diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index bac168379..9abce2699 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -293,7 +293,7 @@ label.finish-summary-validation=Finished! label.select-entity-id-to-copy=Select the Entity ID to copy label.metadata-source-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) label.new-entity-id=New Entity ID -label.metadata-source-protocol=Identity Protocol +label.source-protocol=Authentication Protocol label.select-source-protocol=Select Protocol label.sections-to-copy=Sections to Copy? @@ -423,7 +423,7 @@ label.remove-empty-entities-descriptors=Remove Empty Entities Descriptors? label.select-metadata-provider-type=Select Metadata Provider Type label.select-metadata-filter-type=Select Metadata Filter Type -label.select-metadata-source-protocol=Select Metadata Source Protocol +label.select-source-protocol=Select Authentication Protocol label.filter-list=Filter List label.common-attributes=Common Attributes label.reloading-attributes=Reloading Attributes @@ -638,11 +638,11 @@ message.session-timeout-body=Your session has timed out. Please login again. message.session-timeout=An error has occurred while saving. Your session may have timed out. tooltip.entity-id=An entityID is the SAML identifier that uniquely names a service provider. -tooltip.service-provider-name=Service Provider Name (Dashboard Display Only) -tooltip.metadata-source-protocol=Identity Protocol +tooltip.service-provider-name=Used only in the Shibboleth IDP UI, this name is used to distinguish the service provider in the dashboard. +tooltip.source-protocol=Authentication Protocol to use for this Metadata Source. (SAML, OIDC, CAS, etc) tooltip.force-authn=Disallows use (or reuse) of authentication results and login flows that don\u0027t provide a real-time proof of user presence in the login process tooltip.ignore-request-signatures=Whether to skip validation of signatures on requests when dealing with badly broken or incompetently operated services -tooltip.service-provider-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) +tooltip.service-provider-name-dashboard-display-only=Used only in the Shibboleth IDP UI, this name is used to distinguish the service provider in the dashboard. tooltip.service-provider-entity-id=Service Provider Entity ID tooltip.organization-name=Name of the organization standing up the entity. tooltip.organization-display-name=Name of the organization standing up the entity to be used for display purposes. @@ -662,7 +662,8 @@ tooltip.authentication-requests-signed=Whether to sign requests. Signing request tooltip.want-assertions-signed=Whether to sign assertions. Element declares that the service provider wants the element to be digitally signed. tooltip.certificate-name=Value used by the IDP UI to identify certificates. tooltip.certificate-type=Describes the use to which the credential will be put (as defined by the SAML standard) -tooltip.certificate=A certificate containing a public key to use to require and verify an XML signature over the resource. +tooltip.certificate=Value used for the key descriptor. (Certificate, ClientSecret, etc) +tooltip.key-descriptors=A certificate containing a public key to use to require and verify an XML signature over the resource. tooltip.logout-endpoints=If your SP supports SAML 2.0 Single Logout, you will need to include one or more endpoint elements in the metadata. tooltip.logout-endpoints-url=The location of the handler (when combined with the base handlerURL). This is the location to which an IdP sends messages using whatever protocol and binding it shares with the SP. Each combination of SLO protocol and binding is installed at a unique location to improve efficiency. tooltip.logout-endpoints-binding-type=Identifies the protocol binding supported by the handler. Bindings describe how the message is packaged by the IdP (or by the browser in some cases) for consumption by the handler. @@ -806,7 +807,9 @@ message.algorithms-unique=Each algorithm may only be used once. label.source-protocol=Authentication Protocol label.key-descriptors=Key Descriptors label.certificate-value=Value +tooltip.certificate-value=Value used for the key descriptor. (Certificate, ClientSecret, etc) label.element-type=Element Type +tooltip.element-type=Type of element used to contain the certificate in metadata. (x509, etc) label.oauth-rp-extensions=OAuth Relying Party Extensions label.post-logout-redirect-uris=Post Logout Redirect URIs diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json deleted file mode 100644 index 818304bfb..000000000 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ /dev/null @@ -1,546 +0,0 @@ -{ - "type": "object", - "required": [ - "protocol", - "serviceProviderName", - "entityId" - ], - "properties": { - "protocol": { - "title": "label.metadata-source-protocol", - "description": "tooltip.metadata-source-protocol", - "type": "string", - "enum": [ - "OIDC", - "SAML" - ], - "enumNames": [ - "value.oidc", - "value.saml" - ] - }, - "serviceProviderName": { - "title": "label.service-provider-name", - "description": "tooltip.service-provider-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "entityId": { - "title": "label.entity-id", - "description": "tooltip.entity-id", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "serviceEnabled": { - "title": "label.enable-this-service", - "description": "tooltip.enable-this-service-upon-saving", - "type": "boolean" - }, - "organization": { - "$ref": "#/definitions/Organization" - }, - "contacts": { - "title": "label.contact-information", - "description": "tooltip.contact-information", - "type": "array", - "items": { - "$ref": "#/definitions/Contact" - } - }, - "mdui": { - "$ref": "#/definitions/MDUI" - }, - "securityInfo": { - "type": "object", - "dependencies": { - "authenticationRequestsSigned": { - "oneOf": [ - { - "properties": { - "authenticationRequestsSigned": { - "enum": [true] - }, - "x509Certificates": { - "minItems": 1 - } - } - }, - { - "properties": { - "authenticationRequestsSigned": { - "enum": [false] - }, - "x509Certificates": { - "minItems": 0 - } - } - } - ] - } - }, - "properties": { - "x509CertificateAvailable": { - "type": "boolean" - }, - "authenticationRequestsSigned": { - "title": "label.authentication-requests-signed", - "description": "tooltip.authentication-requests-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "wantAssertionsSigned": { - "title": "label.want-assertions-signed", - "description": "tooltip.want-assertions-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "x509Certificates": { - "title": "label.x509-certificates", - "description": "tooltip.x509-certificates", - "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } - } - } - }, - "assertionConsumerServices": { - "title": "label.assertion-consumer-service-endpoints", - "description": "tooltip.assertion-consumer-service-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/AssertionConsumerService" - } - }, - "serviceProviderSsoDescriptor": { - "type": "object", - "properties": { - "protocolSupportEnum": { - "title": "label.protocol-support-enumeration", - "description": "tooltip.protocol-support-enumeration", - "type": "string", - "widget": { - "id": "select" - }, - "oneOf": [ - { - "enum": [ - "SAML 2" - ], - "description": "SAML 2" - }, - { - "enum": [ - "SAML 1.1" - ], - "description": "SAML 1.1" - }, - { - "enum": [ - "http://openid.net/specs/openid-connect-core-1_0.html" - ], - "description": "OIDC" - } - ] - }, - "nameIdFormats": { - "$ref": "#/definitions/nameIdFormats" - } - } - }, - "logoutEndpoints": { - "title": "label.logout-endpoints", - "description": "tooltip.logout-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/LogoutEndpoint" - } - }, - "relyingPartyOverrides": { - "type": "object", - "properties": {} - }, - "attributeRelease": { - "type": "array", - "title": "label.attribute-release", - "description": "Attribute release table - select the attributes you want to release (default unchecked)", - "items": { - "type": "string" - }, - "uniqueItems": true - } - }, - "definitions": { - "Contact": { - "type": "object", - "required": [ - "name", - "type", - "emailAddress" - ], - "properties": { - "name": { - "title": "label.contact-name", - "description": "tooltip.contact-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "type": { - "title": "label.contact-type", - "description": "tooltip.contact-type", - "type": "string", - "widget": "select", - "minLength": 1, - "oneOf": [ - { - "enum": [ - "support" - ], - "description": "value.support" - }, - { - "enum": [ - "technical" - ], - "description": "value.technical" - }, - { - "enum": [ - "administrative" - ], - "description": "value.administrative" - }, - { - "enum": [ - "other" - ], - "description": "value.other" - } - ] - }, - "emailAddress": { - "title": "label.contact-email-address", - "description": "tooltip.contact-email", - "type": "string", - "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", - "minLength": 1, - "maxLength": 255 - } - } - }, - "Certificate": { - "type": "object", - "required": [ - "type", - "value" - ], - "properties": { - "name": { - "title": "label.certificate-name-display-only", - "description": "tooltip.certificate-name", - "type": "string", - "maxLength": 255 - }, - "type": { - "title": "label.certificate-type", - "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, - "oneOf": [ - { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], - "description": "value.encryption" - }, - { - "enum": [ - "both" - ], - "description": "value.both" - } - ] - }, - "value": { - "title": "label.certificate", - "description": "tooltip.certificate", - "type": "string", - "widget": "textarea", - "minLength": 1 - } - } - }, - "AssertionConsumerService": { - "type": "object", - "required": [ - "locationUrl", - "binding" - ], - "properties": { - "locationUrl": { - "title": "label.assertion-consumer-service-location", - "description": "tooltip.assertion-consumer-service-location", - "type": "string", - "widget": { - "id": "string", - "help": "message.valid-url" - }, - "minLength": 1, - "maxLength": 255 - }, - "binding": { - "title": "label.assertion-consumer-service-location-binding", - "description": "tooltip.assertion-consumer-service-location-binding", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - }, - { - "enum": [ - "https://tools.ietf.org/html/rfc6749#section-3.1.2" - ], - "description": "OIDC / OAUTH Binding" - } - ] - }, - "makeDefault": { - "title": "label.mark-as-default", - "description": "tooltip.mark-as-default", - "type": "boolean" - } - } - }, - "LogoutEndpoint": { - "description": "tooltip.new-endpoint", - "type": "object", - "fieldsets": [ - { - "fields": [ - "url", - "bindingType" - ] - } - ], - "required": [ - "url", - "bindingType" - ], - "properties": { - "url": { - "title": "label.url", - "description": "tooltip.url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "bindingType": { - "title": "label.binding-type", - "description": "tooltip.binding-type", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - } - ] - } - } - }, - "MDUI": { - "type": "object", - "widget": { - "id": "fieldset" - }, - "fieldsets": [ - { - "type": "group", - "fields": [ - "displayName", - "informationUrl", - "description" - ] - }, - { - "type": "group", - "fields": [ - "privacyStatementUrl", - "logoUrl", - "logoWidth", - "logoHeight" - ] - } - ], - "properties": { - "displayName": { - "title": "label.display-name", - "description": "tooltip.mdui-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "informationUrl": { - "title": "label.information-url", - "description": "tooltip.mdui-information-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "privacyStatementUrl": { - "title": "label.privacy-statement-url", - "description": "tooltip.mdui-privacy-statement-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "description": { - "title": "label.description", - "description": "tooltip.mdui-description", - "type": "string", - "widget": { - "id": "textarea" - }, - "minLength": 1, - "maxLength": 255 - }, - "logoUrl": { - "title": "label.logo-url", - "description": "tooltip.mdui-logo-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "logoHeight": { - "title": "label.logo-height", - "description": "tooltip.mdui-logo-height", - "minimum": 0, - "type": "integer" - }, - "logoWidth": { - "title": "label.logo-width", - "description": "tooltip.mdui-logo-width", - "minimum": 0, - "type": "integer" - } - } - }, - "Organization": { - "type": "object", - "properties": { - "name": { - "title": "label.organization-name", - "description": "tooltip.organization-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "displayName": { - "title": "label.organization-display-name", - "description": "tooltip.organization-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "url": { - "title": "label.organization-url", - "description": "tooltip.organization-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - } - }, - "dependencies": { - "name": { - "required": [ - "displayName", - "url" - ] - }, - "displayName": { - "required": [ - "name", - "url" - ] - }, - "url": { - "required": [ - "name", - "displayName" - ] - } - } - } - } -} \ No newline at end of file diff --git a/ui/src/app/metadata/domain/source/component/SourceList.js b/ui/src/app/metadata/domain/source/component/SourceList.js index d462528a1..671c08a0b 100644 --- a/ui/src/app/metadata/domain/source/component/SourceList.js +++ b/ui/src/app/metadata/domain/source/component/SourceList.js @@ -32,7 +32,7 @@ export default function SourceList({ entities, onDelete, onEnable, onChangeGroup Title Entity ID - Protocol + Protocol Author Created Date Enabled diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js index 15d4bc257..bcc19dad9 100644 --- a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -11,6 +11,9 @@ export const OidcSourceBase = defaultsDeep({ export const OidcSourceEditor = defaultsDeep({ ...SourceEditor, uiSchema: defaultsDeep({ + protocol: { + 'ui:readonly': true + }, serviceProviderSsoDescriptor: { ...SourceBase.uiSchema.serviceProviderSsoDescriptor, layout: { diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index c273b8df3..d95cadef1 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -94,14 +94,14 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) - + {loading && } - + - + {types.map(t => )} @@ -111,7 +111,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) - +