Skip to content

Commit

Permalink
[SHIBUI-906]
Browse files Browse the repository at this point in the history 
First implementation of custom relying party overrides. Does not include
validation of input JSON. Does not include unit test fixes.

Everything else should work, though. In theory.
  • Loading branch information
Bill Smith committed Oct 13, 2018
1 parent 1837ae1 commit 204790b
Show file tree
Hide file tree
Showing 11 changed files with 195 additions and 177 deletions.
7 changes: 3 additions & 4 deletions ...nternet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
package edu.internet2.tier.shibboleth.admin.ui.controller

import com.fasterxml.jackson.databind.ObjectMapper
import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomAttributesConfiguration
import groovy.json.JsonOutput
import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomPropertiesConfiguration
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.boot.context.properties.ConfigurationProperties
import org.springframework.core.io.ResourceLoader
Expand Down Expand Up @@ -37,15 +36,15 @@ class MetadataSourcesUiDefinitionController {
ObjectMapper jacksonObjectMapper

@Autowired
CustomAttributesConfiguration customAttributesConfiguration
CustomPropertiesConfiguration customPropertiesConfiguration

@GetMapping
ResponseEntity<?> getUiDefinitionJsonSchema() {
try {
def parsedJson = jacksonObjectMapper.readValue(this.jsonSchemaUrl, Map)
def widget = parsedJson["properties"]["attributeRelease"]["widget"]
def data = []
customAttributesConfiguration.getAttributes().each {
customPropertiesConfiguration.getAttributes().each {
def attribute = [:]
attribute["key"] = it["name"]
attribute["label"] = it["displayName"]
Expand Down
10 changes: 8 additions & 2 deletions ...in/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,14 @@
import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolversPositionOrderContainerService;
import edu.internet2.tier.shibboleth.admin.util.AttributeUtility;
import edu.internet2.tier.shibboleth.admin.util.LuceneUtility;
import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions;
import org.apache.lucene.analysis.Analyzer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ResourceBundleMessageSource;
Expand Down Expand Up @@ -172,12 +173,17 @@ public LuceneUtility luceneUtility(DirectoryService directoryService) {
}

@Bean
public CustomPropertiesConfiguration customAttributesConfiguration() {
public CustomPropertiesConfiguration customPropertiesConfiguration() {
return new CustomPropertiesConfiguration();
}

@Bean
public Module stringTrimModule() {
return new StringTrimModule();
}

@Bean
public ModelRepresentationConversions modelRepresentationConversions() {
return new ModelRepresentationConversions(customPropertiesConfiguration());
}
}
7 changes: 3 additions & 4 deletions ...in/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import com.fasterxml.jackson.annotation.JsonIgnore;
import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute;
import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.RelyingPartyOverridesRepresentation;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
Expand All @@ -16,8 +15,8 @@
import javax.persistence.PostLoad;
import javax.persistence.Transient;
import java.util.ArrayList;

import java.util.List;
import java.util.Map;

import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromAttributeReleaseList;
import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromRelyingPartyOverridesRepresentation;
Expand Down Expand Up @@ -52,9 +51,9 @@ public void setAttributeRelease(List<String> attributeRelease) {
}

@Transient
private RelyingPartyOverridesRepresentation relyingPartyOverrides;
private Map<String, Object> relyingPartyOverrides;

public void setRelyingPartyOverrides(RelyingPartyOverridesRepresentation relyingPartyOverridesRepresentation) {
public void setRelyingPartyOverrides(Map<String, Object> relyingPartyOverridesRepresentation) {
this.relyingPartyOverrides = relyingPartyOverridesRepresentation;
this.rebuildAttributes();
}
Expand Down
7 changes: 4 additions & 3 deletions ...du/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

public class EntityDescriptorRepresentation implements Serializable {

Expand Down Expand Up @@ -58,7 +59,7 @@ public EntityDescriptorRepresentation(String id,

private LocalDateTime modifiedDate;

private RelyingPartyOverridesRepresentation relyingPartyOverrides;
private Map<String, Object> relyingPartyOverrides;

private List<String> attributeRelease;

Expand Down Expand Up @@ -180,11 +181,11 @@ public void setModifiedDate(LocalDateTime modifiedDate) {
this.modifiedDate = modifiedDate;
}

public RelyingPartyOverridesRepresentation getRelyingPartyOverrides() {
public Map<String, Object> getRelyingPartyOverrides() {
return relyingPartyOverrides;
}

public void setRelyingPartyOverrides(RelyingPartyOverridesRepresentation relyingPartyOverrides) {
public void setRelyingPartyOverrides(Map<String, Object> relyingPartyOverrides) {
this.relyingPartyOverrides = relyingPartyOverrides;
}

Expand Down
7 changes: 4 additions & 3 deletions ...ain/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/FilterRepresentation.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,14 @@
import java.io.Serializable;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Map;

public class FilterRepresentation implements Serializable {
private String id;
private String filterName;
private boolean filterEnabled;
private FilterTargetRepresentation filterTarget;
private RelyingPartyOverridesRepresentation relyingPartyOverrides;
private Map<String, Object> relyingPartyOverrides;
private List<String> attributeRelease;
private LocalDateTime createdDate;
private LocalDateTime modifiedDate;
Expand Down Expand Up @@ -57,11 +58,11 @@ public void setFilterTarget(FilterTargetRepresentation filterTarget) {
this.filterTarget = filterTarget;
}

public RelyingPartyOverridesRepresentation getRelyingPartyOverrides() {
public Map<String, Object> getRelyingPartyOverrides() {
return relyingPartyOverrides;
}

public void setRelyingPartyOverrides(RelyingPartyOverridesRepresentation relyingPartyOverrides) {
public void setRelyingPartyOverrides(Map<String, Object> relyingPartyOverrides) {
this.relyingPartyOverrides = relyingPartyOverrides;
}

Expand Down
3 changes: 2 additions & 1 deletion ...src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import org.opensaml.saml.saml2.metadata.EntityDescriptor;

import java.util.List;
import java.util.Map;

/**
* Main backend facade API that defines operations pertaining to manipulating <code>{@link EntityDescriptor}</code> state.
Expand Down Expand Up @@ -52,6 +53,6 @@ public interface EntityDescriptorService {
* @param attributeList the list of attributes to generate from
* @return a RelyingPartyOverridesRepresentation based on the given list of attributes
*/
RelyingPartyOverridesRepresentation getRelyingPartyOverridesRepresentationFromAttributeList(List<Attribute> attributeList);
Map<String, Object> getRelyingPartyOverridesRepresentationFromAttributeList(List<Attribute> attributeList);

}
3 changes: 2 additions & 1 deletion backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import org.opensaml.saml.saml2.core.Attribute;

import java.util.List;
import java.util.Map;

/**
* facade API that defines operations for creating various entities from JSON representations
Expand All @@ -13,5 +14,5 @@ public interface EntityService {
List<Attribute> getAttributeListFromEntityRepresentation(EntityDescriptorRepresentation entityDescriptorRepresentation);
edu.internet2.tier.shibboleth.admin.ui.domain.Attribute getAttributeFromAttributeReleaseList(List<String> attributeReleaseList);
List<Attribute> getAttributeListFromAttributeReleaseList(List<String> attributeReleaseList);
List<Attribute> getAttributeListFromRelyingPartyOverridesRepresentation(RelyingPartyOverridesRepresentation relyingPartyOverridesRepresentation);
List<Attribute> getAttributeListFromRelyingPartyOverridesRepresentation(Map<String, Object> relyingPartyOverridesRepresentation);
}
54 changes: 9 additions & 45 deletions ...n/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,9 @@

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;

import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getBooleanValueOfAttribute;
Expand Down Expand Up @@ -489,54 +491,16 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope
// set up extensions
if (ed.getExtensions() != null && ed.getExtensions().getUnknownXMLObjects(EntityAttributes.DEFAULT_ELEMENT_NAME) != null && ed.getExtensions().getUnknownXMLObjects(EntityAttributes.DEFAULT_ELEMENT_NAME).size() == 1) {
// we have entity attributes (hopefully), so should have overrides
RelyingPartyOverridesRepresentation relyingPartyOverridesRepresentation = new RelyingPartyOverridesRepresentation();
representation.setRelyingPartyOverrides(relyingPartyOverridesRepresentation);
Map<String, Object> relyingPartyOverrides = new HashMap<>();

for (org.opensaml.saml.saml2.core.Attribute attribute : ((EntityAttributes) ed.getExtensions().getUnknownXMLObjects(EntityAttributes.DEFAULT_ELEMENT_NAME).get(0)).getAttributes()) {
Attribute jpaAttribute = (Attribute) attribute;
// TODO: this is going to get real ugly real quick. clean it up, future Jj!
switch (jpaAttribute.getName()) {
case MDDCConstants.SIGN_ASSERTIONS:
relyingPartyOverridesRepresentation.setSignAssertion(getBooleanValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.SIGN_RESPONSES:
relyingPartyOverridesRepresentation.setDontSignResponse(!getBooleanValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.ENCRYPT_ASSERTIONS:
relyingPartyOverridesRepresentation.setTurnOffEncryption(!getBooleanValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.SECURITY_CONFIGURATION:
if (getStringListValueOfAttribute(jpaAttribute).contains("shibboleth.SecurityConfiguration.SHA1")) {
relyingPartyOverridesRepresentation.setUseSha(true);
}
break;
case MDDCConstants.DISALLOWED_FEATURES:
if ((Integer.decode(getStringListValueOfAttribute(jpaAttribute).get(0)) & 0x1) == 0x1) {
relyingPartyOverridesRepresentation.setIgnoreAuthenticationMethod(true);
}
break;
case MDDCConstants.INCLUDE_CONDITIONS_NOT_BEFORE:
relyingPartyOverridesRepresentation.setOmitNotBefore(!getBooleanValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.RESPONDER_ID:
relyingPartyOverridesRepresentation.setResponderId(getStringListValueOfAttribute(jpaAttribute).get(0));
break;
case MDDCConstants.NAME_ID_FORMAT_PRECEDENCE:
relyingPartyOverridesRepresentation.setNameIdFormats(getStringListValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.DEFAULT_AUTHENTICATION_METHODS:
relyingPartyOverridesRepresentation.setAuthenticationMethods(getStringListValueOfAttribute(jpaAttribute));
break;
case MDDCConstants.RELEASE_ATTRIBUTES:
representation.setAttributeRelease(getStringListOfAttributeValues(attribute.getAttributeValues()));
break;
case MDDCConstants.FORCE_AUTHN:
relyingPartyOverridesRepresentation.setForceAuthn(getBooleanValueOfAttribute(jpaAttribute));
break;
default:
break;
}

relyingPartyOverrides.put(ModelRepresentationConversions.getAttributeNameFromFriendlyName(jpaAttribute.getFriendlyName()),
jpaAttribute.getAttributeValues());
}

representation.setRelyingPartyOverrides(relyingPartyOverrides);
}

return representation;
Expand All @@ -548,7 +512,7 @@ public List<String> getAttributeReleaseListFromAttributeList(List<Attribute> att
}

@Override
public RelyingPartyOverridesRepresentation getRelyingPartyOverridesRepresentationFromAttributeList(List<Attribute> attributeList) {
public Map<String, Object> getRelyingPartyOverridesRepresentationFromAttributeList(List<Attribute> attributeList) {
return ModelRepresentationConversions.getRelyingPartyOverridesRepresentationFromAttributeList(attributeList);
}

Expand Down
Loading

0 comments on commit 204790b

Please sign in to comment.