Merge branch 'feature/shibui-2393' of bitbucket.org:unicon/shib-idp-u…

…i into feature/shibui-2393
TIER · Nov 28, 2022 · 5040948 · 5040948
2 parents 6c3872b + 2d5cbfa
commit 5040948
Show file tree

Hide file tree

Showing 17 changed files with 83 additions and 31 deletions.
diff --git a/...2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy b/...2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy
@@ -3,6 +3,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository.envers
 import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService
 import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute
@@ -63,7 +64,7 @@ import static edu.internet2.tier.shibboleth.admin.ui.repository.envers.EnversTes
  * Testing entity descriptor envers versioning
  */
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 class EntityDescriptorEnversVersioningTests extends Specification {

diff --git a/...et2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy b/...et2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy
@@ -8,6 +8,7 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomPropertiesConf
 import edu.internet2.tier.shibboleth.admin.ui.configuration.EntitiesVersioningConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityRoleWhiteListFilter
@@ -38,7 +39,7 @@ import spock.lang.Specification
  * Testing metadata resolver envers versioning with metadata filters
  */
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration, EntitiesVersioningConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration, EntitiesVersioningConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 class MetadataFilterEnversVersioningTests extends Specification {
@@ -334,4 +335,4 @@ class MetadataFilterEnversVersioningTests extends Specification {
         mrv1.metadataFilters.size() == 1
         mrv2.metadataFilters.size() == 0
     }
-}
+}
diff --git a/...boleth/admin/ui/repository/envers/MetadataResolverEntityBasicEnversVersioningTests.groovy b/...boleth/admin/ui/repository/envers/MetadataResolverEntityBasicEnversVersioningTests.groovy
@@ -3,6 +3,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository.envers
 import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget
@@ -25,7 +26,7 @@ import javax.persistence.EntityManager
  * Testing metadata resolvers basic versioning by envers is functioning.
  */
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 class MetadataResolverEntityBasicEnversVersioningTests extends Specification {
@@ -101,4 +102,4 @@ class MetadataResolverEntityBasicEnversVersioningTests extends Specification {
         txMgr.commit(txStatus)
         entity
     }
-}
+}
diff --git a/...2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy b/...2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy
@@ -3,6 +3,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository.envers
 import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ClasspathMetadataResource
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
@@ -36,7 +37,7 @@ import static edu.internet2.tier.shibboleth.admin.ui.repository.envers.EnversTes
  * Testing metadata resolver envers versioning
  */
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 class MetadataResolverEnversVersioningTests extends Specification {

diff --git a/.../tier/shibboleth/admin/ui/service/envers/EnversEntityDescriptorVersionServiceTests.groovy b/.../tier/shibboleth/admin/ui/service/envers/EnversEntityDescriptorVersionServiceTests.groovy
@@ -4,6 +4,7 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfigurat
 import edu.internet2.tier.shibboleth.admin.ui.configuration.EntitiesVersioningConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor
 import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound
@@ -24,7 +25,7 @@ import java.time.ZonedDateTime
 
 
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 @EnableJpaAuditing

diff --git a/.../tier/shibboleth/admin/ui/service/envers/EnversMetadataResolverVersionServiceTests.groovy b/.../tier/shibboleth/admin/ui/service/envers/EnversMetadataResolverVersionServiceTests.groovy
@@ -5,6 +5,7 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfigurat
 import edu.internet2.tier.shibboleth.admin.ui.configuration.EntitiesVersioningConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver
@@ -27,7 +28,7 @@ import java.time.ZonedDateTime
 
 
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 @EnableJpaAuditing
@@ -134,4 +135,4 @@ class EnversMetadataResolverVersionServiceTests extends Specification {
         then:
         !nonexitentMr
     }
-}
+}
diff --git a/...du/internet2/tier/shibboleth/admin/ui/service/envers/EnversVersioningMetadataTests.groovy b/...du/internet2/tier/shibboleth/admin/ui/service/envers/EnversVersioningMetadataTests.groovy
@@ -4,6 +4,7 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfigurat
 import edu.internet2.tier.shibboleth.admin.ui.configuration.EntitiesVersioningConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
@@ -24,7 +25,7 @@ import org.springframework.transaction.PlatformTransactionManager
 import spock.lang.Specification
 
 @DataJpaTest
-@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration])
+@ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, TestConfiguration, SearchConfiguration, EntitiesVersioningConfiguration, ShibUIConfiguration])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 @EnableJpaAuditing
@@ -124,4 +125,4 @@ class EnversVersioningMetadataTests extends Specification {
         mrV2.isCurrent()
         edV2.isCurrent()
     }
-}
+}
diff --git a/...rnet2/tier/shibboleth/admin/ui/controller/PersistentEntityControllerExceptionHandler.java b/...rnet2/tier/shibboleth/admin/ui/controller/PersistentEntityControllerExceptionHandler.java
@@ -2,6 +2,7 @@
 
 import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException;
 import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException;
+import edu.internet2.tier.shibboleth.admin.ui.exception.MissingRequiredFieldsException;
 import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException;
 import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound;
 import org.springframework.http.HttpHeaders;
@@ -46,4 +47,9 @@ public ResponseEntity<?> handleObjectIdExistsException(ObjectIdExistsException e
                         String.format("The persistent entity with id [%s] already exists.", e.getMessage())));
 
     }
+
+    @ExceptionHandler({ MissingRequiredFieldsException.class })
+    public ResponseEntity<?> handleMissingRequiredFieldsException(MissingRequiredFieldsException e, WebRequest request) {
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ErrorResponse(HttpStatus.BAD_REQUEST, e.getMessage()));
+    }
 }
diff --git a/...internet2/tier/shibboleth/admin/ui/domain/frontend/DynamicRegistrationRepresentation.java b/...internet2/tier/shibboleth/admin/ui/domain/frontend/DynamicRegistrationRepresentation.java
@@ -19,6 +19,7 @@ public class DynamicRegistrationRepresentation {
     private boolean approved;
     private String contacts;
     private LocalDateTime createdDate;
+    private String createdBy;
     private boolean enabled;
     private GrantType grantType;
     private String idOfOwner;
@@ -40,6 +41,7 @@ public DynamicRegistrationRepresentation(DynamicRegistrationInfo dri) {
         applicationType = dri.getApplicationType();
         approved = dri.isApproved();
         contacts = dri.getContacts();
+        createdBy = dri.getCreatedBy();
         createdDate = dri.getCreatedDate();
         enabled = dri.isEnabled();
         grantType = dri.getGrantType();
@@ -60,7 +62,7 @@ public DynamicRegistrationRepresentation(DynamicRegistrationInfo dri) {
     }
 
     public DynamicRegistrationInfo buildDynamicRegistrationInfo() {
-        // Approved and enabled shouldn't be handled from here, and owner shouldn't come from the UI, so we ignore all those
+        // Approved and enabled shouldn't be handled from here, and owner and created by shouldn't come from the UI, so we ignore all those
 
         DynamicRegistrationInfo dri = new DynamicRegistrationInfo();
         dri.setApplicationType(applicationType);

diff --git a/...main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DynamicRegistrationInfo.java b/...main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DynamicRegistrationInfo.java
@@ -9,11 +9,13 @@
 import edu.internet2.tier.shibboleth.admin.ui.security.model.OwnableType;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
+import org.hibernate.annotations.Type;
 import org.hibernate.envers.Audited;
 
 import javax.persistence.ElementCollection;
 import javax.persistence.Entity;
 import javax.persistence.FetchType;
+import javax.persistence.Lob;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
@@ -28,6 +30,8 @@ public class DynamicRegistrationInfo extends AbstractAuditable implements Ownabl
     private boolean enabled;
     private GrantType grantType;
     private String idOfOwner;
+    @Lob
+    @Type(type = "org.hibernate.type.TextType")
     private String jwks;
     private String logoUri;
     private String name;

diff --git a/...java/edu/internet2/tier/shibboleth/admin/ui/exception/MissingRequiredFieldsException.java b/...java/edu/internet2/tier/shibboleth/admin/ui/exception/MissingRequiredFieldsException.java
@@ -0,0 +1,7 @@
+package edu.internet2.tier.shibboleth.admin.ui.exception;
+
+public class MissingRequiredFieldsException extends Exception {
+    public MissingRequiredFieldsException(String entityId) {
+        super(entityId);
+    }
+}
diff --git a/...ava/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java b/...ava/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java
@@ -3,6 +3,7 @@
 import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.DynamicRegistrationRepresentation;
 import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.DynamicRegistrationInfo;
 import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException;
+import edu.internet2.tier.shibboleth.admin.ui.exception.MissingRequiredFieldsException;
 import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException;
 import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound;
 import edu.internet2.tier.shibboleth.admin.ui.exception.UnsupportedShibUiOperationException;
@@ -83,11 +84,15 @@ private DynamicRegistrationRepresentation changeApproveStatusOfDynamicRepresenta
     }
 
     @Override
-    public DynamicRegistrationRepresentation createNew(DynamicRegistrationRepresentation dynRegRepresentation) throws ObjectIdExistsException {
+    public DynamicRegistrationRepresentation createNew(DynamicRegistrationRepresentation dynRegRepresentation) throws ObjectIdExistsException, MissingRequiredFieldsException {
         if (entityExists(dynRegRepresentation.getResourceId())) {
             throw new ObjectIdExistsException(dynRegRepresentation.getResourceId());
         }
 
+        if (StringUtils.isEmpty(dynRegRepresentation.getName()) || StringUtils.isEmpty(dynRegRepresentation.getRedirectUris())) {
+            throw new MissingRequiredFieldsException("Name and Redirect URIs are both required to create new Dynamic Registration");
+        }
+
         DynamicRegistrationInfo dri = dynRegRepresentation.buildDynamicRegistrationInfo();
         dri.setEnabled(false); // cannot create as enabled
 

diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties
@@ -71,6 +71,8 @@ action.enable=Enable
 action.disable=Disable
 action.get-latest=Get latest changes
 action.download=Download
+action.metadata-sources=Metadata Sources
+action.metadata-providers=Metadata Providers
 
 action.add-new-role=Add new role
 action.roles=Roles
@@ -977,35 +979,35 @@ label.enable-dynamic-registrations=Enable Dynamic Registrations
 label.approve-dynamic-registrations=Approve Dynamic Registrations
 
 label.dynamic-registration-name=Name
-tooltip.dynamic-registration-name=Name
+tooltip.dynamic-registration-name=Name used to identify the registration on the Shibboleth IDP UI Dashboard.
 label.dynamic-registration-redirectUris=Redirect Uris
-tooltip.dynamic-registration-redirectUris=Redirect Uris
+tooltip.dynamic-registration-redirectUris=Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request.
 label.dynamic-registration-responseTypes=Response Types
-tooltip.dynamic-registration-responseTypes=Response Types
+tooltip.dynamic-registration-responseTypes=JSON array containing a list of the OAuth 2.0 response_type values that the Client is declaring that it will restrict itself to using.
 label.dynamic-registration-grantTypes=Grant Types
-tooltip.dynamic-registration-grantTypes=Grant Types
+tooltip.dynamic-registration-grantTypes=JSON array containing a list of the OAuth 2.0 Grant Types that the Client is declaring that it will restrict itself to using.
 label.dynamic-registration-applicationType=Application Type
-tooltip.dynamic-registration-applicationType=Application Type
+tooltip.dynamic-registration-applicationType=Kind of the application. Web Clients using the OAuth Implicit Grant Type MUST only register URLs using the https scheme as redirect_uris (they MUST NOT use localhost as the hostname).
 label.dynamic-registration-contacts=Contacts
-tooltip.dynamic-registration-contacts=Contacts
+tooltip.dynamic-registration-contacts=Array of e-mail addresses of people responsible for this Client. This might be used by some providers to enable a Web user interface to modify the Client information. 
 label.dynamic-registration-subjectType=Subject Type
-tooltip.dynamic-registration-subjectType=Subject Type
+tooltip.dynamic-registration-subjectType=Subject type requested for responses to this Client. The subject_types_supported Discovery parameter contains a list of the supported subject_type values for this server.
 label.dynamic-registration-jwks=Jwks
-tooltip.dynamic-registration-jwks=Jwks
+tooltip.dynamic-registration-jwks=Client\u0027s JSON Web Key Set [JWK] document, passed by value.
 label.dynamic-registration-jwksUri=Jwks Uri
-tooltip.dynamic-registration-jwksUri=Jwks Uri
+tooltip.dynamic-registration-jwksUri=URL for the Client\u0027s JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains the signing key(s) the Server uses to validate signatures from the Client.
 label.dynamic-registration-tokenEndpointAuthMethod=Token Endpoint Auth Method
 tooltip.dynamic-registration-tokenEndpointAuthMethod=Token Endpoint Auth Method
 label.dynamic-registration-logo-uri=Logo Uri
-tooltip.dynamic-registration-logo-uri=Logo Uri
+tooltip.dynamic-registration-logo-uri=URL that references a logo for the Client application. If present, the server SHOULD display this image to the End-User during approval.
 label.dynamic-registration-policy-uri=Policy Uri
-tooltip.dynamic-registration-policy-uri=Policy Uri
+tooltip.dynamic-registration-policy-uri=URL that the Relying Party Client provides to the End-User to read about the how the profile data will be used. The value of this field MUST point to a valid web page.
 label.dynamic-registration-tosuri=TOS Uri
-tooltip.dynamic-registration-tosuri=TOS Uri
+tooltip.dynamic-registration-tosuri=URL that the Relying Party Client provides to the End-User to read about the Relying Party\u0027s terms of service. The value of this field MUST point to a valid web page.
 label.dynamic-registration-scope=Scope
-tooltip.dynamic-registration-scope=Scope
+tooltip.dynamic-registration-scope=If present, all the requested scopes are added to the stored client metadata. If not present, then the default scope set is stored. The default scope (space-separated list of values, e.g. "openid info") can be configured with the idp.oidc.dynreg.defaultScope property.
 label.dynamic-registration-enabled=Enabled
-tooltip.dynamic-registration-enabled=Enabled
+tooltip.dynamic-registration-enabled=Represents whether or not this registration has been sent to the Shibboleth IDP.
 
 value.authorization-code=Authorization Code
 value.implicit=Implicit