SHIBUI-2380

Incremental commit:
Added backend support for KeyInfo containing OIDC fields

backend/build.gradle

@@ -135,6 +135,14 @@ dependencies {
         compile "net.shibboleth.idp:${it}:${project.'shibbolethVersion'}"
     }
 
+    // Shib OIDC
+    ['metadata', 'profile', 'crypto'].each {
+        testCompile "net.shibboleth.oidc:oidc-common-${it}-api:2.1.0"
+        testCompile "net.shibboleth.oidc:oidc-common-${it}-impl:2.1.0"
+    }
+
+    implementation "net.shibboleth.oidc:oidc-common-saml-api:2.1.0"
+
     // hibernate deps
     ['hibernate-core'].each {
         compile "org.hibernate:${it}:${project.'hibernateVersion'}"
@@ -337,6 +345,12 @@ task generateSources {
                 processLine(it['@className'].toString(), 'src/main/templates/SignatureBuilderTemplate.java')
             }
         }
+
+        new XmlSlurper().parse(file('src/main/resources/jpa-shib-oidc-config.xml')).with { builders ->
+            builders.ObjectProviders.ObjectProvider.BuilderClass.each {
+                processLine(it['@className'].toString(), 'src/main/templates/OIDCBuilderTemplate.java')
+            }
+        }
     }
 }
 

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy

@@ -45,6 +45,7 @@ class MetadataSourcesUiDefinitionController {
     JsonSchemaBuilderService jsonSchemaBuilderService
 
     @GetMapping
+    // TODO - CHARLES add type ( SAML|OIDC ) variable to return the correct one - default to saml...
     ResponseEntity<?> getUiDefinitionJsonSchema() {
         try {
             def parsedJson = jacksonObjectMapper.readValue(this.jsonSchemaLocation.url, Map)

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Description.java

@@ -1,6 +1,7 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain;
 
 import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.Type;
 import org.hibernate.envers.Audited;
 
 import javax.annotation.Nullable;
@@ -18,6 +19,7 @@ public class Description extends AbstractXMLObject implements org.opensaml.saml.
 
     @Column(name = "descriptionValue")
     @Lob
+    @Type(type = "org.hibernate.type.TextType")
     private String value;
 
     @Nullable

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java

@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain;
 
+import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject;
 import lombok.EqualsAndHashCode;
 import org.hibernate.annotations.Type;
 import org.hibernate.envers.Audited;
@@ -12,7 +13,7 @@
 @Entity
 @EqualsAndHashCode(callSuper = true)
 @Audited
-public class X509Certificate extends AbstractXMLObject implements org.opensaml.xmlsec.signature.X509Certificate {
+public class X509Certificate extends AbstractXMLObject implements ValueXMLObject, org.opensaml.xmlsec.signature.X509Certificate {
     @Column(name = "x509CertificateValue")
     @Lob
     @Type(type = "org.hibernate.type.TextType")

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Data.java

@@ -97,4 +97,4 @@ public List<XMLObject> getOrderedChildren() {
 
         return children;
     }
-}
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/XSAny.java

@@ -1,19 +1,22 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain;
 
 import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.Type;
 import org.hibernate.envers.Audited;
 import org.opensaml.core.xml.util.AttributeMap;
 
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import javax.persistence.Entity;
+import javax.persistence.Lob;
 import javax.persistence.Transient;
 
 @Entity
 @EqualsAndHashCode(callSuper = true, exclude = {"unknownAttributes"})
 @Audited
 public class XSAny extends AbstractElementExtensibleXMLObject implements org.opensaml.core.xml.schema.XSAny {
-
+    @Lob
+    @Type(type = "org.hibernate.type.TextType")
     private String textContext;
 
     //TODO: implement. this at the underlying level is a just a Map<QName,String>
@@ -40,4 +43,4 @@ public void setTextContent(@Nullable String newContent) {
     public AttributeMap getUnknownAttributes() {
         return this.unknownAttributes;
     }
-}
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java

@@ -1,38 +1,21 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import lombok.Getter;
+import lombok.Setter;
+
 import java.io.Serializable;
 
+@Getter
+@Setter
 public class KeyDescriptorRepresentation implements Serializable {
-
     private static final long serialVersionUID = -2397547851045884034L;
 
-    private boolean x509CertificateAvailable;
-
-    private boolean authenticationRequestsSigned;
-
-    private String x509Certificate;
-
-    public boolean isX509CertificateAvailable() {
-        return x509CertificateAvailable;
-    }
-
-    public void setX509CertificateAvailable(boolean x509CertificateAvailable) {
-        this.x509CertificateAvailable = x509CertificateAvailable;
-    }
-
-    public boolean isAuthenticationRequestsSigned() {
-        return authenticationRequestsSigned;
-    }
-
-    public void setAuthenticationRequestsSigned(boolean authenticationRequestsSigned) {
-        this.authenticationRequestsSigned = authenticationRequestsSigned;
-    }
-
-    public String getX509Certificate() {
-        return x509Certificate;
-    }
+    private String name;
+    private String value;
+    private String type;
+    private ElementType elementType;
 
-    public void setX509Certificate(String x509Certificate) {
-        this.x509Certificate = x509Certificate;
+    public enum ElementType {
+        jwksData, jwksUri, clientSecret, clientSecretKeyReference, X509Data, unsupported
     }
-}
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java

@@ -1,86 +1,35 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import lombok.Getter;
+import lombok.Setter;
+
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
 
+@Getter
+@Setter
 public class SecurityInfoRepresentation implements Serializable {
-
     private static final long serialVersionUID = 9016350010045719454L;
 
-    private boolean x509CertificateAvailable;
-
     private boolean authenticationRequestsSigned;
-
     private boolean wantAssertionsSigned;
-
     private List<X509CertificateRepresentation> x509Certificates = new ArrayList<>();
+    private List<KeyDescriptorRepresentation> keyDescriptors = new ArrayList<>();
 
-    public boolean isX509CertificateAvailable() {
-        return x509CertificateAvailable;
-    }
-
-    public void setX509CertificateAvailable(boolean x509CertificateAvailable) {
-        this.x509CertificateAvailable = x509CertificateAvailable;
-    }
-
-    public boolean isAuthenticationRequestsSigned() {
-        return authenticationRequestsSigned;
-    }
-
-    public void setAuthenticationRequestsSigned(boolean authenticationRequestsSigned) {
-        this.authenticationRequestsSigned = authenticationRequestsSigned;
-    }
-
-    public boolean isWantAssertionsSigned() {
-        return wantAssertionsSigned;
-    }
-
-    public void setWantAssertionsSigned(boolean wantAssertionsSigned) {
-        this.wantAssertionsSigned = wantAssertionsSigned;
-    }
-
-    public List<X509CertificateRepresentation> getX509Certificates() {
-        return x509Certificates;
-    }
-
-    public void setX509Certificates(List<X509CertificateRepresentation> x509Certificates) {
-        this.x509Certificates = x509Certificates;
+    public void addKeyDescriptor(KeyDescriptorRepresentation keyDescriptorRep) {
+        keyDescriptors.add(keyDescriptorRep);
     }
 
+    @Getter
+    @Setter
+    @Deprecated
     public static class X509CertificateRepresentation implements Serializable {
-
         private static final long serialVersionUID = -4893206348572998788L;
 
         private String name;
-
+        private String value;
         //TODO refactor into Enum?
         private String type;
-
-        private String value;
-
-        public String getName() {
-            return name;
-        }
-
-        public void setName(String name) {
-            this.name = name;
-        }
-
-        public String getType() {
-            return type;
-        }
-
-        public void setType(String type) {
-            this.type = type;
-        }
-
-        public String getValue() {
-            return value;
-        }
-
-        public void setValue(String value) {
-            this.value = value;
-        }
     }
-}
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java

@@ -0,0 +1,30 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable;
+import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject;
+import lombok.EqualsAndHashCode;
+import org.hibernate.envers.AuditOverride;
+import org.hibernate.envers.Audited;
+
+import javax.annotation.Nullable;
+import javax.persistence.Entity;
+import javax.persistence.Inheritance;
+import javax.persistence.InheritanceType;
+
+@Entity
+@Inheritance(strategy = InheritanceType.TABLE_PER_CLASS)
+@EqualsAndHashCode(callSuper = true)
+@Audited
+@AuditOverride(forClass = AbstractXMLObject.class)
+public abstract class AbstractValueXMLObject extends AbstractXMLObject implements ValueXMLObject {
+    private String stringValue;
+
+    @Nullable
+    public String getValue() {
+        return this.stringValue;
+    }
+
+    public void setValue(@Nullable String newValue) {
+        this.stringValue = newValue;
+    }
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecret.java

@@ -0,0 +1,12 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import lombok.EqualsAndHashCode;
+import org.hibernate.envers.Audited;
+
+import javax.persistence.Entity;
+
+@Entity
+@EqualsAndHashCode(callSuper = true)
+@Audited
+public class ClientSecret extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.ClientSecret {
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecretKeyReference.java

@@ -0,0 +1,12 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import lombok.EqualsAndHashCode;
+import org.hibernate.envers.Audited;
+
+import javax.persistence.Entity;
+
+@Entity
+@EqualsAndHashCode(callSuper = true)
+@Audited
+public class ClientSecretKeyReference  extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.ClientSecretKeyReference {
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksData.java

@@ -0,0 +1,12 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import lombok.EqualsAndHashCode;
+import org.hibernate.envers.Audited;
+
+import javax.persistence.Entity;
+
+@Entity
+@EqualsAndHashCode(callSuper = true)
+@Audited
+public class JwksData extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.JwksData {
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksUri.java

@@ -0,0 +1,12 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import lombok.EqualsAndHashCode;
+import org.hibernate.envers.Audited;
+
+import javax.persistence.Entity;
+
+@Entity
+@EqualsAndHashCode(callSuper = true)
+@Audited
+public class JwksUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.JwksUri {
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLMarshaller.java

@@ -0,0 +1,14 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import net.shibboleth.utilities.java.support.xml.ElementSupport;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.io.AbstractXMLObjectMarshaller;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.w3c.dom.Element;
+
+public class ValueXMLMarshaller extends AbstractXMLObjectMarshaller {
+    protected void marshallElementContent(final XMLObject xmlObject, final Element domElement) throws MarshallingException {
+        final ValueXMLObject valueXMLObject = (ValueXMLObject) xmlObject;
+        ElementSupport.appendTextContent(domElement, valueXMLObject.getValue());
+    }
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLObject.java

@@ -0,0 +1,9 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+/**
+ * ValueXMLObject is an XML Object that has a "value" through String getValue() and void setValue(String) methods
+ */
+public interface ValueXMLObject {
+    String getValue();
+    void setValue(String value);
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLUnmarshaller.java

@@ -0,0 +1,11 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
+
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller;
+
+public class ValueXMLUnmarshaller  extends AbstractXMLObjectUnmarshaller {
+    protected void processElementContent(final XMLObject xmlObject, final String elementContent) {
+        final ValueXMLObject valueXMLObject = (ValueXMLObject) xmlObject;
+        valueXMLObject.setValue(elementContent);
+    }
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java

@@ -18,7 +18,8 @@ protected String[] getConfigResources() {
                 "/jpa-schema-config.xml",
                 "/jpa-signature-config.xml",
                 "/saml2-protocol-config.xml",
-                "/modified-saml2-assertion-config.xml"
+                "/modified-saml2-assertion-config.xml",
+                "/jpa-shib-oidc-config.xml"
         };
     }
 }