2 +- gradle.properties | 13 ++----------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index dd02864b0..ba1b8f20f 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -19,7 +19,7 @@ spring.datasource.password=shibui # Database Configuration H2 spring.datasource.url=jdbc:h2:mem:shibui;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE -spring.datasource.platform=h2 +spring.sql.init.platform=h2 spring.datasource.driverClassName=org.h2.Driver spring.jpa.database-platform=org.hibernate.dialect.H2Dialect spring.h2.console.enabled=true diff --git a/gradle.properties b/gradle.properties index fdbf3f56a..f891afd02 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,7 +5,6 @@ version=1.11.0-SNAPSHOT ### library versions ### commonsCollections4Version=4.4 cryptacularVersion=1.2.4 -#hibernateVersion=5.5.0.Final hibernateVersion=5.6.9.Final luceneVersion=8.1.1 log4JVersion=2.17.2 @@ -14,10 +13,8 @@ opensamlVersion=4.2.0 pac4JVersion=5.4.3 pac4jSpringSecurityVersion=7.0.3 shibbolethVersion=4.2.1 -#springbootVersion=2.5.12 springbootVersion=2.7.0 -springSecurityVersion=5.6.3 -# springSecurityVersion=5.7.1 +springSecurityVersion=5.7.1 ### DB Driver Versions ### mariadbVersion=3.0.4 @@ -35,10 +32,4 @@ i2.github.apiEndpoint=https://github.internet2.edu/api/v3 ## NOTES # pac4j spring security 7.0.3 here uses the pac4j 5.4.3 core, thus differences in versions (they used use the same versions, now -# keeping them in sync takes paying attention -# -# Springboot 2.7.0 and Hibernate 5.6.9 are current, but don't like all the columns named "value" in the db (along with H2), so don't -# update to these versions until ready to migrate the database columns. (the tests fail under these versions because the test database -# doesn't work). -# -# Additionally, springbootsecurity for tests doesn't like 5.7.1 \ No newline at end of file +# keeping them in sync takes paying attention \ No newline at end of file From d1e5bf88771a66175d9689a936a42f338c849962 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 09:22:57 -0700 Subject: [PATCH 14/24] SHIBUI-2273 Corrections for MySQL --- .../main/resources/db/changelog/changelog.sql | 62 ++++++++++++++++++- 1 file changed, 61 insertions(+), 1 deletion(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 911f36cb9..561280f58 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,66 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0 dbms:mariadb,mysql,postgresql +-- changeset liquibase:1.11.0 dbms:mysql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ +ALTER TABLE custom_entity_attr_list_items + CHANGE value item_value varchar(255); +GO +ALTER TABLE custom_entity_attr_list_items_aud + CHANGE value item_value varchar(255); +GO +ALTER TABLE entity_attributes_filter_target_value + CHANGE value target_value varchar(255); +GO +ALTER TABLE entity_attributes_filter_target_value_aud + CHANGE value target_value varchar(255); +GO +ALTER TABLE name_id_format_filter_target_value + CHANGE value target_value varchar(255); +GO +ALTER TABLE name_id_format_filter_target_value_aud + CHANGE value target_value varchar(255); +GO +ALTER TABLE organizationurl + CHANGE value uri_value varchar(255); +GO +ALTER TABLE organizationurl_aud + CHANGE value uri_value varchar(255); +GO +ALTER TABLE organization_display_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_display_name_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE organization_name_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE resource_backed_metadata_resolver + CHANGE file file_resource varchar(255); +GO +ALTER TABLE resource_backed_metadata_resolver_aud + CHANGE file file_resource varchar(255); +GO +ALTER TABLE service_description + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_description_aud + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_name + CHANGE value name_value varchar(255); +GO +ALTER TABLE service_name_aud + CHANGE value name_value varchar(255); +GO + + +-- changeset liquibase:1.11.0 dbms:mariadb,postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ From 42e6c1801b4f92f4ada42ae1e787afeeb7ac5db4 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 23 Jun 2022 09:57:02 -0700 Subject: [PATCH 15/24] Updated min/max refresh for providers --- .../file-system-metadata-provider.schema.json | 16 +++++++-------- .../main/resources/i18n/messages.properties | 2 +- .../resources/i18n/messages_en.properties | 2 +- .../schema/provider/file-system.schema.json | 20 +++++++++---------- .../provider/filebacked-http.schema.json | 10 ++++++++-- ui/src/app/metadata/domain/data.js | 14 +++++++++++++ ...ileBackedHttpMetadataProviderDefinition.js | 6 +++--- .../FileSystemMetadataProviderDefinition.js | 6 +++--- .../metadata/wizard/MetadataProviderWizard.js | 2 +- 9 files changed, 47 insertions(+), 31 deletions(-) diff --git a/backend/src/main/resources/file-system-metadata-provider.schema.json b/backend/src/main/resources/file-system-metadata-provider.schema.json index 7969495f2..a4db5a52d 100644 --- a/backend/src/main/resources/file-system-metadata-provider.schema.json +++ b/backend/src/main/resources/file-system-metadata-provider.schema.json @@ -1,11 +1,6 @@ { "type": "object", - "required": [ - "name", - "@type", - "xmlId", - "metadataFile" - ], + "required": ["name", "@type", "xmlId", "metadataFile"], "properties": { "name": { "title": "label.metadata-provider-name-dashboard-display-only", @@ -47,18 +42,21 @@ }, "reloadableMetadataResolverAttributes": { "type": "object", + "required": ["minRefreshDelay", "maxRefreshDelay"], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", @@ -71,4 +69,4 @@ } } } -} \ No newline at end of file +} diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 0a7880b36..2513a7c87 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -684,7 +684,7 @@ tooltip.retained-roles=Note that property replacement cannot be used on this ele tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one role descriptor. tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one child element, either an element or an element. -tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. +tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. Setting this to 0 will result in the default value being used. tooltip.max-refresh-delay=Upper bound on the next refresh from the time calculated based on the metadata\u0027s expiration. tooltip.refresh-delay-factor=A factor applied to the initially determined refresh time in order to determine the next refresh time (typically to ensure refresh takes place prior to the metadata\u0027s expiration). Attempts to refresh metadata will generally begin around the product of this number and the maximum refresh delay. tooltip.resolve-via-predicates-only=Flag indicating whether resolution may be performed solely by applying predicates to the entire metadata collection, when an entityID input criterion is not supplied. diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties index f9f64d4d2..40d17ae7e 100644 --- a/backend/src/main/resources/i18n/messages_en.properties +++ b/backend/src/main/resources/i18n/messages_en.properties @@ -531,7 +531,7 @@ tooltip.retained-roles=Note that property replacement cannot be used on this ele tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one role descriptor. tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors. Note: If this attribute is set to false, the resulting output may not be schema-valid since an element must include at least one child element, either an element or an element. -tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. +tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration. Setting this to 0 will result in the default value being used. tooltip.max-refresh-delay=Upper bound on the next refresh from the time calculated based on the metadata\u0027s expiration. tooltip.refresh-delay-factor=A factor applied to the initially determined refresh time in order to determine the next refresh time (typically to ensure refresh takes place prior to the metadata\u0027s expiration). Attempts to refresh metadata will generally begin around the product of this number and the maximum refresh delay. tooltip.resolve-via-predicates-only=Flag indicating whether resolution may be performed solely by applying predicates to the entire metadata collection, when an entityID input criterion is not supplied. diff --git a/ui/public/assets/schema/provider/file-system.schema.json b/ui/public/assets/schema/provider/file-system.schema.json index 38d0d90e3..a4db5a52d 100644 --- a/ui/public/assets/schema/provider/file-system.schema.json +++ b/ui/public/assets/schema/provider/file-system.schema.json @@ -1,15 +1,10 @@ { "type": "object", - "required": [ - "name", - "@type", - "xmlId", - "metadataFile" - ], + "required": ["name", "@type", "xmlId", "metadataFile"], "properties": { "name": { "title": "label.metadata-provider-name-dashboard-display-only", - "description": "tooltip.metadata-provider-name-dashboard-display-only", + "description": "tooltip.metadata-provider-name", "type": "string", "widget": { "id": "string", @@ -20,7 +15,7 @@ "title": "label.metadata-provider-type", "description": "tooltip.metadata-provider-type", "type": "string", - "const": "FilesystemMetadataResolver" + "default": "FilesystemMetadataResolver" }, "xmlId": { "title": "label.xml-id", @@ -47,18 +42,21 @@ }, "reloadableMetadataResolverAttributes": { "type": "object", + "required": ["minRefreshDelay", "maxRefreshDelay"], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", @@ -71,4 +69,4 @@ } } } -} \ No newline at end of file +} diff --git a/ui/public/assets/schema/provider/filebacked-http.schema.json b/ui/public/assets/schema/provider/filebacked-http.schema.json index 860733486..77f415b43 100644 --- a/ui/public/assets/schema/provider/filebacked-http.schema.json +++ b/ui/public/assets/schema/provider/filebacked-http.schema.json @@ -252,18 +252,24 @@ "reloadableMetadataResolverAttributes": { "$id": "reloadableMetadataResolverAttributes", "type": "object", + "required": [ + "minRefreshDelay", + "maxRefreshDelay" + ], "properties": { "minRefreshDelay": { "title": "label.min-refresh-delay", "description": "tooltip.min-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT5M" }, "maxRefreshDelay": { "title": "label.max-refresh-delay", "description": "tooltip.max-refresh-delay", "type": "string", - "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + "pattern": "^$|^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$", + "default": "PT4H" }, "refreshDelayFactor": { "title": "label.refresh-delay-factor", diff --git a/ui/src/app/metadata/domain/data.js b/ui/src/app/metadata/domain/data.js index 45412d300..b97afbddb 100644 --- a/ui/src/app/metadata/domain/data.js +++ b/ui/src/app/metadata/domain/data.js @@ -9,4 +9,18 @@ export const DurationOptions = [ "PT8H", "PT12H", "PT24H" +]; + +export const RefreshOptions = [ + "PT1S", + "PT30S", + "PT1M", + "PT5M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT8H", + "PT12H", + "PT24H", ]; \ No newline at end of file diff --git a/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js b/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js index 106edfa55..e4e4be5b6 100644 --- a/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js +++ b/ui/src/app/metadata/domain/provider/definition/FileBackedHttpMetadataProviderDefinition.js @@ -1,7 +1,7 @@ import defaultsDeep from 'lodash/defaultsDeep'; import { BaseProviderDefinition, HttpMetadataResolverAttributesSchema, MetadataFilterPluginsSchema } from './BaseProviderDefinition'; -import { DurationOptions } from '../../data'; +import { DurationOptions, RefreshOptions } from '../../data'; import { BASE_PATH } from '../../../../App.constant'; export const FileBackedHttpMetadataProviderWizard = { @@ -155,12 +155,12 @@ export const FileBackedHttpMetadataProviderWizard = { reloadableMetadataResolverAttributes: { minRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, maxRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, refreshDelayFactor: { diff --git a/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js b/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js index d97b8e041..5e9d617fe 100644 --- a/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js +++ b/ui/src/app/metadata/domain/provider/definition/FileSystemMetadataProviderDefinition.js @@ -1,7 +1,7 @@ import defaultsDeep from 'lodash/defaultsDeep'; import API_BASE_PATH from "../../../../App.constant"; import { BaseProviderDefinition } from "./BaseProviderDefinition"; -import { DurationOptions } from '../../data'; +import { RefreshOptions } from '../../data'; export const FileSystemMetadataProviderWizard = { ...BaseProviderDefinition, @@ -74,12 +74,12 @@ export const FileSystemMetadataProviderWizard = { reloadableMetadataResolverAttributes: { minRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, maxRefreshDelay: { 'ui:widget': 'OptionWidget', - options: DurationOptions, + options: RefreshOptions, 'ui:placeholder': 'label.duration' }, refreshDelayFactor: { diff --git a/ui/src/app/metadata/wizard/MetadataProviderWizard.js b/ui/src/app/metadata/wizard/MetadataProviderWizard.js index d2cbc0864..8dcbf73cd 100644 --- a/ui/src/app/metadata/wizard/MetadataProviderWizard.js +++ b/ui/src/app/metadata/wizard/MetadataProviderWizard.js @@ -49,7 +49,6 @@ export function MetadataProviderWizard({onSave, loading, block}) { return ( <> -
} + 
{JSON.stringify(errors, null, 4)}
); } From 2e13660449d3763101659df2a69d6ae4604e2c29 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 12:07:34 -0700 Subject: [PATCH 16/24] SHIBUI-2273 "Resetting" the min and max refresh values to match the open saml code --- .../main/resources/db/changelog/changelog.sql | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 561280f58..2653cdd64 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,6 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0 dbms:mysql +-- changeset liquibase:1.11.0.1 dbms:mysql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -60,7 +60,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0 dbms:mariadb,postgresql +-- changeset liquibase:1.11.0.1 dbms:mariadb,postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -120,7 +120,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0 dbms:mssql +-- changeset liquibase:1.11.0.1 dbms:mssql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -155,4 +155,24 @@ GO EXEC sp_rename 'service_name.value', name_value, 'COLUMN' GO EXEC sp_rename 'service_name_aud.value', name_value, 'COLUMN' -GO \ No newline at end of file +GO + +-- changeset liquibase:1.11.0.2 dbms:mariadb,postgresql,mssql,mysql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ + +update filesystem_metadata_resolver set min_refresh_delay ='PT5M'; +update filesystem_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update filesystem_metadata_resolver set max_refresh_delay ='PT4H'; +update filesystem_metadata_resolver_aud set max_refresh_delay ='PT4H'; + +update file_backed_http_metadata_resolver set min_refresh_delay ='PT5M'; +update file_backed_http_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update file_backed_http_metadata_resolver set max_refresh_delay ='PT4H'; +update file_backed_http_metadata_resolver_aud set max_refresh_delay ='PT4H'; + +update resource_backed_metadata_resolver set min_refresh_delay ='PT5M'; +update resource_backed_metadata_resolver_aud set min_refresh_delay ='PT5M'; +update resource_backed_metadata_resolver set max_refresh_delay ='PT4H'; +update resource_backed_metadata_resolver_aud set max_refresh_delay ='PT4H'; \ No newline at end of file From 8df42539da82c43d845d4e240e584aba3a52c80c Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 23 Jun 2022 15:23:31 -0700 Subject: [PATCH 17/24] SHIBUI-2273 Overriding calls that were getting made that break things. Those methods don't need to be used by the shibui functionality --- .../OpenSamlFileBackedHTTPMetadataResolver.java | 13 +++++++++++++ .../OpenSamlFilesystemMetadataResolver.java | 12 ++++++++++++ 2 files changed, 25 insertions(+) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java index c5d64dc5b..4b642e52a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java @@ -15,6 +15,7 @@ import javax.annotation.Nonnull; import javax.annotation.Nullable; +import java.io.File; import java.time.Duration; import java.time.Instant; @@ -135,4 +136,16 @@ public synchronized void refresh() throws ResolverException { } } } + + @Override + public void validateBackupFile(final File backupFile) throws ResolverException { + // NOPE, not going to validate this because the file reference is likely not to exist on the shibui server nor even be a + // valid path on the running server. The file is needed for the XML, but we shouldn't be validating it. + } + + @Override + protected byte[] fetchMetadata() throws ResolverException { + // NOPE, we don't need to try and fetch the metadata from either the URI nor the file + return null; + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java index c247e7b53..f8b9a856f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java @@ -88,4 +88,16 @@ public void refilter() { logger.error("An error occurred while attempting to filter metadata!", e); } } + + @Override + public void validateMetadataFile(@Nonnull final File file) throws ResolverException { + // NOPE, not going to validate this because the file reference is likely not to exist on the shibui server nor even be a + // valid path on the running server. The file is needed for the XML, but we shouldn't be validating it. + } + + @Override + protected byte[] fetchMetadata() throws ResolverException { + // NOPE, we don't need to try and fetch the metadata + return null; + } } \ No newline at end of file From 3f08c1858965a57cb90289a7cbecb8dfea0dd576 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 29 Jun 2022 14:24:04 -0700 Subject: [PATCH 18/24] SHIBUI-2273 slight change for mariadb --- backend/src/main/resources/db/changelog/changelog.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 2653cdd64..5bece9633 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -1,6 +1,6 @@ -- liquibase formatted sql --- changeset liquibase:1.11.0.1 dbms:mysql +-- changeset liquibase:1.11.0.1 dbms:mysql,mariadb -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ @@ -60,7 +60,7 @@ ALTER TABLE service_name_aud GO --- changeset liquibase:1.11.0.1 dbms:mariadb,postgresql +-- changeset liquibase:1.11.0.1 dbms:postgresql -- preconditions onFail:MARK_RAN -- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' -- comment: /* we don't need to run this if the system is new */ From 079716e62c126daeb1ae9625c88e0184f5782d93 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 1 Jul 2022 10:50:47 -0700 Subject: [PATCH 19/24] NOJIRA Fixing the footer version information --- backend/src/main/resources/application.properties | 8 +++++--- ui/src/app/App.constant.js | 10 ++++++++++ ui/src/app/core/components/VersionInfo.js | 14 +++++++++----- 3 files changed, 24 insertions(+), 8 deletions(-) diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index ba1b8f20f..f6af0610e 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -48,7 +48,7 @@ spring.liquibase.change-log=db/changelog/changelog.sql spring.jpa.hibernate.ddl-auto=update spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl spring.jpa.show-sql=false -spring.jpa.properties.hibernate.format_sql=false +spring.jpa.properties.hibernate.format_sql=true spring.jpa.properties.hibernate.check_nullability=true spring.jpa.hibernate.use-new-id-generator-mappings=true @@ -118,5 +118,7 @@ springdoc.swagger-ui.tagsSorter: alpha springdoc.writer-with-order-by-keys: true springdoc.pathsToMatch=/entities, /api/** # This property enables the openapi and swagger-ui endpoints to be exposed beneath the actuator base path. -management.endpoints.web.exposure.include=openapi, swagger-ui -management.server.port=9090 \ No newline at end of file +management.endpoints.web.exposure.include=openapi, swagger-ui, info +management.server.port=9090 +management.endpoints.web.cors.allowed-origins=* +management.endpoints.web.cors.allowed-headers=* \ No newline at end of file diff --git a/ui/src/app/App.constant.js b/ui/src/app/App.constant.js index 3b6af7f89..afa7a688c 100644 --- a/ui/src/app/App.constant.js +++ b/ui/src/app/App.constant.js @@ -5,8 +5,18 @@ export const getBasePath = () => { //replace(/^\/|\/$/g, '') }; +export const getActuatorPath = () => { + const url = new URL(document.getElementsByTagName('base')[0].href); + + var foo = document.createElement("a"); + foo.href = url.pathname?.replace(/^\/+/g, ''); + foo.port = "9090" + return foo.href; +} + export const BASE_PATH = getBasePath(); export const API_BASE_PATH = `${BASE_PATH}api`; +export const ACTUATOR_PATH = getActuatorPath(); export const FILTER_PLUGIN_TYPES = ['RequiredValidUntil', 'SignatureValidation', 'EntityRoleWhiteList']; diff --git a/ui/src/app/core/components/VersionInfo.js b/ui/src/app/core/components/VersionInfo.js index 1c6badfc1..1c88ad271 100644 --- a/ui/src/app/core/components/VersionInfo.js +++ b/ui/src/app/core/components/VersionInfo.js @@ -1,7 +1,7 @@ import React from 'react'; import useFetch from 'use-http'; -import { BASE_PATH } from '../../App.constant'; +import { ACTUATOR_PATH } from '../../App.constant'; import Translate from '../../i18n/components/translate'; @@ -11,11 +11,15 @@ const year = new Date().getFullYear(); const params = { year }; export function VersionInfo () { - - const { data = {} } = useFetch(`${BASE_PATH}actuator/info`, {}, []); + var opts = { + headers: { + 'mode':'no-cors' + } + } + const { data = {} } = useFetch(`${ACTUATOR_PATH}actuator/info`, opts, []); const [ versionData, setVersionData ] = React.useState(''); - + React.useEffect(() => { setVersionData(formatter(data)); }, [data]); @@ -29,4 +33,4 @@ export function VersionInfo () { ); } -export default VersionInfo; \ No newline at end of file +export default VersionInfo; From 4a462ccc2de4b50465c69d35f3d5e76098b9003c Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 5 Jul 2022 15:05:36 -0700 Subject: [PATCH 20/24] NOJIRA --- testbed/postgres/conf/application.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/testbed/postgres/conf/application.yml b/testbed/postgres/conf/application.yml index 2173107e1..56fd5e709 100644 --- a/testbed/postgres/conf/application.yml +++ b/testbed/postgres/conf/application.yml @@ -8,9 +8,11 @@ spring: username: shibui password: shibui jpa: + show-sql: false properties: hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect + dialect: org.hibernate.dialect.PostgreSQL95Dialect + format_sql: true server: port: 8443 ssl: @@ -135,4 +137,4 @@ custom: logging: level: org.pac4j: "TRACE" - org.opensaml: "INFO" + org.opensaml: "INFO" \ No newline at end of file From a4b03c6bd1c6e941a0d1808dada34be2a638c6fc Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 5 Jul 2022 16:45:21 -0700 Subject: [PATCH 21/24] SHIBUI-2273 Updating dialects --- backend/src/main/resources/application.yml | 9 +++++++++ testbed/mariadb/conf/application.yml | 4 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index 671000aa6..ffeab970c 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -1,3 +1,12 @@ +#spring: +# jpa: +# show-sql: false +# properties: +# hibernate: +# format_sql: true +# dialect: org.hibernate.dialect.PostgreSQL95Dialect +# OR SEE: https://access.redhat.com/webassets/avalon/d/red-hat-jboss-enterprise-application-platform/7.2/javadocs/org/hibernate/dialect/package-summary.html + #shibui: ## Default password must be set for the default user to be configured and setup # default-rootuser:root diff --git a/testbed/mariadb/conf/application.yml b/testbed/mariadb/conf/application.yml index 68018a4b9..82fe6fec7 100644 --- a/testbed/mariadb/conf/application.yml +++ b/testbed/mariadb/conf/application.yml @@ -10,7 +10,7 @@ spring: jpa: properties: hibernate: - dialect: org.hibernate.dialect.MariaDBDialect + dialect: org.hibernate.dialect.MariaDB103Dialect server: port: 8443 ssl: @@ -135,4 +135,4 @@ custom: logging: level: org.pac4j: "TRACE" - org.opensaml: "INFO" + org.opensaml: "INFO" \ No newline at end of file From de36cace2f965a156c2ef046016bbf71cbbc6612 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 7 Jul 2022 12:40:23 -0700 Subject: [PATCH 22/24] SHIBUI-2273 Fixing postgres lob issue --- .../tier/shibboleth/admin/ui/domain/X509Certificate.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java index b1db21b72..cff1a3c9d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java @@ -1,6 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; import lombok.EqualsAndHashCode; +import org.hibernate.annotations.Type; import org.hibernate.envers.Audited; import javax.annotation.Nullable; @@ -14,6 +15,7 @@ public class X509Certificate extends AbstractXMLObject implements org.opensaml.xmlsec.signature.X509Certificate { @Column(name = "x509CertificateValue") @Lob + @Type(type = "org.hibernate.type.TextType") private String value; @Nullable @@ -26,4 +28,4 @@ public String getValue() { public void setValue(@Nullable String value) { this.value = value; } -} +} \ No newline at end of file From a09797101f1ac46e3ad7487fa3911e896c890d55 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 12 Jul 2022 11:28:05 -0700 Subject: [PATCH 23/24] SHIBUI-2273 fixes for sqlserver docker --- testbed/sqlServer/conf/application.yml | 16 ++++++++-------- testbed/sqlServer/docker-compose.yml | 9 ++++++++- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml index 1e48abf4d..f69ccb318 100644 --- a/testbed/sqlServer/conf/application.yml +++ b/testbed/sqlServer/conf/application.yml @@ -1,6 +1,6 @@ spring: profiles: - include: + include: dev datasource: platform: sqlserver driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver @@ -11,13 +11,13 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.SQLServerDialect -#server: -# port: 8443 -# ssl: -# key-store: "/conf/keystore.p12" -# key-store-password: "changeit" -# keyStoreType: "PKCS12" -# keyAlias: "tomcat" +server: + port: 8443 + ssl: + key-store: "/conf/keystore.p12" + key-store-password: "changeit" + keyStoreType: "PKCS12" + keyAlias: "tomcat" shibui: user-bootstrap-resource: file:/conf/users.csv roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_PONY diff --git a/testbed/sqlServer/docker-compose.yml b/testbed/sqlServer/docker-compose.yml index a7509fe37..68276f256 100644 --- a/testbed/sqlServer/docker-compose.yml +++ b/testbed/sqlServer/docker-compose.yml @@ -23,7 +23,14 @@ services: - db networks: - front - + mailhog: + image: mailhog/mailhog:latest + ports: + - 1025:1025 + - 8025:8025 + container_name: mailhog + networks: + - front networks: front: driver: bridge \ No newline at end of file From b13c7de82f35300409673d9826336a3b07fb8ad9 Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Fri, 15 Jul 2022 13:11:18 -0400 Subject: [PATCH 24/24] SHIBUI-2316 fixed sqlserver upgrade migration --- backend/src/main/resources/db/changelog/changelog.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index 5bece9633..0a63846a3 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -132,9 +132,9 @@ EXEC sp_rename 'entity_attributes_filter_target_value.value', target_value, 'COL GO EXEC sp_rename 'entity_attributes_filter_target_value_aud.value', target_value, 'COLUMN' GO -EXEC sp_rename 'name_id_format_filter_target_value', target_value, 'COLUMN' +EXEC sp_rename 'name_id_format_filter_target_value.value', target_value, 'COLUMN' GO -EXEC sp_rename 'name_id_format_filter_target_value_aud', target_value, 'COLUMN' +EXEC sp_rename 'name_id_format_filter_target_value_aud.value', target_value, 'COLUMN' GO EXEC sp_rename 'organizationurl.value', uri_value, 'COLUMN' GO