diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java index 185b43918..65cc39c92 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java @@ -89,6 +89,9 @@ public class EntityDescriptor extends AbstractDescriptor implements org.opensaml @EqualsAndHashCode.Exclude private Long versionModifiedTimestamp; + @Setter + private EntityDescriptorProtocol protocol = EntityDescriptorProtocol.SAML; + public EntityDescriptor() { super(); this.resourceId = UUID.randomUUID().toString(); @@ -176,6 +179,10 @@ public org.opensaml.saml.saml2.metadata.Organization getOrganization() { return organization; } + public EntityDescriptorProtocol getProtocol() { + return protocol == null ? EntityDescriptorProtocol.SAML : protocol; + } + @Override public PDPDescriptor getPDPDescriptor(String s) { return pdpDescriptor; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java new file mode 100644 index 000000000..e0e9245f3 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java @@ -0,0 +1,5 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain; + +public enum EntityDescriptorProtocol { + SAML, OIDC +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java index 61d24652e..9d2c0d631 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java @@ -4,6 +4,8 @@ import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import lombok.Getter; import lombok.Setter; @@ -67,6 +69,10 @@ public class EntityDescriptorRepresentation implements Serializable { private int version; + @Getter + @Setter + private EntityDescriptorProtocol protocol; + public EntityDescriptorRepresentation() { } @@ -247,4 +253,4 @@ public void setServiceProviderSsoDescriptor(ServiceProviderSsoDescriptorRepresen public void setVersion(int version) { this.version = version; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index 57cf02ab9..c0640edc3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -1,5 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; + import java.time.LocalDateTime; public interface EntityDescriptorProjection { @@ -16,4 +18,5 @@ default String getEntityId() { LocalDateTime getCreatedDate(); boolean getServiceEnabled(); String getIdOfOwner(); + EntityDescriptorProtocol getProtocol(); } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index bd14193e0..a03ecb05e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -3,8 +3,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityAttributes; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty; -import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo; import edu.internet2.tier.shibboleth.admin.ui.domain.X509Data; import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean; @@ -48,6 +48,7 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; +import org.opensaml.saml.saml2.metadata.KeyDescriptor; import org.opensaml.xmlsec.signature.KeyInfo; import org.opensaml.xmlsec.signature.KeyName; import org.opensaml.xmlsec.signature.KeyValue; @@ -117,10 +118,28 @@ public EntityDescriptorRepresentation createNew(EntityDescriptor ed) throws Forb @Override public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(EntityDescriptor ed) { ed.setIdOfOwner(userService.getCurrentUserGroup().getOwnerId()); + ed.setProtocol(determineEntityDescriptorProtocol(ed)); EntityDescriptor savedEntity = entityDescriptorRepository.save(ed); return createRepresentationFromDescriptor(savedEntity); } + // Change to check for OAuthRPExtensions in the extensions? + private EntityDescriptorProtocol determineEntityDescriptorProtocol(EntityDescriptor ed) { + boolean oidcType = false; + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { + for (KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { + KeyInfo keyInfo = keyDescriptor.getKeyInfo(); + KeyDescriptorRepresentation.ElementType keyInfoType = determineKeyInfoType(keyInfo); + if (keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecret || keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecretKeyReference || + keyInfoType == KeyDescriptorRepresentation.ElementType.jwksData || keyInfoType == KeyDescriptorRepresentation.ElementType.jwksUri) { + oidcType = true; + break; + } + } + } + return oidcType ? EntityDescriptorProtocol.OIDC : EntityDescriptorProtocol.SAML; + } + @Override public boolean entityExists(String entityID) { return entityDescriptorRepository.findByEntityID(entityID) != null ; @@ -174,6 +193,7 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope representation.setCreatedBy(ed.getCreatedBy()); representation.setCurrent(ed.isCurrent()); representation.setIdOfOwner(ed.getIdOfOwner()); + representation.setProtocol(ed.getProtocol()); if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getSupportedProtocols().size() > 0) { ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptorRepresentation = representation.getServiceProviderSsoDescriptor(true);