From 1cd322445701cd7a78242ad63798600ba5c57a5d Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 16 Sep 2022 15:04:33 -0700 Subject: [PATCH 01/77] SHIBUI-2380 Incremental commit: Added backend support for KeyInfo containing OIDC fields --- backend/build.gradle | 14 ++ ...tadataSourcesUiDefinitionController.groovy | 1 + .../admin/ui/domain/Description.java | 2 + .../admin/ui/domain/X509Certificate.java | 3 +- .../shibboleth/admin/ui/domain/X509Data.java | 2 +- .../shibboleth/admin/ui/domain/XSAny.java | 7 +- .../frontend/KeyDescriptorRepresentation.java | 41 ++---- .../frontend/SecurityInfoRepresentation.java | 77 ++-------- .../domain/oidc/AbstractValueXMLObject.java | 30 ++++ .../admin/ui/domain/oidc/ClientSecret.java | 12 ++ .../domain/oidc/ClientSecretKeyReference.java | 12 ++ .../admin/ui/domain/oidc/JwksData.java | 12 ++ .../admin/ui/domain/oidc/JwksUri.java | 12 ++ .../ui/domain/oidc/ValueXMLMarshaller.java | 14 ++ .../admin/ui/domain/oidc/ValueXMLObject.java | 9 ++ .../ui/domain/oidc/ValueXMLUnmarshaller.java | 11 ++ .../JPAXMLObjectProviderInitializer.java | 3 +- .../JPAEntityDescriptorServiceImpl.java | 134 +++++++++++++----- .../util/EntityDescriptorConversionUtils.java | 13 +- .../main/resources/db/changelog/changelog.sql | 28 ++++ .../main/resources/jpa-shib-oidc-config.xml | 35 +++++ .../main/resources/jpa-signature-config.xml | 31 ++-- .../main/templates/OIDCBuilderTemplate.java | 21 +++ ...JPAEntityDescriptorServiceImplTests.groovy | 3 - ...ntityDescriptorConversionUtilsTests.groovy | 4 - .../src/test/resources/json/SHIBUI-187.json | 1 - .../src/test/resources/json/SHIBUI-211.json | 1 - .../src/test/resources/json/SHIBUI-219-1.json | 1 - .../src/test/resources/json/SHIBUI-219-2.json | 1 - .../src/test/resources/json/SHIBUI-219-3.json | 1 - .../src/test/resources/json/SHIBUI-223.json | 1 - .../src/test/resources/json/SHIBUI-855.json | 1 - 32 files changed, 361 insertions(+), 177 deletions(-) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecret.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecretKeyReference.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksData.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksUri.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLMarshaller.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLObject.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLUnmarshaller.java create mode 100644 backend/src/main/resources/jpa-shib-oidc-config.xml create mode 100644 backend/src/main/templates/OIDCBuilderTemplate.java diff --git a/backend/build.gradle b/backend/build.gradle index 83d2c8dd8..07669a2d9 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -135,6 +135,14 @@ dependencies { compile "net.shibboleth.idp:${it}:${project.'shibbolethVersion'}" } + // Shib OIDC + ['metadata', 'profile', 'crypto'].each { + testCompile "net.shibboleth.oidc:oidc-common-${it}-api:2.1.0" + testCompile "net.shibboleth.oidc:oidc-common-${it}-impl:2.1.0" + } + + implementation "net.shibboleth.oidc:oidc-common-saml-api:2.1.0" + // hibernate deps ['hibernate-core'].each { compile "org.hibernate:${it}:${project.'hibernateVersion'}" @@ -337,6 +345,12 @@ task generateSources { processLine(it['@className'].toString(), 'src/main/templates/SignatureBuilderTemplate.java') } } + + new XmlSlurper().parse(file('src/main/resources/jpa-shib-oidc-config.xml')).with { builders -> + builders.ObjectProviders.ObjectProvider.BuilderClass.each { + processLine(it['@className'].toString(), 'src/main/templates/OIDCBuilderTemplate.java') + } + } } } diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy index db00c31d3..fa21d8a31 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy @@ -45,6 +45,7 @@ class MetadataSourcesUiDefinitionController { JsonSchemaBuilderService jsonSchemaBuilderService @GetMapping + // TODO - CHARLES add type ( SAML|OIDC ) variable to return the correct one - default to saml... ResponseEntity getUiDefinitionJsonSchema() { try { def parsedJson = jacksonObjectMapper.readValue(this.jsonSchemaLocation.url, Map) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Description.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Description.java index b86c86b1d..133c81ff5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Description.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Description.java @@ -1,6 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; import lombok.EqualsAndHashCode; +import org.hibernate.annotations.Type; import org.hibernate.envers.Audited; import javax.annotation.Nullable; @@ -18,6 +19,7 @@ public class Description extends AbstractXMLObject implements org.opensaml.saml. @Column(name = "descriptionValue") @Lob + @Type(type = "org.hibernate.type.TextType") private String value; @Nullable diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java index cff1a3c9d..585f5220a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Certificate.java @@ -1,5 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import lombok.EqualsAndHashCode; import org.hibernate.annotations.Type; import org.hibernate.envers.Audited; @@ -12,7 +13,7 @@ @Entity @EqualsAndHashCode(callSuper = true) @Audited -public class X509Certificate extends AbstractXMLObject implements org.opensaml.xmlsec.signature.X509Certificate { +public class X509Certificate extends AbstractXMLObject implements ValueXMLObject, org.opensaml.xmlsec.signature.X509Certificate { @Column(name = "x509CertificateValue") @Lob @Type(type = "org.hibernate.type.TextType") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Data.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Data.java index 7afd88814..40e80085d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Data.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/X509Data.java @@ -97,4 +97,4 @@ public List getOrderedChildren() { return children; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/XSAny.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/XSAny.java index de81fcdf6..a9225b327 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/XSAny.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/XSAny.java @@ -1,19 +1,22 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; import lombok.EqualsAndHashCode; +import org.hibernate.annotations.Type; import org.hibernate.envers.Audited; import org.opensaml.core.xml.util.AttributeMap; import javax.annotation.Nonnull; import javax.annotation.Nullable; import javax.persistence.Entity; +import javax.persistence.Lob; import javax.persistence.Transient; @Entity @EqualsAndHashCode(callSuper = true, exclude = {"unknownAttributes"}) @Audited public class XSAny extends AbstractElementExtensibleXMLObject implements org.opensaml.core.xml.schema.XSAny { - + @Lob + @Type(type = "org.hibernate.type.TextType") private String textContext; //TODO: implement. this at the underlying level is a just a Map @@ -40,4 +43,4 @@ public void setTextContent(@Nullable String newContent) { public AttributeMap getUnknownAttributes() { return this.unknownAttributes; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java index f56f5ad5b..aa6c564ea 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java @@ -1,38 +1,21 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.frontend; +import lombok.Getter; +import lombok.Setter; + import java.io.Serializable; +@Getter +@Setter public class KeyDescriptorRepresentation implements Serializable { - private static final long serialVersionUID = -2397547851045884034L; - private boolean x509CertificateAvailable; - - private boolean authenticationRequestsSigned; - - private String x509Certificate; - - public boolean isX509CertificateAvailable() { - return x509CertificateAvailable; - } - - public void setX509CertificateAvailable(boolean x509CertificateAvailable) { - this.x509CertificateAvailable = x509CertificateAvailable; - } - - public boolean isAuthenticationRequestsSigned() { - return authenticationRequestsSigned; - } - - public void setAuthenticationRequestsSigned(boolean authenticationRequestsSigned) { - this.authenticationRequestsSigned = authenticationRequestsSigned; - } - - public String getX509Certificate() { - return x509Certificate; - } + private String name; + private String value; + private String type; + private ElementType elementType; - public void setX509Certificate(String x509Certificate) { - this.x509Certificate = x509Certificate; + public enum ElementType { + jwksData, jwksUri, clientSecret, clientSecretKeyReference, X509Data, unsupported } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java index c2e5a2f9f..7ba875678 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java @@ -1,86 +1,35 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.frontend; +import lombok.Getter; +import lombok.Setter; + import java.io.Serializable; import java.util.ArrayList; import java.util.List; +@Getter +@Setter public class SecurityInfoRepresentation implements Serializable { - private static final long serialVersionUID = 9016350010045719454L; - private boolean x509CertificateAvailable; - private boolean authenticationRequestsSigned; - private boolean wantAssertionsSigned; - private List x509Certificates = new ArrayList<>(); + private List keyDescriptors = new ArrayList<>(); - public boolean isX509CertificateAvailable() { - return x509CertificateAvailable; - } - - public void setX509CertificateAvailable(boolean x509CertificateAvailable) { - this.x509CertificateAvailable = x509CertificateAvailable; - } - - public boolean isAuthenticationRequestsSigned() { - return authenticationRequestsSigned; - } - - public void setAuthenticationRequestsSigned(boolean authenticationRequestsSigned) { - this.authenticationRequestsSigned = authenticationRequestsSigned; - } - - public boolean isWantAssertionsSigned() { - return wantAssertionsSigned; - } - - public void setWantAssertionsSigned(boolean wantAssertionsSigned) { - this.wantAssertionsSigned = wantAssertionsSigned; - } - - public List getX509Certificates() { - return x509Certificates; - } - - public void setX509Certificates(List x509Certificates) { - this.x509Certificates = x509Certificates; + public void addKeyDescriptor(KeyDescriptorRepresentation keyDescriptorRep) { + keyDescriptors.add(keyDescriptorRep); } + @Getter + @Setter + @Deprecated public static class X509CertificateRepresentation implements Serializable { - private static final long serialVersionUID = -4893206348572998788L; private String name; - + private String value; //TODO refactor into Enum? private String type; - - private String value; - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getType() { - return type; - } - - public void setType(String type) { - this.type = type; - } - - public String getValue() { - return value; - } - - public void setValue(String value) { - this.value = value; - } } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java new file mode 100644 index 000000000..d4416b6e7 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java @@ -0,0 +1,30 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; +import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; +import lombok.EqualsAndHashCode; +import org.hibernate.envers.AuditOverride; +import org.hibernate.envers.Audited; + +import javax.annotation.Nullable; +import javax.persistence.Entity; +import javax.persistence.Inheritance; +import javax.persistence.InheritanceType; + +@Entity +@Inheritance(strategy = InheritanceType.TABLE_PER_CLASS) +@EqualsAndHashCode(callSuper = true) +@Audited +@AuditOverride(forClass = AbstractXMLObject.class) +public abstract class AbstractValueXMLObject extends AbstractXMLObject implements ValueXMLObject { + private String stringValue; + + @Nullable + public String getValue() { + return this.stringValue; + } + + public void setValue(@Nullable String newValue) { + this.stringValue = newValue; + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecret.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecret.java new file mode 100644 index 000000000..9e41947e2 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecret.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class ClientSecret extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.ClientSecret { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecretKeyReference.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecretKeyReference.java new file mode 100644 index 000000000..ccce90e3c --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ClientSecretKeyReference.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class ClientSecretKeyReference extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.ClientSecretKeyReference { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksData.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksData.java new file mode 100644 index 000000000..30f27faec --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksData.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class JwksData extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.JwksData { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksUri.java new file mode 100644 index 000000000..7322d083a --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/JwksUri.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class JwksUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.JwksUri { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLMarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLMarshaller.java new file mode 100644 index 000000000..5b390095f --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLMarshaller.java @@ -0,0 +1,14 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import net.shibboleth.utilities.java.support.xml.ElementSupport; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.io.AbstractXMLObjectMarshaller; +import org.opensaml.core.xml.io.MarshallingException; +import org.w3c.dom.Element; + +public class ValueXMLMarshaller extends AbstractXMLObjectMarshaller { + protected void marshallElementContent(final XMLObject xmlObject, final Element domElement) throws MarshallingException { + final ValueXMLObject valueXMLObject = (ValueXMLObject) xmlObject; + ElementSupport.appendTextContent(domElement, valueXMLObject.getValue()); + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLObject.java new file mode 100644 index 000000000..eb00ea2e2 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLObject.java @@ -0,0 +1,9 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +/** + * ValueXMLObject is an XML Object that has a "value" through String getValue() and void setValue(String) methods + */ +public interface ValueXMLObject { + String getValue(); + void setValue(String value); +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLUnmarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLUnmarshaller.java new file mode 100644 index 000000000..386a1f003 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/ValueXMLUnmarshaller.java @@ -0,0 +1,11 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.io.AbstractXMLObjectUnmarshaller; + +public class ValueXMLUnmarshaller extends AbstractXMLObjectUnmarshaller { + protected void processElementContent(final XMLObject xmlObject, final String elementContent) { + final ValueXMLObject valueXMLObject = (ValueXMLObject) xmlObject; + valueXMLObject.setValue(elementContent); + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java index 24757d560..b13078e56 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java @@ -18,7 +18,8 @@ protected String[] getConfigResources() { "/jpa-schema-config.xml", "/jpa-signature-config.xml", "/saml2-protocol-config.xml", - "/modified-saml2-assertion-config.xml" + "/modified-saml2-assertion-config.xml", + "/jpa-shib-oidc-config.xml" }; } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 291f659f8..bd14193e0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -6,16 +6,19 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty; import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo; +import edu.internet2.tier.shibboleth.admin.ui.domain.X509Data; import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean; import edu.internet2.tier.shibboleth.admin.ui.domain.XSInteger; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ContactRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.KeyDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.LogoutEndpointRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException; @@ -44,6 +47,10 @@ import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getStringListOfAttributeValues; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.xmlsec.signature.KeyInfo; +import org.opensaml.xmlsec.signature.KeyName; +import org.opensaml.xmlsec.signature.KeyValue; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -236,42 +243,8 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope } } - // set up security - // TODO: cleanup, probably use a lazy initializer - SecurityInfoRepresentation securityInfoRepresentation = representation.getSecurityInfo(); - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getWantAssertionsSigned() != null && ed.getSPSSODescriptor("").getWantAssertionsSigned()) { - if (securityInfoRepresentation == null) { - securityInfoRepresentation = new SecurityInfoRepresentation(); - representation.setSecurityInfo(securityInfoRepresentation); - } - securityInfoRepresentation.setWantAssertionsSigned(true); - } - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned() != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned()) { - if (securityInfoRepresentation == null) { - securityInfoRepresentation = new SecurityInfoRepresentation(); - representation.setSecurityInfo(securityInfoRepresentation); - } - securityInfoRepresentation.setAuthenticationRequestsSigned(true); - } - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { - if (securityInfoRepresentation == null) { - securityInfoRepresentation = new SecurityInfoRepresentation(); - representation.setSecurityInfo(securityInfoRepresentation); - } - securityInfoRepresentation.setX509CertificateAvailable(true); - for (org.opensaml.saml.saml2.metadata.KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { - SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation = new SecurityInfoRepresentation.X509CertificateRepresentation(); - x509CertificateRepresentation.setName(((KeyDescriptor) keyDescriptor).getName()); - //TODO: check this. assume that if no value is set, it's used for both - if (keyDescriptor.getUse() != null) { - x509CertificateRepresentation.setType(keyDescriptor.getUse().toString().toLowerCase()); - } else { - x509CertificateRepresentation.setType("both"); - } - x509CertificateRepresentation.setValue(keyDescriptor.getKeyInfo().getX509Datas().get(0).getX509Certificates().get(0).getValue()); - securityInfoRepresentation.getX509Certificates().add(x509CertificateRepresentation); - } - } + // set up security - this block assumes too much like there will be a cert. With OIDC could not be some... + setupSecurityRepresentationFromEntityDescriptor(ed, representation); // set up ACSs if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getAssertionConsumerServices().size() > 0) { @@ -423,9 +396,94 @@ public Map getRelyingPartyOverridesRepresentationFromAttributeLi return ModelRepresentationConversions.getRelyingPartyOverridesRepresentationFromAttributeList(attributeList); } + private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed, EntityDescriptorRepresentation representation) { + SecurityInfoRepresentation securityInfoRepresentation = representation.getSecurityInfo(); + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getWantAssertionsSigned() != null && ed.getSPSSODescriptor("").getWantAssertionsSigned()) { + if (securityInfoRepresentation == null) { + securityInfoRepresentation = new SecurityInfoRepresentation(); + representation.setSecurityInfo(securityInfoRepresentation); + } + securityInfoRepresentation.setWantAssertionsSigned(true); + } + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned() != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned()) { + if (securityInfoRepresentation == null) { + securityInfoRepresentation = new SecurityInfoRepresentation(); + representation.setSecurityInfo(securityInfoRepresentation); + } + securityInfoRepresentation.setAuthenticationRequestsSigned(true); + } + + // If the EntityDescriptor has key descriptors - parse them out. + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { + if (securityInfoRepresentation == null) { + securityInfoRepresentation = new SecurityInfoRepresentation(); + representation.setSecurityInfo(securityInfoRepresentation); + } + + for (org.opensaml.saml.saml2.metadata.KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { + KeyDescriptorRepresentation keyDescriptorRep = new KeyDescriptorRepresentation(); + String name = keyDescriptor.getKeyInfo().getKeyNames().size() > 0 ? keyDescriptor.getKeyInfo().getKeyNames().get(0).getValue() : null; + keyDescriptorRep.setName(name); + + //TODO: check this. assume that if no value is set, it's used for both + String useType = keyDescriptor.getUse() != null ? keyDescriptor.getUse().toString().toLowerCase() : "both"; + keyDescriptorRep.setType(useType); + + KeyInfo keyInfo = keyDescriptor.getKeyInfo(); + KeyDescriptorRepresentation.ElementType keyInfoType = determineKeyInfoType(keyInfo); + keyDescriptorRep.setElementType(keyInfoType); + if (keyInfoType != KeyDescriptorRepresentation.ElementType.unsupported) { + List children = keyInfo.getOrderedChildren().stream().filter(xmlObj -> { + boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue; + return !xmlWeDoNotWant; + }).collect(Collectors.toList()); + XMLObject obj = children.get(0); + if (keyInfoType == KeyDescriptorRepresentation.ElementType.X509Data) { + obj = ((X509Data) obj).getX509Certificates().get(0); + } + keyDescriptorRep.setValue(((ValueXMLObject) obj).getValue()); + securityInfoRepresentation.addKeyDescriptor(keyDescriptorRep); + } + + // TODO remove this when done. + if (keyInfoType == KeyDescriptorRepresentation.ElementType.X509Data) { + SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation = new SecurityInfoRepresentation.X509CertificateRepresentation(); + x509CertificateRepresentation.setName(name); + x509CertificateRepresentation.setType(useType); + x509CertificateRepresentation.setValue(keyDescriptorRep.getValue()); + securityInfoRepresentation.getX509Certificates().add(x509CertificateRepresentation); + } + } + } + } + + private KeyDescriptorRepresentation.ElementType determineKeyInfoType(KeyInfo keyInfo) { + List children = keyInfo.getOrderedChildren().stream().filter(xmlObj -> { + boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue; + return !xmlWeDoNotWant; + }).collect(Collectors.toList()); + if (children.size() < 1) { + return KeyDescriptorRepresentation.ElementType.unsupported; + } + XMLObject xmlObject = children.get(0); + switch (xmlObject.getElementQName().getLocalPart()) { + case "X509Data": + return KeyDescriptorRepresentation.ElementType.X509Data; + case "ClientSecret": + return KeyDescriptorRepresentation.ElementType.clientSecret; + case "ClientSecretKeyReference": + return KeyDescriptorRepresentation.ElementType.clientSecretKeyReference; + case "JwksData": + return KeyDescriptorRepresentation.ElementType.jwksData; + case "JwksUri": + return KeyDescriptorRepresentation.ElementType.jwksUri; + default: + return KeyDescriptorRepresentation.ElementType.unsupported; + } + } + @Override - public EntityDescriptorRepresentation update(EntityDescriptorRepresentation edRep) - throws ForbiddenException, PersistentEntityNotFound, InvalidPatternMatchException { + public EntityDescriptorRepresentation update(EntityDescriptorRepresentation edRep) throws ForbiddenException, PersistentEntityNotFound, InvalidPatternMatchException { EntityDescriptor existingEd = entityDescriptorRepository.findByResourceId(edRep.getId()); if (existingEd == null) { throw new PersistentEntityNotFound(String.format("The entity descriptor with entity id [%s] was not found for update.", edRep.getId())); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index 5fd444344..3034d5c7d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -241,7 +241,8 @@ public static void setupOrganization(EntityDescriptor ed, EntityDescriptorRepres ed.setOrganization(null); } } - + + // Building the EntityDescriptor from the representation public static void setupSecurity(EntityDescriptor ed, EntityDescriptorRepresentation representation) { if (representation.getSecurityInfo() != null) { SecurityInfoRepresentation securityInfoRepresentation = representation.getSecurityInfo(); @@ -263,13 +264,11 @@ public static void setupSecurity(EntityDescriptor ed, EntityDescriptorRepresenta descriptor.setWantAssertionsSigned((Boolean)null); } } - // TODO: review if we need more than a naive implementation ed.getOptionalSPSSODescriptor().ifPresent( i -> i.getKeyDescriptors().clear()); - if (securityInfoRepresentation.isX509CertificateAvailable()) { - for (SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation : securityInfoRepresentation.getX509Certificates()) { - KeyDescriptor keyDescriptor = createKeyDescriptor(x509CertificateRepresentation.getName(), x509CertificateRepresentation.getType(), x509CertificateRepresentation.getValue()); - getSPSSODescriptorFromEntityDescriptor(ed).addKeyDescriptor(keyDescriptor); - } + // TODO will need to fill in keydescriptors from generic list not the x509 list + for (SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation : securityInfoRepresentation.getX509Certificates()) { + KeyDescriptor keyDescriptor = createKeyDescriptor(x509CertificateRepresentation.getName(), x509CertificateRepresentation.getType(), x509CertificateRepresentation.getValue()); + getSPSSODescriptorFromEntityDescriptor(ed).addKeyDescriptor(keyDescriptor); } } else { ed.getOptionalSPSSODescriptor().ifPresent( spssoDescriptor -> { diff --git a/backend/src/main/resources/db/changelog/changelog.sql b/backend/src/main/resources/db/changelog/changelog.sql index af15ca6b8..234aeda66 100644 --- a/backend/src/main/resources/db/changelog/changelog.sql +++ b/backend/src/main/resources/db/changelog/changelog.sql @@ -195,4 +195,32 @@ GO ALTER TABLE description ALTER COLUMN descriptionValue TYPE TEXT; GO ALTER TABLE description_aud ALTER COLUMN descriptionValue TYPE TEXT; +GO + +-- changeset liquibase:1.14.0.1 dbms:mariadb,mysql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ + +ALTER TABLE description ALTER COLUMN description_value LONGTEXT; +GO +ALTER TABLE description_aud ALTER COLUMN description_value LONGTEXT; +GO +ALTER TABLE description ALTER COLUMN text_context LONGTEXT; +GO +ALTER TABLE description_aud ALTER COLUMN text_context LONGTEXT; +GO + +-- changeset liquibase:1.14.0.2 dbms:postgresql,mssql +-- preconditions onFail:MARK_RAN +-- precondition-sql-check expectedResult:1 SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'users' +-- comment: /* we don't need to run this if the system is new */ + +ALTER TABLE xsany ALTER COLUMN text_context TYPE TEXT; +GO +ALTER TABLE xsany_aud ALTER COLUMN text_context TYPE TEXT; +GO +ALTER TABLE description ALTER COLUMN description_value TYPE TEXT; +GO +ALTER TABLE description_aud ALTER COLUMN description_value TYPE TEXT; GO \ No newline at end of file diff --git a/backend/src/main/resources/jpa-shib-oidc-config.xml b/backend/src/main/resources/jpa-shib-oidc-config.xml new file mode 100644 index 000000000..2b850a271 --- /dev/null +++ b/backend/src/main/resources/jpa-shib-oidc-config.xml @@ -0,0 +1,35 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/backend/src/main/resources/jpa-signature-config.xml b/backend/src/main/resources/jpa-signature-config.xml index 9a8da32e8..b2450ac71 100644 --- a/backend/src/main/resources/jpa-signature-config.xml +++ b/backend/src/main/resources/jpa-signature-config.xml @@ -16,16 +16,7 @@ - - - - + @@ -56,20 +47,20 @@ - + +--> + @@ -84,13 +75,13 @@ - + @@ -98,13 +89,13 @@ - + @@ -154,13 +145,13 @@ - + diff --git a/backend/src/main/templates/OIDCBuilderTemplate.java b/backend/src/main/templates/OIDCBuilderTemplate.java new file mode 100644 index 000000000..44e23e3a9 --- /dev/null +++ b/backend/src/main/templates/OIDCBuilderTemplate.java @@ -0,0 +1,21 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import edu.internet2.tier.shibboleth.admin.ui.opensaml.xml.AbstractSAMLObjectBuilder; +import net.shibboleth.oidc.saml.xmlobject.Constants; + +public class {{TOKEN}}Builder extends AbstractSAMLObjectBuilder<{{TOKEN}}> { + public {{TOKEN}}Builder() { + } + + public {{TOKEN}} buildObject() { + return buildObject(Constants.SAML20MDOIDCMD_NS, {{TOKEN}}.DEFAULT_ELEMENT_LOCAL_NAME, Constants.SAML20MDOIDCMD_PREFIX); + } + + public {{TOKEN}} buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { + {{TOKEN}} o = new {{TOKEN}}(); + o.setNamespaceURI(namespaceURI); + o.setElementLocalName(localName); + o.setNamespacePrefix(namespacePrefix); + return o; + } +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy index e9a9aa217..004e873ab 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy @@ -302,7 +302,6 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { it.type = 'signing' it.value = 'certificate' @@ -342,7 +341,6 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { it.type = 'encryption' it.value = 'certificate' @@ -382,7 +380,6 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { it.type = 'both' it.value = 'certificate' diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy index d25e9813c..ca2296299 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy @@ -592,7 +592,6 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'add signing certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [ new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test', type: 'signing', value: 'test') ] @@ -617,7 +616,6 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'add another certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [ new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test', type: 'signing', value: 'test'), new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test2', type: 'encryption', value: 'test2') @@ -651,7 +649,6 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'remove a certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = true it.x509Certificates = [ new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test2', type: 'encryption', value: 'test2') ] @@ -684,7 +681,6 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'remove all certificates', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509CertificateAvailable = false it } it diff --git a/backend/src/test/resources/json/SHIBUI-187.json b/backend/src/test/resources/json/SHIBUI-187.json index 05415592f..74c42bf34 100644 --- a/backend/src/test/resources/json/SHIBUI-187.json +++ b/backend/src/test/resources/json/SHIBUI-187.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [] diff --git a/backend/src/test/resources/json/SHIBUI-211.json b/backend/src/test/resources/json/SHIBUI-211.json index 1bb678714..835860a9a 100644 --- a/backend/src/test/resources/json/SHIBUI-211.json +++ b/backend/src/test/resources/json/SHIBUI-211.json @@ -18,7 +18,6 @@ "logoWidth": 100 }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [] diff --git a/backend/src/test/resources/json/SHIBUI-219-1.json b/backend/src/test/resources/json/SHIBUI-219-1.json index 4f1851975..6d5a32587 100644 --- a/backend/src/test/resources/json/SHIBUI-219-1.json +++ b/backend/src/test/resources/json/SHIBUI-219-1.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [] diff --git a/backend/src/test/resources/json/SHIBUI-219-2.json b/backend/src/test/resources/json/SHIBUI-219-2.json index 31c2a0d6d..f2dd93df1 100644 --- a/backend/src/test/resources/json/SHIBUI-219-2.json +++ b/backend/src/test/resources/json/SHIBUI-219-2.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": true, "wantAssertionsSigned": false, "x509Certificates": [] diff --git a/backend/src/test/resources/json/SHIBUI-219-3.json b/backend/src/test/resources/json/SHIBUI-219-3.json index 551cf3718..ae2e6ba70 100644 --- a/backend/src/test/resources/json/SHIBUI-219-3.json +++ b/backend/src/test/resources/json/SHIBUI-219-3.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [] diff --git a/backend/src/test/resources/json/SHIBUI-223.json b/backend/src/test/resources/json/SHIBUI-223.json index 50a0c1334..829a4c832 100644 --- a/backend/src/test/resources/json/SHIBUI-223.json +++ b/backend/src/test/resources/json/SHIBUI-223.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": true, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [ diff --git a/backend/src/test/resources/json/SHIBUI-855.json b/backend/src/test/resources/json/SHIBUI-855.json index 14ff554b3..96207fafa 100644 --- a/backend/src/test/resources/json/SHIBUI-855.json +++ b/backend/src/test/resources/json/SHIBUI-855.json @@ -18,7 +18,6 @@ "logoWidth": null }, "securityInfo": { - "x509CertificateAvailable": false, "authenticationRequestsSigned": false, "wantAssertionsSigned": false, "x509Certificates": [] From 3d522075de45225f3220a93019f0f44244e948ee Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 16 Sep 2022 15:43:40 -0700 Subject: [PATCH 02/77] SHIBUI-2380 Incremental commit: Added protocol to entity descriptor --- .../admin/ui/domain/EntityDescriptor.java | 7 ++++++ .../ui/domain/EntityDescriptorProtocol.java | 5 +++++ .../EntityDescriptorRepresentation.java | 8 ++++++- .../EntityDescriptorProjection.java | 3 +++ .../JPAEntityDescriptorServiceImpl.java | 22 ++++++++++++++++++- 5 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java index 185b43918..65cc39c92 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java @@ -89,6 +89,9 @@ public class EntityDescriptor extends AbstractDescriptor implements org.opensaml @EqualsAndHashCode.Exclude private Long versionModifiedTimestamp; + @Setter + private EntityDescriptorProtocol protocol = EntityDescriptorProtocol.SAML; + public EntityDescriptor() { super(); this.resourceId = UUID.randomUUID().toString(); @@ -176,6 +179,10 @@ public org.opensaml.saml.saml2.metadata.Organization getOrganization() { return organization; } + public EntityDescriptorProtocol getProtocol() { + return protocol == null ? EntityDescriptorProtocol.SAML : protocol; + } + @Override public PDPDescriptor getPDPDescriptor(String s) { return pdpDescriptor; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java new file mode 100644 index 000000000..e0e9245f3 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorProtocol.java @@ -0,0 +1,5 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain; + +public enum EntityDescriptorProtocol { + SAML, OIDC +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java index 61d24652e..9d2c0d631 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java @@ -4,6 +4,8 @@ import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import lombok.Getter; import lombok.Setter; @@ -67,6 +69,10 @@ public class EntityDescriptorRepresentation implements Serializable { private int version; + @Getter + @Setter + private EntityDescriptorProtocol protocol; + public EntityDescriptorRepresentation() { } @@ -247,4 +253,4 @@ public void setServiceProviderSsoDescriptor(ServiceProviderSsoDescriptorRepresen public void setVersion(int version) { this.version = version; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index 57cf02ab9..c0640edc3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -1,5 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; + import java.time.LocalDateTime; public interface EntityDescriptorProjection { @@ -16,4 +18,5 @@ default String getEntityId() { LocalDateTime getCreatedDate(); boolean getServiceEnabled(); String getIdOfOwner(); + EntityDescriptorProtocol getProtocol(); } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index bd14193e0..a03ecb05e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -3,8 +3,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityAttributes; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty; -import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo; import edu.internet2.tier.shibboleth.admin.ui.domain.X509Data; import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean; @@ -48,6 +48,7 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; +import org.opensaml.saml.saml2.metadata.KeyDescriptor; import org.opensaml.xmlsec.signature.KeyInfo; import org.opensaml.xmlsec.signature.KeyName; import org.opensaml.xmlsec.signature.KeyValue; @@ -117,10 +118,28 @@ public EntityDescriptorRepresentation createNew(EntityDescriptor ed) throws Forb @Override public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(EntityDescriptor ed) { ed.setIdOfOwner(userService.getCurrentUserGroup().getOwnerId()); + ed.setProtocol(determineEntityDescriptorProtocol(ed)); EntityDescriptor savedEntity = entityDescriptorRepository.save(ed); return createRepresentationFromDescriptor(savedEntity); } + // Change to check for OAuthRPExtensions in the extensions? + private EntityDescriptorProtocol determineEntityDescriptorProtocol(EntityDescriptor ed) { + boolean oidcType = false; + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { + for (KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { + KeyInfo keyInfo = keyDescriptor.getKeyInfo(); + KeyDescriptorRepresentation.ElementType keyInfoType = determineKeyInfoType(keyInfo); + if (keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecret || keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecretKeyReference || + keyInfoType == KeyDescriptorRepresentation.ElementType.jwksData || keyInfoType == KeyDescriptorRepresentation.ElementType.jwksUri) { + oidcType = true; + break; + } + } + } + return oidcType ? EntityDescriptorProtocol.OIDC : EntityDescriptorProtocol.SAML; + } + @Override public boolean entityExists(String entityID) { return entityDescriptorRepository.findByEntityID(entityID) != null ; @@ -174,6 +193,7 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope representation.setCreatedBy(ed.getCreatedBy()); representation.setCurrent(ed.isCurrent()); representation.setIdOfOwner(ed.getIdOfOwner()); + representation.setProtocol(ed.getProtocol()); if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getSupportedProtocols().size() > 0) { ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptorRepresentation = representation.getServiceProviderSsoDescriptor(true); From bb14d98c7e156021ad14b753d205e6cc42bfd622 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 19 Sep 2022 11:08:40 -0700 Subject: [PATCH 03/77] SHIBUI-2380 Incremental commit: Added OauthRPExtensions bits --- backend/build.gradle | 12 +- .../admin/ui/domain/oidc/DefaultAcrValue.java | 12 ++ .../ui/domain/oidc/OAuthRPExtensions.java | 91 +++++++++++++ .../oidc/OAuthRPExtensionsMarshaller.java | 127 ++++++++++++++++++ .../oidc/OAuthRPExtensionsUnmarshaller.java | 106 +++++++++++++++ .../ui/domain/oidc/PostLogoutRedirectUri.java | 12 ++ .../admin/ui/domain/oidc/RequestUri.java | 12 ++ .../main/resources/jpa-shib-oidc-config.xml | 32 ++++- gradle.properties | 1 + 9 files changed, 395 insertions(+), 10 deletions(-) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java diff --git a/backend/build.gradle b/backend/build.gradle index 07669a2d9..9dec8da20 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -135,13 +135,13 @@ dependencies { compile "net.shibboleth.idp:${it}:${project.'shibbolethVersion'}" } - // Shib OIDC - ['metadata', 'profile', 'crypto'].each { - testCompile "net.shibboleth.oidc:oidc-common-${it}-api:2.1.0" - testCompile "net.shibboleth.oidc:oidc-common-${it}-impl:2.1.0" - } +// // Shib OIDC +// ['metadata', 'profile', 'crypto'].each { +// testCompile "net.shibboleth.oidc:oidc-common-${it}-api:${project.'shibOIDCVersion'}" +// testCompile "net.shibboleth.oidc:oidc-common-${it}-impl:${project.'shibOIDCVersion'}" +// } - implementation "net.shibboleth.oidc:oidc-common-saml-api:2.1.0" + implementation "net.shibboleth.oidc:oidc-common-saml-api:${project.'shibOIDCVersion'}" // hibernate deps ['hibernate-core'].each { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java new file mode 100644 index 000000000..b1a2542f9 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class DefaultAcrValue extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java new file mode 100644 index 000000000..4b440b7ab --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java @@ -0,0 +1,91 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.hibernate.envers.Audited; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.util.AttributeMap; + +import javax.annotation.Nonnull; +import javax.persistence.CascadeType; +import javax.persistence.Entity; +import javax.persistence.OneToMany; +import javax.persistence.OrderColumn; +import javax.persistence.Transient; +import javax.xml.namespace.QName; +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Collectors; + +@Entity +@Data +@NoArgsConstructor +@Audited +public class OAuthRPExtensions extends AbstractXMLObject implements net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions { + @Transient + private final AttributeMap unknownAttributes = new AttributeMap(this); + + private String applicationType; + + private String clientUri; + + @OneToMany(cascade = CascadeType.ALL) + private List defaultAcrValues = new ArrayList<>(); + + private int defaultMaxAge; + + private String grantTypes; + + private String idTokenEncryptedResponseAlg; + + private String idTokenEncryptedResponseEnc; + + private String idTokenSignedResponseAlg; + + private String initiateLoginUri; + + @OneToMany(cascade = CascadeType.ALL) + private List postLogoutRedirectUris = new ArrayList<>(); + + private String requestObjectEncryptionAlg; + + private String requestObjectEncryptionEnc; + + private String requestObjectSigningAlg; + + @OneToMany(cascade = CascadeType.ALL) + private List requestUris = new ArrayList<>(); + + private boolean requireAuthTime; + + private String responseTypes; + + private String scopes; + + private String sectorIdentifierUri; + + private String softwareId; + + private String softwareVersion; + + private String tokenEndpointAuthMethod; + + private String tokenEndpointAuthSigningAlg; + + @OneToMany(cascade = CascadeType.ALL) + @OrderColumn + List unknownXMLObjects = new ArrayList<>(); + + private String userInfoSignedResponseAlg; + + private String userInfoEncryptedResponseAlg; + + private String userInfoEncryptedResponseEnc; + + @Nonnull + @Override + public List getUnknownXMLObjects(@Nonnull QName typeOrName) { + return this.unknownXMLObjects.stream().filter(p -> p.getElementQName().equals(typeOrName) || p.getSchemaType().equals(typeOrName)).collect(Collectors.toList()); + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java new file mode 100644 index 000000000..87f31fb41 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java @@ -0,0 +1,127 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.saml.common.AbstractSAMLObjectMarshaller; +import org.w3c.dom.Element; + +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.APPLICATION_TYPE_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.CLIENT_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.DEFAULT_MAX_AGE_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.GRANT_TYPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_SIGNED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.INITIATE_LOGIN_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_ENCRYPTION_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_ENCRYPTION_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_SIGNING_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUIRE_AUTH_TIME_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.RESPONSE_TYPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SCOPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SECTOR_IDENTIFIER_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SOFTWARE_ID_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SOFTWARE_VERSION_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.TOKEN_ENDPOINT_AUTH_METHOD_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.TOKEN_ENDPOINT_AUTH_SIGNING_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_SIGNED_RESPONSE_ALG_ATTRIB_NAME; + +public class OAuthRPExtensionsMarshaller extends AbstractSAMLObjectMarshaller { + @Override + protected void marshallAttributes(final XMLObject samlElement, final Element domElement) throws MarshallingException { + final OAuthRPExtensions extensions = (OAuthRPExtensions) samlElement; + + if (extensions.getTokenEndpointAuthMethod() != null) { + domElement.setAttributeNS(null, TOKEN_ENDPOINT_AUTH_METHOD_ATTRIB_NAME, extensions.getTokenEndpointAuthMethod()); + } + + if (extensions.getGrantTypes() != null) { + domElement.setAttributeNS(null, GRANT_TYPES_ATTRIB_NAME, extensions.getGrantTypes()); + } + + if (extensions.getResponseTypes() != null) { + domElement.setAttributeNS(null, RESPONSE_TYPES_ATTRIB_NAME, extensions.getResponseTypes()); + } + + if (extensions.getApplicationType() != null) { + domElement.setAttributeNS(null, APPLICATION_TYPE_ATTRIB_NAME, extensions.getApplicationType()); + } + + if (extensions.getClientUri() != null) { + domElement.setAttributeNS(null, CLIENT_URI_ATTRIB_NAME, extensions.getClientUri()); + } + + if (extensions.getScopes() != null) { + domElement.setAttributeNS(null, SCOPES_ATTRIB_NAME, extensions.getScopes()); + } + + if (extensions.getSoftwareId() != null) { + domElement.setAttributeNS(null, SOFTWARE_ID_ATTRIB_NAME, extensions.getSoftwareId()); + } + + if (extensions.getSoftwareVersion() != null) { + domElement.setAttributeNS(null, SOFTWARE_VERSION_ATTRIB_NAME, extensions.getSoftwareVersion()); + } + + if (extensions.getSectorIdentifierUri() != null) { + domElement.setAttributeNS(null, SECTOR_IDENTIFIER_URI_ATTRIB_NAME, extensions.getSectorIdentifierUri()); + } + + if (extensions.getIdTokenSignedResponseAlg() != null) { + domElement.setAttributeNS(null, ID_TOKEN_SIGNED_RESPONSE_ALG_ATTRIB_NAME, extensions.getIdTokenSignedResponseAlg()); + } + + if (extensions.getIdTokenEncryptedResponseAlg() != null) { + domElement.setAttributeNS(null, ID_TOKEN_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME, extensions.getIdTokenEncryptedResponseAlg()); + } + + if (extensions.getIdTokenEncryptedResponseEnc() != null) { + domElement.setAttributeNS(null, ID_TOKEN_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME, extensions.getIdTokenEncryptedResponseEnc()); + } + + if (extensions.getUserInfoSignedResponseAlg() != null) { + domElement.setAttributeNS(null, USERINFO_SIGNED_RESPONSE_ALG_ATTRIB_NAME, extensions.getUserInfoSignedResponseAlg()); + } + + if (extensions.getUserInfoEncryptedResponseAlg() != null) { + domElement.setAttributeNS(null, USERINFO_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME, extensions.getUserInfoEncryptedResponseAlg()); + } + + if (extensions.getUserInfoEncryptedResponseEnc() != null) { + domElement.setAttributeNS(null, USERINFO_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME, extensions.getUserInfoEncryptedResponseEnc()); + } + + if (extensions.getRequestObjectSigningAlg() != null) { + domElement.setAttributeNS(null, REQUEST_OBJECT_SIGNING_ALG_ATTRIB_NAME, extensions.getRequestObjectSigningAlg()); + } + + if (extensions.getRequestObjectEncryptionAlg() != null) { + domElement.setAttributeNS(null, REQUEST_OBJECT_ENCRYPTION_ALG_ATTRIB_NAME, extensions.getRequestObjectEncryptionAlg()); + } + + if (extensions.getRequestObjectEncryptionEnc() != null) { + domElement.setAttributeNS(null, REQUEST_OBJECT_ENCRYPTION_ENC_ATTRIB_NAME, extensions.getRequestObjectEncryptionEnc()); + } + + if (extensions.getTokenEndpointAuthSigningAlg() != null) { + domElement.setAttributeNS(null, TOKEN_ENDPOINT_AUTH_SIGNING_ALG_ATTRIB_NAME, extensions.getTokenEndpointAuthSigningAlg()); + } + + if (extensions.getInitiateLoginUri() != null) { + domElement.setAttributeNS(null, INITIATE_LOGIN_URI_ATTRIB_NAME, extensions.getInitiateLoginUri()); + } + + if (extensions.getDefaultMaxAge() != 0) { + domElement.setAttributeNS(null, DEFAULT_MAX_AGE_ATTRIB_NAME, Integer.toString(extensions.getDefaultMaxAge())); + } + + if (extensions.isRequireAuthTime()) { + domElement.setAttributeNS(null, REQUIRE_AUTH_TIME_ATTRIB_NAME, Boolean.toString(extensions.isRequireAuthTime())); + } + + marshallUnknownAttributes(extensions, domElement); + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java new file mode 100644 index 000000000..012e96021 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java @@ -0,0 +1,106 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue; +import net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions; +import net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri; +import net.shibboleth.oidc.saml.xmlobject.RequestUri; +import org.apache.commons.lang3.StringUtils; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.saml.common.AbstractSAMLObjectUnmarshaller; +import org.w3c.dom.Attr; + +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.APPLICATION_TYPE_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.CLIENT_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.DEFAULT_MAX_AGE_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.GRANT_TYPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.ID_TOKEN_SIGNED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.INITIATE_LOGIN_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_ENCRYPTION_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_ENCRYPTION_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUEST_OBJECT_SIGNING_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.REQUIRE_AUTH_TIME_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.RESPONSE_TYPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SCOPES_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SECTOR_IDENTIFIER_URI_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SOFTWARE_ID_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.SOFTWARE_VERSION_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.TOKEN_ENDPOINT_AUTH_METHOD_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.TOKEN_ENDPOINT_AUTH_SIGNING_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME; +import static net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions.USERINFO_SIGNED_RESPONSE_ALG_ATTRIB_NAME; + +public class OAuthRPExtensionsUnmarshaller extends AbstractSAMLObjectUnmarshaller { + protected void processChildElement(final XMLObject parentSAMLObject, final XMLObject childSAMLObject) throws UnmarshallingException { + final OAuthRPExtensions extensions = (OAuthRPExtensions) parentSAMLObject; + + if (childSAMLObject instanceof DefaultAcrValue) { + extensions.getDefaultAcrValues().add((DefaultAcrValue) childSAMLObject); + } else if (childSAMLObject instanceof RequestUri) { + extensions.getRequestUris().add((RequestUri) childSAMLObject); + } else if (childSAMLObject instanceof PostLogoutRedirectUri) { + extensions.getPostLogoutRedirectUris().add((PostLogoutRedirectUri) childSAMLObject); + } else { + extensions.getUnknownXMLObjects().add(childSAMLObject); + } + } + + protected void processAttribute(final XMLObject samlObject, final Attr attribute) throws UnmarshallingException { + final OAuthRPExtensions extensions = (OAuthRPExtensions) samlObject; + + if (attribute.getNamespaceURI() == null) { + if (attribute.getLocalName().equals(DEFAULT_MAX_AGE_ATTRIB_NAME) && StringUtils.isNotEmpty(attribute.getValue())) { + extensions.setDefaultMaxAge(Integer.parseInt(attribute.getValue())); + } else if (attribute.getLocalName().equals(REQUIRE_AUTH_TIME_ATTRIB_NAME) && StringUtils.isNotEmpty(attribute.getValue())) { + extensions.setRequireAuthTime(Boolean.parseBoolean(attribute.getValue())); + } else if (attribute.getLocalName().equals(TOKEN_ENDPOINT_AUTH_METHOD_ATTRIB_NAME)) { + extensions.setTokenEndpointAuthMethod(attribute.getValue()); + } else if (attribute.getLocalName().equals(GRANT_TYPES_ATTRIB_NAME)) { + extensions.setGrantTypes(attribute.getValue()); + } else if (attribute.getLocalName().equals(RESPONSE_TYPES_ATTRIB_NAME)) { + extensions.setResponseTypes(attribute.getValue()); + } else if (attribute.getLocalName().equals(APPLICATION_TYPE_ATTRIB_NAME)) { + extensions.setApplicationType(attribute.getValue()); + } else if (attribute.getLocalName().equals(CLIENT_URI_ATTRIB_NAME)) { + extensions.setClientUri(attribute.getValue()); + } else if (attribute.getLocalName().equals(SCOPES_ATTRIB_NAME)) { + extensions.setScopes(attribute.getValue()); + } else if (attribute.getLocalName().equals(SOFTWARE_ID_ATTRIB_NAME)) { + extensions.setSoftwareId(attribute.getValue()); + } else if (attribute.getLocalName().equals(SOFTWARE_VERSION_ATTRIB_NAME)) { + extensions.setSoftwareVersion(attribute.getValue()); + } else if (attribute.getLocalName().equals(SECTOR_IDENTIFIER_URI_ATTRIB_NAME)) { + extensions.setSectorIdentifierUri(attribute.getValue()); + } else if (attribute.getLocalName().equals(ID_TOKEN_SIGNED_RESPONSE_ALG_ATTRIB_NAME)) { + extensions.setIdTokenSignedResponseAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(ID_TOKEN_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME)) { + extensions.setIdTokenEncryptedResponseAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(ID_TOKEN_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME)) { + extensions.setIdTokenEncryptedResponseEnc(attribute.getValue()); + } else if (attribute.getLocalName().equals(USERINFO_SIGNED_RESPONSE_ALG_ATTRIB_NAME)) { + extensions.setUserInfoSignedResponseAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(USERINFO_ENCRYPTED_RESPONSE_ALG_ATTRIB_NAME)) { + extensions.setUserInfoEncryptedResponseAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(USERINFO_ENCRYPTED_RESPONSE_ENC_ATTRIB_NAME)) { + extensions.setUserInfoEncryptedResponseEnc(attribute.getValue()); + } else if (attribute.getLocalName().equals(REQUEST_OBJECT_SIGNING_ALG_ATTRIB_NAME)) { + extensions.setRequestObjectSigningAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(REQUEST_OBJECT_ENCRYPTION_ALG_ATTRIB_NAME)) { + extensions.setRequestObjectEncryptionAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(REQUEST_OBJECT_ENCRYPTION_ENC_ATTRIB_NAME)) { + extensions.setRequestObjectEncryptionEnc(attribute.getValue()); + } else if (attribute.getLocalName().equals(TOKEN_ENDPOINT_AUTH_SIGNING_ALG_ATTRIB_NAME)) { + extensions.setTokenEndpointAuthSigningAlg(attribute.getValue()); + } else if (attribute.getLocalName().equals(INITIATE_LOGIN_URI_ATTRIB_NAME)) { + extensions.setInitiateLoginUri(attribute.getValue()); + } else { + super.processAttribute(samlObject, attribute); + } + } else { + processUnknownAttribute(extensions, attribute); + } + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java new file mode 100644 index 000000000..b6f2380cd --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class PostLogoutRedirectUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri { +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java new file mode 100644 index 000000000..386c4e040 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java @@ -0,0 +1,12 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; + +import lombok.EqualsAndHashCode; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@Audited +public class RequestUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.RequestUri { +} \ No newline at end of file diff --git a/backend/src/main/resources/jpa-shib-oidc-config.xml b/backend/src/main/resources/jpa-shib-oidc-config.xml index 2b850a271..7bf05eeb4 100644 --- a/backend/src/main/resources/jpa-shib-oidc-config.xml +++ b/backend/src/main/resources/jpa-shib-oidc-config.xml @@ -7,14 +7,20 @@ - - + + - - + + + + + + + + @@ -31,5 +37,23 @@ + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/gradle.properties b/gradle.properties index 8287440e0..395c835fc 100644 --- a/gradle.properties +++ b/gradle.properties @@ -13,6 +13,7 @@ opensamlVersion=4.2.0 pac4JVersion=5.4.3 pac4jSpringSecurityVersion=7.0.3 shibbolethVersion=4.2.1 +shibOIDCVersion=2.1.0 springbootVersion=2.7.0 springSecurityVersion=5.7.1 From e63841d08f2e73bafb4de49b38c0e35f35f3018c Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 19 Sep 2022 16:42:28 -0700 Subject: [PATCH 04/77] SHIBUI-2380 Incremental commit: - OauthRPExtension built completely from XML upload (marshall and unmarshall complete) - Representation updated for UI output (accepting for build from UI still TODO) --- ...ceProviderSsoDescriptorRepresentation.java | 27 +++---- .../ui/domain/oidc/OAuthRPExtensions.java | 53 ++++++++++++++ .../oidc/OAuthRPExtensionsMarshaller.java | 5 +- .../oidc/OAuthRPExtensionsUnmarshaller.java | 10 +-- .../JPAEntityDescriptorServiceImpl.java | 72 ++++++++++++++++--- 5 files changed, 134 insertions(+), 33 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/ServiceProviderSsoDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/ServiceProviderSsoDescriptorRepresentation.java index d20ec97ae..2044ff6ca 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/ServiceProviderSsoDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/ServiceProviderSsoDescriptorRepresentation.java @@ -1,31 +1,26 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.frontend; +import lombok.Getter; +import lombok.Setter; + import java.io.Serializable; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Map; +@Getter +@Setter public class ServiceProviderSsoDescriptorRepresentation implements Serializable { - - private static final long serialVersionUID = 8366502466924209389L; private String protocolSupportEnum; private List nameIdFormats = new ArrayList<>(); - public String getProtocolSupportEnum() { - return protocolSupportEnum; - } - - public void setProtocolSupportEnum(String protocolSupportEnum) { - this.protocolSupportEnum = protocolSupportEnum; - } - - public List getNameIdFormats() { - return nameIdFormats; - } + private Map extensions = new HashMap<>(); - public void setNameIdFormats(List nameIdFormats) { - this.nameIdFormats = nameIdFormats; + public void addExtensions(String name, Map value) { + extensions.put(name, value); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java index 4b440b7ab..02e40cb58 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java @@ -2,6 +2,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; import lombok.Data; +import lombok.EqualsAndHashCode; import lombok.NoArgsConstructor; import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; @@ -20,9 +21,13 @@ @Entity @Data +@EqualsAndHashCode(callSuper=false) @NoArgsConstructor @Audited public class OAuthRPExtensions extends AbstractXMLObject implements net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions { + public static final String DEFAULT_ELEMENT_LOCAL_NAME = TYPE_LOCAL_NAME; + + // Only support the attributes used by Shib 4.x - https://shibboleth.atlassian.net/wiki/spaces/SC/pages/1912406916/OAuthRPMetadataProfile @Transient private final AttributeMap unknownAttributes = new AttributeMap(this); @@ -83,9 +88,57 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole private String userInfoEncryptedResponseEnc; + @Override + public List getOrderedChildren() { + List result = new ArrayList<>(); + result.addAll(defaultAcrValues); + result.addAll(requestUris); + result.addAll(postLogoutRedirectUris); + result.addAll(unknownXMLObjects); + return result; + } + + @Override + public List getUnknownXMLObjects() { + return this.unknownXMLObjects.stream().filter(p -> true).collect(Collectors.toList()); + } + @Nonnull @Override public List getUnknownXMLObjects(@Nonnull QName typeOrName) { return this.unknownXMLObjects.stream().filter(p -> p.getElementQName().equals(typeOrName) || p.getSchemaType().equals(typeOrName)).collect(Collectors.toList()); } + + @Override + public List getPostLogoutRedirectUris() { + List result = new ArrayList<>(); + result.addAll(postLogoutRedirectUris); + return result; + } + + @Override + public List getDefaultAcrValues() { + List result = new ArrayList<>(); + result.addAll(defaultAcrValues); + return result; + } + + @Override + public List getRequestUris() { + List result = new ArrayList<>(); + result.addAll(requestUris); + return result; + } + + public void addDefaultAcrValue(DefaultAcrValue childSAMLObject) { + defaultAcrValues.add(childSAMLObject); + } + + public void addRequestUri(RequestUri childSAMLObject) { + requestUris.add(childSAMLObject); + } + + public void addPostLogoutRedirectUri(PostLogoutRedirectUri childSAMLObject) { + postLogoutRedirectUris.add(childSAMLObject); + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java index 87f31fb41..7ea39f0c7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsMarshaller.java @@ -1,6 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; -import net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.io.MarshallingException; import org.opensaml.saml.common.AbstractSAMLObjectMarshaller; @@ -122,6 +121,10 @@ protected void marshallAttributes(final XMLObject samlElement, final Element dom domElement.setAttributeNS(null, REQUIRE_AUTH_TIME_ATTRIB_NAME, Boolean.toString(extensions.isRequireAuthTime())); } + for (XMLObject xmlObject: extensions.getOrderedChildren()) { + marshallChildElements(xmlObject, domElement); + } + marshallUnknownAttributes(extensions, domElement); } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java index 012e96021..9cb6ee4f8 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java @@ -1,9 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; -import net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue; -import net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions; -import net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri; -import net.shibboleth.oidc.saml.xmlobject.RequestUri; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.io.UnmarshallingException; @@ -38,11 +34,11 @@ protected void processChildElement(final XMLObject parentSAMLObject, final XMLOb final OAuthRPExtensions extensions = (OAuthRPExtensions) parentSAMLObject; if (childSAMLObject instanceof DefaultAcrValue) { - extensions.getDefaultAcrValues().add((DefaultAcrValue) childSAMLObject); + extensions.addDefaultAcrValue((DefaultAcrValue) childSAMLObject); } else if (childSAMLObject instanceof RequestUri) { - extensions.getRequestUris().add((RequestUri) childSAMLObject); + extensions.addRequestUri((RequestUri) childSAMLObject); } else if (childSAMLObject instanceof PostLogoutRedirectUri) { - extensions.getPostLogoutRedirectUris().add((PostLogoutRedirectUri) childSAMLObject); + extensions.addPostLogoutRedirectUri((PostLogoutRedirectUri) childSAMLObject); } else { extensions.getUnknownXMLObjects().add(childSAMLObject); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index a03ecb05e..2eae4f760 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -18,6 +18,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; @@ -48,7 +49,6 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; -import org.opensaml.saml.saml2.metadata.KeyDescriptor; import org.opensaml.xmlsec.signature.KeyInfo; import org.opensaml.xmlsec.signature.KeyName; import org.opensaml.xmlsec.signature.KeyValue; @@ -104,6 +104,59 @@ private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescripto return ed; } + /** + * Currently only supporting oidcmd:OAuthRPExtensions in the extensions block + */ + private Map buildOAuthRPExtensionsMap(EntityDescriptor ed) { + HashMap result = new HashMap<>(); + for(XMLObject extension : ed.getSPSSODescriptor("").getExtensions().getOrderedChildren()) { + if (extension.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)){ + OAuthRPExtensions oAuthRPExtensions = (OAuthRPExtensions) extension; + HashMap attributeMap = new HashMap(); + attributeMap.put("applicationType", oAuthRPExtensions.getApplicationType()); + attributeMap.put("clientUri", oAuthRPExtensions.getClientUri()); + attributeMap.put("defaultMaxAge", oAuthRPExtensions.getDefaultMaxAge()); + attributeMap.put("grantTypes", oAuthRPExtensions.getGrantTypes()); + attributeMap.put("idTokenEncryptedResponseAlg", oAuthRPExtensions.getIdTokenEncryptedResponseAlg()); + attributeMap.put("idTokenEncryptedResponseEnc", oAuthRPExtensions.getIdTokenEncryptedResponseEnc()); + attributeMap.put("idTokenSignedResponseAlg", oAuthRPExtensions.getIdTokenSignedResponseAlg()); + attributeMap.put("initiateLoginUri", oAuthRPExtensions.getInitiateLoginUri()); + attributeMap.put("requestObjectEncryptionAlg", oAuthRPExtensions.getRequestObjectEncryptionAlg()); + attributeMap.put("requestObjectEncryptionEnc", oAuthRPExtensions.getRequestObjectEncryptionEnc()); + attributeMap.put("requestObjectSigningAlg", oAuthRPExtensions.getRequestObjectSigningAlg()); + attributeMap.put("requireAuthTime", oAuthRPExtensions.isRequireAuthTime()); + attributeMap.put("responseTypes", oAuthRPExtensions.getResponseTypes()); + attributeMap.put("scopes", oAuthRPExtensions.getScopes()); + attributeMap.put("sectorIdentifierUri", oAuthRPExtensions.getSectorIdentifierUri()); + attributeMap.put("softwareId", oAuthRPExtensions.getSoftwareId()); + attributeMap.put("softwareVersion", oAuthRPExtensions.getSoftwareVersion()); + attributeMap.put("tokenEndpointAuthMethod", oAuthRPExtensions.getTokenEndpointAuthMethod()); + attributeMap.put("tokenEndpointAuthSigningAlg", oAuthRPExtensions.getTokenEndpointAuthSigningAlg()); + attributeMap.put("userInfoSignedResponseAlg", oAuthRPExtensions.getUserInfoSignedResponseAlg()); + attributeMap.put("userInfoEncryptedResponseAlg", oAuthRPExtensions.getUserInfoEncryptedResponseAlg()); + attributeMap.put("userInfoEncryptedResponseEnc", oAuthRPExtensions.getUserInfoEncryptedResponseEnc()); + result.put("attributes", attributeMap); + // spit out the children + if (oAuthRPExtensions.getRequestUris().size() > 0){ + List requestUris = new ArrayList<>(); + oAuthRPExtensions.getRequestUris().forEach(requestUri -> requestUris.add(requestUri.getValue())); + result.put("requestUris", requestUris); + } + if (oAuthRPExtensions.getPostLogoutRedirectUris().size() > 0){ + List postLogoutRedirectUris = new ArrayList<>(); + oAuthRPExtensions.getPostLogoutRedirectUris().forEach(redirectUri -> postLogoutRedirectUris.add(redirectUri.getValue())); + result.put("postLogoutRedirectUris", postLogoutRedirectUris); + } + if (oAuthRPExtensions.getDefaultAcrValues().size() > 0){ + List defaultAcrValues = new ArrayList<>(); + oAuthRPExtensions.getDefaultAcrValues().forEach(acrValue -> defaultAcrValues.add(acrValue.getValue())); + result.put("defaultAcrValues", defaultAcrValues); + } + } + } + return result; + } + @Override public EntityDescriptor createDescriptorFromRepresentation(final EntityDescriptorRepresentation representation) { EntityDescriptor ed = openSamlObjects.buildDefaultInstanceOfType(EntityDescriptor.class); @@ -123,17 +176,12 @@ public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(Ent return createRepresentationFromDescriptor(savedEntity); } - // Change to check for OAuthRPExtensions in the extensions? private EntityDescriptorProtocol determineEntityDescriptorProtocol(EntityDescriptor ed) { boolean oidcType = false; - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { - for (KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { - KeyInfo keyInfo = keyDescriptor.getKeyInfo(); - KeyDescriptorRepresentation.ElementType keyInfoType = determineKeyInfoType(keyInfo); - if (keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecret || keyInfoType == KeyDescriptorRepresentation.ElementType.clientSecretKeyReference || - keyInfoType == KeyDescriptorRepresentation.ElementType.jwksData || keyInfoType == KeyDescriptorRepresentation.ElementType.jwksUri) { + if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getExtensions().getOrderedChildren().size() > 0) { + for (XMLObject e : ed.getSPSSODescriptor("").getExtensions().getOrderedChildren()) { + if (e.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)) { oidcType = true; - break; } } } @@ -195,6 +243,7 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope representation.setIdOfOwner(ed.getIdOfOwner()); representation.setProtocol(ed.getProtocol()); + // Set up SPSSODescriptor if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getSupportedProtocols().size() > 0) { ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptorRepresentation = representation.getServiceProviderSsoDescriptor(true); serviceProviderSsoDescriptorRepresentation.setProtocolSupportEnum(String.join(",", ed.getSPSSODescriptor("").getSupportedProtocols().stream().map(p -> MDDCConstants.PROTOCOL_BINDINGS.get(p)).collect(Collectors.toList()))); @@ -207,6 +256,11 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope ); } + if (ed.getSPSSODescriptor("") != null && ed.getProtocol() == EntityDescriptorProtocol.OIDC) { + ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptorRepresentation = representation.getServiceProviderSsoDescriptor(true); + serviceProviderSsoDescriptorRepresentation.addExtensions("OAuthRPExtensions", buildOAuthRPExtensionsMap(ed)); + } + if (ed.getOrganization() != null) { // set up organization OrganizationRepresentation organizationRepresentation = new OrganizationRepresentation(); From 7afc474f516e2f97a4d2173263cd227c0ef5b0c0 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 20 Sep 2022 09:36:42 -0700 Subject: [PATCH 05/77] SHIBUI-2380 Incremental commit: - Adding Oauth/OIDC binding type to the AssertionConsumerService list - Updating how the SPSSODESCRIPTOR identifies OIDC protocol --- .../admin/ui/domain/RoleDescriptor.java | 19 ++++++++++++++++++- .../JPAEntityDescriptorServiceImpl.java | 10 ++-------- .../resources/metadata-sources-ui-schema.json | 6 ++++++ 3 files changed, 26 insertions(+), 9 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java index b5bc78bc6..c64edb0ad 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java @@ -1,5 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions; import lombok.EqualsAndHashCode; import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; @@ -76,6 +77,10 @@ public void setID(String id) { @Override public List getSupportedProtocols() { + // This protocol must be included if this is OIDC data + if (isOidcType() && !supportedProtocols.contains("http://openid.net/specs/openid-connect-core-1_0.html")) { + supportedProtocols.add("http://openid.net/specs/openid-connect-core-1_0.html"); + } return supportedProtocols; } @@ -195,4 +200,16 @@ public List getOrderedChildren() { return Collections.unmodifiableList(children); } -} + + @Transient + public boolean isOidcType() { + if (getExtensions().getOrderedChildren().size() > 0) { + for (XMLObject e : getExtensions().getOrderedChildren()) { + if (e.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)) { + return true; + } + } + } + return false; + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 2eae4f760..8e400949c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -177,14 +177,7 @@ public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(Ent } private EntityDescriptorProtocol determineEntityDescriptorProtocol(EntityDescriptor ed) { - boolean oidcType = false; - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getExtensions().getOrderedChildren().size() > 0) { - for (XMLObject e : ed.getSPSSODescriptor("").getExtensions().getOrderedChildren()) { - if (e.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)) { - oidcType = true; - } - } - } + boolean oidcType = ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").isOidcType(); return oidcType ? EntityDescriptorProtocol.OIDC : EntityDescriptorProtocol.SAML; } @@ -462,6 +455,7 @@ public EntityDescriptor getEntityDescriptorByResourceId(String resourceId) throw if (!userService.isAuthorizedFor(ed)) { throw new ForbiddenException(); } + return ed; } diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json index 93ad3ec81..fdb7e5d46 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ b/backend/src/main/resources/metadata-sources-ui-schema.json @@ -329,6 +329,12 @@ "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" ], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "OIDC / OAUTH Binding" } ] }, From fcef776165bed8560633e0d78dfbdc97c722492b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 20 Sep 2022 12:35:54 -0700 Subject: [PATCH 06/77] SHIBUI-2380 Incremental commit: --- .../JPAEntityDescriptorServiceImpl.java | 1 + .../util/EntityDescriptorConversionUtils.java | 18 +++++++++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 8e400949c..d40fd9255 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -85,6 +85,7 @@ public class JPAEntityDescriptorServiceImpl implements EntityDescriptorService { private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescriptor ed, final EntityDescriptorRepresentation representation) { ed.setEntityID(representation.getEntityId()); ed.setIdOfOwner(representation.getIdOfOwner()); + ed.setProtocol(representation.getProtocol()); // SAML vs OIDC setupSPSSODescriptor(ed, representation); ed.setServiceProviderName(representation.getServiceProviderName()); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index 3034d5c7d..f2ed82f82 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -1,7 +1,6 @@ package edu.internet2.tier.shibboleth.admin.util; import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.getEntityAttributes; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.getOptionalEntityAttributes; import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.getSPSSODescriptorFromEntityDescriptor; import java.util.Arrays; @@ -9,6 +8,9 @@ import java.util.Optional; import java.util.stream.Collectors; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; +import lombok.NonNull; import org.opensaml.xmlsec.signature.KeyInfo; import org.opensaml.xmlsec.signature.X509Certificate; import org.opensaml.xmlsec.signature.X509Data; @@ -280,7 +282,7 @@ public static void setupSecurity(EntityDescriptor ed, EntityDescriptorRepresenta } public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRepresentation representation) { - if (representation.getServiceProviderSsoDescriptor() != null) { + if (representation.getServiceProviderSsoDescriptor() != null || representation.getProtocol() == EntityDescriptorProtocol.OIDC) { SPSSODescriptor spssoDescriptor = getSPSSODescriptorFromEntityDescriptor(ed); spssoDescriptor.setSupportedProtocols(Collections.EMPTY_LIST); @@ -300,11 +302,21 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep spssoDescriptor.getNameIDFormats().add(nameIDFormat); } } + + if (representation.getProtocol() == EntityDescriptorProtocol.OIDC) { + spssoDescriptor.setExtensions(buildOidcExtensionsFromRepresentation(representation.getServiceProviderSsoDescriptor(false))); + } } else { ed.setRoleDescriptors(null); } } - + + private static Extensions buildOidcExtensionsFromRepresentation(@NonNull ServiceProviderSsoDescriptorRepresentation representation) { + Extensions result = new Extensions(); + + return result; + } + public static void setupUIInfo(EntityDescriptor ed, EntityDescriptorRepresentation representation) { if (representation.getMdui() != null) { // TODO: check if we need more than a naive implementation From b629a569f948b23f7e9069b34c1cb259f95ecd61 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 21 Sep 2022 15:04:41 -0700 Subject: [PATCH 07/77] SHIBUI-2380 Incremental commit: - Removed X509Certificates from the security representation (functionally handled by key descriptors - Updated parsing representation into EntityDescriptor entity to handle new oidc values --- .../admin/ui/domain/RoleDescriptor.java | 9 +- .../frontend/SecurityInfoRepresentation.java | 12 -- .../admin/ui/domain/oidc/DefaultAcrValue.java | 5 + .../ui/domain/oidc/OAuthRPExtensions.java | 8 +- .../ui/domain/oidc/PostLogoutRedirectUri.java | 5 + .../admin/ui/domain/oidc/RequestUri.java | 5 + .../JPAEntityDescriptorServiceImpl.java | 13 +- .../util/EntityDescriptorConversionUtils.java | 165 +++++++++++++----- .../shibboleth/admin/util/MDDCConstants.java | 4 +- .../EntityDescriptorControllerTests.groovy | 23 +++ .../service/AuxiliaryIntegrationTests.groovy | 2 +- ...JPAEntityDescriptorServiceImplTests.groovy | 23 ++- ...ntityDescriptorConversionUtilsTests.groovy | 45 ++--- .../src/test/resources/json/SHIBUI-187.json | 2 +- .../src/test/resources/json/SHIBUI-211.json | 2 +- .../src/test/resources/json/SHIBUI-219-1.json | 2 +- .../src/test/resources/json/SHIBUI-219-2.json | 2 +- .../src/test/resources/json/SHIBUI-219-3.json | 2 +- .../src/test/resources/json/SHIBUI-223.json | 8 +- .../test/resources/json/SHIBUI-2380-1.json | 90 ++++++++++ .../src/test/resources/json/SHIBUI-2380.json | 96 ++++++++++ .../src/test/resources/json/SHIBUI-855.json | 2 +- 22 files changed, 418 insertions(+), 107 deletions(-) create mode 100644 backend/src/test/resources/json/SHIBUI-2380-1.json create mode 100644 backend/src/test/resources/json/SHIBUI-2380.json diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java index c64edb0ad..383d7237b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java @@ -77,10 +77,6 @@ public void setID(String id) { @Override public List getSupportedProtocols() { - // This protocol must be included if this is OIDC data - if (isOidcType() && !supportedProtocols.contains("http://openid.net/specs/openid-connect-core-1_0.html")) { - supportedProtocols.add("http://openid.net/specs/openid-connect-core-1_0.html"); - } return supportedProtocols; } @@ -203,7 +199,10 @@ public List getOrderedChildren() { @Transient public boolean isOidcType() { - if (getExtensions().getOrderedChildren().size() > 0) { + if (getExtensions() == null || getExtensions().getOrderedChildren() == null || getExtensions().getOrderedChildren().isEmpty()){ + return false; + } + else { for (XMLObject e : getExtensions().getOrderedChildren()) { if (e.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)) { return true; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java index 7ba875678..ec1d8e62d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java @@ -14,22 +14,10 @@ public class SecurityInfoRepresentation implements Serializable { private boolean authenticationRequestsSigned; private boolean wantAssertionsSigned; - private List x509Certificates = new ArrayList<>(); private List keyDescriptors = new ArrayList<>(); public void addKeyDescriptor(KeyDescriptorRepresentation keyDescriptorRep) { keyDescriptors.add(keyDescriptorRep); } - @Getter - @Setter - @Deprecated - public static class X509CertificateRepresentation implements Serializable { - private static final long serialVersionUID = -4893206348572998788L; - - private String name; - private String value; - //TODO refactor into Enum? - private String type; - } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java index b1a2542f9..954fa9db5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java @@ -1,12 +1,17 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; import org.hibernate.envers.Audited; import javax.persistence.Entity; @Entity @EqualsAndHashCode(callSuper = true) +@NoArgsConstructor @Audited public class DefaultAcrValue extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue { + public DefaultAcrValue(String value) { + this.setValue(value); + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java index 02e40cb58..45fdcf650 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java @@ -4,6 +4,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import lombok.NoArgsConstructor; +import net.shibboleth.oidc.saml.xmlobject.MetadataValueSAMLObject; import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.util.AttributeMap; @@ -22,7 +23,6 @@ @Entity @Data @EqualsAndHashCode(callSuper=false) -@NoArgsConstructor @Audited public class OAuthRPExtensions extends AbstractXMLObject implements net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions { public static final String DEFAULT_ELEMENT_LOCAL_NAME = TYPE_LOCAL_NAME; @@ -88,6 +88,12 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole private String userInfoEncryptedResponseEnc; + public OAuthRPExtensions() { + setNamespacePrefix(MetadataValueSAMLObject.SAML20MDOIDCMD_PREFIX); + setNamespaceURI(MetadataValueSAMLObject.SAML20MDOIDCMD_NS); + setElementLocalName(TYPE_LOCAL_NAME); + } + @Override public List getOrderedChildren() { List result = new ArrayList<>(); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java index b6f2380cd..2c66e75e3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java @@ -1,12 +1,17 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; import org.hibernate.envers.Audited; import javax.persistence.Entity; @Entity @EqualsAndHashCode(callSuper = true) +@NoArgsConstructor @Audited public class PostLogoutRedirectUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri { + public PostLogoutRedirectUri(String value) { + this.setValue(value); + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java index 386c4e040..ee9885ebd 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java @@ -1,12 +1,17 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; import org.hibernate.envers.Audited; import javax.persistence.Entity; @Entity @EqualsAndHashCode(callSuper = true) +@NoArgsConstructor @Audited public class RequestUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.RequestUri { + public RequestUri(String value) { + this.setValue(value); + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index d40fd9255..f456c3248 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -98,6 +98,9 @@ private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescripto setupLogout(ed, representation); setupRelyingPartyOverrides(ed, representation); + if (ed.getProtocol() == EntityDescriptorProtocol.OIDC) { + ed.getSPSSODescriptor("").addSupportedProtocol("http://openid.net/specs/openid-connect-core-1_0.html"); + } //Let envers recognize update revision type for EntityDescriptor type //when modifying Attributes and SPSSODescriptor inside RoleDescriptors collection ed.setVersionModifiedTimestamp(System.currentTimeMillis()); @@ -311,7 +314,6 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope } } - // set up security - this block assumes too much like there will be a cert. With OIDC could not be some... setupSecurityRepresentationFromEntityDescriptor(ed, representation); // set up ACSs @@ -513,15 +515,6 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed keyDescriptorRep.setValue(((ValueXMLObject) obj).getValue()); securityInfoRepresentation.addKeyDescriptor(keyDescriptorRep); } - - // TODO remove this when done. - if (keyInfoType == KeyDescriptorRepresentation.ElementType.X509Data) { - SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation = new SecurityInfoRepresentation.X509CertificateRepresentation(); - x509CertificateRepresentation.setName(name); - x509CertificateRepresentation.setType(useType); - x509CertificateRepresentation.setValue(keyDescriptorRep.getValue()); - securityInfoRepresentation.getX509Certificates().add(x509CertificateRepresentation); - } } } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index f2ed82f82..d2f18d348 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -1,24 +1,7 @@ package edu.internet2.tier.shibboleth.admin.util; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.getEntityAttributes; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.getSPSSODescriptorFromEntityDescriptor; - -import java.util.Arrays; -import java.util.Collections; -import java.util.Optional; -import java.util.stream.Collectors; - -import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; -import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; -import lombok.NonNull; -import org.opensaml.xmlsec.signature.KeyInfo; -import org.opensaml.xmlsec.signature.X509Certificate; -import org.opensaml.xmlsec.signature.X509Data; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - +import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.base.Strings; - import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPersonBuilder; @@ -28,6 +11,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityAttributes; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityAttributesBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import edu.internet2.tier.shibboleth.admin.ui.domain.Extensions; import edu.internet2.tier.shibboleth.admin.ui.domain.GivenName; import edu.internet2.tier.shibboleth.admin.ui.domain.InformationURL; @@ -45,13 +29,38 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ContactRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.KeyDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.LogoutEndpointRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.AbstractValueXMLObject; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.DefaultAcrValue; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.JwksData; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.PostLogoutRedirectUri; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.RequestUri; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.service.EntityService; +import lombok.NonNull; import lombok.Setter; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.xmlsec.signature.KeyInfo; +import org.opensaml.xmlsec.signature.X509Certificate; +import org.opensaml.xmlsec.signature.X509Data; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; @Service public class EntityDescriptorConversionUtils { @@ -62,31 +71,58 @@ public class EntityDescriptorConversionUtils { @Autowired @Setter private static EntityService entityService; - - public static KeyDescriptor createKeyDescriptor(String name, String type, String value) { + + public static KeyDescriptor createKeyDescriptor(String name, String usageType, String value, KeyDescriptorRepresentation.ElementType elementType) { KeyDescriptor keyDescriptor = openSamlObjects.buildDefaultInstanceOfType(KeyDescriptor.class); if (!Strings.isNullOrEmpty(name)) { keyDescriptor.setName(name); } - if (!"both".equals(type)) { - keyDescriptor.setUsageType(type); + if (!"both".equals(usageType)) { + keyDescriptor.setUsageType(usageType); } KeyInfo keyInfo = openSamlObjects.buildDefaultInstanceOfType(KeyInfo.class); - keyDescriptor.setKeyInfo(keyInfo); - - X509Data x509Data = openSamlObjects.buildDefaultInstanceOfType(X509Data.class); - keyInfo.getXMLObjects().add(x509Data); - - X509Certificate x509Certificate = openSamlObjects.buildDefaultInstanceOfType(X509Certificate.class); - x509Data.getXMLObjects().add(x509Certificate); - x509Certificate.setValue(value); + AbstractValueXMLObject xmlObject; + switch (elementType) { + case X509Data: + X509Data x509Data = openSamlObjects.buildDefaultInstanceOfType(X509Data.class); + X509Certificate x509Certificate = openSamlObjects.buildDefaultInstanceOfType(X509Certificate.class); + x509Data.getXMLObjects().add(x509Certificate); + x509Certificate.setValue(value); + keyInfo.getXMLObjects().add(x509Data); + break; + case jwksData: + xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject.setValue(value); + keyInfo.getXMLObjects().add(xmlObject); + break; + case jwksUri: + xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject.setValue(value); + keyInfo.getXMLObjects().add(xmlObject); + break; + case clientSecret: + xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject.setValue(value); + keyInfo.getXMLObjects().add(xmlObject); + break; + case clientSecretKeyReference: + xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject.setValue(value); + keyInfo.getXMLObjects().add(xmlObject); + break; + } + keyDescriptor.setKeyInfo(keyInfo); return keyDescriptor; } - + + private static KeyDescriptor createKeyDescriptor(KeyDescriptorRepresentation keyDescRep) { + return createKeyDescriptor(keyDescRep.getName(), keyDescRep.getType(), keyDescRep.getValue(), keyDescRep.getElementType()); + } + public static EntityAttributes getEntityAttributes(EntityDescriptor ed) { return getEntityAttributes(ed, true); } @@ -267,10 +303,11 @@ public static void setupSecurity(EntityDescriptor ed, EntityDescriptorRepresenta } } ed.getOptionalSPSSODescriptor().ifPresent( i -> i.getKeyDescriptors().clear()); - // TODO will need to fill in keydescriptors from generic list not the x509 list - for (SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation : securityInfoRepresentation.getX509Certificates()) { - KeyDescriptor keyDescriptor = createKeyDescriptor(x509CertificateRepresentation.getName(), x509CertificateRepresentation.getType(), x509CertificateRepresentation.getValue()); - getSPSSODescriptorFromEntityDescriptor(ed).addKeyDescriptor(keyDescriptor); + if (securityInfoRepresentation.getKeyDescriptors().size() > 0) { + SPSSODescriptor spssoDescriptor = getSPSSODescriptorFromEntityDescriptor(ed); + securityInfoRepresentation.getKeyDescriptors().forEach(keyDescRep -> { + spssoDescriptor.addKeyDescriptor(createKeyDescriptor(keyDescRep)); + }); } } else { ed.getOptionalSPSSODescriptor().ifPresent( spssoDescriptor -> { @@ -280,12 +317,12 @@ public static void setupSecurity(EntityDescriptor ed, EntityDescriptorRepresenta }); } } - + public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRepresentation representation) { if (representation.getServiceProviderSsoDescriptor() != null || representation.getProtocol() == EntityDescriptorProtocol.OIDC) { SPSSODescriptor spssoDescriptor = getSPSSODescriptorFromEntityDescriptor(ed); - spssoDescriptor.setSupportedProtocols(Collections.EMPTY_LIST); + spssoDescriptor.setSupportedProtocols(new ArrayList<>()); if (!Strings.isNullOrEmpty(representation.getServiceProviderSsoDescriptor().getProtocolSupportEnum())) { spssoDescriptor.setSupportedProtocols( Arrays.stream(representation.getServiceProviderSsoDescriptor().getProtocolSupportEnum().split(",")).map(p -> MDDCConstants.PROTOCOL_BINDINGS.get(p.trim())).collect(Collectors.toList()) @@ -303,17 +340,65 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep } } + // Setup Extensions if (representation.getProtocol() == EntityDescriptorProtocol.OIDC) { - spssoDescriptor.setExtensions(buildOidcExtensionsFromRepresentation(representation.getServiceProviderSsoDescriptor(false))); + spssoDescriptor.setExtensions(buildOAuthRPExtensionsFromRepresentation(representation.getServiceProviderSsoDescriptor(false))); } } else { ed.setRoleDescriptors(null); } } - private static Extensions buildOidcExtensionsFromRepresentation(@NonNull ServiceProviderSsoDescriptorRepresentation representation) { + private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull ServiceProviderSsoDescriptorRepresentation representation) { Extensions result = new Extensions(); - + HashMap oauthrpextMap = (HashMap) representation.getExtensions().get("OAuthRPExtensions"); + OAuthRPExtensions oAuthRPExtensions = new OAuthRPExtensions(); + oauthrpextMap.keySet().forEach(key -> { + try { + if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key)){ + Field field = oAuthRPExtensions.getClass().getDeclaredField(key); + field.setAccessible(true); + ((List) oauthrpextMap.get(key)).forEach(value -> { + switch (key) { + case "requestUris": + oAuthRPExtensions.addRequestUri(new RequestUri((value))); + break; + case "defaultAcrValues": + oAuthRPExtensions.addDefaultAcrValue(new DefaultAcrValue((value))); + break; + case "postLogoutRedirectUris": + oAuthRPExtensions.addPostLogoutRedirectUri(new PostLogoutRedirectUri((value))); + break; + } + }); + } + else if ("attributes".equals(key)) { + HashMap attributes = (HashMap) oauthrpextMap.get(key); + attributes.keySet().forEach(attKey -> { + try { + Field attField = oAuthRPExtensions.getClass().getDeclaredField(attKey); + attField.setAccessible(true); + if ("requireAuthTime".equals(attKey)) { + Boolean value = Boolean.valueOf(attributes.get(attKey).toString()); + attField.set(oAuthRPExtensions, value); + } else if ("defaultMaxAge".equals(attKey)) { + Integer value = Integer.valueOf(attributes.get(attKey).toString()); + attField.setInt(oAuthRPExtensions, value); + } else { + attField.set(oAuthRPExtensions, attributes.get(attKey).toString()); + } + } + catch (IllegalAccessException | NoSuchFieldException e) { + // skip it + } + }); + } + } + catch (NoSuchFieldException e) { + // skip it + } + }); + result.addUnknownXMLObject(oAuthRPExtensions); return result; } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/MDDCConstants.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/MDDCConstants.java index 05953056a..6cf0c8bea 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/MDDCConstants.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/MDDCConstants.java @@ -51,6 +51,8 @@ public class MDDCConstants { map.put(SAMLConstants.SAML20P_NS, "SAML 2"); map.put(SAMLConstants.SAML11P_NS, "SAML 1.1"); + map.put("http://openid.net/specs/openid-connect-core-1_0.html", "http://openid.net/specs/openid-connect-core-1_0.html"); + PROTOCOL_BINDINGS = Collections.unmodifiableMap(map); } -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index 3ffbe12e0..c59e87c2a 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -3,6 +3,7 @@ package edu.internet2.tier.shibboleth.admin.ui.controller import com.fasterxml.jackson.databind.ObjectMapper import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound @@ -22,7 +23,10 @@ import edu.internet2.tier.shibboleth.admin.ui.util.RandomGenerator import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator import edu.internet2.tier.shibboleth.admin.ui.util.WithMockAdmin import edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils +import groovy.json.JsonSlurper +import lombok.SneakyThrows import org.springframework.beans.factory.annotation.Autowired +import org.springframework.core.io.ClassPathResource import org.springframework.security.test.context.support.WithMockUser import org.springframework.test.web.servlet.setup.MockMvcBuilders import org.springframework.transaction.annotation.Transactional @@ -702,4 +706,23 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { e instanceof ConcurrentModificationException } } + + @WithMockAdmin + def "POST /EntityDescriptor OIDC descriptor"() { + when: + def result = mockMvc.perform(post('/api/EntityDescriptor').contentType(APPLICATION_JSON).content(fromFile("/json/SHIBUI-2380-1.json"))) + + then: + result.andExpect(status().isCreated()) + .andExpect(content().contentType(APPLICATION_JSON)) + .andExpect(jsonPath("\$.entityId").value("mockSamlClientId2")) + .andExpect(jsonPath("\$.serviceEnabled").value(false)) + .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) + } + + @SneakyThrows + private byte[] fromFile(String path) { + return new ClassPathResource(path).getInputStream().readAllBytes() + } } \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy index 4c572e2ad..25873b638 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy @@ -41,7 +41,7 @@ class AuxiliaryIntegrationTests extends Specification { def entityDescriptorRepresentation = entityDescriptorService.createRepresentationFromDescriptor(entityDescriptor).with { it.serviceProviderName = 'testme' it.contacts = [] - it.securityInfo.x509Certificates[0].name = 'testcert' + it.securityInfo.keyDescriptors[0].name = 'testcert' it.createdBy = 'root' it.setCreatedDate(LocalDateTime.now()) it.setModifiedDate(LocalDateTime.now()) diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy index 004e873ab..8de2ac759 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy @@ -3,9 +3,11 @@ package edu.internet2.tier.shibboleth.admin.ui.service import com.fasterxml.jackson.databind.ObjectMapper import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ContactRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.KeyDescriptorRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.LogoutEndpointRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation @@ -302,9 +304,10 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { + it.keyDescriptors = [new KeyDescriptorRepresentation().with { it.type = 'signing' it.value = 'certificate' + it.elementType = KeyDescriptorRepresentation.ElementType.X509Data it }] it @@ -341,9 +344,10 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { + it.keyDescriptors = [new KeyDescriptorRepresentation().with { it.type = 'encryption' it.value = 'certificate' + it.elementType = KeyDescriptorRepresentation.ElementType.X509Data it }] it @@ -380,9 +384,10 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def test = openSamlObjects.marshalToXmlString(service.createDescriptorFromRepresentation(new EntityDescriptorRepresentation().with { it.entityId = 'http://test.example.org/test1' it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation().with { + it.keyDescriptors = [new KeyDescriptorRepresentation().with { it.type = 'both' it.value = 'certificate' + it.elementType = KeyDescriptorRepresentation.ElementType.X509Data it }] it @@ -648,9 +653,6 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { def output = service.createRepresentationFromDescriptor(descriptor) then: - assert output.securityInfo.x509Certificates.size() == 1 - assert output.securityInfo.x509Certificates[0].type == 'both' - assert descriptor.getSPSSODescriptor('').getKeyDescriptors().size() == 1 assert descriptor.getSPSSODescriptor('').getKeyDescriptors()[0].getUse() == null } @@ -760,4 +762,13 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { return ed } + + def "SHIBUI-2830 OIDC"() { + when: + def representation = new ObjectMapper().readValue(this.class.getResource('/json/SHIBUI-2380.json').bytes, EntityDescriptorRepresentation) + def ed = service.createDescriptorFromRepresentation(representation) + + then: + assert ed.getProtocol() == EntityDescriptorProtocol.OIDC + } } \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy index ca2296299..c04106582 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy @@ -18,6 +18,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.SingleLogoutService import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ContactRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.KeyDescriptorRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.LogoutEndpointRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation @@ -59,7 +60,7 @@ class EntityDescriptorConversionUtilsTests extends Specification { expected.name = 'testName' when: - def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'signing', 'testValue') + def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'signing', 'testValue', KeyDescriptorRepresentation.ElementType.X509Data) then: assert keyDescriptor == expected @@ -78,15 +79,15 @@ class EntityDescriptorConversionUtilsTests extends Specification { expected.name = 'testName' when: - def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'both', 'testValue') + def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'both', 'testValue', KeyDescriptorRepresentation.ElementType.X509Data) then: assert keyDescriptor == expected } def 'test createKeyDescriptor equality'() { when: - def key1 = EntityDescriptorConversionUtils.createKeyDescriptor('test', 'signing', 'test') - def key2 = EntityDescriptorConversionUtils.createKeyDescriptor('test', 'signing', 'test') + def key1 = EntityDescriptorConversionUtils.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data) + def key2 = EntityDescriptorConversionUtils.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data) then: assert key1 == key2 @@ -592,8 +593,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'add signing certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [ - new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test', type: 'signing', value: 'test') + it.keyDescriptors = [ + new KeyDescriptorRepresentation(name: 'test', type: 'signing', value: 'test', elementType: KeyDescriptorRepresentation.ElementType.X509Data) ] it } @@ -604,7 +605,7 @@ class EntityDescriptorConversionUtilsTests extends Specification { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { it.addKeyDescriptor( - utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) + utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -616,9 +617,9 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'add another certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [ - new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test', type: 'signing', value: 'test'), - new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test2', type: 'encryption', value: 'test2') + it.keyDescriptors = [ + new KeyDescriptorRepresentation(name: 'test', type: 'signing', value: 'test', elementType: KeyDescriptorRepresentation.ElementType.X509Data), + new KeyDescriptorRepresentation(name: 'test2', type: 'encryption', value: 'test2', elementType: KeyDescriptorRepresentation.ElementType.X509Data) ] it } @@ -627,7 +628,7 @@ class EntityDescriptorConversionUtilsTests extends Specification { starter: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -636,8 +637,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { expected: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -649,8 +650,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { description: 'remove a certificate', representation: new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { - it.x509Certificates = [ - new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'test2', type: 'encryption', value: 'test2') + it.keyDescriptors = [ + new KeyDescriptorRepresentation(name: 'test2', type: 'encryption', value: 'test2', elementType: KeyDescriptorRepresentation.ElementType.X509Data) ] it } @@ -659,8 +660,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { starter: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -669,7 +670,7 @@ class EntityDescriptorConversionUtilsTests extends Specification { expected: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test2', 'encryption', 'test2', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -688,8 +689,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { starter: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'encryption', 'test')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'encryption', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) @@ -709,8 +710,8 @@ class EntityDescriptorConversionUtilsTests extends Specification { starter: openSAMLObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { it.getRoleDescriptors().add( openSAMLObjects.buildDefaultInstanceOfType(SPSSODescriptor.class).with { - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test')) - it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'encryption', 'test')) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'signing', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) + it.addKeyDescriptor(utilsUnderTest.createKeyDescriptor('test', 'encryption', 'test', KeyDescriptorRepresentation.ElementType.X509Data)) it } ) diff --git a/backend/src/test/resources/json/SHIBUI-187.json b/backend/src/test/resources/json/SHIBUI-187.json index 74c42bf34..bf3a284b1 100644 --- a/backend/src/test/resources/json/SHIBUI-187.json +++ b/backend/src/test/resources/json/SHIBUI-187.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [ { diff --git a/backend/src/test/resources/json/SHIBUI-211.json b/backend/src/test/resources/json/SHIBUI-211.json index 835860a9a..0bebe96fc 100644 --- a/backend/src/test/resources/json/SHIBUI-211.json +++ b/backend/src/test/resources/json/SHIBUI-211.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [], "serviceProviderSsoDescriptor": { diff --git a/backend/src/test/resources/json/SHIBUI-219-1.json b/backend/src/test/resources/json/SHIBUI-219-1.json index 6d5a32587..b0261431b 100644 --- a/backend/src/test/resources/json/SHIBUI-219-1.json +++ b/backend/src/test/resources/json/SHIBUI-219-1.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [], "serviceProviderSsoDescriptor": { diff --git a/backend/src/test/resources/json/SHIBUI-219-2.json b/backend/src/test/resources/json/SHIBUI-219-2.json index f2dd93df1..bc3034ce7 100644 --- a/backend/src/test/resources/json/SHIBUI-219-2.json +++ b/backend/src/test/resources/json/SHIBUI-219-2.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": true, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [], "serviceProviderSsoDescriptor": { diff --git a/backend/src/test/resources/json/SHIBUI-219-3.json b/backend/src/test/resources/json/SHIBUI-219-3.json index ae2e6ba70..08b082da2 100644 --- a/backend/src/test/resources/json/SHIBUI-219-3.json +++ b/backend/src/test/resources/json/SHIBUI-219-3.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [ { diff --git a/backend/src/test/resources/json/SHIBUI-223.json b/backend/src/test/resources/json/SHIBUI-223.json index 829a4c832..73f2c6a07 100644 --- a/backend/src/test/resources/json/SHIBUI-223.json +++ b/backend/src/test/resources/json/SHIBUI-223.json @@ -20,11 +20,12 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [ + "keyDescriptors": [ { "name": "test cert", "type": "both", - "value": "testcert" + "value": "testcert", + "elementType": "X509Data" } ] }, @@ -39,5 +40,6 @@ "nameIdFormats": [], "authenticationMethods": [] }, - "attributeRelease": [] + "attributeRelease": [], + "protocol": "SAML" } \ No newline at end of file diff --git a/backend/src/test/resources/json/SHIBUI-2380-1.json b/backend/src/test/resources/json/SHIBUI-2380-1.json new file mode 100644 index 000000000..2e83f768b --- /dev/null +++ b/backend/src/test/resources/json/SHIBUI-2380-1.json @@ -0,0 +1,90 @@ +{ + "assertionConsumerServices": [ + { + "locationUrl": "https://example.org/cb", + "binding": "https://tools.ietf.org/html/rfc6749#section-3.1.2", + "makeDefault": false + }, + { + "locationUrl": "https://example.org/cb2", + "binding": "https://tools.ietf.org/html/rfc6749#section-3.1.2", + "makeDefault": false + } + ], + "entityId": "mockSamlClientId2", + "idOfOwner": "admingroup", + "organization": {}, + "securityInfo": { + "authenticationRequestsSigned": false, + "wantAssertionsSigned": false, + "keyDescriptors": [ + { + "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB", + "type": "signing", + "elementType": "X509Data" + }, + { + "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w", + "type": "signing", + "elementType": "X509Data" + }, + { + "value": "ewogICJrdHkiOiAiUlNBIiwKICAiZSI6ICJBUUFCIiwKICAia2lkIjogIm1vY2siLAogICJhbGci", + "type": "signing", + "elementType": "jwksData" + }, + { + "value": "mockClientSecretValue", + "type": "both", + "elementType": "clientSecret" + } + ] + }, + "serviceEnabled": false, + "serviceProviderName": "charlesTest", + "serviceProviderSsoDescriptor": { + "nameIdFormats": [ + "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", + "urn:mace:shibboleth:metadata:oidc:1.0:nameid-format:pairwise" + ], + "extensions": { + "OAuthRPExtensions": { + "postLogoutRedirectUris": [ + "https://example.org/postLogout" + ], + "defaultAcrValues": [ + "password", + "mfa" + ], + "attributes": { + "clientUri": "https://example.org/clientUri", + "responseTypes": "code id_token", + "sectorIdentifierUri": "https://example.org/sectorIdentifier", + "idTokenEncryptedResponseAlg": "A256KW", + "applicationType": "web", + "tokenEndpointAuthSigningAlg": "RS512", + "idTokenEncryptedResponseEnc": "A256GCM", + "requireAuthTime": false, + "userInfoEncryptedResponseEnc": "A192GCM", + "userInfoSignedResponseAlg": "RS384", + "userInfoEncryptedResponseAlg": "A192KW", + "grantTypes": "authorization_code", + "softwareId": "mockSoftwareId", + "requestObjectEncryptionEnc": "A128GCM", + "initiateLoginUri": "https://example.org/initiateLogin", + "requestObjectEncryptionAlg": "A128KW", + "tokenEndpointAuthMethod": "client_secret_basic", + "requestObjectSigningAlg": "RS256", + "scopes": "openid profile", + "idTokenSignedResponseAlg": "RS512", + "softwareVersion": "mockSoftwareVersion", + "defaultMaxAge": 0 + }, + "requestUris": [ + "https://example.org/request" + ] + } + } + }, + "protocol": "OIDC" +} \ No newline at end of file diff --git a/backend/src/test/resources/json/SHIBUI-2380.json b/backend/src/test/resources/json/SHIBUI-2380.json new file mode 100644 index 000000000..1f73d2e23 --- /dev/null +++ b/backend/src/test/resources/json/SHIBUI-2380.json @@ -0,0 +1,96 @@ +{ + "assertionConsumerServices": [ + { + "locationUrl": "https://example.org/cb", + "binding": "https://tools.ietf.org/html/rfc6749#section-3.1.2", + "makeDefault": false + }, + { + "locationUrl": "https://example.org/cb2", + "binding": "https://tools.ietf.org/html/rfc6749#section-3.1.2", + "makeDefault": false + }, + { + "locationUrl": "https://example.org/cb3", + "binding": "http://example.org/not/supported/profile/id", + "makeDefault": false + } + ], + "entityId": "mockSamlClientId", + "idOfOwner": "admingroup", + "organization": {}, + "securityInfo": { + "authenticationRequestsSigned": false, + "wantAssertionsSigned": false, + "keyDescriptors": [ + { + "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB", + "type": "signing", + "elementType": "X509Data" + }, + { + "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w", + "type": "signing", + "elementType": "X509Data" + }, + { + "value": "https://example.org/jwks", + "type": "both", + "elementType": "jwksUri" + }, + { + "value": "mockClientSecretValue", + "type": "both", + "elementType": "clientSecret" + } + ] + }, + "serviceEnabled": false, + "serviceProviderName": "charlesTest3", + "serviceProviderSsoDescriptor": { + "protocolSupportEnum": "http://openid.net/specs/openid-connect-core-1_0.html", + "nameIdFormats": [ + "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", + "urn:mace:shibboleth:metadata:oidc:1.0:nameid-format:pairwise" + ], + "extensions": { + "OAuthRPExtensions": { + "postLogoutRedirectUris": [ + "https://example.org/postLogout" + ], + "defaultAcrValues": [ + "password", + "mfa" + ], + "attributes": { + "clientUri": "https://example.org/clientUri", + "responseTypes": "code id_token", + "sectorIdentifierUri": "https://example.org/sectorIdentifier", + "idTokenEncryptedResponseAlg": "A256KW", + "applicationType": "web", + "tokenEndpointAuthSigningAlg": "RS512", + "idTokenEncryptedResponseEnc": "A256GCM", + "requireAuthTime": false, + "userInfoEncryptedResponseEnc": "A192GCM", + "userInfoSignedResponseAlg": "RS384", + "userInfoEncryptedResponseAlg": "A192KW", + "grantTypes": "authorization_code", + "softwareId": "mockSoftwareId", + "requestObjectEncryptionEnc": "A128GCM", + "initiateLoginUri": "https://example.org/initiateLogin", + "requestObjectEncryptionAlg": "A128KW", + "tokenEndpointAuthMethod": "client_secret_basic", + "requestObjectSigningAlg": "RS256", + "scopes": "openid profile", + "idTokenSignedResponseAlg": "RS512", + "softwareVersion": "mockSoftwareVersion", + "defaultMaxAge": 0 + }, + "requestUris": [ + "https://example.org/request" + ] + } + } + }, + "protocol": "OIDC" +} \ No newline at end of file diff --git a/backend/src/test/resources/json/SHIBUI-855.json b/backend/src/test/resources/json/SHIBUI-855.json index 96207fafa..23e329146 100644 --- a/backend/src/test/resources/json/SHIBUI-855.json +++ b/backend/src/test/resources/json/SHIBUI-855.json @@ -20,7 +20,7 @@ "securityInfo": { "authenticationRequestsSigned": false, "wantAssertionsSigned": false, - "x509Certificates": [] + "keyDescriptors": [] }, "assertionConsumerServices": [ { From f5edb227b2f252efe270036c48aafa0340fdad99 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 22 Sep 2022 10:17:44 -0700 Subject: [PATCH 08/77] SHIBUI-2380 Incremental commit: - Added missing Audience list to the OAuthRPExtensions --- .../shibboleth/admin/ui/domain/Audience.java | 23 +++++++++++++++++++ .../ui/domain/oidc/OAuthRPExtensions.java | 9 ++++++++ .../oidc/OAuthRPExtensionsUnmarshaller.java | 5 +++- .../JPAEntityDescriptorServiceImpl.java | 5 ++++ .../util/EntityDescriptorConversionUtils.java | 8 ++++--- .../resources/jpa-saml2-assertion-config.xml | 10 ++++++-- .../modified-saml2-assertion-config.xml | 4 ++-- 7 files changed, 56 insertions(+), 8 deletions(-) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java new file mode 100644 index 000000000..d80b4e590 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java @@ -0,0 +1,23 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain; + +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; + +@Entity +@EqualsAndHashCode(callSuper = true) +@NoArgsConstructor +@Audited +public class Audience extends AbstractXMLObject implements org.opensaml.saml.saml2.core.Audience { + @Getter + @Setter + private String URI; + + public Audience(String value) { + this.setURI(value); + } +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java index 45fdcf650..a3872ddef 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java @@ -1,6 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; +import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; import lombok.Data; import lombok.EqualsAndHashCode; import lombok.NoArgsConstructor; @@ -33,6 +34,9 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole private String applicationType; + @OneToMany(cascade = CascadeType.ALL) + private List audiences = new ArrayList<>(); + private String clientUri; @OneToMany(cascade = CascadeType.ALL) @@ -100,6 +104,7 @@ public List getOrderedChildren() { result.addAll(defaultAcrValues); result.addAll(requestUris); result.addAll(postLogoutRedirectUris); + result.addAll(audiences); result.addAll(unknownXMLObjects); return result; } @@ -136,6 +141,10 @@ public List getRequestUris() { return result; } + public void addAudience(Audience aud) { + this.audiences.add(aud); + } + public void addDefaultAcrValue(DefaultAcrValue childSAMLObject) { defaultAcrValues.add(childSAMLObject); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java index 9cb6ee4f8..97a0b80e7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java @@ -1,5 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; +import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.io.UnmarshallingException; @@ -39,7 +40,9 @@ protected void processChildElement(final XMLObject parentSAMLObject, final XMLOb extensions.addRequestUri((RequestUri) childSAMLObject); } else if (childSAMLObject instanceof PostLogoutRedirectUri) { extensions.addPostLogoutRedirectUri((PostLogoutRedirectUri) childSAMLObject); - } else { + } else if (childSAMLObject instanceof Audience) { + extensions.addAudience((Audience) childSAMLObject); + }else { extensions.getUnknownXMLObjects().add(childSAMLObject); } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index f456c3248..e92191135 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -156,6 +156,11 @@ private Map buildOAuthRPExtensionsMap(EntityDescriptor ed) { oAuthRPExtensions.getDefaultAcrValues().forEach(acrValue -> defaultAcrValues.add(acrValue.getValue())); result.put("defaultAcrValues", defaultAcrValues); } + if (oAuthRPExtensions.getAudiences().size() > 0){ + List audiences = new ArrayList<>(); + oAuthRPExtensions.getAudiences().forEach(aud -> audiences.add(aud.getURI())); + result.put("audience", audiences); + } } } return result; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index d2f18d348..39f4cac1d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -3,6 +3,7 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.base.Strings; import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService; +import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPersonBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.Description; @@ -333,9 +334,7 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep if (representation.getServiceProviderSsoDescriptor() != null && representation.getServiceProviderSsoDescriptor().getNameIdFormats() != null && representation.getServiceProviderSsoDescriptor().getNameIdFormats().size() > 0) { for (String nameidFormat : representation.getServiceProviderSsoDescriptor().getNameIdFormats()) { NameIDFormat nameIDFormat = openSamlObjects.buildDefaultInstanceOfType(NameIDFormat.class); - nameIDFormat.setURI(nameidFormat); - spssoDescriptor.getNameIDFormats().add(nameIDFormat); } } @@ -355,7 +354,7 @@ private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull Serv OAuthRPExtensions oAuthRPExtensions = new OAuthRPExtensions(); oauthrpextMap.keySet().forEach(key -> { try { - if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key)){ + if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key) || "audience".equals(key)){ Field field = oAuthRPExtensions.getClass().getDeclaredField(key); field.setAccessible(true); ((List) oauthrpextMap.get(key)).forEach(value -> { @@ -369,6 +368,9 @@ private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull Serv case "postLogoutRedirectUris": oAuthRPExtensions.addPostLogoutRedirectUri(new PostLogoutRedirectUri((value))); break; + case "audience": + oAuthRPExtensions.addAudience(new Audience(value)); + break; } }); } diff --git a/backend/src/main/resources/jpa-saml2-assertion-config.xml b/backend/src/main/resources/jpa-saml2-assertion-config.xml index 2cf8d5dd5..99cf4995e 100644 --- a/backend/src/main/resources/jpa-saml2-assertion-config.xml +++ b/backend/src/main/resources/jpa-saml2-assertion-config.xml @@ -16,6 +16,12 @@ - + + + + + + + - + \ No newline at end of file diff --git a/backend/src/main/resources/modified-saml2-assertion-config.xml b/backend/src/main/resources/modified-saml2-assertion-config.xml index 3349e4558..5dcb3688d 100644 --- a/backend/src/main/resources/modified-saml2-assertion-config.xml +++ b/backend/src/main/resources/modified-saml2-assertion-config.xml @@ -70,13 +70,13 @@ - + From fa278012eb4ca96679c3095479d279aaecda19bb Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 22 Sep 2022 10:20:37 -0700 Subject: [PATCH 09/77] SHIBUI-2380 Incremental commit: - correcting audience to audiences in the JSON --- .../admin/ui/service/JPAEntityDescriptorServiceImpl.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index e92191135..18bb322f0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -159,7 +159,7 @@ private Map buildOAuthRPExtensionsMap(EntityDescriptor ed) { if (oAuthRPExtensions.getAudiences().size() > 0){ List audiences = new ArrayList<>(); oAuthRPExtensions.getAudiences().forEach(aud -> audiences.add(aud.getURI())); - result.put("audience", audiences); + result.put("audiences", audiences); } } } From b36a3a249e0f39e1d61e442c19ac892e55f62c30 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 23 Sep 2022 10:25:23 -0700 Subject: [PATCH 10/77] SHIBUI-2380 Incremental commit: - unit tests and code corrections --- backend/build.gradle | 3 +- .../shibboleth/admin/ui/domain/Audience.java | 4 - .../admin/ui/domain/RoleDescriptor.java | 4 +- .../admin/ui/domain/oidc/DefaultAcrValue.java | 3 - .../ui/domain/oidc/PostLogoutRedirectUri.java | 3 - .../admin/ui/domain/oidc/RequestUri.java | 3 - .../JPAEntityDescriptorServiceImpl.java | 6 +- .../util/EntityDescriptorConversionUtils.java | 111 +++--- .../EntityDescriptorControllerTests.groovy | 91 ++++- ...XMLObjectProviderInitializerForTest.groovy | 8 +- ...JPAEntityDescriptorServiceImplTests.groovy | 28 ++ .../admin/ui/util/TestHelpers.groovy | 8 + .../resources/jpa-saml2-assertion-config.xml | 27 ++ .../test/resources/jpa-shib-oidc-config.xml | 59 ++++ .../test/resources/jpa-signature-config.xml | 31 +- .../src/test/resources/json/SHIBUI-2380.json | 9 +- .../test/resources/metadata/SHIBUI-2380.xml | 76 ++++ .../modified-saml2-assertion-config.xml | 325 ++++++++++++++++++ 18 files changed, 703 insertions(+), 96 deletions(-) create mode 100644 backend/src/test/resources/jpa-saml2-assertion-config.xml create mode 100644 backend/src/test/resources/jpa-shib-oidc-config.xml create mode 100644 backend/src/test/resources/metadata/SHIBUI-2380.xml create mode 100644 backend/src/test/resources/modified-saml2-assertion-config.xml diff --git a/backend/build.gradle b/backend/build.gradle index 9dec8da20..a4ca532b1 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -195,7 +195,8 @@ dependencies { testCompile "org.springframework.boot:spring-boot-starter-test:${project.'springbootVersion'}" testCompile "org.springframework.security:spring-security-test:${project.'springSecurityVersion'}" testCompile 'org.skyscreamer:jsonassert:1.5.0' - testCompile "org.xmlunit:xmlunit-core:2.5.1" + testImplementation "org.xmlunit:xmlunit-core:2.9.0" + testImplementation "org.xmlunit:xmlunit-assertj:2.9.0" testRuntime 'cglib:cglib-nodep:3.2.5' compile "net.shibboleth.ext:spring-extensions:6.2.0" diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java index d80b4e590..87833d3bc 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java @@ -16,8 +16,4 @@ public class Audience extends AbstractXMLObject implements org.opensaml.saml.sam @Getter @Setter private String URI; - - public Audience(String value) { - this.setURI(value); - } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java index 383d7237b..cae6d277a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java @@ -91,7 +91,9 @@ public boolean isSupportedProtocol(String s) { @Override public void addSupportedProtocol(String supportedProtocol) { - supportedProtocols.add(supportedProtocol); + if (!supportedProtocols.contains(supportedProtocol)) { + supportedProtocols.add(supportedProtocol); + } } @Override diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java index 954fa9db5..6610001aa 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java @@ -11,7 +11,4 @@ @NoArgsConstructor @Audited public class DefaultAcrValue extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue { - public DefaultAcrValue(String value) { - this.setValue(value); - } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java index 2c66e75e3..0c326043d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java @@ -11,7 +11,4 @@ @NoArgsConstructor @Audited public class PostLogoutRedirectUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri { - public PostLogoutRedirectUri(String value) { - this.setValue(value); - } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java index ee9885ebd..4be5c0c60 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java @@ -11,7 +11,4 @@ @NoArgsConstructor @Audited public class RequestUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.RequestUri { - public RequestUri(String value) { - this.setValue(value); - } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 18bb322f0..b7b034546 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -181,6 +181,9 @@ public EntityDescriptorRepresentation createNew(EntityDescriptor ed) throws Forb public EntityDescriptorRepresentation createNewEntityDescriptorFromXMLOrigin(EntityDescriptor ed) { ed.setIdOfOwner(userService.getCurrentUserGroup().getOwnerId()); ed.setProtocol(determineEntityDescriptorProtocol(ed)); + if (ed.getProtocol() == EntityDescriptorProtocol.OIDC) { + ed.getSPSSODescriptor("").addSupportedProtocol("http://openid.net/specs/openid-connect-core-1_0.html"); + } EntityDescriptor savedEntity = entityDescriptorRepository.save(ed); return createRepresentationFromDescriptor(savedEntity); } @@ -204,8 +207,7 @@ public EntityDescriptorRepresentation updateGroupForEntityDescriptor(String reso } @Override - public EntityDescriptorRepresentation createNew(EntityDescriptorRepresentation edRep) - throws ForbiddenException, ObjectIdExistsException, InvalidPatternMatchException { + public EntityDescriptorRepresentation createNew(EntityDescriptorRepresentation edRep) throws ForbiddenException, ObjectIdExistsException, InvalidPatternMatchException { if (edRep.isServiceEnabled() && !userService.currentUserIsAdmin()) { throw new ForbiddenException("You do not have the permissions necessary to enable this service."); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index 39f4cac1d..7a32ff156 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -4,6 +4,7 @@ import com.google.common.base.Strings; import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService; import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; +import edu.internet2.tier.shibboleth.admin.ui.domain.AudienceBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson; import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPersonBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.Description; @@ -14,9 +15,11 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import edu.internet2.tier.shibboleth.admin.ui.domain.Extensions; +import edu.internet2.tier.shibboleth.admin.ui.domain.ExtensionsBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.GivenName; import edu.internet2.tier.shibboleth.admin.ui.domain.InformationURL; import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor; +import edu.internet2.tier.shibboleth.admin.ui.domain.KeyName; import edu.internet2.tier.shibboleth.admin.ui.domain.Logo; import edu.internet2.tier.shibboleth.admin.ui.domain.NameIDFormat; import edu.internet2.tier.shibboleth.admin.ui.domain.Organization; @@ -37,11 +40,17 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.AbstractValueXMLObject; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ClientSecret; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ClientSecretKeyReference; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.DefaultAcrValue; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.DefaultAcrValueBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.JwksData; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.JwksUri; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.PostLogoutRedirectUri; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.PostLogoutRedirectUriBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.RequestUri; +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.RequestUriBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.service.EntityService; @@ -75,16 +84,18 @@ public class EntityDescriptorConversionUtils { public static KeyDescriptor createKeyDescriptor(String name, String usageType, String value, KeyDescriptorRepresentation.ElementType elementType) { KeyDescriptor keyDescriptor = openSamlObjects.buildDefaultInstanceOfType(KeyDescriptor.class); - + KeyInfo keyInfo = openSamlObjects.buildDefaultInstanceOfType(KeyInfo.class); if (!Strings.isNullOrEmpty(name)) { keyDescriptor.setName(name); + KeyName keyName = openSamlObjects.buildDefaultInstanceOfType(KeyName.class); + keyName.setValue(name); + keyInfo.getXMLObjects().add(keyName); } if (!"both".equals(usageType)) { keyDescriptor.setUsageType(usageType); } - KeyInfo keyInfo = openSamlObjects.buildDefaultInstanceOfType(KeyInfo.class); AbstractValueXMLObject xmlObject; switch (elementType) { case X509Data: @@ -100,17 +111,17 @@ public static KeyDescriptor createKeyDescriptor(String name, String usageType, S keyInfo.getXMLObjects().add(xmlObject); break; case jwksUri: - xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksUri.class); xmlObject.setValue(value); keyInfo.getXMLObjects().add(xmlObject); break; case clientSecret: - xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject = openSamlObjects.buildDefaultInstanceOfType(ClientSecret.class); xmlObject.setValue(value); keyInfo.getXMLObjects().add(xmlObject); break; case clientSecretKeyReference: - xmlObject = openSamlObjects.buildDefaultInstanceOfType(JwksData.class); + xmlObject = openSamlObjects.buildDefaultInstanceOfType(ClientSecretKeyReference.class); xmlObject.setValue(value); keyInfo.getXMLObjects().add(xmlObject); break; @@ -349,55 +360,55 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep } private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull ServiceProviderSsoDescriptorRepresentation representation) { - Extensions result = new Extensions(); + Extensions result = new ExtensionsBuilder().buildObject(); HashMap oauthrpextMap = (HashMap) representation.getExtensions().get("OAuthRPExtensions"); OAuthRPExtensions oAuthRPExtensions = new OAuthRPExtensions(); oauthrpextMap.keySet().forEach(key -> { - try { - if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key) || "audience".equals(key)){ - Field field = oAuthRPExtensions.getClass().getDeclaredField(key); - field.setAccessible(true); - ((List) oauthrpextMap.get(key)).forEach(value -> { - switch (key) { - case "requestUris": - oAuthRPExtensions.addRequestUri(new RequestUri((value))); - break; - case "defaultAcrValues": - oAuthRPExtensions.addDefaultAcrValue(new DefaultAcrValue((value))); - break; - case "postLogoutRedirectUris": - oAuthRPExtensions.addPostLogoutRedirectUri(new PostLogoutRedirectUri((value))); - break; - case "audience": - oAuthRPExtensions.addAudience(new Audience(value)); - break; - } - }); - } - else if ("attributes".equals(key)) { - HashMap attributes = (HashMap) oauthrpextMap.get(key); - attributes.keySet().forEach(attKey -> { - try { - Field attField = oAuthRPExtensions.getClass().getDeclaredField(attKey); - attField.setAccessible(true); - if ("requireAuthTime".equals(attKey)) { - Boolean value = Boolean.valueOf(attributes.get(attKey).toString()); - attField.set(oAuthRPExtensions, value); - } else if ("defaultMaxAge".equals(attKey)) { - Integer value = Integer.valueOf(attributes.get(attKey).toString()); - attField.setInt(oAuthRPExtensions, value); - } else { - attField.set(oAuthRPExtensions, attributes.get(attKey).toString()); - } - } - catch (IllegalAccessException | NoSuchFieldException e) { - // skip it + if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key) || "audiences".equals(key)) { + ((List) oauthrpextMap.get(key)).forEach(value -> { + switch (key) { + case "requestUris": + RequestUri ru = new RequestUriBuilder().buildObject(); + ru.setValue(value); + oAuthRPExtensions.addRequestUri(ru); + break; + case "defaultAcrValues": + DefaultAcrValue dav = new DefaultAcrValueBuilder().buildObject(); + dav.setValue(value); + oAuthRPExtensions.addDefaultAcrValue(dav); + break; + case "postLogoutRedirectUris": + PostLogoutRedirectUri plru = new PostLogoutRedirectUriBuilder().buildObject(); + plru.setValue(value); + oAuthRPExtensions.addPostLogoutRedirectUri(plru); + break; + case "audiences": + Audience audience = new AudienceBuilder().buildObject(); + audience.setURI(value); + oAuthRPExtensions.addAudience(audience); + break; + } + }); + } else if ("attributes".equals(key)) { + HashMap attributes = (HashMap) oauthrpextMap.get(key); + attributes.keySet().forEach(attKey -> { + try { + Field attField = oAuthRPExtensions.getClass().getDeclaredField(attKey); + attField.setAccessible(true); + if ("requireAuthTime".equals(attKey)) { + Boolean value = Boolean.valueOf(attributes.get(attKey).toString()); + attField.set(oAuthRPExtensions, value); + } else if ("defaultMaxAge".equals(attKey)) { + Integer value = Integer.valueOf(attributes.get(attKey).toString()); + attField.setInt(oAuthRPExtensions, value); + } else { + attField.set(oAuthRPExtensions, attributes.get(attKey).toString()); } - }); - } - } - catch (NoSuchFieldException e) { - // skip it + } + catch (IllegalAccessException | NoSuchFieldException e) { + // skip it + } + }); } }); result.addUnknownXMLObject(oAuthRPExtensions); diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index c59e87c2a..a78a76c24 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -3,13 +3,12 @@ package edu.internet2.tier.shibboleth.admin.ui.controller import com.fasterxml.jackson.databind.ObjectMapper import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor -import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository import edu.internet2.tier.shibboleth.admin.ui.security.model.Group @@ -20,10 +19,10 @@ import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorVersionSer import edu.internet2.tier.shibboleth.admin.ui.service.EntityService import edu.internet2.tier.shibboleth.admin.ui.service.JPAEntityDescriptorServiceImpl import edu.internet2.tier.shibboleth.admin.ui.util.RandomGenerator +import edu.internet2.tier.shibboleth.admin.ui.util.TestHelpers import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator import edu.internet2.tier.shibboleth.admin.ui.util.WithMockAdmin import edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils -import groovy.json.JsonSlurper import lombok.SneakyThrows import org.springframework.beans.factory.annotation.Autowired import org.springframework.core.io.ClassPathResource @@ -35,6 +34,7 @@ import org.springframework.web.util.NestedServletException import spock.lang.Subject import javax.persistence.EntityManager +import java.nio.charset.StandardCharsets import static org.hamcrest.CoreMatchers.containsString import static org.springframework.http.MediaType.APPLICATION_JSON @@ -47,6 +47,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers. import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.xpath class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { @Autowired @@ -78,7 +79,9 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { def controller EntityDescriptorVersionService versionService = Mock() - + + def shortNameToOAuth = "\$.serviceProviderSsoDescriptor.extensions.OAuthRPExtensions." + @Transactional def setup() { openSamlObjects.init() @@ -708,7 +711,7 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { } @WithMockAdmin - def "POST /EntityDescriptor OIDC descriptor"() { + def "POST /EntityDescriptor OIDC descriptor - incoming JSON"() { when: def result = mockMvc.perform(post('/api/EntityDescriptor').contentType(APPLICATION_JSON).content(fromFile("/json/SHIBUI-2380-1.json"))) @@ -719,6 +722,84 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { .andExpect(jsonPath("\$.serviceEnabled").value(false)) .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseEnc").value("A256GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.applicationType").value("web")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseEnc").value("A192GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoSignedResponseAlg").value("RS384")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseAlg").value("A192KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.grantTypes").value("authorization_code")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareId").value("mockSoftwareId")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectEncryptionEnc").value("A128GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.initiateLoginUri").value("https://example.org/initiateLogin")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectSigningAlg").value("RS256")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.scopes").value("openid profile")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseAlg").value("A256KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareVersion").value("mockSoftwareVersion")) + .andExpect(jsonPath(shortNameToOAuth + "postLogoutRedirectUris[0]").value("https://example.org/postLogout")) + .andExpect(jsonPath(shortNameToOAuth + "requestUris[0]").value("https://example.org/request")) + .andExpect(jsonPath(shortNameToOAuth + "defaultAcrValues").isArray()) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requireAuthTime").value(Boolean.FALSE)) + .andExpect(jsonPath(shortNameToOAuth + "attributes.defaultMaxAge").value(Integer.valueOf(0))) + } + + @WithMockAdmin + def 'GET /EntityDescriptor/{resourceId} existing as oidc xml'() { + given: + def representation = new ObjectMapper().readValue(this.class.getResource('/json/SHIBUI-2380.json').bytes, EntityDescriptorRepresentation) + jpaEntityDescriptorService.createNew(representation) + def edResourceId = jpaEntityDescriptorService.getAllEntityDescriptorProjectionsBasedOnUserAccess().get(0).getResourceId() + + when: + def result = mockMvc.perform(get("/api/EntityDescriptor/" + edResourceId).accept(APPLICATION_XML)) + + then: + String xmlContent = result.andReturn().getResponse().getContentAsString(); + result.andExpect(status().isOk()) + TestHelpers.generatedXmlIsTheSameAsExpectedXml(new String(fromFile("/metadata/SHIBUI-2380.xml"), StandardCharsets.UTF_8), xmlContent) + } + + @WithMockAdmin + def "POST /EntityDescriptor OIDC descriptor - incoming XML"() { + when: + def result = mockMvc.perform(post('/api/EntityDescriptor').contentType(APPLICATION_XML).content(fromFile("/metadata/SHIBUI-2380.xml")).param("spName", "testing")) + + then: + result.andExpect(status().isCreated()) + .andExpect(content().contentType(APPLICATION_JSON)) + .andExpect(jsonPath("\$.entityId").value("mockSamlClientId")) + .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) + .andExpect(jsonPath("\$.protocol").value("OIDC")) + .andExpect(jsonPath("\$.serviceEnabled").value(false)) + .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseEnc").value("A256GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.applicationType").value("web")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseEnc").value("A192GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoSignedResponseAlg").value("RS384")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseAlg").value("A192KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.grantTypes").value("authorization_code")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareId").value("mockSoftwareId")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectEncryptionEnc").value("A128GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.initiateLoginUri").value("https://example.org/initiateLogin")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectSigningAlg").value("RS256")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.scopes").value("openid profile")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseAlg").value("A256KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareVersion").value("mockSoftwareVersion")) + .andExpect(jsonPath(shortNameToOAuth + "postLogoutRedirectUris[0]").value("https://example.org/postLogout")) + .andExpect(jsonPath(shortNameToOAuth + "requestUris[0]").value("https://example.org/request")) + .andExpect(jsonPath(shortNameToOAuth + "audiences[0]").value("http://mypeeps")) + .andExpect(jsonPath(shortNameToOAuth + "defaultAcrValues").isArray()) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requireAuthTime").value(Boolean.FALSE)) + .andExpect(jsonPath(shortNameToOAuth + "attributes.defaultMaxAge").value(Integer.valueOf(0))) } @SneakyThrows diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy index f84afdcc5..86e24419d 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy @@ -6,7 +6,13 @@ class JPAXMLObjectProviderInitializerForTest extends AbstractXMLObjectProviderIn @Override protected String[] getConfigResources() { return new String[]{ - "/jpa-saml2-metadata-config.xml", "jpa-saml2-metadata-algorithm-config.xml", "jpa-encryption-config.xml", "jpa-signature-config.xml" + "/jpa-saml2-metadata-config.xml", + "jpa-saml2-metadata-algorithm-config.xml", + "jpa-encryption-config.xml", + "jpa-signature-config.xml", + "jpa-saml2-assertion-config.xml", + "jpa-shib-oidc-config.xml", + "modified-saml2-assertion-config.xml" } } } \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy index 8de2ac759..14ad669c5 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImplTests.groovy @@ -13,6 +13,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.SecurityInfoRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation +import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.util.RandomGenerator import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator @@ -767,8 +768,35 @@ class JPAEntityDescriptorServiceImplTests extends AbstractBaseDataJpaTest { when: def representation = new ObjectMapper().readValue(this.class.getResource('/json/SHIBUI-2380.json').bytes, EntityDescriptorRepresentation) def ed = service.createDescriptorFromRepresentation(representation) + def oauthRpExt = (OAuthRPExtensions) ed.getSPSSODescriptor("").getExtensions().getOrderedChildren().get(0) then: assert ed.getProtocol() == EntityDescriptorProtocol.OIDC + assert oauthRpExt.getDefaultAcrValues().size() == 2 + assert oauthRpExt.getPostLogoutRedirectUris().size() == 1 + assert oauthRpExt.getRequestUris().size() == 1 + assert oauthRpExt.getAudiences().size() == 1 + assert oauthRpExt.getClientUri().equals("https://example.org/clientUri") + assert oauthRpExt.getResponseTypes().equals("code id_token") + assert oauthRpExt.getSectorIdentifierUri().equals("https://example.org/sectorIdentifier") + assert oauthRpExt.getIdTokenEncryptedResponseEnc().equals("A256GCM") + assert oauthRpExt.getApplicationType().equals("web") + assert oauthRpExt.getTokenEndpointAuthMethod().equals("client_secret_basic") + assert oauthRpExt.isRequireAuthTime() == false + + assert oauthRpExt.getUserInfoEncryptedResponseEnc().equals("A192GCM") + assert oauthRpExt.getUserInfoSignedResponseAlg().equals("RS384") + assert oauthRpExt.getUserInfoEncryptedResponseAlg().equals("A192KW") + assert oauthRpExt.getGrantTypes().equals("authorization_code") + assert oauthRpExt.getSoftwareId().equals("mockSoftwareId") + assert oauthRpExt.getRequestObjectEncryptionEnc().equals("A128GCM") + assert oauthRpExt.getInitiateLoginUri().equals("https://example.org/initiateLogin") + assert oauthRpExt.getTokenEndpointAuthMethod().equals("client_secret_basic") + assert oauthRpExt.getRequestObjectSigningAlg().equals("RS256") + assert oauthRpExt.getScopes().equals("openid profile") + assert oauthRpExt.getIdTokenEncryptedResponseAlg().equals("A256KW") + assert oauthRpExt.getSoftwareVersion().equals("mockSoftwareVersion") + + assert oauthRpExt.getDefaultMaxAge() == 0 } } \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy index e2d67412e..ed8815127 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy @@ -6,9 +6,12 @@ import junit.framework.Assert import org.apache.commons.lang.StringUtils import org.w3c.dom.Document import org.w3c.dom.Node +import org.xmlunit.assertj.XmlAssert import org.xmlunit.builder.DiffBuilder import org.xmlunit.builder.Input import org.xmlunit.builder.Input.Builder +import org.xmlunit.diff.DefaultNodeMatcher +import org.xmlunit.diff.ElementSelectors import javax.xml.transform.Source import javax.xml.transform.Transformer @@ -37,6 +40,11 @@ class TestHelpers { return count } + static void generatedXmlIsTheSameAsExpectedXml(String expectedXmlResource, String generatedXml) { + XmlAssert.assertThat(generatedXml).and(expectedXmlResource).ignoreWhitespace().normalizeWhitespace() + .withNodeMatcher(new DefaultNodeMatcher(ElementSelectors.byNameAndText)).areSimilar(); + } + static void generatedXmlIsTheSameAsExpectedXml(String expectedXmlResource, Document generatedXml) { def Builder builder = Input.fromDocument(generatedXml) def Source source = builder.build() diff --git a/backend/src/test/resources/jpa-saml2-assertion-config.xml b/backend/src/test/resources/jpa-saml2-assertion-config.xml new file mode 100644 index 000000000..99cf4995e --- /dev/null +++ b/backend/src/test/resources/jpa-saml2-assertion-config.xml @@ -0,0 +1,27 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/backend/src/test/resources/jpa-shib-oidc-config.xml b/backend/src/test/resources/jpa-shib-oidc-config.xml new file mode 100644 index 000000000..7bf05eeb4 --- /dev/null +++ b/backend/src/test/resources/jpa-shib-oidc-config.xml @@ -0,0 +1,59 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/backend/src/test/resources/jpa-signature-config.xml b/backend/src/test/resources/jpa-signature-config.xml index 9a8da32e8..b2450ac71 100644 --- a/backend/src/test/resources/jpa-signature-config.xml +++ b/backend/src/test/resources/jpa-signature-config.xml @@ -16,16 +16,7 @@ - - - - + @@ -56,20 +47,20 @@ - + +--> + @@ -84,13 +75,13 @@ - + @@ -98,13 +89,13 @@ - + @@ -154,13 +145,13 @@ - + diff --git a/backend/src/test/resources/json/SHIBUI-2380.json b/backend/src/test/resources/json/SHIBUI-2380.json index 1f73d2e23..f71c6de6b 100644 --- a/backend/src/test/resources/json/SHIBUI-2380.json +++ b/backend/src/test/resources/json/SHIBUI-2380.json @@ -17,7 +17,6 @@ } ], "entityId": "mockSamlClientId", - "idOfOwner": "admingroup", "organization": {}, "securityInfo": { "authenticationRequestsSigned": false, @@ -35,26 +34,30 @@ }, { "value": "https://example.org/jwks", + "name": "mockJwksUri", "type": "both", "elementType": "jwksUri" }, { "value": "mockClientSecretValue", + "name": "mockClientSecret", "type": "both", "elementType": "clientSecret" } ] }, "serviceEnabled": false, - "serviceProviderName": "charlesTest3", + "serviceProviderName": "charlesTest", "serviceProviderSsoDescriptor": { - "protocolSupportEnum": "http://openid.net/specs/openid-connect-core-1_0.html", "nameIdFormats": [ "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:mace:shibboleth:metadata:oidc:1.0:nameid-format:pairwise" ], "extensions": { "OAuthRPExtensions": { + "audiences": [ + "http://mypeeps" + ], "postLogoutRedirectUris": [ "https://example.org/postLogout" ], diff --git a/backend/src/test/resources/metadata/SHIBUI-2380.xml b/backend/src/test/resources/metadata/SHIBUI-2380.xml new file mode 100644 index 000000000..7f292cdcd --- /dev/null +++ b/backend/src/test/resources/metadata/SHIBUI-2380.xml @@ -0,0 +1,76 @@ + + + + + + + password + mfa + https://example.org/request + https://example.org/postLogout + http://mypeeps + + + + + + + MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB + + + + + + + + + MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w + + + + + + + mockJwksUri + https://example.org/jwks + + + + + mockClientSecret + mockClientSecretValue + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + urn:mace:shibboleth:metadata:oidc:1.0:nameid-format:pairwise + + + + + \ No newline at end of file diff --git a/backend/src/test/resources/modified-saml2-assertion-config.xml b/backend/src/test/resources/modified-saml2-assertion-config.xml new file mode 100644 index 000000000..5dcb3688d --- /dev/null +++ b/backend/src/test/resources/modified-saml2-assertion-config.xml @@ -0,0 +1,325 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file From 361a34dfc71f091cb9cd32665c79045513a0a219 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 23 Sep 2022 10:55:05 -0700 Subject: [PATCH 11/77] SHIBUI-2380 Incremental commit: - unit tests and code corrections --- .../EntityDescriptorConversionUtilsTests.groovy | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy index c04106582..204ffaf52 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/EntityDescriptorConversionUtilsTests.groovy @@ -51,37 +51,38 @@ class EntityDescriptorConversionUtilsTests extends Specification { given: def expectedXml = ''' + testName testValue ''' - def expected = openSAMLObjects.unmarshallFromXml(expectedXml.bytes, KeyDescriptor) - expected.name = 'testName' when: def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'signing', 'testValue', KeyDescriptorRepresentation.ElementType.X509Data) + def generated = openSAMLObjects.marshalToXmlString(keyDescriptor) then: - assert keyDescriptor == expected + TestHelpers.generatedXmlIsTheSameAsExpectedXml(expectedXml, generated) } def "test createKeyDescriptor, both type"() { given: def expectedXml = ''' + testName testValue ''' - def expected = openSAMLObjects.unmarshallFromXml(expectedXml.bytes, KeyDescriptor) - expected.name = 'testName' when: def keyDescriptor = EntityDescriptorConversionUtils.createKeyDescriptor('testName', 'both', 'testValue', KeyDescriptorRepresentation.ElementType.X509Data) + def generated = openSAMLObjects.marshalToXmlString(keyDescriptor) + then: - assert keyDescriptor == expected + TestHelpers.generatedXmlIsTheSameAsExpectedXml(expectedXml, generated) } def 'test createKeyDescriptor equality'() { From 2369e036b04bdd1067018a3742ab1fe1ef4b656a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 23 Sep 2022 15:02:19 -0700 Subject: [PATCH 12/77] SHIBUI-2380 Incremental commit: - added ability to get metadata schema by type (oidc | saml) - unit tests and code corrections --- ...tadataSourcesUiDefinitionController.groovy | 25 +- ...torSchemaValidatingControllerAdvice.groovy | 6 +- .../JsonSchemaComponentsConfiguration.java | 20 +- .../jsonschema/JsonSchemaLocationLookup.java | 20 +- .../JsonSchemaResourceLocation.java | 3 +- .../src/main/resources/application.properties | 3 +- .../metadata-sources-ui-schema-oidc.json | 529 ++++++++++++++++++ .../metadata-sources-ui-schema-saml.json | 529 ++++++++++++++++++ ...efinitionControllerIntegrationTests.groovy | 24 +- .../service/AuxiliaryIntegrationTests.groovy | 5 +- .../metadata-sources-ui-schema.json.old | 442 --------------- 11 files changed, 1127 insertions(+), 479 deletions(-) create mode 100644 backend/src/main/resources/metadata-sources-ui-schema-oidc.json create mode 100644 backend/src/main/resources/metadata-sources-ui-schema-saml.json delete mode 100644 backend/src/test/resources/metadata-sources-ui-schema.json.old diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy index fa21d8a31..a5c6ecdf3 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy @@ -12,11 +12,13 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.RequestMapping +import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController import javax.annotation.PostConstruct -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesOIDCSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSAMLSchema import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR /** @@ -30,13 +32,13 @@ import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR @RequestMapping('/api/ui/MetadataSources') @Tags(value = [@Tag(name = "ui")]) class MetadataSourcesUiDefinitionController { - - private static final Logger logger = LoggerFactory.getLogger(MetadataSourcesUiDefinitionController.class); + private static final Logger log = LoggerFactory.getLogger(MetadataSourcesUiDefinitionController.class); @Autowired JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry - JsonSchemaResourceLocation jsonSchemaLocation + private JsonSchemaResourceLocation oidcJsonSchemaLocation + private JsonSchemaResourceLocation samlJsonSchemaLocation @Autowired ObjectMapper jacksonObjectMapper @@ -45,10 +47,10 @@ class MetadataSourcesUiDefinitionController { JsonSchemaBuilderService jsonSchemaBuilderService @GetMapping - // TODO - CHARLES add type ( SAML|OIDC ) variable to return the correct one - default to saml... - ResponseEntity getUiDefinitionJsonSchema() { + ResponseEntity getUiDefinitionJsonSchema(@RequestParam(defaultValue = "saml") String protocol) { + URL url = protocol.equals("oidc") ? oidcJsonSchemaLocation.url : samlJsonSchemaLocation.url try { - def parsedJson = jacksonObjectMapper.readValue(this.jsonSchemaLocation.url, Map) + def parsedJson = jacksonObjectMapper.readValue(url, Map) jsonSchemaBuilderService.hideServiceEnabledFromNonAdmins(parsedJson) jsonSchemaBuilderService.addReleaseAttributesToJson(parsedJson['properties']['attributeRelease']['items']) jsonSchemaBuilderService.addRelyingPartyOverridesToJson(parsedJson['properties']['relyingPartyOverrides']) @@ -56,15 +58,14 @@ class MetadataSourcesUiDefinitionController { return ResponseEntity.ok(parsedJson) } catch (IOException e) { - logger.error("An error occurred while attempting to get json schema for metadata sources!", e) - return ResponseEntity.status(INTERNAL_SERVER_ERROR) - .body([jsonParseError : e.getMessage(), - sourceUiSchemaDefinitionFile: this.jsonSchemaLocation.url]) + log.error("An error occurred while attempting to get json schema for metadata sources!", e) + return ResponseEntity.status(INTERNAL_SERVER_ERROR).body([jsonParseError : e.getMessage(), sourceUiSchemaDefinitionFile: this.samlJsonSchemaLocation.url]) } } @PostConstruct void init() { - this.jsonSchemaLocation = metadataSourcesSchema(this.jsonSchemaResourceLocationRegistry); + this.samlJsonSchemaLocation = metadataSourcesSAMLSchema(this.jsonSchemaResourceLocationRegistry); + this.oidcJsonSchemaLocation = metadataSourcesOIDCSchema(this.jsonSchemaResourceLocationRegistry); } } \ No newline at end of file diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy index f25950256..8dca94fdc 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy @@ -12,7 +12,7 @@ import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAd import javax.annotation.PostConstruct import java.lang.reflect.Type -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSAMLSchema import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator.validatePayloadAgainstSchema /** @@ -44,6 +44,6 @@ class EntityDescriptorSchemaValidatingControllerAdvice extends RequestBodyAdvice @PostConstruct void init() { - this.jsonSchemaLocation = metadataSourcesSchema(this.jsonSchemaResourceLocationRegistry) + this.jsonSchemaLocation = metadataSourcesSAMLSchema(this.jsonSchemaResourceLocationRegistry) } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java index 23fbaaa30..fa8f5db18 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java @@ -17,7 +17,8 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.EXTERNAL_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER; -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_OIDC; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_SAML; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.NAME_ID_FORMAT_FILTER; /** @@ -27,10 +28,15 @@ @ConfigurationProperties("shibui") public class JsonSchemaComponentsConfiguration { + //Configured via @ConfigurationProperties (using setter method) with 'shibui.metadata-sources-oidc-ui-schema-location' property and default + //value set here if that property is not explicitly set in application.properties + @Setter + private String metadataSourcesOidcUiSchemaLocation = "classpath:metadata-sources-ui-schema-oidc.json"; + //Configured via @ConfigurationProperties (using setter method) with 'shibui.metadata-sources-ui-schema-location' property and default //value set here if that property is not explicitly set in application.properties @Setter - private String metadataSourcesUiSchemaLocation = "classpath:metadata-sources-ui-schema.json"; + private String metadataSourcesSamlUiSchemaLocation = "classpath:metadata-sources-ui-schema-saml.json"; //Configured via @ConfigurationProperties (using setter method) with 'shibui.entity-attributes-filters-ui-schema-location' property and // default value set here if that property is not explicitly set in application.properties @@ -70,8 +76,14 @@ public class JsonSchemaComponentsConfiguration { @Bean public JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) { return JsonSchemaResourceLocationRegistry.inMemory() - .register(METADATA_SOURCES, JsonSchemaLocationBuilder.with() - .jsonSchemaLocation(metadataSourcesUiSchemaLocation) + .register(METADATA_SOURCES_OIDC, JsonSchemaLocationBuilder.with() + .jsonSchemaLocation(metadataSourcesOidcUiSchemaLocation) + .resourceLoader(resourceLoader) + .jacksonMapper(jacksonMapper) + .detectMalformedJson(true) + .build()) + .register(METADATA_SOURCES_SAML, JsonSchemaLocationBuilder.with() + .jsonSchemaLocation(metadataSourcesSamlUiSchemaLocation) .resourceLoader(resourceLoader) .jacksonMapper(jacksonMapper) .detectMalformedJson(true) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java index bdb781d9a..a5e5406ef 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java @@ -6,7 +6,8 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.EXTERNAL_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER; -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_OIDC; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_SAML; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.NAME_ID_FORMAT_FILTER; /** @@ -23,9 +24,22 @@ public abstract class JsonSchemaLocationLookup { * @return metadata sources JSON schema resource location object * @throws IllegalStateException if schema is not found in the given registry */ - public static JsonSchemaResourceLocation metadataSourcesSchema(JsonSchemaResourceLocationRegistry resourceLocationRegistry) { + public static JsonSchemaResourceLocation metadataSourcesOIDCSchema(JsonSchemaResourceLocationRegistry resourceLocationRegistry) { return resourceLocationRegistry - .lookup(METADATA_SOURCES) + .lookup(METADATA_SOURCES_OIDC) + .orElseThrow(() -> new IllegalStateException("JSON schema resource location for metadata sources is not registered.")); + } + + /** + * Searches metadata sources JSON schema resource location object in the given location registry. + * + * @param resourceLocationRegistry + * @return metadata sources JSON schema resource location object + * @throws IllegalStateException if schema is not found in the given registry + */ + public static JsonSchemaResourceLocation metadataSourcesSAMLSchema(JsonSchemaResourceLocationRegistry resourceLocationRegistry) { + return resourceLocationRegistry + .lookup(METADATA_SOURCES_SAML) .orElseThrow(() -> new IllegalStateException("JSON schema resource location for metadata sources is not registered.")); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java index 02e3da1d8..58b1e2d66 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java @@ -94,7 +94,8 @@ public static JsonSchemaResourceLocation newSchemaLocation(String jsonSchemaLoca public enum SchemaType { // common types - METADATA_SOURCES("MetadataSources"), + METADATA_SOURCES_SAML("MetadataSourcesSAML"), + METADATA_SOURCES_OIDC("MetadataSourcesOIDC"), // filter types ENTITY_ATTRIBUTES_FILTERS("EntityAttributesFilters"), diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 109e7c30f..ed752b5f5 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -69,7 +69,8 @@ shibui.logout-url=/dashboard #shibui.default-password={noop}somepassword shibui.default-rootuser=root -shibui.metadata-sources-ui-schema-location=classpath:metadata-sources-ui-schema.json +shibui.metadata-sources-saml-ui-schema-location=classpath:metadata-sources-ui-schema-saml.json +shibui.metadata-sources-oidc-ui-schema-location=classpath:metadata-sources-ui-schema-oidc.json shibui.entity-attributes-filters-ui-schema-location=classpath:entity-attributes-filters-ui-schema.json shibui.nameid-filter-ui-schema-location=classpath:nameid-filter.schema.json diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json new file mode 100644 index 000000000..48c6af864 --- /dev/null +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -0,0 +1,529 @@ +{ + "type": "object", + "required": [ + "serviceProviderName", + "entityId" + ], + "properties": { + "serviceProviderName": { + "title": "label.service-provider-name", + "description": "tooltip.service-provider-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "entityId": { + "title": "label.entity-id", + "description": "tooltip.entity-id", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "serviceEnabled": { + "title": "label.enable-this-service", + "description": "tooltip.enable-this-service-upon-saving", + "type": "boolean" + }, + "organization": { + "$ref": "#/definitions/Organization" + }, + "contacts": { + "title": "label.contact-information", + "description": "tooltip.contact-information", + "type": "array", + "items": { + "$ref": "#/definitions/Contact" + } + }, + "mdui": { + "$ref": "#/definitions/MDUI" + }, + "securityInfo": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "dependencies": { + "authenticationRequestsSigned": { + "oneOf": [ + { + "properties": { + "authenticationRequestsSigned": { + "enum": [true] + }, + "x509Certificates": { + "minItems": 1 + } + } + }, + { + "properties": { + "authenticationRequestsSigned": { + "enum": [false] + }, + "x509Certificates": { + "minItems": 0 + } + } + } + ] + } + }, + "properties": { + "x509CertificateAvailable": { + "type": "boolean" + }, + "authenticationRequestsSigned": { + "title": "label.authentication-requests-signed", + "description": "tooltip.authentication-requests-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "wantAssertionsSigned": { + "title": "label.want-assertions-signed", + "description": "tooltip.want-assertions-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "x509Certificates": { + "title": "label.x509-certificates", + "description": "tooltip.x509-certificates", + "type": "array", + "items": { + "$ref": "#/definitions/Certificate" + } + } + } + }, + "assertionConsumerServices": { + "title": "label.assertion-consumer-service-endpoints", + "description": "tooltip.assertion-consumer-service-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/AssertionConsumerService" + } + }, + "serviceProviderSsoDescriptor": { + "type": "object", + "properties": { + "protocolSupportEnum": { + "title": "label.protocol-support-enumeration", + "description": "tooltip.protocol-support-enumeration", + "type": "string", + "widget": { + "id": "select" + }, + "oneOf": [ + { + "enum": [ + "SAML 2" + ], + "description": "SAML 2" + }, + { + "enum": [ + "SAML 1.1" + ], + "description": "SAML 1.1" + } + ] + }, + "nameIdFormats": { + "$ref": "#/definitions/nameIdFormats" + } + } + }, + "logoutEndpoints": { + "title": "label.logout-endpoints", + "description": "tooltip.logout-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/LogoutEndpoint" + } + }, + "relyingPartyOverrides": { + "type": "object", + "properties": {} + }, + "attributeRelease": { + "type": "array", + "title": "label.attribute-release", + "description": "Attribute release table - select the attributes you want to release (default unchecked)", + "items": { + "type": "string" + }, + "uniqueItems": true + } + }, + "definitions": { + "Contact": { + "type": "object", + "required": [ + "name", + "type", + "emailAddress" + ], + "properties": { + "name": { + "title": "label.contact-name", + "description": "tooltip.contact-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "type": { + "title": "label.contact-type", + "description": "tooltip.contact-type", + "type": "string", + "widget": "select", + "minLength": 1, + "oneOf": [ + { + "enum": [ + "support" + ], + "description": "value.support" + }, + { + "enum": [ + "technical" + ], + "description": "value.technical" + }, + { + "enum": [ + "administrative" + ], + "description": "value.administrative" + }, + { + "enum": [ + "other" + ], + "description": "value.other" + } + ] + }, + "emailAddress": { + "title": "label.contact-email-address", + "description": "tooltip.contact-email", + "type": "string", + "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", + "minLength": 1, + "maxLength": 255 + } + } + }, + "Certificate": { + "type": "object", + "required": [ + "type", + "value" + ], + "properties": { + "name": { + "title": "label.certificate-name-display-only", + "description": "tooltip.certificate-name", + "type": "string", + "maxLength": 255 + }, + "type": { + "title": "label.certificate-type", + "type": "string", + "widget": { + "id": "radio", + "class": "form-check-inline" + }, + "oneOf": [ + { + "enum": [ + "signing" + ], + "description": "value.signing" + }, + { + "enum": [ + "encryption" + ], + "description": "value.encryption" + }, + { + "enum": [ + "both" + ], + "description": "value.both" + } + ] + }, + "value": { + "title": "label.certificate", + "description": "tooltip.certificate", + "type": "string", + "widget": "textarea", + "minLength": 1 + } + } + }, + "AssertionConsumerService": { + "type": "object", + "required": [ + "locationUrl", + "binding" + ], + "properties": { + "locationUrl": { + "title": "label.assertion-consumer-service-location", + "description": "tooltip.assertion-consumer-service-location", + "type": "string", + "widget": { + "id": "string", + "help": "message.valid-url" + }, + "minLength": 1, + "maxLength": 255 + }, + "binding": { + "title": "label.assertion-consumer-service-location-binding", + "description": "tooltip.assertion-consumer-service-location-binding", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "OIDC / OAUTH Binding" + } + ] + }, + "makeDefault": { + "title": "label.mark-as-default", + "description": "tooltip.mark-as-default", + "type": "boolean" + } + } + }, + "LogoutEndpoint": { + "description": "tooltip.new-endpoint", + "type": "object", + "fieldsets": [ + { + "fields": [ + "url", + "bindingType" + ] + } + ], + "required": [ + "url", + "bindingType" + ], + "properties": { + "url": { + "title": "label.url", + "description": "tooltip.url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "bindingType": { + "title": "label.binding-type", + "description": "tooltip.binding-type", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + } + ] + } + } + }, + "MDUI": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "fieldsets": [ + { + "type": "group", + "fields": [ + "displayName", + "informationUrl", + "description" + ] + }, + { + "type": "group", + "fields": [ + "privacyStatementUrl", + "logoUrl", + "logoWidth", + "logoHeight" + ] + } + ], + "properties": { + "displayName": { + "title": "label.display-name", + "description": "tooltip.mdui-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "informationUrl": { + "title": "label.information-url", + "description": "tooltip.mdui-information-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "privacyStatementUrl": { + "title": "label.privacy-statement-url", + "description": "tooltip.mdui-privacy-statement-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "description": { + "title": "label.description", + "description": "tooltip.mdui-description", + "type": "string", + "widget": { + "id": "textarea" + }, + "minLength": 1, + "maxLength": 255 + }, + "logoUrl": { + "title": "label.logo-url", + "description": "tooltip.mdui-logo-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "logoHeight": { + "title": "label.logo-height", + "description": "tooltip.mdui-logo-height", + "minimum": 0, + "type": "integer" + }, + "logoWidth": { + "title": "label.logo-width", + "description": "tooltip.mdui-logo-width", + "minimum": 0, + "type": "integer" + } + } + }, + "Organization": { + "type": "object", + "properties": { + "name": { + "title": "label.organization-name", + "description": "tooltip.organization-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "displayName": { + "title": "label.organization-display-name", + "description": "tooltip.organization-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "url": { + "title": "label.organization-url", + "description": "tooltip.organization-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + } + }, + "dependencies": { + "name": { + "required": [ + "displayName", + "url" + ] + }, + "displayName": { + "required": [ + "name", + "url" + ] + }, + "url": { + "required": [ + "name", + "displayName" + ] + } + } + } + } +} \ No newline at end of file diff --git a/backend/src/main/resources/metadata-sources-ui-schema-saml.json b/backend/src/main/resources/metadata-sources-ui-schema-saml.json new file mode 100644 index 000000000..48c6af864 --- /dev/null +++ b/backend/src/main/resources/metadata-sources-ui-schema-saml.json @@ -0,0 +1,529 @@ +{ + "type": "object", + "required": [ + "serviceProviderName", + "entityId" + ], + "properties": { + "serviceProviderName": { + "title": "label.service-provider-name", + "description": "tooltip.service-provider-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "entityId": { + "title": "label.entity-id", + "description": "tooltip.entity-id", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "serviceEnabled": { + "title": "label.enable-this-service", + "description": "tooltip.enable-this-service-upon-saving", + "type": "boolean" + }, + "organization": { + "$ref": "#/definitions/Organization" + }, + "contacts": { + "title": "label.contact-information", + "description": "tooltip.contact-information", + "type": "array", + "items": { + "$ref": "#/definitions/Contact" + } + }, + "mdui": { + "$ref": "#/definitions/MDUI" + }, + "securityInfo": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "dependencies": { + "authenticationRequestsSigned": { + "oneOf": [ + { + "properties": { + "authenticationRequestsSigned": { + "enum": [true] + }, + "x509Certificates": { + "minItems": 1 + } + } + }, + { + "properties": { + "authenticationRequestsSigned": { + "enum": [false] + }, + "x509Certificates": { + "minItems": 0 + } + } + } + ] + } + }, + "properties": { + "x509CertificateAvailable": { + "type": "boolean" + }, + "authenticationRequestsSigned": { + "title": "label.authentication-requests-signed", + "description": "tooltip.authentication-requests-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "wantAssertionsSigned": { + "title": "label.want-assertions-signed", + "description": "tooltip.want-assertions-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "x509Certificates": { + "title": "label.x509-certificates", + "description": "tooltip.x509-certificates", + "type": "array", + "items": { + "$ref": "#/definitions/Certificate" + } + } + } + }, + "assertionConsumerServices": { + "title": "label.assertion-consumer-service-endpoints", + "description": "tooltip.assertion-consumer-service-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/AssertionConsumerService" + } + }, + "serviceProviderSsoDescriptor": { + "type": "object", + "properties": { + "protocolSupportEnum": { + "title": "label.protocol-support-enumeration", + "description": "tooltip.protocol-support-enumeration", + "type": "string", + "widget": { + "id": "select" + }, + "oneOf": [ + { + "enum": [ + "SAML 2" + ], + "description": "SAML 2" + }, + { + "enum": [ + "SAML 1.1" + ], + "description": "SAML 1.1" + } + ] + }, + "nameIdFormats": { + "$ref": "#/definitions/nameIdFormats" + } + } + }, + "logoutEndpoints": { + "title": "label.logout-endpoints", + "description": "tooltip.logout-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/LogoutEndpoint" + } + }, + "relyingPartyOverrides": { + "type": "object", + "properties": {} + }, + "attributeRelease": { + "type": "array", + "title": "label.attribute-release", + "description": "Attribute release table - select the attributes you want to release (default unchecked)", + "items": { + "type": "string" + }, + "uniqueItems": true + } + }, + "definitions": { + "Contact": { + "type": "object", + "required": [ + "name", + "type", + "emailAddress" + ], + "properties": { + "name": { + "title": "label.contact-name", + "description": "tooltip.contact-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "type": { + "title": "label.contact-type", + "description": "tooltip.contact-type", + "type": "string", + "widget": "select", + "minLength": 1, + "oneOf": [ + { + "enum": [ + "support" + ], + "description": "value.support" + }, + { + "enum": [ + "technical" + ], + "description": "value.technical" + }, + { + "enum": [ + "administrative" + ], + "description": "value.administrative" + }, + { + "enum": [ + "other" + ], + "description": "value.other" + } + ] + }, + "emailAddress": { + "title": "label.contact-email-address", + "description": "tooltip.contact-email", + "type": "string", + "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", + "minLength": 1, + "maxLength": 255 + } + } + }, + "Certificate": { + "type": "object", + "required": [ + "type", + "value" + ], + "properties": { + "name": { + "title": "label.certificate-name-display-only", + "description": "tooltip.certificate-name", + "type": "string", + "maxLength": 255 + }, + "type": { + "title": "label.certificate-type", + "type": "string", + "widget": { + "id": "radio", + "class": "form-check-inline" + }, + "oneOf": [ + { + "enum": [ + "signing" + ], + "description": "value.signing" + }, + { + "enum": [ + "encryption" + ], + "description": "value.encryption" + }, + { + "enum": [ + "both" + ], + "description": "value.both" + } + ] + }, + "value": { + "title": "label.certificate", + "description": "tooltip.certificate", + "type": "string", + "widget": "textarea", + "minLength": 1 + } + } + }, + "AssertionConsumerService": { + "type": "object", + "required": [ + "locationUrl", + "binding" + ], + "properties": { + "locationUrl": { + "title": "label.assertion-consumer-service-location", + "description": "tooltip.assertion-consumer-service-location", + "type": "string", + "widget": { + "id": "string", + "help": "message.valid-url" + }, + "minLength": 1, + "maxLength": 255 + }, + "binding": { + "title": "label.assertion-consumer-service-location-binding", + "description": "tooltip.assertion-consumer-service-location-binding", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "OIDC / OAUTH Binding" + } + ] + }, + "makeDefault": { + "title": "label.mark-as-default", + "description": "tooltip.mark-as-default", + "type": "boolean" + } + } + }, + "LogoutEndpoint": { + "description": "tooltip.new-endpoint", + "type": "object", + "fieldsets": [ + { + "fields": [ + "url", + "bindingType" + ] + } + ], + "required": [ + "url", + "bindingType" + ], + "properties": { + "url": { + "title": "label.url", + "description": "tooltip.url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "bindingType": { + "title": "label.binding-type", + "description": "tooltip.binding-type", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + } + ] + } + } + }, + "MDUI": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "fieldsets": [ + { + "type": "group", + "fields": [ + "displayName", + "informationUrl", + "description" + ] + }, + { + "type": "group", + "fields": [ + "privacyStatementUrl", + "logoUrl", + "logoWidth", + "logoHeight" + ] + } + ], + "properties": { + "displayName": { + "title": "label.display-name", + "description": "tooltip.mdui-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "informationUrl": { + "title": "label.information-url", + "description": "tooltip.mdui-information-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "privacyStatementUrl": { + "title": "label.privacy-statement-url", + "description": "tooltip.mdui-privacy-statement-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "description": { + "title": "label.description", + "description": "tooltip.mdui-description", + "type": "string", + "widget": { + "id": "textarea" + }, + "minLength": 1, + "maxLength": 255 + }, + "logoUrl": { + "title": "label.logo-url", + "description": "tooltip.mdui-logo-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "logoHeight": { + "title": "label.logo-height", + "description": "tooltip.mdui-logo-height", + "minimum": 0, + "type": "integer" + }, + "logoWidth": { + "title": "label.logo-width", + "description": "tooltip.mdui-logo-width", + "minimum": 0, + "type": "integer" + } + } + }, + "Organization": { + "type": "object", + "properties": { + "name": { + "title": "label.organization-name", + "description": "tooltip.organization-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "displayName": { + "title": "label.organization-display-name", + "description": "tooltip.organization-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "url": { + "title": "label.organization-url", + "description": "tooltip.organization-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + } + }, + "dependencies": { + "name": { + "required": [ + "displayName", + "url" + ] + }, + "displayName": { + "required": [ + "name", + "url" + ] + }, + "url": { + "required": [ + "name", + "displayName" + ] + } + } + } + } +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy index 14f5d9a16..1bcf387b2 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy @@ -18,7 +18,8 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResour import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.ENTITY_ATTRIBUTES_FILTERS import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_OIDC +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES_SAML import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.NAME_ID_FORMAT_FILTER /** @@ -47,11 +48,16 @@ class BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests extends Speci @Profile('badjson') static class Config { @Bean - JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(ResourceLoader resourceLoader, - ObjectMapper jacksonMapper) { + JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) { JsonSchemaResourceLocationRegistry.inMemory() - .register(METADATA_SOURCES, JsonSchemaLocationBuilder.with() + .register(METADATA_SOURCES_OIDC, JsonSchemaLocationBuilder.with() + .jsonSchemaLocation('classpath:metadata-sources-ui-schema_MALFORMED.json') + .resourceLoader(resourceLoader) + .jacksonMapper(jacksonMapper) + .detectMalformedJson(false) + .build()) + .register(METADATA_SOURCES_SAML, JsonSchemaLocationBuilder.with() .jsonSchemaLocation('classpath:metadata-sources-ui-schema_MALFORMED.json') .resourceLoader(resourceLoader) .jacksonMapper(jacksonMapper) @@ -89,11 +95,11 @@ class BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests extends Speci .detectMalformedJson(false) .build()) .register(ALGORITHM_FILTER, JsonSchemaLocationBuilder.with() - .jsonSchemaLocation('classpath:algorithm-filter.schema.json') - .resourceLoader(resourceLoader) - .jacksonMapper(jacksonMapper) - .detectMalformedJson(false) - .build()) + .jsonSchemaLocation('classpath:algorithm-filter.schema.json') + .resourceLoader(resourceLoader) + .jacksonMapper(jacksonMapper) + .detectMalformedJson(false) + .build()) } } diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy index 25873b638..257df79ee 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy @@ -6,12 +6,9 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor import edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup import edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects -import edu.internet2.tier.shibboleth.admin.ui.security.model.Group - import org.springframework.core.io.DefaultResourceLoader import org.springframework.core.io.ResourceLoader import org.springframework.mock.http.MockHttpInputMessage -import spock.lang.Shared import spock.lang.Specification import java.time.LocalDateTime @@ -48,7 +45,7 @@ class AuxiliaryIntegrationTests extends Specification { it } def json = objectMapper.writeValueAsString(entityDescriptorRepresentation) - def schemaUri = JsonSchemaLocationLookup.metadataSourcesSchema(new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper)).uri + def schemaUri = JsonSchemaLocationLookup.metadataSourcesSAMLSchema(new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper)).uri when: LowLevelJsonSchemaValidator.validatePayloadAgainstSchema(new MockHttpInputMessage(json.bytes), schemaUri) diff --git a/backend/src/test/resources/metadata-sources-ui-schema.json.old b/backend/src/test/resources/metadata-sources-ui-schema.json.old deleted file mode 100644 index 5766e298f..000000000 --- a/backend/src/test/resources/metadata-sources-ui-schema.json.old +++ /dev/null @@ -1,442 +0,0 @@ -{ - "type": "object", - "properties": { - "entityId": { - "title": "label.entity-id", - "description": "tooltip.entity-id", - "type": "string" - }, - "serviceProviderName": { - "title": "label.service-provider-name", - "description": "tooltip.service-provider-name", - "type": "string" - }, - "serviceEnabled": { - "title": "label.enable-this-service-opon-saving", - "description": "tooltip.enable-this-service-upon-saving", - "type": "boolean" - }, - "organization": { - "type": "object", - "properties": { - "name": { - "title": "label.organization-name", - "description": "tooltip.organization-name", - "type": "string" - }, - "displayName": { - "title": "label.organization-display-name", - "description": "tooltip.organization-display-name", - "type": "string" - }, - "url": { - "title": "label.organization-display-name", - "description": "tooltip.organization-display-name", - "type": "string" - } - }, - "dependencies": { - "name": [ - "displayName", - "url" - ], - "displayName": [ - "name", - "url" - ], - "url": [ - "name", - "displayName" - ] - } - }, - "contacts": { - "title": "label.contact-information", - "description": "tooltip.contact-information", - "type": "array", - "items": { - "$ref": "#/definitions/Contact" - } - }, - "mdui": { - "type": "object", - "properties": { - "displayName": { - "title": "label.display-name", - "description": "tooltip.mdui-display-name", - "type": "string" - }, - "informationUrl": { - "title": "label.information-url", - "description": "tooltip.mdui-information-url", - "type": "string" - }, - "privacyStatementUrl": { - "title": "label.privacy-statement-url", - "description": "tooltip.mdui-privacy-statement-url", - "type": "string" - }, - "description": { - "title": "label.description", - "description": "tooltip.mdui-description", - "type": "string" - }, - "logoUrl": { - "title": "label.logo-url", - "description": "tooltip.mdui-logo-url", - "type": "string" - }, - "logoHeight": { - "title": "label.logo-height", - "description": "tooltip.mdui-logo-height", - "min": 0, - "type": "integer" - }, - "logoWidth": { - "title": "label.logo-width", - "description": "tooltip.mdui-logo-width", - "min": 0, - "type": "integer" - } - } - }, - "securityInfo": { - "type": "object", - "properties": { - "x509CertificateAvailable": { - "title": "label.is-there-a-x509-certificate", - "description": "tooltip.is-there-a-x509-certificate", - "type": "boolean", - "default": false - }, - "authenticationRequestsSigned": { - "title": "label.authentication-requests-signed", - "description": "tooltip.authentication-requests-signed", - "type": "boolean", - "default": false - }, - "wantAssertionsSigned": { - "title": "label.want-assertions-signed", - "description": "tooltip.want-assertions-signed", - "type": "boolean", - "default": false - }, - "x509Certificates": { - "title": "label.x509-certificates", - "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } - } - } - }, - "assertionConsumerServices": { - "title": "label.assertion-consumer-service-endpoints", - "description": "", - "type": "array", - "items": { - "$ref": "#/definitions/AssertionConsumerService" - } - }, - "serviceProviderSsoDescriptor": { - "type": "object", - "properties": { - "protocolSupportEnum": { - "title": "label.protocol-support-enumeration", - "description": "tooltip.protocol-support-enumeration", - "type": "string", - "placeholder": "label.select-protocol", - "oneOf": [ - { - "enum": [ - "SAML 2" - ], - "description": "SAML 2" - }, - { - "enum": [ - "SAML 1.1" - ], - "description": "SAML 1.1" - } - ] - } - }, - "nameIdFormats": { - "$ref": "#/definitions/NameIdFormatList" - } - }, - "logoutEndpoints": { - "title": "label.logout-endpoints", - "description": "tooltip.logout-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/LogoutEndpoint" - } - }, - "relyingPartyOverrides": { - "type": "object", - "properties": { - "signAssertion": { - "title": "label.sign-the-assertion", - "description": "tooltip.sign-assertion", - "type": "boolean", - "default": false - }, - "dontSignResponse": { - "title": "label.dont-sign-the-response", - "description": "tooltip.dont-sign-response", - "type": "boolean", - "default": false - }, - "turnOffEncryption": { - "title": "label.turn-off-encryption-of-response", - "description": "tooltip.turn-off-encryption", - "type": "boolean", - "default": false - }, - "useSha": { - "title": "label.use-sha1-signing-algorithm", - "description": "tooltip.usa-sha-algorithm", - "type": "boolean", - "default": false - }, - "ignoreAuthenticationMethod": { - "title": "label.ignore-any-sp-requested-authentication-method", - "description": "tooltip.ignore-auth-method", - "type": "boolean", - "default": false - }, - "forceAuthn": { - "title": "label.force-authn", - "description": "tooltip.force-authn", - "type": "boolean", - "default": false - }, - "omitNotBefore": { - "title": "label.omit-not-before-condition", - "type": "boolean", - "description": "tooltip.omit-not-before-condition", - "default": false - }, - "responderId": { - "title": "label.responder-id", - "description": "tooltip.responder-id", - "type": "string" - }, - "nameIdFormats": { - "$ref": "#/definitions/NameIdFormatList" - }, - "authenticationMethods": { - "$ref": "#/definitions/AuthenticationMethodList" - } - } - }, - "attributeRelease": { - "type": "array", - "description": "Attribute release table - select the attributes you want to release (default unchecked)", - "widget": { - "id": "checklist", - "dataUrl": "/customAttributes" - }, - "items": { - "type": "string" - } - } - }, - "definitions": { - "Contact": { - "type": "object", - "properties": { - "name": { - "title": "label.contact-name", - "description": "tooltip.contact-name", - "type": "string" - }, - "type": { - "title": "label.contact-type", - "description": "tooltip.contact-type", - "type": "string", - "oneOf": [ - { - "enum": [ - "support" - ], - "description": "value.support" - }, - { - "enum": [ - "technical" - ], - "description": "value.technical" - }, - { - "enum": [ - "administrative" - ], - "description": "value.administrative" - }, - { - "enum": [ - "other" - ], - "description": "value.other" - } - ] - }, - "emailAddress": { - "title": "label.contact-email-address", - "description": "tooltip.contact-email", - "type": "string", - "pattern": "^(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$" - } - } - }, - "Certificate": { - "name": { - "title": "label.certificate-name-display-only", - "description": "tooltip.certificate-name", - "type": "string" - }, - "type": { - "title": "label.type", - "description": "tooltip.certificate-type", - "type": "string", - "oneOf": [ - { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], - "description": "value.encryption" - }, - { - "enum": [ - "both" - ], - "description": "value.both" - } - ], - "default": "both" - }, - "value": { - "title": "label.certificate", - "description": "tooltip.certificate", - "type": "string" - } - }, - "AssertionConsumerService": { - "type": "object", - "properties": { - "locationUrl": { - "title": "label.assertion-consumer-services-location", - "description": "tooltip.assertion-consumer-service-location", - "type": "string", - "widget": { - "id": "string", - "help": "message.valid-url" - } - }, - "binding": { - "title": "label.assertion-consumer-service-location-binding", - "description": "tooltip.assertion-consumer-service-location-binding", - "type": "string", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - } - ] - }, - "makeDefault": { - "title": "label.mark-as-default", - "description": "tooltip.mark-as-default", - "type": "boolean" - } - } - }, - "NameIdFormatList": { - "title": "label.nameid-format-to-send", - "placeholder": "label.nameid-format", - "description": "tooltip.nameid-format", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string", - "widget": "datalist", - "data": [ - "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", - "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", - "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", - "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" - ] - }, - "default": null - }, - "AuthenticationMethodList": { - "title": "label.authentication-methods-to-use", - "description": "tooltip.authentication-methods-to-use", - "type": "array", - "placeholder": "label.authentication-method", - "uniqueItems": true, - "items": { - "type": "string", - "title": "label.authentication-method", - "widget": { - "id": "datalist", - "data": [ - "https://refeds.org/profile/mfa", - "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken", - "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" - ] - } - }, - "default": null - }, - "LogoutEndpoint": { - "title": "label.new-endpoint", - "description": "tooltip.new-endpoint", - "type": "object", - "properties": { - "url": { - "title": "label.url", - "description": "tooltip.url", - "type": "string" - }, - "bindingType": { - "title": "label.binding-type", - "description": "tooltip.binding-type", - "type": "string", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - } - ] - - } - } - } - } -} \ No newline at end of file From 31e2f7d218393f34a22043c6f8e3554811ae8e76 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 23 Sep 2022 15:12:22 -0700 Subject: [PATCH 13/77] UI for OIDC --- .../main/resources/i18n/messages.properties | 64 ++ .../resources/metadata-sources-ui-schema.json | 17 +- .../schema/source/metadata-source-oidc.json | 709 ++++++++++++++++++ ...-source.json => metadata-source-saml.json} | 271 +++---- .../component/templates/ArrayFieldTemplate.js | 10 +- ui/src/app/metadata/Metadata.js | 2 +- ui/src/app/metadata/copy/CopySource.js | 2 - ui/src/app/metadata/domain/index.js | 10 +- .../source/definition/OidcSourceDefinition.js | 83 ++ .../source/definition/SamlSourceDefinition.js | 32 + .../source/definition/SourceDefinition.js | 41 +- .../definition/SourceDefinition.test.js | 6 +- ui/src/app/metadata/domain/source/index.js | 12 + ui/src/app/metadata/hoc/MetadataSchema.js | 1 + ui/src/app/metadata/hooks/api.js | 8 + ui/src/app/metadata/new/NewSource.js | 48 +- ui/src/app/metadata/view/MetadataCopy.js | 6 +- ui/src/app/metadata/view/MetadataWizard.js | 6 +- .../wizard/MetadataSourceProtocolSelector.js | 154 ++++ ui/src/app/metadata/wizard/Wizard.js | 5 +- ui/src/testing/sourceSchema.js | 2 +- ui/src/testing/uiSchema.js | 3 - 22 files changed, 1229 insertions(+), 263 deletions(-) create mode 100644 ui/public/assets/schema/source/metadata-source-oidc.json rename ui/public/assets/schema/source/{metadata-source.json => metadata-source-saml.json} (75%) create mode 100644 ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js create mode 100644 ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js create mode 100644 ui/src/app/metadata/domain/source/index.js create mode 100644 ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index dcd97aee4..bf4d6c69c 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -134,6 +134,9 @@ value.DOUBLE=Double value.DURATION=Duration value.SPRING_BEAN_ID=Spring Bean ID +value.oidc=OIDC (OpenID Connect) +value.saml=SAML + brand.header.title=Source Management brand.logo-link-label=Shibboleth brand.logo-link-description=Link to Shibboleth Website @@ -221,6 +224,7 @@ label.select-protocol=Select Protocol label.nameid-format=NameID Format label.nameid-formats=NameID Formats label.name-and-entity-id=Name and Entity ID +label.name-and-entity-id-protocol=Name, Entity ID, Protocol label.organization-information=Organization Information label.contact-information=Contact Information label.given-name=Given Name @@ -289,6 +293,9 @@ label.finish-summary-validation=Finished! label.select-entity-id-to-copy=Select the Entity ID to copy label.metadata-source-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) label.new-entity-id=New Entity ID +label.metadata-source-protocol=Identity Protocol +label.select-source-protocol=Select Protocol + label.sections-to-copy=Sections to Copy? label.add-a-new-metadata-resolver=Add a new metadata source label.how-are-you-adding-the-metadata-information=How are you adding the metadata information? @@ -416,6 +423,7 @@ label.remove-empty-entities-descriptors=Remove Empty Entities Descriptors? label.select-metadata-provider-type=Select Metadata Provider Type label.select-metadata-filter-type=Select Metadata Filter Type +label.select-metadata-source-protocol=Select Metadata Source Protocol label.filter-list=Filter List label.common-attributes=Common Attributes label.reloading-attributes=Reloading Attributes @@ -631,6 +639,7 @@ message.session-timeout=An error has occurred while saving. Your session may hav tooltip.entity-id=An entityID is the SAML identifier that uniquely names a service provider. tooltip.service-provider-name=Service Provider Name (Dashboard Display Only) +tooltip.metadata-source-protocol=Identity Protocol tooltip.force-authn=Disallows use (or reuse) of authentication results and login flows that don\u0027t provide a real-time proof of user presence in the login process tooltip.ignore-request-signatures=Whether to skip validation of signatures on requests when dealing with badly broken or incompetently operated services tooltip.service-provider-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) @@ -794,3 +803,58 @@ value.algorithm-cbc-tripledes=CBC (TRIPLEDES) - http://www.w3.org/2001/04/xmlenc message.algorithms-unique=Each algorithm may only be used once. +label.oauth-rp-extensions=OAuth Relying Party Extensions + +label.post-logout-redirect-uris=Post Logout Redirect URIs +tooltip.post-logout-redirect-uris=Each value is defined in an extension element. +label.default-acr-values=Default ACR Values +tooltip.default-acr-values=Each value is defined in an extension element. +label.request-uris=Request URIs +tooltip.request-uris=Each value is defined in an extension element. +label.audience=Audience +tooltip.audience=Each value is defined in an extension element (the element itself is a standard SAML element imported from the Assertion schema).The audience claim is not drawn from any standard, but an extension supported by Shibboleth to control/validate the “resource” parameter used in various OAuth protocol extensions, particularly in the client_credentials grant flow. + +label.client-uri=Client URI +tooltip.client-uri=OPTIONAL. URL of the home page of the Client. The value of this field MUST point to a valid Web page. +label.responseTypes=Response Types +tooltip.response-types=OPTIONAL. JSON array containing a list of the OAuth 2.0 response_type values that the Client is declaring that it will restrict itself to using. If omitted, the default is that the Client will use only the code Response Type. +label.sector-identifier-uri=Sector Identifier URI +tooltip.sector-identifier-uri=OPTIONAL. URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values. +label.id-token-encrypted-response-alg=ID Token Encrypted Response Algorithm. +tooltip.id-token-encrypted-response-alg=REQUIRED for encrypting the ID Token issued to this Client. If this is requested, the response will be signed then encrypted. +label.application-type=Application Type +tooltip.application-type=OPTIONAL. Kind of the application. The default, if omitted, is web. The defined values are native or web. +label.token-endpoint-auth-signing-alg=Token Endpoint Auth Signing Algorithm +tooltip.token-endpoint-auth-signing-alg=OPTIONAL. JWS [JWS] alg algorithm [JWA] that MUST be used for signing the JWT [JWT] used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods. +label.id-token-encrypted-response-enc=ID Token Encrypted Response Encoding +tooltip.id-token-encrypted-response-enc=OPTIONAL. JWE enc algorithm [JWA] REQUIRED for encrypting the ID Token issued to this Client. +label.require-auth-time=Require Auth Time +tooltip.require-auth-time=OPTIONAL. Boolean value specifying whether the auth_time Claim in the ID Token is REQUIRED. +label.user-info-encrypted-response-enc=User Info Encrypted Response Encoding +tooltip.user-info-encrypted-response-enc=OPTIONAL. JWE enc algorithm [JWA] REQUIRED for encrypting UserInfo Responses. +label.user-info-signed-response-alg=User Info Signed Response Algorithm +tooltip.user-info-signed-response-alg=OPTIONAL. JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. +label.user-info-encrypted-response-alg=User Info Encrypted Response Algorithm +tooltip.user-info-encrypted-response-alg=OPTIONAL. JWE [JWE] alg algorithm [JWA] REQUIRED for encrypting UserInfo Responses. +label.grant-types=Grant Types +tooltip.grant-types=OPTIONAL. JSON array containing a list of the OAuth 2.0 Grant Types that the Client is declaring that it will restrict itself to using. +label.software-id=Software ID +tooltip.software-id=Unique identifier of software. +label.request-object-encryption-enc=Requse Object Encryption Encoding +tooltip.request-object-encryption-enc=OPTIONAL. JWE enc algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. +label.initiate-login-uri=Initiate Login URI +tooltip.initiate-login-uri=OPTIONAL. URI using the https scheme that a third party can use to initiate a login by the RP +label.request-object-encryption-alg=Request Object Encryption Algorithm +tooltip.request-object-encryption-alg=OPTIONAL. JWE [JWE] alg algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. +label.token-endpoint-auth-method=Token Endpoint Auth Method +tooltip.token-endpoint-auth-method=OPTIONAL. Requested Client Authentication method for the Token Endpoint. +label.request-object-signing-alg=Request Object Signing Algorithm +tooltip.request-object-signing-alg=OPTIONAL. JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. +label.scopes=Scopes +tooltip.scopes=Multiple-valued claims that map directly into XML Attributes in a metadata extension element. +label.id-token-signed-response-alg=ID Token Signed Response Algorithm +tooltip.id-token-signed-response-alg=OPTIONAL. JWS alg algorithm [JWA] REQUIRED for signing the ID Token issued to this Client. +label.software-version=Software Version +tooltip.software-version=Version of Software +label.default-max-age=Default Max Age +tooltip.default-max-age=Specifies that the End-User MUST be actively authenticated if the End-User was authenticated longer ago than the specified number of seconds. diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json index fdb7e5d46..3019b511c 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ b/backend/src/main/resources/metadata-sources-ui-schema.json @@ -1,10 +1,24 @@ { "type": "object", "required": [ + "protocol", "serviceProviderName", "entityId" ], "properties": { + "protocol": { + "title": "label.metadata-source-protocol", + "description": "tooltip.metadata-source-protocol", + "type": "string", + "enum": [ + "OIDC", + "SAML" + ], + "enumNames": [ + "value.oidc", + "value.saml" + ] + }, "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", @@ -40,9 +54,6 @@ }, "securityInfo": { "type": "object", - "widget": { - "id": "fieldset" - }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [ diff --git a/ui/public/assets/schema/source/metadata-source-oidc.json b/ui/public/assets/schema/source/metadata-source-oidc.json new file mode 100644 index 000000000..2bfe1f72e --- /dev/null +++ b/ui/public/assets/schema/source/metadata-source-oidc.json @@ -0,0 +1,709 @@ +{ + "type": "object", + "required": ["serviceProviderName", "entityId"], + "properties": { + "protocol": { + "title": "label.source-protocol", + "description": "tooltip.source-protocol", + "type": "string" + }, + "serviceProviderName": { + "title": "label.service-provider-name", + "description": "tooltip.service-provider-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "entityId": { + "title": "label.entity-id", + "description": "tooltip.entity-id", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "serviceEnabled": { + "title": "label.enable-this-service", + "description": "tooltip.enable-this-service-upon-saving", + "type": "boolean" + }, + "organization": { "$ref": "#/definitions/Organization" }, + "contacts": { + "title": "label.contact-information", + "description": "tooltip.contact-information", + "type": "array", + "items": { "$ref": "#/definitions/Contact" } + }, + "mdui": { "$ref": "#/definitions/MDUI" }, + "securityInfo": { + "type": "object", + "dependencies": { + "authenticationRequestsSigned": { + "oneOf": [ + { + "properties": { + "authenticationRequestsSigned": { + "enum": [true] + }, + "x509Certificates": { "minItems": 1 } + } + }, + { + "properties": { + "authenticationRequestsSigned": { + "enum": [false] + }, + "x509Certificates": { "minItems": 0 } + } + } + ] + } + }, + "properties": { + "authenticationRequestsSigned": { + "title": "label.authentication-requests-signed", + "description": "tooltip.authentication-requests-signed", + "type": "boolean", + "enumNames": ["value.true", "value.false"] + }, + "wantAssertionsSigned": { + "title": "label.want-assertions-signed", + "description": "tooltip.want-assertions-signed", + "type": "boolean", + "enumNames": ["value.true", "value.false"] + }, + "keyDescriptors": { + "title": "label.key-descriptors", + "description": "tooltip.key-descriptors", + "type": "array", + "items": { "$ref": "#/definitions/Certificate" } + } + } + }, + "assertionConsumerServices": { + "title": "label.assertion-consumer-service-endpoints", + "description": "tooltip.assertion-consumer-service-endpoints", + "type": "array", + "items": { "$ref": "#/definitions/AssertionConsumerService" } + }, + "serviceProviderSsoDescriptor": { + "type": "object", + "properties": { + "protocolSupportEnum": { + "title": "label.protocol-support-enumeration", + "description": "tooltip.protocol-support-enumeration", + "type": "string", + "widget": { "id": "select" }, + "oneOf": [ + { "enum": ["SAML 2"], "description": "SAML 2" }, + { "enum": ["SAML 1.1"], "description": "SAML 1.1" }, + { + "enum": [ + "http://openid.net/specs/openid-connect-core-1_0.html" + ], + "description": "OIDC" + } + ] + }, + "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" }, + "extensions": { + "type": "object", + "properties": { + "OAuthRPExtensions": { + "title": "label.oauth-rp-extensions", + "type": "object", + "properties": { + "postLogoutRedirectUris": { + "title": "label.post-logout-redirect-uris", + "description": "tooltip.post-logout-redirect-uris", + "type": "array", + "items": { + "type": "string" + } + }, + "defaultAcrValues": { + "title": "label.default-acr-values", + "description": "tooltip.default-acr-values", + "type": "array", + "items": { + "type": "string" + } + }, + "requestUris": { + "title": "label.request-uris", + "description": "tooltip.request-uris", + "type": "array", + "items": { + "type": "string" + } + }, + "audience": { + "title": "label.audience", + "description": "tooltip.audience", + "type": "array", + "items": { + "type": "string" + } + }, + "attributes": { + "type": "object", + "properties": { + "clientUri": { + "title": "label.client-uri", + "description": "tooltip.client-uri", + "type": "string" + }, + "responseTypes": { + "title": "label.responseTypes", + "description": "tooltip.response-types", + "type": "string" + }, + "sectorIdentifierUri": { + "title": "label.sector-identifier-uri", + "description": "tooltip.sector-identifier-uri", + "type": "string" + }, + "idTokenEncryptedResponseAlg": { + "title": "label.id-token-encrypted-response-alg", + "description": "tooltip.id-token-encrypted-response-alg", + "type": "string" + }, + "applicationType": { + "title": "label.application-type", + "description": "tooltip.application-type", + "type": "string" + }, + "tokenEndpointAuthSigningAlg": { + "title": "label.token-endpoint-auth-signing-alg", + "description": "tooltip.token-endpoint-auth-signing-alg", + "type": "string" + }, + "idTokenEncryptedResponseEnc": { + "title": "label.id-token-encrypted-response-enc", + "description": "tooltip.id-token-encrypted-response-enc", + "type": "string" + }, + "requireAuthTime": { + "title": "label.require-auth-time", + "description": "tooltip.require-auth-time", + "type": "boolean" + }, + "userInfoEncryptedResponseEnc": { + "title": "label.user-info-encrypted-response-enc", + "description": "tooltip.user-info-encrypted-response-enc", + "type": "string" + }, + "userInfoSignedResponseAlg": { + "title": "label.user-info-signed-response-alg", + "description": "tooltip.user-info-signed-response-alg", + "type": "string" + }, + "userInfoEncryptedResponseAlg": { + "title": "label.user-info-encrypted-response-alg", + "description": "tooltip.user-info-encrypted-response-alg", + "type": "string" + }, + "grantTypes": { + "title": "label.grant-types", + "description": "tooltip.grant-types", + "type": "string" + }, + "softwareId": { + "title": "label.software-id", + "description": "tooltip.software-id", + "type": "string" + }, + "requestObjectEncryptionEnc": { + "title": "label.request-object-encryption-enc", + "description": "tooltip.request-object-encryption-enc", + "type": "string" + }, + "initiateLoginUri": { + "title": "label.initiate-login-uri", + "description": "tooltip.initiate-login-uri", + "type": "string" + }, + "requestObjectEncryptionAlg": { + "title": "label.request-object-encryption-alg", + "description": "tooltip.request-object-encryption-alg", + "type": "string" + }, + "tokenEndpointAuthMethod": { + "title": "label.token-endpoint-auth-method", + "description": "tooltip.token-endpoint-auth-method", + "type": "string" + }, + "requestObjectSigningAlg": { + "title": "label.request-object-signing-alg", + "description": "tooltip.request-object-signing-alg", + "type": "string" + }, + "scopes": { + "title": "label.scopes", + "description": "tooltip.scopes", + "type": "string" + }, + "idTokenSignedResponseAlg": { + "title": "label.id-token-signed-response-alg", + "description": "tooltip.id-token-signed-response-alg", + "type": "string" + }, + "softwareVersion": { + "title": "label.software-version", + "description": "tooltip.software-version", + "type": "string" + }, + "defaultMaxAge": { + "title": "label.default-max-age", + "description": "tooltip.default-max-age", + "type": "number" + } + } + } + } + } + } + } + } + }, + "logoutEndpoints": { + "title": "label.logout-endpoints", + "description": "tooltip.logout-endpoints", + "type": "array", + "items": { "$ref": "#/definitions/LogoutEndpoint" } + }, + "relyingPartyOverrides": { + "type": "object", + "properties": { + "signAssertion": { + "title": "label.sign-the-assertion", + "description": "tooltip.sign-assertion", + "type": "boolean", + "default": false + }, + "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" }, + "responderId": { + "title": "label.responder-id", + "description": "tooltip.responder-id", + "type": "string" + }, + "authenticationMethods": { + "$ref": "#/definitions/authenticationMethods" + }, + "ignoreRequestSignatures": { + "title": "label.ignore-request-signatures", + "description": "tooltip.ignore-request-signatures", + "type": "boolean", + "default": false + }, + "turnOffEncryption": { + "title": "label.turn-off-encryption-of-response", + "description": "tooltip.turn-off-encryption", + "type": "boolean", + "default": false + }, + "forceAuthn": { + "title": "label.force-authn", + "description": "tooltip.force-authn", + "type": "boolean", + "default": false + }, + "dontSignResponse": { + "title": "label.dont-sign-the-response", + "description": "tooltip.dont-sign-response", + "type": "boolean", + "default": false + }, + "ignoreAuthenticationMethod": { + "title": "label.ignore-any-sp-requested-authentication-method", + "description": "tooltip.ignore-auth-method", + "type": "boolean", + "default": false + }, + "useSha": { + "title": "label.use-sha1-signing-algorithm", + "description": "tooltip.usa-sha-algorithm", + "type": "boolean", + "default": false + }, + "omitNotBefore": { + "title": "label.omit-not-before-condition", + "description": "tooltip.omit-not-before-condition", + "type": "boolean", + "default": false + } + } + }, + "attributeRelease": { + "type": "array", + "title": "label.attribute-release", + "description": "Attribute release table - select the attributes you want to release (default unchecked)", + "items": { + "type": "string", + "enum": [ + "eduPersonPrincipalName", + "uid", + "mail", + "surname", + "givenName", + "eduPersonAffiliation", + "eduPersonScopedAffiliation", + "eduPersonPrimaryAffiliation", + "eduPersonEntitlement", + "eduPersonAssurance", + "eduPersonUniqueId", + "employeeNumber" + ], + "enumNames": [ + "label.attribute-eduPersonPrincipalName", + "label.attribute-uid", + "label.attribute-mail", + "label.attribute-surname", + "label.attribute-givenName", + "label.attribute-eduPersonAffiliation", + "label.attribute-eduPersonScopedAffiliation", + "label.attribute-eduPersonPrimaryAffiliation", + "label.attribute-eduPersonEntitlement", + "label.attribute-eduPersonAssurance", + "label.attribute-eduPersonUniqueId", + "label.attribute-employeeNumber" + ] + }, + "uniqueItems": true + } + }, + "definitions": { + "Contact": { + "type": "object", + "required": ["name", "type", "emailAddress"], + "properties": { + "name": { + "title": "label.contact-name", + "description": "tooltip.contact-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "type": { + "title": "label.contact-type", + "description": "tooltip.contact-type", + "type": "string", + "widget": "select", + "minLength": 1, + "oneOf": [ + { "enum": ["support"], "description": "value.support" }, + { + "enum": ["technical"], + "description": "value.technical" + }, + { + "enum": ["administrative"], + "description": "value.administrative" + }, + { "enum": ["other"], "description": "value.other" } + ] + }, + "emailAddress": { + "title": "label.contact-email-address", + "description": "tooltip.contact-email", + "type": "string", + "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", + "minLength": 1, + "maxLength": 255 + } + } + }, + "Certificate": { + "type": "object", + "required": ["type", "value", "elementType"], + "properties": { + "name": { + "title": "label.certificate-name-display-only", + "description": "tooltip.certificate-name", + "type": "string", + "maxLength": 255 + }, + "elementType": { + "title": "label.element-type", + "description": "tooltip.element-type", + "type": "string", + "enum": [ + "X509Data", + "jwksUri", + "jwksData", + "clientSecret", + "clientSecretRef" + ] + }, + "type": { + "title": "label.certificate-type", + "type": "string", + "widget": { "id": "radio", "class": "form-check-inline" }, + "oneOf": [ + { "enum": ["signing"], "description": "value.signing" }, + { + "enum": ["encryption"], + "description": "value.encryption" + }, + { "enum": ["both"], "description": "value.both" } + ] + }, + "value": { + "title": "label.certificate-value", + "description": "tooltip.certificate-value", + "type": "string", + "widget": "textarea", + "minLength": 1 + } + } + }, + "AssertionConsumerService": { + "type": "object", + "required": ["locationUrl", "binding"], + "properties": { + "locationUrl": { + "title": "label.assertion-consumer-service-location", + "description": "tooltip.assertion-consumer-service-location", + "type": "string", + "widget": { "id": "string", "help": "message.valid-url" }, + "minLength": 1, + "maxLength": 255 + }, + "binding": { + "title": "label.assertion-consumer-service-location-binding", + "description": "tooltip.assertion-consumer-service-location-binding", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "https://tools.ietf.org/html/rfc6749#section-3.1.2" + } + ] + }, + "makeDefault": { + "title": "label.mark-as-default", + "description": "tooltip.mark-as-default", + "type": "boolean" + } + } + }, + "LogoutEndpoint": { + "description": "tooltip.new-endpoint", + "type": "object", + "fieldsets": [{ "fields": ["url", "bindingType"] }], + "required": ["url", "bindingType"], + "properties": { + "url": { + "title": "label.url", + "description": "tooltip.url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "bindingType": { + "title": "label.binding-type", + "description": "tooltip.binding-type", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + } + ] + } + } + }, + "MDUI": { + "type": "object", + "widget": { "id": "fieldset" }, + "fieldsets": [ + { + "type": "group", + "fields": ["displayName", "informationUrl", "description"] + }, + { + "type": "group", + "fields": [ + "privacyStatementUrl", + "logoUrl", + "logoWidth", + "logoHeight" + ] + } + ], + "properties": { + "displayName": { + "title": "label.display-name", + "description": "tooltip.mdui-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "informationUrl": { + "title": "label.information-url", + "description": "tooltip.mdui-information-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "privacyStatementUrl": { + "title": "label.privacy-statement-url", + "description": "tooltip.mdui-privacy-statement-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "description": { + "title": "label.description", + "description": "tooltip.mdui-description", + "type": "string", + "widget": { "id": "textarea" }, + "minLength": 1, + "maxLength": 255 + }, + "logoUrl": { + "title": "label.logo-url", + "description": "tooltip.mdui-logo-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "logoHeight": { + "title": "label.logo-height", + "description": "tooltip.mdui-logo-height", + "minimum": 0, + "type": "integer" + }, + "logoWidth": { + "title": "label.logo-width", + "description": "tooltip.mdui-logo-width", + "minimum": 0, + "type": "integer" + } + } + }, + "Organization": { + "type": "object", + "properties": { + "name": { + "title": "label.organization-name", + "description": "tooltip.organization-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "displayName": { + "title": "label.organization-display-name", + "description": "tooltip.organization-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "url": { + "title": "label.organization-url", + "description": "tooltip.organization-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + } + }, + "dependencies": { + "name": { "required": ["displayName", "url"] }, + "displayName": { "required": ["name", "url"] }, + "url": { "required": ["name", "displayName"] } + } + }, + "nameIdFormats": { + "title": "label.nameid-format-to-send", + "description": "tooltip.nameid-format", + "type": "array", + "uniqueItems": true, + "items": { + "type": "string", + "minLength": 1, + "maxLength": 255, + "examples": [ + "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", + "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", + "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", + "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" + ] + } + }, + "authenticationMethods": { + "title": "label.authentication-methods-to-use", + "description": "tooltip.authentication-methods-to-use", + "type": "array", + "uniqueItems": true, + "items": { + "type": "string", + "minLength": 1, + "maxLength": 255, + "examples": [ + "https://refeds.org/profile/mfa", + "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken", + "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" + ] + } + } + } +} diff --git a/ui/public/assets/schema/source/metadata-source.json b/ui/public/assets/schema/source/metadata-source-saml.json similarity index 75% rename from ui/public/assets/schema/source/metadata-source.json rename to ui/public/assets/schema/source/metadata-source-saml.json index 7348000d7..44bc9b963 100644 --- a/ui/public/assets/schema/source/metadata-source.json +++ b/ui/public/assets/schema/source/metadata-source-saml.json @@ -1,10 +1,12 @@ { "type": "object", - "required": [ - "serviceProviderName", - "entityId" - ], + "required": ["serviceProviderName", "entityId"], "properties": { + "protocol": { + "title": "label.source-protocol", + "description": "tooltip.source-protocol", + "type": "string" + }, "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", @@ -24,93 +26,79 @@ "description": "tooltip.enable-this-service-upon-saving", "type": "boolean" }, - "organization": { - "$ref": "#/definitions/Organization" - }, + "organization": { "$ref": "#/definitions/Organization" }, "contacts": { "title": "label.contact-information", "description": "tooltip.contact-information", "type": "array", - "items": { - "$ref": "#/definitions/Contact" - } + "items": { "$ref": "#/definitions/Contact" } }, - "mdui": { - "$ref": "#/definitions/MDUI" + "mdui": { "$ref": "#/definitions/MDUI" }, + "dependencies": { + "securityInfo": { + "oneOf": [ + { + "properties": { + "@type": { + "enum": [ + "OIDC" + ] + } + } + } + ] + } }, "securityInfo": { "type": "object", - "widget": { - "id": "fieldset" - }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [ { "properties": { "authenticationRequestsSigned": { - "enum": [ - true - ] + "enum": [true] }, - "x509Certificates": { - "minItems": 1 - } + "keyDescriptors": { "minItems": 1 } } }, { "properties": { "authenticationRequestsSigned": { - "enum": [ - false - ] + "enum": [false] }, - "x509Certificates": { - "minItems": 0 - } + "keyDescriptors": { "minItems": 0 } } } ] } }, "properties": { - "x509CertificateAvailable": { - "type": "boolean" - }, "authenticationRequestsSigned": { "title": "label.authentication-requests-signed", "description": "tooltip.authentication-requests-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, "wantAssertionsSigned": { "title": "label.want-assertions-signed", "description": "tooltip.want-assertions-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, - "x509Certificates": { - "title": "label.x509-certificates", + "keyDescriptors": { + "title": "label.key-descriptors", + "description": "tooltip.key-descriptors", "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } + "items": { "$ref": "#/definitions/Certificate" } } } }, "assertionConsumerServices": { "title": "label.assertion-consumer-service-endpoints", - "description": "", + "description": "tooltip.assertion-consumer-service-endpoints", "type": "array", - "items": { - "$ref": "#/definitions/AssertionConsumerService" - } + "items": { "$ref": "#/definitions/AssertionConsumerService" } }, "serviceProviderSsoDescriptor": { "type": "object", @@ -119,36 +107,20 @@ "title": "label.protocol-support-enumeration", "description": "tooltip.protocol-support-enumeration", "type": "string", - "widget": { - "id": "select" - }, + "widget": { "id": "select" }, "oneOf": [ - { - "enum": [ - "SAML 2" - ], - "description": "SAML 2" - }, - { - "enum": [ - "SAML 1.1" - ], - "description": "SAML 1.1" - } + { "enum": ["SAML 2"], "description": "SAML 2" }, + { "enum": ["SAML 1.1"], "description": "SAML 1.1" } ] }, - "nameIdFormats": { - "$ref": "#/definitions/nameIdFormats" - } + "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" } } }, "logoutEndpoints": { "title": "label.logout-endpoints", "description": "tooltip.logout-endpoints", "type": "array", - "items": { - "$ref": "#/definitions/LogoutEndpoint" - } + "items": { "$ref": "#/definitions/LogoutEndpoint" } }, "relyingPartyOverrides": { "type": "object", @@ -159,9 +131,7 @@ "type": "boolean", "default": false }, - "nameIdFormats": { - "$ref": "#/definitions/nameIdFormats" - }, + "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" }, "responderId": { "title": "label.responder-id", "description": "tooltip.responder-id", @@ -170,6 +140,12 @@ "authenticationMethods": { "$ref": "#/definitions/authenticationMethods" }, + "ignoreRequestSignatures": { + "title": "label.ignore-request-signatures", + "description": "tooltip.ignore-request-signatures", + "type": "boolean", + "default": false + }, "turnOffEncryption": { "title": "label.turn-off-encryption-of-response", "description": "tooltip.turn-off-encryption", @@ -194,12 +170,6 @@ "type": "boolean", "default": false }, - "ignoreRequestSignatures": { - "title": "label.ignore-request-signatures", - "description": "tooltip.ignore-request-signatures", - "type": "boolean", - "default": false - }, "useSha": { "title": "label.use-sha1-signing-algorithm", "description": "tooltip.usa-sha-algorithm", @@ -221,18 +191,6 @@ "items": { "type": "string", "enum": [ - [ - "givenName", - "eduPersonAffiliation", - "eduPersonScopedAffiliation", - "employeeNumber" - ], - [ - "uid", - "surname", - "eduPersonAffiliation", - "employeeNumber" - ], "eduPersonPrincipalName", "uid", "mail", @@ -247,8 +205,18 @@ "employeeNumber" ], "enumNames": [ - "Bundle 1", - "Bundle 2" + "label.attribute-eduPersonPrincipalName", + "label.attribute-uid", + "label.attribute-mail", + "label.attribute-surname", + "label.attribute-givenName", + "label.attribute-eduPersonAffiliation", + "label.attribute-eduPersonScopedAffiliation", + "label.attribute-eduPersonPrimaryAffiliation", + "label.attribute-eduPersonEntitlement", + "label.attribute-eduPersonAssurance", + "label.attribute-eduPersonUniqueId", + "label.attribute-employeeNumber" ] }, "uniqueItems": true @@ -257,11 +225,7 @@ "definitions": { "Contact": { "type": "object", - "required": [ - "name", - "type", - "emailAddress" - ], + "required": ["name", "type", "emailAddress"], "properties": { "name": { "title": "label.contact-name", @@ -277,30 +241,16 @@ "widget": "select", "minLength": 1, "oneOf": [ + { "enum": ["support"], "description": "value.support" }, { - "enum": [ - "support" - ], - "description": "value.support" - }, - { - "enum": [ - "technical" - ], + "enum": ["technical"], "description": "value.technical" }, { - "enum": [ - "administrative" - ], + "enum": ["administrative"], "description": "value.administrative" }, - { - "enum": [ - "other" - ], - "description": "value.other" - } + { "enum": ["other"], "description": "value.other" } ] }, "emailAddress": { @@ -315,10 +265,7 @@ }, "Certificate": { "type": "object", - "required": [ - "type", - "value" - ], + "required": ["type", "value"], "properties": { "name": { "title": "label.certificate-name-display-only", @@ -326,32 +273,23 @@ "type": "string", "maxLength": 255 }, + "elementType": { + "title": "label.element-type", + "description": "tooltip.element-type", + "type": "string", + "default": "X509Data" + }, "type": { "title": "label.certificate-type", "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, + "widget": { "id": "radio", "class": "form-check-inline" }, "oneOf": [ + { "enum": ["signing"], "description": "value.signing" }, { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], + "enum": ["encryption"], "description": "value.encryption" }, - { - "enum": [ - "both" - ], - "description": "value.both" - } + { "enum": ["both"], "description": "value.both" } ] }, "value": { @@ -365,19 +303,13 @@ }, "AssertionConsumerService": { "type": "object", - "required": [ - "locationUrl", - "binding" - ], + "required": ["locationUrl", "binding"], "properties": { "locationUrl": { "title": "label.assertion-consumer-service-location", "description": "tooltip.assertion-consumer-service-location", "type": "string", - "widget": { - "id": "string", - "help": "message.valid-url" - }, + "widget": { "id": "string", "help": "message.valid-url" }, "minLength": 1, "maxLength": 255 }, @@ -435,18 +367,8 @@ "LogoutEndpoint": { "description": "tooltip.new-endpoint", "type": "object", - "fieldsets": [ - { - "fields": [ - "url", - "bindingType" - ] - } - ], - "required": [ - "url", - "bindingType" - ], + "fieldsets": [{ "fields": ["url", "bindingType"] }], + "required": ["url", "bindingType"], "properties": { "url": { "title": "label.url", @@ -491,17 +413,11 @@ }, "MDUI": { "type": "object", - "widget": { - "id": "fieldset" - }, + "widget": { "id": "fieldset" }, "fieldsets": [ { "type": "group", - "fields": [ - "displayName", - "informationUrl", - "description" - ] + "fields": ["displayName", "informationUrl", "description"] }, { "type": "group", @@ -539,9 +455,7 @@ "title": "label.description", "description": "tooltip.mdui-description", "type": "string", - "widget": { - "id": "textarea" - }, + "widget": { "id": "textarea" }, "minLength": 1, "maxLength": 255 }, @@ -592,24 +506,9 @@ } }, "dependencies": { - "name": { - "required": [ - "displayName", - "url" - ] - }, - "displayName": { - "required": [ - "name", - "url" - ] - }, - "url": { - "required": [ - "name", - "displayName" - ] - } + "name": { "required": ["displayName", "url"] }, + "displayName": { "required": ["name", "url"] }, + "url": { "required": ["name", "displayName"] } } }, "nameIdFormats": { diff --git a/ui/src/app/form/component/templates/ArrayFieldTemplate.js b/ui/src/app/form/component/templates/ArrayFieldTemplate.js index 598986589..947dcebfc 100644 --- a/ui/src/app/form/component/templates/ArrayFieldTemplate.js +++ b/ui/src/app/form/component/templates/ArrayFieldTemplate.js @@ -65,7 +65,7 @@ const CustomToggle = ({children, eventKey, type, callback}) => { const isCurrentEventKey = activeEventKey === eventKey; return ( - @@ -74,7 +74,7 @@ const CustomToggle = ({children, eventKey, type, callback}) => { const ObjectArrayItem = ({type, ...props}) => { - const btnStyle = { + const btnStyle = { flex: 1, paddingLeft: 6, paddingRight: 6, @@ -82,10 +82,10 @@ const ObjectArrayItem = ({type, ...props}) => { }; return (
- +
- + {props.hasToolbar && ( @@ -135,7 +135,7 @@ const ObjectArrayItem = ({type, ...props}) => {
)}
- +
{props.children}
diff --git a/ui/src/app/metadata/Metadata.js b/ui/src/app/metadata/Metadata.js index 89b8a4bc5..604156d8d 100644 --- a/ui/src/app/metadata/Metadata.js +++ b/ui/src/app/metadata/Metadata.js @@ -21,7 +21,7 @@ export function Metadata () { {(entity, reload) => - + diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index d7d0be54a..60e866d7e 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -11,8 +11,6 @@ import kebabCase from 'lodash/kebabCase'; import { useMetadataSources } from '../hooks/api'; import { useMetadataSourceSections } from '../domain/source/definition/SourceDefinition'; - - export function CopySource({ copy, onNext }) { const { data = [] } = useMetadataSources({ cachePolicy: 'no-cache' }, []); diff --git a/ui/src/app/metadata/domain/index.js b/ui/src/app/metadata/domain/index.js index 17c57d4c6..89b7b1584 100644 --- a/ui/src/app/metadata/domain/index.js +++ b/ui/src/app/metadata/domain/index.js @@ -4,14 +4,14 @@ import { MetadataProviderEditorTypes, MetadataProviderWizardTypes } from './prov import { DynamicHttpMetadataProviderEditor } from './provider/definition/DynamicHttpMetadataProviderDefinition'; import { FileBackedHttpMetadataProviderEditor } from './provider/definition/FileBackedHttpMetadataProviderDefinition'; import { LocalDynamicMetadataProviderEditor } from './provider/definition/LocalDynamicMetadataProviderDefinition'; -import { SourceEditor, SourceWizard } from "./source/definition/SourceDefinition"; +import { MetadataSourceEditorTypes, MetadataSourceWizardTypes } from "./source"; export const editors = { - source: SourceEditor + ...MetadataSourceEditorTypes }; export const wizards = { - source: SourceWizard + ...MetadataSourceWizardTypes }; export const ProviderEditorTypes = [ @@ -37,10 +37,10 @@ export const FilterableProviders = [ export const getWizard = (type) => ProviderWizardTypes.find(def => def.type === type) || FilterEditorTypes.find(def => def.type === type) || - SourceWizard; + wizards[type]; export const getDefinition = (type) => typeof type === 'string' ? ProviderEditorTypes.find(def => def.type === type) || FilterEditorTypes.find(def => def.type === type) || - SourceEditor : type; \ No newline at end of file + editors[type] : type; \ No newline at end of file diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js new file mode 100644 index 000000000..64cb35f90 --- /dev/null +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -0,0 +1,83 @@ +import defaultsDeep from 'lodash/defaultsDeep'; +import API_BASE_PATH from '../../../../App.constant'; +import { SourceBase, SourceEditor, SourceWizard } from './SourceDefinition'; + +export const OidcSourceBase = defaultsDeep({ + label: 'OIDC Metadata Source', + type: '@MetadataProvider', + schema: `assets/schema/source/metadata-source-oidc.json`, + uiSchema: defaultsDeep({ + serviceProviderSsoDescriptor: { + ...SourceBase.uiSchema.serviceProviderSsoDescriptor, + layout: { + groups: [ + { + classNames: 'bg-light border rounded px-4 pt-4 mb-4', + size: 6, + fields: [ + 'protocolSupportEnum', + 'nameIdFormats' + ], + }, + { + size: 12, + fields: [ + 'extensions' + ], + } + ] + }, + extensions: { + OAuthRPExtensions: { + layout: { + groups: [ + { + fields: [ + 'postLogoutRedirectUris', + 'defaultAcrValues', + 'requestUris', + 'audience' + ], + }, + { + fields: [ + 'attributes' + ], + } + ] + }, + postLogoutRedirectUris: { + "ui:options": { + orderable: false + }, + }, + defaultAcrValues: { + "ui:options": { + orderable: false + }, + }, + requestUris: { + "ui:options": { + orderable: false + }, + }, + audience: { + "ui:options": { + orderable: false + }, + } + } + } + } + }, SourceBase.uiSchema) +}, SourceBase); + +export const OidcSourceEditor = defaultsDeep({ + ...SourceEditor, +}, OidcSourceBase); + +export const OidcSourceWizard = defaultsDeep({ + ...SourceWizard, +}, OidcSourceBase); + + diff --git a/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js new file mode 100644 index 000000000..7279dd2b8 --- /dev/null +++ b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js @@ -0,0 +1,32 @@ +import defaultsDeep from 'lodash/defaultsDeep'; +import API_BASE_PATH from '../../../../App.constant'; +import { SourceBase, SourceEditor, SourceWizard } from './SourceDefinition'; + +export const SamlSourceBase = defaultsDeep({ + label: 'SAML Metadata Source', + type: '@MetadataProvider', + schema: `assets/schema/source/metadata-source-saml.json`, + uiSchema: defaultsDeep({ + securityInfo: { + keyDescriptors: { + items: { + elementType: { + 'ui:readonly': true + } + } + } + } + }, SourceBase.uiSchema) +}, SourceBase); + +console.log(SamlSourceBase); + +export const SamlSourceEditor = defaultsDeep({ + ...SourceEditor, +}, SamlSourceBase); + +export const SamlSourceWizard = defaultsDeep({ + ...SourceWizard, +}, SamlSourceBase); + + diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js index 41d409907..2069473ad 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js @@ -9,11 +9,6 @@ import isNil from 'lodash/isNil'; import { useMetadataSchemaContext } from '../../../hoc/MetadataSchema'; export const SourceBase = { - label: 'Metadata Source', - type: '@MetadataProvider', - steps: [], - schema: `${API_BASE_PATH}/ui/MetadataSources`, - // schema: `/assets/schema/source/metadata-source.json`, parser: (data) => removeNull(data, true), @@ -91,14 +86,6 @@ export const SourceBase = { } } - if (formData?.securityInfo?.x509Certificates) { - if (formData.securityInfo.x509Certificates?.length > 0) { - d.securityInfo.x509CertificateAvailable = true; - } else { - d.securityInfo.x509CertificateAvailable = false; - } - } - return d; }, @@ -109,6 +96,7 @@ export const SourceBase = { { size: 6, fields: [ + 'protocol', 'serviceProviderName', 'entityId', 'organization' @@ -127,7 +115,7 @@ export const SourceBase = { ], }, { - size: 6, + size: 12, fields: [ 'serviceProviderSsoDescriptor' ], @@ -230,14 +218,11 @@ export const SourceBase = { fields: [ 'authenticationRequestsSigned', 'wantAssertionsSigned', - 'x509Certificates' + 'keyDescriptors' ], } ] }, - x509CertificateAvailable: { - 'ui:widget': 'hidden' - }, authenticationRequestsSigned: { 'ui:widget': 'radio', 'ui:options': { @@ -250,11 +235,12 @@ export const SourceBase = { inline: true } }, - x509Certificates: { + keyDescriptors: { type: 'certificate', "ui:options": { orderable: false }, + 'ui:order': ['name', 'elementType', 'type', 'value'], items: { type: { 'ui:widget': 'radio', @@ -306,13 +292,18 @@ export const SourceBase = { export const SourceEditor = { ...SourceBase, - uiSchema: defaultsDeep({}, SourceBase.uiSchema), + uiSchema: defaultsDeep({ + protocol: { + 'ui:readonly': true + } + }, SourceBase.uiSchema), steps: [ { index: 1, - id: 'common', + id: 'org-info', label: 'label.sp-org-info', fields: [ + 'protocol', 'serviceProviderName', 'entityId', 'organization', @@ -387,13 +378,6 @@ export const SourceWizard = { { size: 6, classNames: 'bg-light border rounded px-4 pt-4 pb-3', - fields: [ - 'serviceProviderName', - 'entityId' - ] - }, - { - size: 6, fields: [ 'organization', ], @@ -459,6 +443,7 @@ export const SourceWizard = { id: 'common', label: 'label.name-and-entity-id', fields: [ + 'protocol', 'serviceProviderName', 'entityId' ] diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js index 18dbc589c..92801c052 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js @@ -92,8 +92,7 @@ describe('SourceDefinition', () => { securityInfo: { x509Certificates: [ {} - ], - x509CertificateAvailable: true + ] } }); @@ -106,8 +105,7 @@ describe('SourceDefinition', () => { } )).toMatchObject({ securityInfo: { - x509Certificates: [], - x509CertificateAvailable: false + x509Certificates: [] } }); diff --git a/ui/src/app/metadata/domain/source/index.js b/ui/src/app/metadata/domain/source/index.js new file mode 100644 index 000000000..6a25b7cf8 --- /dev/null +++ b/ui/src/app/metadata/domain/source/index.js @@ -0,0 +1,12 @@ +import { OidcSourceWizard, OidcSourceEditor } from './definition/OidcSourceDefinition'; +import { SamlSourceEditor, SamlSourceWizard } from './definition/SamlSourceDefinition'; + +export const MetadataSourceWizardTypes = { + OIDC: OidcSourceWizard, + SAML: SamlSourceWizard, +}; + +export const MetadataSourceEditorTypes = { + OIDC: OidcSourceEditor, + SAML: SamlSourceEditor, +}; diff --git a/ui/src/app/metadata/hoc/MetadataSchema.js b/ui/src/app/metadata/hoc/MetadataSchema.js index ea14361d9..61010936e 100644 --- a/ui/src/app/metadata/hoc/MetadataSchema.js +++ b/ui/src/app/metadata/hoc/MetadataSchema.js @@ -10,6 +10,7 @@ export const MetadataSchemaLoading = React.createContext(); export function MetadataSchema({ type, children, wizard = false }) { const definition = React.useMemo(() => wizard ? getWizard(type) : getDefinition(type), [type, wizard]); + const [loading, setLoading] = React.useState(false); const { get, response } = useFetch(``, { diff --git a/ui/src/app/metadata/hooks/api.js b/ui/src/app/metadata/hooks/api.js index a67f9ef5a..24f96b1e6 100644 --- a/ui/src/app/metadata/hooks/api.js +++ b/ui/src/app/metadata/hooks/api.js @@ -93,6 +93,14 @@ export function useMetadataProviderTypes(opts = {}, onMount = null) { return useFetch(`${API_BASE_PATH}/ui/MetadataResolver/types`, opts, onMount); } +export function useMetadataSourceProtocols(opts = {}, onMount = null) { + return [ + { label: 'value.oidc', value: 'OIDC' }, + { label: 'value.saml', value: 'SAML' }, + // { label: 'value.cas', value: 'CAS' } + ]; +} + export function useMetadataFilterTypes () { return MetadataFilterTypes; } diff --git a/ui/src/app/metadata/new/NewSource.js b/ui/src/app/metadata/new/NewSource.js index 90a8e61e5..3908165e5 100644 --- a/ui/src/app/metadata/new/NewSource.js +++ b/ui/src/app/metadata/new/NewSource.js @@ -7,6 +7,8 @@ import { MetadataCopy } from '../view/MetadataCopy'; import { MetadataUpload } from '../view/MetadataUpload'; import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; import { faCopy, faLink, faPlusSquare } from '@fortawesome/free-solid-svg-icons'; +import { MetadataSourceProtocolSelector } from '../wizard/MetadataSourceProtocolSelector'; +import { useMetadataSourceProtocols } from '../hooks/api'; export function NewSource() { @@ -14,6 +16,8 @@ export function NewSource() { const [showNav, setShowNav] = React.useState(true); + const protocols = useMetadataSourceProtocols(); + return (
@@ -75,22 +79,36 @@ export function NewSource() {
} - - - - { setShowNav(s) }} /> - } /> - - - } /> - + + + + {(data, onRestart) => + + { setShowNav(s) }} + onCallback={onRestart} + data={{ + protocol: data.protocol, + serviceProviderName: data.serviceProviderName, + entityId: data.entityId + }} /> + + } + + + } /> + + + } /> + + { setShowNav(s) } } /> - } /> - - - } /> - - + + } /> + + + } /> + diff --git a/ui/src/app/metadata/view/MetadataCopy.js b/ui/src/app/metadata/view/MetadataCopy.js index d489e724e..5a529387d 100644 --- a/ui/src/app/metadata/view/MetadataCopy.js +++ b/ui/src/app/metadata/view/MetadataCopy.js @@ -1,6 +1,4 @@ import React from 'react'; -import { MetadataSchema } from '../hoc/MetadataSchema'; - import { CopySource } from '../copy/CopySource'; import { SaveCopy } from '../copy/SaveCopy'; import { useMetadataEntity } from '../hooks/api'; @@ -52,9 +50,7 @@ export function MetadataCopy ({ onShowNav }) { } {confirm && copy && - - - + } ); diff --git a/ui/src/app/metadata/view/MetadataWizard.js b/ui/src/app/metadata/view/MetadataWizard.js index a95ca777c..36de25c12 100644 --- a/ui/src/app/metadata/view/MetadataWizard.js +++ b/ui/src/app/metadata/view/MetadataWizard.js @@ -9,7 +9,7 @@ import { createNotificationAction, NotificationTypes, useNotificationDispatcher import { Prompt, useHistory } from 'react-router-dom'; import { useTranslator } from '../../i18n/hooks'; -export function MetadataWizard ({type, data, onCallback}) { +export function MetadataWizard ({type, data, onCallback, onContinue}) { const history = useHistory(); const translator = useTranslator(); @@ -55,9 +55,9 @@ export function MetadataWizard ({type, data, onCallback}) { `message.unsaved-editor` } /> - + {type === 'source' ? - + : } diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js new file mode 100644 index 000000000..c84b4b410 --- /dev/null +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -0,0 +1,154 @@ +import React from 'react'; +import { faArrowCircleRight, faAsterisk, faSpinner } from '@fortawesome/free-solid-svg-icons'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; + +import { useForm } from 'react-hook-form'; +import Form from 'react-bootstrap/Form'; +import Translate from '../../i18n/components/translate'; +import { InfoIcon } from '../../form/component/InfoIcon'; +import { useTranslator } from '../../i18n/hooks'; +import { useMetadataSources } from '../hooks/api'; +import Button from 'react-bootstrap/esm/Button'; + +export function MetadataSourceProtocolSelector({ types = [], loading, children}) { + + const [sourceNames, setSourceNames] = React.useState([]); + const [sourceIds, setSourceIds] = React.useState([]); + + const translator = useTranslator(); + + const { data = [] } = useMetadataSources({ cachePolicy: 'no-cache' }, []); + + const [showSelector, setShowSelector] = React.useState(true); + + const { register, formState, handleSubmit, getValues } = useForm({ + mode: 'onChange', + reValidateMode: 'onChange', + defaultValues: { + serviceProviderName: null, + protocol: null, + entityID: null, + }, + resolver: undefined, + context: undefined, + criteriaMode: 'firstError', + shouldFocusError: true, + shouldUnregister: false, + }); + + const { isValid, errors } = formState; + + const onNext = (data) => { + setShowSelector(false); + }; + + const onShowSelector = () => { + setShowSelector(true); + }; + + React.useEffect(() => { + setSourceNames(data.map(s => s.serviceProviderName)); + setSourceIds(data.map(s => s.entityId)); + }, [data]); + + React.useState(() => console.log(sourceNames), [sourceNames]); + + return ( + <>{showSelector ? + <> + +
+
+
+
+
+ + + + + + {loading && } + + + + + + {types.map(t => )} + + + + + + + + + + + !(sourceNames.indexOf(v) > -1) + }})} /> + + {errors?.serviceProviderName?.type === 'unique' && } + {errors?.serviceProviderName?.type === 'required' && } + + + + + + + + + + + !(sourceIds.indexOf(v) > -1) + }})} /> + + {errors?.entityId?.type === 'unique' && } + {errors?.entityId?.type === 'required' && } + + +
+
+
+
+ + : + children(getValues(), onShowSelector) + } + + ); +} \ No newline at end of file diff --git a/ui/src/app/metadata/wizard/Wizard.js b/ui/src/app/metadata/wizard/Wizard.js index cc52249fe..49360160d 100644 --- a/ui/src/app/metadata/wizard/Wizard.js +++ b/ui/src/app/metadata/wizard/Wizard.js @@ -35,10 +35,11 @@ function reducer(state, action) { } } -function Wizard ({children}) { +function Wizard ({children, starting = 'common'}) { const [state, dispatch] = React.useReducer(reducer, { - ...initialState + ...initialState, + current: starting }); const contextValue = React.useMemo(() => ({ state, dispatch }), [state, dispatch]); diff --git a/ui/src/testing/sourceSchema.js b/ui/src/testing/sourceSchema.js index c723fd548..4b06db14a 100644 --- a/ui/src/testing/sourceSchema.js +++ b/ui/src/testing/sourceSchema.js @@ -1,3 +1,3 @@ -const SCHEMA = { "type": "object", "required": ["serviceProviderName", "entityId"], "properties": { "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", "type": "string", "minLength": 1, "maxLength": 255 }, "entityId": { "title": "label.entity-id", "description": "tooltip.entity-id", "type": "string", "minLength": 1, "maxLength": 255 }, "organization": { "$ref": "#/definitions/Organization" }, "contacts": { "title": "label.contact-information", "description": "tooltip.contact-information", "type": "array", "items": { "$ref": "#/definitions/Contact" } }, "mdui": { "$ref": "#/definitions/MDUI" }, "securityInfo": { "type": "object", "widget": { "id": "fieldset" }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [{ "properties": { "authenticationRequestsSigned": { "enum": [true] }, "x509Certificates": { "minItems": 1 } } }, { "properties": { "authenticationRequestsSigned": { "enum": [false] }, "x509Certificates": { "minItems": 0 } } }] } }, "properties": { "x509CertificateAvailable": { "type": "boolean", "default": true }, "authenticationRequestsSigned": { "title": "label.authentication-requests-signed", "description": "tooltip.authentication-requests-signed", "type": "boolean", "enumNames": ["value.true", "value.false"] }, "wantAssertionsSigned": { "title": "label.want-assertions-signed", "description": "tooltip.want-assertions-signed", "type": "boolean", "enumNames": ["value.true", "value.false"] }, "x509Certificates": { "title": "label.x509-certificates", "type": "array", "items": { "$ref": "#/definitions/Certificate" } } } }, "assertionConsumerServices": { "title": "label.assertion-consumer-service-endpoints", "description": "", "type": "array", "items": { "$ref": "#/definitions/AssertionConsumerService" } }, "serviceProviderSsoDescriptor": { "type": "object", "properties": { "protocolSupportEnum": { "title": "label.protocol-support-enumeration", "description": "tooltip.protocol-support-enumeration", "type": "string", "widget": { "id": "select" }, "oneOf": [{ "enum": ["SAML 2"], "description": "SAML 2" }, { "enum": ["SAML 1.1"], "description": "SAML 1.1" }] }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" } }, "dependencies": { "nameIdFormats": ["protocolSupportEnum"] } }, "logoutEndpoints": { "title": "label.logout-endpoints", "description": "tooltip.logout-endpoints", "type": "array", "items": { "$ref": "#/definitions/LogoutEndpoint" } }, "relyingPartyOverrides": { "type": "object", "properties": { "signAssertion": { "title": "label.sign-the-assertion", "description": "tooltip.sign-assertion", "type": "boolean", "default": false }, "dontSignResponse": { "title": "label.dont-sign-the-response", "description": "tooltip.dont-sign-response", "type": "boolean", "default": false }, "turnOffEncryption": { "title": "label.turn-off-encryption-of-response", "description": "tooltip.turn-off-encryption", "type": "boolean", "default": false }, "useSha": { "title": "label.use-sha1-signing-algorithm", "description": "tooltip.usa-sha-algorithm", "type": "boolean", "default": false }, "ignoreAuthenticationMethod": { "title": "label.ignore-any-sp-requested-authentication-method", "description": "tooltip.ignore-auth-method", "type": "boolean", "default": false }, "omitNotBefore": { "title": "label.omit-not-before-condition", "description": "tooltip.omit-not-before-condition", "type": "boolean", "default": false }, "responderId": { "title": "label.responder-id", "description": "tooltip.responder-id", "type": "string", "default": "" }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" }, "authenticationMethods": { "$ref": "#/definitions/authenticationMethods" }, "forceAuthn": { "title": "label.force-authn", "description": "tooltip.force-authn", "type": "boolean", "default": false } } }, "attributeRelease": { "type": "array", "title": "label.attribute-release", "description": "Attribute release table - select the attributes you want to release (default unchecked)", "items": { "type": "string", "enum": ["eduPersonPrincipalName", "uid", "mail", "surname", "givenName", "eduPersonAffiliation", "eduPersonScopedAffiliation", "eduPersonPrimaryAffiliation", "eduPersonEntitlement", "eduPersonAssurance", "eduPersonUniqueId", "employeeNumber"] }, "uniqueItems": true } }, "definitions": { "Contact": { "type": "object", "required": ["name", "type", "emailAddress"], "properties": { "name": { "title": "label.contact-name", "description": "tooltip.contact-name", "type": "string", "minLength": 1, "maxLength": 255 }, "type": { "title": "label.contact-type", "description": "tooltip.contact-type", "type": "string", "widget": "select", "minLength": 1, "oneOf": [{ "enum": ["support"], "description": "value.support" }, { "enum": ["technical"], "description": "value.technical" }, { "enum": ["administrative"], "description": "value.administrative" }, { "enum": ["other"], "description": "value.other" }] }, "emailAddress": { "title": "label.contact-email-address", "description": "tooltip.contact-email", "type": "string", "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", "minLength": 1, "maxLength": 255 } } }, "Certificate": { "type": "object", "required": ["type", "value"], "properties": { "name": { "title": "label.certificate-name-display-only", "description": "tooltip.certificate-name", "type": "string", "maxLength": 255 }, "type": { "title": "label.certificate-type", "type": "string", "widget": { "id": "radio", "class": "form-check-inline" }, "oneOf": [{ "enum": ["signing"], "description": "value.signing" }, { "enum": ["encryption"], "description": "value.encryption" }, { "enum": ["both"], "description": "value.both" }] }, "value": { "title": "label.certificate", "description": "tooltip.certificate", "type": "string", "widget": "textarea", "minLength": 1 } } }, "AssertionConsumerService": { "type": "object", "required": ["locationUrl", "binding"], "properties": { "locationUrl": { "title": "label.assertion-consumer-service-location", "description": "tooltip.assertion-consumer-service-location", "type": "string", "widget": { "id": "string", "help": "message.valid-url" }, "minLength": 1, "maxLength": 255 }, "binding": { "title": "label.assertion-consumer-service-location-binding", "description": "tooltip.assertion-consumer-service-location-binding", "type": "string", "widget": "select", "oneOf": [{ "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:PAOS"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" }, { "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:browser-post"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" }, { "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" }] }, "makeDefault": { "title": "label.mark-as-default", "description": "tooltip.mark-as-default", "type": "boolean" } } }, "LogoutEndpoint": { "description": "tooltip.new-endpoint", "type": "object", "fieldsets": [{ "fields": ["url", "bindingType"] }], "required": ["url", "bindingType"], "properties": { "url": { "title": "label.url", "description": "tooltip.url", "type": "string", "minLength": 1, "maxLength": 255 }, "bindingType": { "title": "label.binding-type", "description": "tooltip.binding-type", "type": "string", "widget": "select", "oneOf": [{ "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:SOAP"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" }] } } }, "MDUI": { "type": "object", "widget": { "id": "fieldset" }, "fieldsets": [{ "type": "group", "fields": ["displayName", "informationUrl", "description"] }, { "type": "group", "fields": ["privacyStatementUrl", "logoUrl", "logoWidth", "logoHeight"] }], "properties": { "displayName": { "title": "label.display-name", "description": "tooltip.mdui-display-name", "type": "string", "minLength": 1, "maxLength": 255 }, "informationUrl": { "title": "label.information-url", "description": "tooltip.mdui-information-url", "type": "string", "minLength": 1, "maxLength": 255 }, "privacyStatementUrl": { "title": "label.privacy-statement-url", "description": "tooltip.mdui-privacy-statement-url", "type": "string", "minLength": 1, "maxLength": 255 }, "description": { "title": "label.description", "description": "tooltip.mdui-description", "type": "string", "widget": { "id": "textarea" }, "minLength": 1, "maxLength": 255 }, "logoUrl": { "title": "label.logo-url", "description": "tooltip.mdui-logo-url", "type": "string", "minLength": 1, "maxLength": 255 }, "logoHeight": { "title": "label.logo-height", "description": "tooltip.mdui-logo-height", "minimum": 0, "type": "integer" }, "logoWidth": { "title": "label.logo-width", "description": "tooltip.mdui-logo-width", "minimum": 0, "type": "integer" } } }, "Organization": { "type": "object", "properties": { "name": { "title": "label.organization-name", "description": "tooltip.organization-name", "type": "string", "minLength": 1, "maxLength": 255 }, "displayName": { "title": "label.organization-display-name", "description": "tooltip.organization-display-name", "type": "string", "minLength": 1, "maxLength": 255 }, "url": { "title": "label.organization-url", "description": "tooltip.organization-url", "type": "string", "minLength": 1, "maxLength": 255 } }, "dependencies": { "name": { "required": ["displayName", "url"] }, "displayName": { "required": ["name", "url"] }, "url": { "required": ["name", "displayName"] } } }, "nameIdFormats": { "title": "label.nameid-format-to-send", "description": "tooltip.nameid-format", "type": "array", "uniqueItems": true, "items": { "type": "string", "minLength": 1, "maxLength": 255, "examples": ["urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"] } }, "authenticationMethods": { "title": "label.authentication-methods-to-use", "description": "tooltip.authentication-methods-to-use", "type": "array", "uniqueItems": true, "items": { "type": "string", "minLength": 1, "maxLength": 255, "examples": ["https://refeds.org/profile/mfa", "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"] } } } }; +const SCHEMA = { "type": "object", "required": ["serviceProviderName", "entityId"], "properties": { "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", "type": "string", "minLength": 1, "maxLength": 255 }, "entityId": { "title": "label.entity-id", "description": "tooltip.entity-id", "type": "string", "minLength": 1, "maxLength": 255 }, "organization": { "$ref": "#/definitions/Organization" }, "contacts": { "title": "label.contact-information", "description": "tooltip.contact-information", "type": "array", "items": { "$ref": "#/definitions/Contact" } }, "mdui": { "$ref": "#/definitions/MDUI" }, "securityInfo": { "type": "object", "widget": { "id": "fieldset" }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [{ "properties": { "authenticationRequestsSigned": { "enum": [true] }, "x509Certificates": { "minItems": 1 } } }, { "properties": { "authenticationRequestsSigned": { "enum": [false] }, "x509Certificates": { "minItems": 0 } } }] } }, "properties": { "authenticationRequestsSigned": { "title": "label.authentication-requests-signed", "description": "tooltip.authentication-requests-signed", "type": "boolean", "enumNames": ["value.true", "value.false"] }, "wantAssertionsSigned": { "title": "label.want-assertions-signed", "description": "tooltip.want-assertions-signed", "type": "boolean", "enumNames": ["value.true", "value.false"] }, "x509Certificates": { "title": "label.x509-certificates", "type": "array", "items": { "$ref": "#/definitions/Certificate" } } } }, "assertionConsumerServices": { "title": "label.assertion-consumer-service-endpoints", "description": "", "type": "array", "items": { "$ref": "#/definitions/AssertionConsumerService" } }, "serviceProviderSsoDescriptor": { "type": "object", "properties": { "protocolSupportEnum": { "title": "label.protocol-support-enumeration", "description": "tooltip.protocol-support-enumeration", "type": "string", "widget": { "id": "select" }, "oneOf": [{ "enum": ["SAML 2"], "description": "SAML 2" }, { "enum": ["SAML 1.1"], "description": "SAML 1.1" }] }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" } }, "dependencies": { "nameIdFormats": ["protocolSupportEnum"] } }, "logoutEndpoints": { "title": "label.logout-endpoints", "description": "tooltip.logout-endpoints", "type": "array", "items": { "$ref": "#/definitions/LogoutEndpoint" } }, "relyingPartyOverrides": { "type": "object", "properties": { "signAssertion": { "title": "label.sign-the-assertion", "description": "tooltip.sign-assertion", "type": "boolean", "default": false }, "dontSignResponse": { "title": "label.dont-sign-the-response", "description": "tooltip.dont-sign-response", "type": "boolean", "default": false }, "turnOffEncryption": { "title": "label.turn-off-encryption-of-response", "description": "tooltip.turn-off-encryption", "type": "boolean", "default": false }, "useSha": { "title": "label.use-sha1-signing-algorithm", "description": "tooltip.usa-sha-algorithm", "type": "boolean", "default": false }, "ignoreAuthenticationMethod": { "title": "label.ignore-any-sp-requested-authentication-method", "description": "tooltip.ignore-auth-method", "type": "boolean", "default": false }, "omitNotBefore": { "title": "label.omit-not-before-condition", "description": "tooltip.omit-not-before-condition", "type": "boolean", "default": false }, "responderId": { "title": "label.responder-id", "description": "tooltip.responder-id", "type": "string", "default": "" }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" }, "authenticationMethods": { "$ref": "#/definitions/authenticationMethods" }, "forceAuthn": { "title": "label.force-authn", "description": "tooltip.force-authn", "type": "boolean", "default": false } } }, "attributeRelease": { "type": "array", "title": "label.attribute-release", "description": "Attribute release table - select the attributes you want to release (default unchecked)", "items": { "type": "string", "enum": ["eduPersonPrincipalName", "uid", "mail", "surname", "givenName", "eduPersonAffiliation", "eduPersonScopedAffiliation", "eduPersonPrimaryAffiliation", "eduPersonEntitlement", "eduPersonAssurance", "eduPersonUniqueId", "employeeNumber"] }, "uniqueItems": true } }, "definitions": { "Contact": { "type": "object", "required": ["name", "type", "emailAddress"], "properties": { "name": { "title": "label.contact-name", "description": "tooltip.contact-name", "type": "string", "minLength": 1, "maxLength": 255 }, "type": { "title": "label.contact-type", "description": "tooltip.contact-type", "type": "string", "widget": "select", "minLength": 1, "oneOf": [{ "enum": ["support"], "description": "value.support" }, { "enum": ["technical"], "description": "value.technical" }, { "enum": ["administrative"], "description": "value.administrative" }, { "enum": ["other"], "description": "value.other" }] }, "emailAddress": { "title": "label.contact-email-address", "description": "tooltip.contact-email", "type": "string", "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", "minLength": 1, "maxLength": 255 } } }, "Certificate": { "type": "object", "required": ["type", "value"], "properties": { "name": { "title": "label.certificate-name-display-only", "description": "tooltip.certificate-name", "type": "string", "maxLength": 255 }, "type": { "title": "label.certificate-type", "type": "string", "widget": { "id": "radio", "class": "form-check-inline" }, "oneOf": [{ "enum": ["signing"], "description": "value.signing" }, { "enum": ["encryption"], "description": "value.encryption" }, { "enum": ["both"], "description": "value.both" }] }, "value": { "title": "label.certificate", "description": "tooltip.certificate", "type": "string", "widget": "textarea", "minLength": 1 } } }, "AssertionConsumerService": { "type": "object", "required": ["locationUrl", "binding"], "properties": { "locationUrl": { "title": "label.assertion-consumer-service-location", "description": "tooltip.assertion-consumer-service-location", "type": "string", "widget": { "id": "string", "help": "message.valid-url" }, "minLength": 1, "maxLength": 255 }, "binding": { "title": "label.assertion-consumer-service-location-binding", "description": "tooltip.assertion-consumer-service-location-binding", "type": "string", "widget": "select", "oneOf": [{ "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:PAOS"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" }, { "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:browser-post"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" }, { "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" }] }, "makeDefault": { "title": "label.mark-as-default", "description": "tooltip.mark-as-default", "type": "boolean" } } }, "LogoutEndpoint": { "description": "tooltip.new-endpoint", "type": "object", "fieldsets": [{ "fields": ["url", "bindingType"] }], "required": ["url", "bindingType"], "properties": { "url": { "title": "label.url", "description": "tooltip.url", "type": "string", "minLength": 1, "maxLength": 255 }, "bindingType": { "title": "label.binding-type", "description": "tooltip.binding-type", "type": "string", "widget": "select", "oneOf": [{ "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:SOAP"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" }, { "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" }] } } }, "MDUI": { "type": "object", "widget": { "id": "fieldset" }, "fieldsets": [{ "type": "group", "fields": ["displayName", "informationUrl", "description"] }, { "type": "group", "fields": ["privacyStatementUrl", "logoUrl", "logoWidth", "logoHeight"] }], "properties": { "displayName": { "title": "label.display-name", "description": "tooltip.mdui-display-name", "type": "string", "minLength": 1, "maxLength": 255 }, "informationUrl": { "title": "label.information-url", "description": "tooltip.mdui-information-url", "type": "string", "minLength": 1, "maxLength": 255 }, "privacyStatementUrl": { "title": "label.privacy-statement-url", "description": "tooltip.mdui-privacy-statement-url", "type": "string", "minLength": 1, "maxLength": 255 }, "description": { "title": "label.description", "description": "tooltip.mdui-description", "type": "string", "widget": { "id": "textarea" }, "minLength": 1, "maxLength": 255 }, "logoUrl": { "title": "label.logo-url", "description": "tooltip.mdui-logo-url", "type": "string", "minLength": 1, "maxLength": 255 }, "logoHeight": { "title": "label.logo-height", "description": "tooltip.mdui-logo-height", "minimum": 0, "type": "integer" }, "logoWidth": { "title": "label.logo-width", "description": "tooltip.mdui-logo-width", "minimum": 0, "type": "integer" } } }, "Organization": { "type": "object", "properties": { "name": { "title": "label.organization-name", "description": "tooltip.organization-name", "type": "string", "minLength": 1, "maxLength": 255 }, "displayName": { "title": "label.organization-display-name", "description": "tooltip.organization-display-name", "type": "string", "minLength": 1, "maxLength": 255 }, "url": { "title": "label.organization-url", "description": "tooltip.organization-url", "type": "string", "minLength": 1, "maxLength": 255 } }, "dependencies": { "name": { "required": ["displayName", "url"] }, "displayName": { "required": ["name", "url"] }, "url": { "required": ["name", "displayName"] } } }, "nameIdFormats": { "title": "label.nameid-format-to-send", "description": "tooltip.nameid-format", "type": "array", "uniqueItems": true, "items": { "type": "string", "minLength": 1, "maxLength": 255, "examples": ["urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"] } }, "authenticationMethods": { "title": "label.authentication-methods-to-use", "description": "tooltip.authentication-methods-to-use", "type": "array", "uniqueItems": true, "items": { "type": "string", "minLength": 1, "maxLength": 255, "examples": ["https://refeds.org/profile/mfa", "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"] } } } }; export default SCHEMA; \ No newline at end of file diff --git a/ui/src/testing/uiSchema.js b/ui/src/testing/uiSchema.js index 8da257247..a58082e38 100644 --- a/ui/src/testing/uiSchema.js +++ b/ui/src/testing/uiSchema.js @@ -140,9 +140,6 @@ const schema = { } ] }, - "x509CertificateAvailable": { - "ui:widget": "hidden" - }, "authenticationRequestsSigned": { "ui:widget": "radio", "ui:options": { From 88dd8a617052539d7d235d905bc692e9831f6249 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 27 Sep 2022 10:18:26 -0700 Subject: [PATCH 14/77] SHIBUI-2380 Added missing protocol to metadata-sources-ui-schema.json --- backend/src/main/resources/metadata-sources-ui-schema.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json index 3019b511c..877f2cada 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ b/backend/src/main/resources/metadata-sources-ui-schema.json @@ -142,6 +142,12 @@ "SAML 1.1" ], "description": "SAML 1.1" + }, + { + "enum": [ + "http://openid.net/specs/openid-connect-core-1_0.html" + ], + "description": "OIDC" } ] }, From 2ce3c74c8293b64b5dbaf9a422659e01c14eebd5 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 27 Sep 2022 10:21:45 -0700 Subject: [PATCH 15/77] SHIBUI-2380 Added missing protocol to metadata-sources-ui-schema.jsons --- .../src/main/resources/metadata-sources-ui-schema-oidc.json | 6 ++++++ .../src/main/resources/metadata-sources-ui-schema-saml.json | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index 48c6af864..8fc4d7058 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -131,6 +131,12 @@ "SAML 1.1" ], "description": "SAML 1.1" + }, + { + "enum": [ + "http://openid.net/specs/openid-connect-core-1_0.html" + ], + "description": "OIDC" } ] }, diff --git a/backend/src/main/resources/metadata-sources-ui-schema-saml.json b/backend/src/main/resources/metadata-sources-ui-schema-saml.json index 48c6af864..8fc4d7058 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-saml.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-saml.json @@ -131,6 +131,12 @@ "SAML 1.1" ], "description": "SAML 1.1" + }, + { + "enum": [ + "http://openid.net/specs/openid-connect-core-1_0.html" + ], + "description": "OIDC" } ] }, From 98767d8a43633fc09c6ff18b14ee028e27b3c3fc Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 27 Sep 2022 11:18:18 -0700 Subject: [PATCH 16/77] Updated schema and messages --- .../main/resources/i18n/messages.properties | 4 + .../metadata-sources-ui-schema-oidc.json | 332 +++++++++++------- .../metadata-sources-ui-schema-saml.json | 115 +++--- .../schema/source/metadata-source-oidc.json | 4 +- .../source/definition/OidcSourceDefinition.js | 76 +++- .../source/definition/SamlSourceDefinition.js | 2 +- .../source/definition/SourceDefinition.js | 1 - 7 files changed, 329 insertions(+), 205 deletions(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index bf4d6c69c..bac168379 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -803,6 +803,10 @@ value.algorithm-cbc-tripledes=CBC (TRIPLEDES) - http://www.w3.org/2001/04/xmlenc message.algorithms-unique=Each algorithm may only be used once. +label.source-protocol=Authentication Protocol +label.key-descriptors=Key Descriptors +label.certificate-value=Value +label.element-type=Element Type label.oauth-rp-extensions=OAuth Relying Party Extensions label.post-logout-redirect-uris=Post Logout Redirect URIs diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index 8fc4d7058..de0fb8009 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -77,27 +77,19 @@ "title": "label.authentication-requests-signed", "description": "tooltip.authentication-requests-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, "wantAssertionsSigned": { "title": "label.want-assertions-signed", "description": "tooltip.want-assertions-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, - "x509Certificates": { - "title": "label.x509-certificates", - "description": "tooltip.x509-certificates", + "keyDescriptors": { + "title": "label.key-descriptors", + "description": "tooltip.key-descriptors", "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } + "items": { "$ref": "#/definitions/Certificate" } } } }, @@ -121,27 +113,179 @@ }, "oneOf": [ { - "enum": [ - "SAML 2" - ], + "enum": ["SAML 2"], "description": "SAML 2" }, { - "enum": [ - "SAML 1.1" - ], + "enum": ["SAML 1.1"], "description": "SAML 1.1" }, { - "enum": [ - "http://openid.net/specs/openid-connect-core-1_0.html" - ], + "enum": ["http://openid.net/specs/openid-connect-core-1_0.html"], "description": "OIDC" } ] }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" + }, + "extensions": { + "type": "object", + "properties": { + "OAuthRPExtensions": { + "title": "label.oauth-rp-extensions", + "type": "object", + "properties": { + "postLogoutRedirectUris": { + "title": "label.post-logout-redirect-uris", + "description": "tooltip.post-logout-redirect-uris", + "type": "array", + "items": { + "type": "string" + } + }, + "defaultAcrValues": { + "title": "label.default-acr-values", + "description": "tooltip.default-acr-values", + "type": "array", + "items": { + "type": "string" + } + }, + "requestUris": { + "title": "label.request-uris", + "description": "tooltip.request-uris", + "type": "array", + "items": { + "type": "string" + } + }, + "audience": { + "title": "label.audience", + "description": "tooltip.audience", + "type": "array", + "items": { + "type": "string" + } + }, + "attributes": { + "type": "object", + "properties": { + "clientUri": { + "title": "label.client-uri", + "description": "tooltip.client-uri", + "type": "string" + }, + "responseTypes": { + "title": "label.responseTypes", + "description": "tooltip.response-types", + "type": "string" + }, + "sectorIdentifierUri": { + "title": "label.sector-identifier-uri", + "description": "tooltip.sector-identifier-uri", + "type": "string" + }, + "idTokenEncryptedResponseAlg": { + "title": "label.id-token-encrypted-response-alg", + "description": "tooltip.id-token-encrypted-response-alg", + "type": "string" + }, + "applicationType": { + "title": "label.application-type", + "description": "tooltip.application-type", + "type": "string" + }, + "tokenEndpointAuthSigningAlg": { + "title": "label.token-endpoint-auth-signing-alg", + "description": "tooltip.token-endpoint-auth-signing-alg", + "type": "string" + }, + "idTokenEncryptedResponseEnc": { + "title": "label.id-token-encrypted-response-enc", + "description": "tooltip.id-token-encrypted-response-enc", + "type": "string" + }, + "requireAuthTime": { + "title": "label.require-auth-time", + "description": "tooltip.require-auth-time", + "type": "boolean" + }, + "userInfoEncryptedResponseEnc": { + "title": "label.user-info-encrypted-response-enc", + "description": "tooltip.user-info-encrypted-response-enc", + "type": "string" + }, + "userInfoSignedResponseAlg": { + "title": "label.user-info-signed-response-alg", + "description": "tooltip.user-info-signed-response-alg", + "type": "string" + }, + "userInfoEncryptedResponseAlg": { + "title": "label.user-info-encrypted-response-alg", + "description": "tooltip.user-info-encrypted-response-alg", + "type": "string" + }, + "grantTypes": { + "title": "label.grant-types", + "description": "tooltip.grant-types", + "type": "string" + }, + "softwareId": { + "title": "label.software-id", + "description": "tooltip.software-id", + "type": "string" + }, + "requestObjectEncryptionEnc": { + "title": "label.request-object-encryption-enc", + "description": "tooltip.request-object-encryption-enc", + "type": "string" + }, + "initiateLoginUri": { + "title": "label.initiate-login-uri", + "description": "tooltip.initiate-login-uri", + "type": "string" + }, + "requestObjectEncryptionAlg": { + "title": "label.request-object-encryption-alg", + "description": "tooltip.request-object-encryption-alg", + "type": "string" + }, + "tokenEndpointAuthMethod": { + "title": "label.token-endpoint-auth-method", + "description": "tooltip.token-endpoint-auth-method", + "type": "string" + }, + "requestObjectSigningAlg": { + "title": "label.request-object-signing-alg", + "description": "tooltip.request-object-signing-alg", + "type": "string" + }, + "scopes": { + "title": "label.scopes", + "description": "tooltip.scopes", + "type": "string" + }, + "idTokenSignedResponseAlg": { + "title": "label.id-token-signed-response-alg", + "description": "tooltip.id-token-signed-response-alg", + "type": "string" + }, + "softwareVersion": { + "title": "label.software-version", + "description": "tooltip.software-version", + "type": "string" + }, + "defaultMaxAge": { + "title": "label.default-max-age", + "description": "tooltip.default-max-age", + "type": "number" + } + } + } + } + } + } } } }, @@ -170,11 +314,7 @@ "definitions": { "Contact": { "type": "object", - "required": [ - "name", - "type", - "emailAddress" - ], + "required": ["name", "type", "emailAddress"], "properties": { "name": { "title": "label.contact-name", @@ -191,27 +331,19 @@ "minLength": 1, "oneOf": [ { - "enum": [ - "support" - ], + "enum": ["support"], "description": "value.support" }, { - "enum": [ - "technical" - ], + "enum": ["technical"], "description": "value.technical" }, { - "enum": [ - "administrative" - ], + "enum": ["administrative"], "description": "value.administrative" }, { - "enum": [ - "other" - ], + "enum": ["other"], "description": "value.other" } ] @@ -228,10 +360,7 @@ }, "Certificate": { "type": "object", - "required": [ - "type", - "value" - ], + "required": ["type", "value", "elementType"], "properties": { "name": { "title": "label.certificate-name-display-only", @@ -239,37 +368,34 @@ "type": "string", "maxLength": 255 }, + "elementType": { + "title": "label.element-type", + "description": "tooltip.element-type", + "type": "string", + "enum": [ + "X509Data", + "jwksUri", + "jwksData", + "clientSecret", + "clientSecretRef" + ] + }, "type": { "title": "label.certificate-type", "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, + "widget": { "id": "radio", "class": "form-check-inline" }, "oneOf": [ + { "enum": ["signing"], "description": "value.signing" }, { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], + "enum": ["encryption"], "description": "value.encryption" }, - { - "enum": [ - "both" - ], - "description": "value.both" - } + { "enum": ["both"], "description": "value.both" } ] }, "value": { - "title": "label.certificate", - "description": "tooltip.certificate", + "title": "label.certificate-value", + "description": "tooltip.certificate-value", "type": "string", "widget": "textarea", "minLength": 1 @@ -278,10 +404,7 @@ }, "AssertionConsumerService": { "type": "object", - "required": [ - "locationUrl", - "binding" - ], + "required": ["locationUrl", "binding"], "properties": { "locationUrl": { "title": "label.assertion-consumer-service-location", @@ -301,9 +424,7 @@ "widget": "select", "oneOf": [ { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { @@ -313,33 +434,23 @@ "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" }, { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" }, { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:PAOS"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" }, { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - ], + "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:browser-post"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" }, { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - ], + "enum": ["urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" }, { - "enum": [ - "https://tools.ietf.org/html/rfc6749#section-3.1.2" - ], + "enum": ["https://tools.ietf.org/html/rfc6749#section-3.1.2"], "description": "OIDC / OAUTH Binding" } ] @@ -356,16 +467,10 @@ "type": "object", "fieldsets": [ { - "fields": [ - "url", - "bindingType" - ] + "fields": ["url", "bindingType"] } ], - "required": [ - "url", - "bindingType" - ], + "required": ["url", "bindingType"], "properties": { "url": { "title": "label.url", @@ -381,27 +486,19 @@ "widget": "select", "oneOf": [ { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" }, { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" }, { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:SOAP"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" }, { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], + "enum": ["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"], "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" } ] @@ -416,11 +513,7 @@ "fieldsets": [ { "type": "group", - "fields": [ - "displayName", - "informationUrl", - "description" - ] + "fields": ["displayName", "informationUrl", "description"] }, { "type": "group", @@ -512,22 +605,13 @@ }, "dependencies": { "name": { - "required": [ - "displayName", - "url" - ] + "required": ["displayName", "url"] }, "displayName": { - "required": [ - "name", - "url" - ] + "required": ["name", "url"] }, "url": { - "required": [ - "name", - "displayName" - ] + "required": ["name", "displayName"] } } } diff --git a/backend/src/main/resources/metadata-sources-ui-schema-saml.json b/backend/src/main/resources/metadata-sources-ui-schema-saml.json index 8fc4d7058..28398dae4 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-saml.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-saml.json @@ -70,34 +70,23 @@ } }, "properties": { - "x509CertificateAvailable": { - "type": "boolean" - }, "authenticationRequestsSigned": { "title": "label.authentication-requests-signed", "description": "tooltip.authentication-requests-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, "wantAssertionsSigned": { "title": "label.want-assertions-signed", "description": "tooltip.want-assertions-signed", "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] + "enumNames": ["value.true", "value.false"] }, - "x509Certificates": { - "title": "label.x509-certificates", - "description": "tooltip.x509-certificates", + "keyDescriptors": { + "title": "label.key-descriptors", + "description": "tooltip.key-descriptors", "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } + "items": { "$ref": "#/definitions/Certificate" } } } }, @@ -131,12 +120,6 @@ "SAML 1.1" ], "description": "SAML 1.1" - }, - { - "enum": [ - "http://openid.net/specs/openid-connect-core-1_0.html" - ], - "description": "OIDC" } ] }, @@ -227,55 +210,43 @@ } }, "Certificate": { - "type": "object", - "required": [ - "type", - "value" - ], - "properties": { - "name": { - "title": "label.certificate-name-display-only", - "description": "tooltip.certificate-name", - "type": "string", - "maxLength": 255 - }, - "type": { - "title": "label.certificate-type", - "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, - "oneOf": [ - { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], - "description": "value.encryption" - }, - { - "enum": [ - "both" - ], - "description": "value.both" - } - ] - }, - "value": { - "title": "label.certificate", - "description": "tooltip.certificate", - "type": "string", - "widget": "textarea", - "minLength": 1 - } - } - }, + "type": "object", + "required": ["type", "value", "elementType"], + "properties": { + "name": { + "title": "label.certificate-name-display-only", + "description": "tooltip.certificate-name", + "type": "string", + "maxLength": 255 + }, + "elementType": { + "title": "label.element-type", + "description": "tooltip.element-type", + "type": "string", + "default": "X509Data" + }, + "type": { + "title": "label.certificate-type", + "type": "string", + "widget": { "id": "radio", "class": "form-check-inline" }, + "oneOf": [ + { "enum": ["signing"], "description": "value.signing" }, + { + "enum": ["encryption"], + "description": "value.encryption" + }, + { "enum": ["both"], "description": "value.both" } + ] + }, + "value": { + "title": "label.certificate", + "description": "tooltip.certificate", + "type": "string", + "widget": "textarea", + "minLength": 1 + } + } + }, "AssertionConsumerService": { "type": "object", "required": [ diff --git a/ui/public/assets/schema/source/metadata-source-oidc.json b/ui/public/assets/schema/source/metadata-source-oidc.json index 2bfe1f72e..d8be99ec6 100644 --- a/ui/public/assets/schema/source/metadata-source-oidc.json +++ b/ui/public/assets/schema/source/metadata-source-oidc.json @@ -44,7 +44,7 @@ "authenticationRequestsSigned": { "enum": [true] }, - "x509Certificates": { "minItems": 1 } + "keyDescriptors": { "minItems": 1 } } }, { @@ -52,7 +52,7 @@ "authenticationRequestsSigned": { "enum": [false] }, - "x509Certificates": { "minItems": 0 } + "keyDescriptors": { "minItems": 0 } } } ] diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js index 64cb35f90..9719feb28 100644 --- a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -5,7 +5,11 @@ import { SourceBase, SourceEditor, SourceWizard } from './SourceDefinition'; export const OidcSourceBase = defaultsDeep({ label: 'OIDC Metadata Source', type: '@MetadataProvider', - schema: `assets/schema/source/metadata-source-oidc.json`, + schema: `${API_BASE_PATH}/ui/MetadataSources?protocol=OIDC`, +}, SourceBase); + +export const OidcSourceEditor = defaultsDeep({ + ...SourceEditor, uiSchema: defaultsDeep({ serviceProviderSsoDescriptor: { ...SourceBase.uiSchema.serviceProviderSsoDescriptor, @@ -70,14 +74,76 @@ export const OidcSourceBase = defaultsDeep({ } } }, SourceBase.uiSchema) -}, SourceBase); - -export const OidcSourceEditor = defaultsDeep({ - ...SourceEditor, }, OidcSourceBase); export const OidcSourceWizard = defaultsDeep({ ...SourceWizard, + uiSchema: defaultsDeep({ + serviceProviderSsoDescriptor: { + ...SourceBase.uiSchema.serviceProviderSsoDescriptor, + layout: { + groups: [ + { + classNames: 'bg-light border rounded px-4 pt-4 mb-4', + size: 6, + fields: [ + 'protocolSupportEnum', + 'nameIdFormats' + ], + }, + { + size: 12, + fields: [ + 'extensions' + ], + } + ] + }, + extensions: { + OAuthRPExtensions: { + layout: { + groups: [ + { + classNames: 'col-md-6 col-xs-12', + fields: [ + 'postLogoutRedirectUris', + 'defaultAcrValues', + 'requestUris', + 'audience' + ], + }, + { + classNames: 'col-md-6 col-xs-12', + fields: [ + 'attributes' + ], + } + ] + }, + postLogoutRedirectUris: { + "ui:options": { + orderable: false + }, + }, + defaultAcrValues: { + "ui:options": { + orderable: false + }, + }, + requestUris: { + "ui:options": { + orderable: false + }, + }, + audience: { + "ui:options": { + orderable: false + }, + } + } + } + } + }, SourceBase.uiSchema) }, OidcSourceBase); diff --git a/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js index 7279dd2b8..03630ef92 100644 --- a/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js @@ -5,7 +5,7 @@ import { SourceBase, SourceEditor, SourceWizard } from './SourceDefinition'; export const SamlSourceBase = defaultsDeep({ label: 'SAML Metadata Source', type: '@MetadataProvider', - schema: `assets/schema/source/metadata-source-saml.json`, + schema: `${API_BASE_PATH}/ui/MetadataSources?protocol=SAML`, uiSchema: defaultsDeep({ securityInfo: { keyDescriptors: { diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js index 2069473ad..69bdc156b 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js @@ -2,7 +2,6 @@ import defaults from 'lodash/defaults'; import merge from 'lodash/merge'; import toNumber from 'lodash/toNumber'; import defaultsDeep from 'lodash/defaultsDeep'; -import API_BASE_PATH from '../../../../App.constant'; import {removeNull} from '../../../../core/utility/remove_null'; import { detailedDiff } from 'deep-object-diff'; import isNil from 'lodash/isNil'; From c9b1f2dd70f86ebd8d35a2bf617d4fa27d876c62 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 27 Sep 2022 13:13:55 -0700 Subject: [PATCH 17/77] SHIBUI-2380 checking for oidc param without caring about case --- .../ui/controller/MetadataSourcesUiDefinitionController.groovy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy index a5c6ecdf3..60cd362cf 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy @@ -48,7 +48,7 @@ class MetadataSourcesUiDefinitionController { @GetMapping ResponseEntity getUiDefinitionJsonSchema(@RequestParam(defaultValue = "saml") String protocol) { - URL url = protocol.equals("oidc") ? oidcJsonSchemaLocation.url : samlJsonSchemaLocation.url + URL url = protocol.equalsIgnoreCase("oidc") ? oidcJsonSchemaLocation.url : samlJsonSchemaLocation.url try { def parsedJson = jacksonObjectMapper.readValue(url, Map) jsonSchemaBuilderService.hideServiceEnabledFromNonAdmins(parsedJson) From 942a47f4e3f12876d62d59e712c21b39a5ff6e98 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 28 Sep 2022 13:45:32 -0700 Subject: [PATCH 18/77] SHIBUI-2380 Fixes for hashcode/versioning and schema retrieval --- ...torSchemaValidatingControllerAdvice.groovy | 15 +++-- .../LowLevelJsonSchemaValidator.groovy | 11 ++-- .../domain/oidc/AbstractValueXMLObject.java | 12 +++- .../ui/domain/oidc/OAuthRPExtensions.java | 32 +++++++++-- .../domain/oidc/OAuthRPExtensionsTest.groovy | 56 +++++++++++++++++++ .../service/AuxiliaryIntegrationTests.groovy | 11 +++- 6 files changed, 116 insertions(+), 21 deletions(-) create mode 100644 backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsTest.groovy diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy index 8dca94fdc..6200c63ce 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/EntityDescriptorSchemaValidatingControllerAdvice.groovy @@ -12,8 +12,9 @@ import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAd import javax.annotation.PostConstruct import java.lang.reflect.Type +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesOIDCSchema import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSAMLSchema -import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator.validatePayloadAgainstSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator.validateMetadataSourcePayloadAgainstSchema /** * Controller advice implementation for validating relying party overrides payload coming from UI layer @@ -27,7 +28,7 @@ class EntityDescriptorSchemaValidatingControllerAdvice extends RequestBodyAdvice @Autowired JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry - JsonSchemaResourceLocation jsonSchemaLocation + private HashMap schemaLocations = new HashMap<>() @Override boolean supports(MethodParameter methodParameter, Type targetType, Class> converterType) { @@ -35,15 +36,13 @@ class EntityDescriptorSchemaValidatingControllerAdvice extends RequestBodyAdvice } @Override - HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, - Type targetType, Class> converterType) - throws IOException { - - return validatePayloadAgainstSchema(inputMessage, this.jsonSchemaLocation.uri) + HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) throws IOException { + return validateMetadataSourcePayloadAgainstSchema(inputMessage, this.schemaLocations) } @PostConstruct void init() { - this.jsonSchemaLocation = metadataSourcesSAMLSchema(this.jsonSchemaResourceLocationRegistry) + this.schemaLocations.put("SAML", metadataSourcesSAMLSchema(this.jsonSchemaResourceLocationRegistry)) + this.schemaLocations.put("OIDC", metadataSourcesOIDCSchema(this.jsonSchemaResourceLocationRegistry)) } } \ No newline at end of file diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy index bcf25b4d9..8cd8b6f32 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy @@ -16,15 +16,16 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocati */ class LowLevelJsonSchemaValidator { - static HttpInputMessage validatePayloadAgainstSchema(HttpInputMessage inputMessage, URI schemaUri) { + static HttpInputMessage validateMetadataSourcePayloadAgainstSchema(HttpInputMessage inputMessage, HashMap schemaLocations) { def origInput = [inputMessage.body.bytes, inputMessage.headers] def json = extractJsonPayload(origInput) - def schema = Json.schema(schemaUri) + def protocol = json.at("protocol") + String key = protocol == null ? "SAML" : org.apache.commons.lang3.StringUtils.defaultIfEmpty(json.at("protocol").getValue(), "SAML") + def schema = Json.schema(schemaLocations.get(key).getUri()) doValidate(origInput, schema, json) } - static HttpInputMessage validateMetadataResolverTypePayloadAgainstSchema(HttpInputMessage inputMessage, - JsonSchemaResourceLocationRegistry schemaRegistry) { + static HttpInputMessage validateMetadataResolverTypePayloadAgainstSchema(HttpInputMessage inputMessage, JsonSchemaResourceLocationRegistry schemaRegistry) { def origInput = [inputMessage.body.bytes, inputMessage.headers] def json = extractJsonPayload(origInput) @@ -87,4 +88,4 @@ class LowLevelJsonSchemaValidator { getHeaders: { origInput[1] } ] as HttpInputMessage } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java index d4416b6e7..7aeed4d6e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java @@ -3,6 +3,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; import lombok.EqualsAndHashCode; +import org.apache.commons.lang3.StringUtils; import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; @@ -13,7 +14,6 @@ @Entity @Inheritance(strategy = InheritanceType.TABLE_PER_CLASS) -@EqualsAndHashCode(callSuper = true) @Audited @AuditOverride(forClass = AbstractXMLObject.class) public abstract class AbstractValueXMLObject extends AbstractXMLObject implements ValueXMLObject { @@ -27,4 +27,14 @@ public String getValue() { public void setValue(@Nullable String newValue) { this.stringValue = newValue; } + + @Override + public int hashCode() { + return getValue() == null ? 0 : getValue().hashCode(); + } + + @Override + public boolean equals(Object o) { + return o.getClass().equals(this.getClass()) && StringUtils.equals(this.stringValue, ((AbstractValueXMLObject)o).stringValue); + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java index a3872ddef..30f31f91d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java @@ -3,9 +3,9 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; import lombok.Data; -import lombok.EqualsAndHashCode; -import lombok.NoArgsConstructor; import net.shibboleth.oidc.saml.xmlobject.MetadataValueSAMLObject; +import org.apache.commons.lang3.builder.EqualsBuilder; +import org.apache.commons.lang3.builder.HashCodeBuilder; import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.util.AttributeMap; @@ -14,19 +14,21 @@ import javax.persistence.CascadeType; import javax.persistence.Entity; import javax.persistence.OneToMany; -import javax.persistence.OrderColumn; import javax.persistence.Transient; import javax.xml.namespace.QName; import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; import java.util.stream.Collectors; @Entity @Data -@EqualsAndHashCode(callSuper=false) @Audited public class OAuthRPExtensions extends AbstractXMLObject implements net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions { public static final String DEFAULT_ELEMENT_LOCAL_NAME = TYPE_LOCAL_NAME; + private static final Collection equalsAndHashExcludeList = Arrays.asList(new String[] {"unknownXMLObjects", "requestUris", "postLogoutRedirectUris", "defaultAcrValues", "audiences", "unknownAttributes"}); // Only support the attributes used by Shib 4.x - https://shibboleth.atlassian.net/wiki/spaces/SC/pages/1912406916/OAuthRPMetadataProfile @Transient @@ -83,7 +85,6 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole private String tokenEndpointAuthSigningAlg; @OneToMany(cascade = CascadeType.ALL) - @OrderColumn List unknownXMLObjects = new ArrayList<>(); private String userInfoSignedResponseAlg; @@ -156,4 +157,25 @@ public void addRequestUri(RequestUri childSAMLObject) { public void addPostLogoutRedirectUri(PostLogoutRedirectUri childSAMLObject) { postLogoutRedirectUris.add(childSAMLObject); } + + @Override + public int hashCode() { + AtomicInteger retVal = new AtomicInteger(HashCodeBuilder.reflectionHashCode(this, equalsAndHashExcludeList)); + getUnknownXMLObjects().forEach(xmlObject -> retVal.addAndGet(xmlObject.hashCode())); + return retVal.get(); + } + + @Override + public boolean equals(Object o) { + boolean retVal = o instanceof OAuthRPExtensions; + if (retVal) { + retVal = EqualsBuilder.reflectionEquals(this, o, equalsAndHashExcludeList); + if (retVal){ + List oChildren = ((OAuthRPExtensions) o).getOrderedChildren(); + List thisChildren = getOrderedChildren(); + retVal = thisChildren.size() == oChildren.size() && thisChildren.containsAll(oChildren); + } + } + return retVal; + } } \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsTest.groovy new file mode 100644 index 000000000..806d5fa6d --- /dev/null +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsTest.groovy @@ -0,0 +1,56 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.oidc + +import com.fasterxml.jackson.databind.ObjectMapper +import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation +import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects +import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository +import edu.internet2.tier.shibboleth.admin.ui.service.EntityService +import edu.internet2.tier.shibboleth.admin.ui.service.JPAEntityDescriptorServiceImpl +import edu.internet2.tier.shibboleth.admin.ui.util.RandomGenerator +import edu.internet2.tier.shibboleth.admin.ui.util.WithMockAdmin +import edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils +import org.springframework.beans.factory.annotation.Autowired +import org.springframework.boot.test.json.JacksonTester +import org.springframework.context.annotation.PropertySource +import org.springframework.transaction.annotation.Transactional + +import javax.persistence.EntityManager + +@PropertySource("classpath:application.yml") +class OAuthRPExtensionsTest extends AbstractBaseDataJpaTest { + @Autowired + EntityService entityService + + @Autowired + OpenSamlObjects openSamlObjects + + @Autowired + JPAEntityDescriptorServiceImpl service + + @Autowired + EntityManager entityManager + + def setup() { + EntityDescriptorConversionUtils.openSamlObjects = openSamlObjects + EntityDescriptorConversionUtils.entityService = entityService + openSamlObjects.init() + } + + @WithMockAdmin + def "hashcode tests"() { + when: + def representation = new ObjectMapper().readValue(this.class.getResource('/json/SHIBUI-2380.json').bytes, EntityDescriptorRepresentation) + def edRep = service.createNew(representation) + entityManager.flush() + def ed1 = service.getEntityDescriptorByResourceId(edRep.getId()) + entityManager.clear() + def ed2 = service.getEntityDescriptorByResourceId(edRep.getId()) + + def oauthRpExt1 = (OAuthRPExtensions) ed1.getSPSSODescriptor("").getExtensions().getOrderedChildren().get(0) + def oauthRpExt2 = (OAuthRPExtensions) ed2.getSPSSODescriptor("").getExtensions().getOrderedChildren().get(0) + + then: + oauthRpExt1.hashCode() == oauthRpExt2.hashCode() + } +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy index 257df79ee..465bd4186 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy @@ -4,6 +4,7 @@ import com.fasterxml.jackson.databind.ObjectMapper import edu.internet2.tier.shibboleth.admin.ui.configuration.JsonSchemaComponentsConfiguration import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor import edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup +import edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation import edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import org.springframework.core.io.DefaultResourceLoader @@ -13,6 +14,9 @@ import spock.lang.Specification import java.time.LocalDateTime +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesOIDCSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSAMLSchema + class AuxiliaryIntegrationTests extends Specification { OpenSamlObjects openSamlObjects = new OpenSamlObjects().with { it.init() @@ -45,10 +49,13 @@ class AuxiliaryIntegrationTests extends Specification { it } def json = objectMapper.writeValueAsString(entityDescriptorRepresentation) - def schemaUri = JsonSchemaLocationLookup.metadataSourcesSAMLSchema(new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper)).uri + HashMap schemaLocations = new HashMap<>() + def jsonSchemaResourceLocationRegistry = new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper) + schemaLocations.put("SAML", metadataSourcesSAMLSchema(jsonSchemaResourceLocationRegistry)) + schemaLocations.put("OIDC", metadataSourcesOIDCSchema(jsonSchemaResourceLocationRegistry)) when: - LowLevelJsonSchemaValidator.validatePayloadAgainstSchema(new MockHttpInputMessage(json.bytes), schemaUri) + LowLevelJsonSchemaValidator.validateMetadataSourcePayloadAgainstSchema(new MockHttpInputMessage(json.bytes), schemaLocations) then: noExceptionThrown() From f3362106af9fb841009765c88081323b74323aee Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 29 Sep 2022 11:06:29 -0700 Subject: [PATCH 19/77] SHIBUI-2380 Fixes for name for key descriptors missing --- .../ui/controller/EntityDescriptorController.java | 3 +-- .../tier/shibboleth/admin/ui/domain/KeyInfo.java | 15 ++++++++++----- .../service/JPAEntityDescriptorServiceImpl.java | 2 ++ .../EntityDescriptorControllerTests.groovy | 2 ++ .../src/test/resources/json/SHIBUI-2380-1.json | 4 ++++ backend/src/test/resources/json/SHIBUI-2380.json | 2 ++ .../src/test/resources/metadata/SHIBUI-2380.xml | 2 ++ 7 files changed, 23 insertions(+), 7 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java index e57870cb9..e4de49273 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java @@ -104,8 +104,7 @@ public Iterable getDisabledAndNotOwnedByAdmin() @GetMapping("/EntityDescriptor/{resourceId}") @Transactional public ResponseEntity getOne(@PathVariable String resourceId) throws PersistentEntityNotFound, ForbiddenException { - return ResponseEntity.ok(entityDescriptorService - .createRepresentationFromDescriptor(entityDescriptorService.getEntityDescriptorByResourceId(resourceId))); + return ResponseEntity.ok(entityDescriptorService.createRepresentationFromDescriptor(entityDescriptorService.getEntityDescriptorByResourceId(resourceId))); } @GetMapping(value = "/EntityDescriptor/{resourceId}", produces = "application/xml") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java index 7497e5837..f07d98ca6 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java @@ -45,9 +45,7 @@ public String getID() { } @Override - public void setID(@Nullable String newID) { - - } + public void setID(@Nullable String newID) {} @Nonnull @Override @@ -64,7 +62,14 @@ public List getXMLObjects(@Nonnull QName typeOrName) { @Nonnull @Override public List getKeyNames() { - return Collections.emptyList(); + List result = new ArrayList<>(); + getXMLObjects().forEach(obj -> { + if (obj instanceof KeyName){ + result.add((KeyName)obj); + } + }); + return result; + } @Nonnull @@ -144,4 +149,4 @@ public List getOrderedChildren() { return children; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index b7b034546..4a54c7543 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -5,6 +5,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty; +import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo; import edu.internet2.tier.shibboleth.admin.ui.domain.X509Data; import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean; @@ -501,6 +502,7 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed for (org.opensaml.saml.saml2.metadata.KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) { KeyDescriptorRepresentation keyDescriptorRep = new KeyDescriptorRepresentation(); String name = keyDescriptor.getKeyInfo().getKeyNames().size() > 0 ? keyDescriptor.getKeyInfo().getKeyNames().get(0).getValue() : null; + name = name == null ? ((KeyDescriptor)keyDescriptor).getName() : name; keyDescriptorRep.setName(name); //TODO: check this. assume that if no value is set, it's used for both diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index a78a76c24..a8eda4349 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -722,6 +722,7 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { .andExpect(jsonPath("\$.serviceEnabled").value(false)) .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) + .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1")) .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) @@ -776,6 +777,7 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { .andExpect(jsonPath("\$.protocol").value("OIDC")) .andExpect(jsonPath("\$.serviceEnabled").value(false)) .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1")) .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) diff --git a/backend/src/test/resources/json/SHIBUI-2380-1.json b/backend/src/test/resources/json/SHIBUI-2380-1.json index 2e83f768b..833ca5bff 100644 --- a/backend/src/test/resources/json/SHIBUI-2380-1.json +++ b/backend/src/test/resources/json/SHIBUI-2380-1.json @@ -19,21 +19,25 @@ "wantAssertionsSigned": false, "keyDescriptors": [ { + "name": "test1", "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB", "type": "signing", "elementType": "X509Data" }, { + "name": "test2", "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w", "type": "signing", "elementType": "X509Data" }, { + "name": "mockJwksData", "value": "ewogICJrdHkiOiAiUlNBIiwKICAiZSI6ICJBUUFCIiwKICAia2lkIjogIm1vY2siLAogICJhbGci", "type": "signing", "elementType": "jwksData" }, { + "name": "mockClientSecret", "value": "mockClientSecretValue", "type": "both", "elementType": "clientSecret" diff --git a/backend/src/test/resources/json/SHIBUI-2380.json b/backend/src/test/resources/json/SHIBUI-2380.json index f71c6de6b..106e4ed45 100644 --- a/backend/src/test/resources/json/SHIBUI-2380.json +++ b/backend/src/test/resources/json/SHIBUI-2380.json @@ -23,11 +23,13 @@ "wantAssertionsSigned": false, "keyDescriptors": [ { + "name": "test1", "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB", "type": "signing", "elementType": "X509Data" }, { + "name": "test2", "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w", "type": "signing", "elementType": "X509Data" diff --git a/backend/src/test/resources/metadata/SHIBUI-2380.xml b/backend/src/test/resources/metadata/SHIBUI-2380.xml index 7f292cdcd..7ac4ac393 100644 --- a/backend/src/test/resources/metadata/SHIBUI-2380.xml +++ b/backend/src/test/resources/metadata/SHIBUI-2380.xml @@ -33,6 +33,7 @@ + test1 MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB @@ -42,6 +43,7 @@ + test2 MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w From b2ba018dedaa5812ef7bd60be207895b7722b379 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 29 Sep 2022 13:02:46 -0700 Subject: [PATCH 20/77] UI Fixes for OIDC --- .../metadata-sources-ui-schema-oidc.json | 20 +++------- .../metadata-sources-ui-schema-saml.json | 13 ++++--- .../schema/source/metadata-source-saml.json | 37 +++++++------------ ui/src/app/dashboard/view/SourcesTab.js | 2 +- .../form/component/widgets/SelectWidget.js | 5 ++- .../domain/source/component/SourceList.js | 4 ++ .../source/definition/OidcSourceDefinition.js | 30 +++++++++------ .../source/definition/SamlSourceDefinition.js | 4 +- .../wizard/MetadataSourceProtocolSelector.js | 2 +- 9 files changed, 56 insertions(+), 61 deletions(-) diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index de0fb8009..109742cd5 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -5,6 +5,11 @@ "entityId" ], "properties": { + "protocol": { + "title": "label.source-protocol", + "description": "tooltip.source-protocol", + "type": "string" + }, "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", @@ -111,20 +116,7 @@ "widget": { "id": "select" }, - "oneOf": [ - { - "enum": ["SAML 2"], - "description": "SAML 2" - }, - { - "enum": ["SAML 1.1"], - "description": "SAML 1.1" - }, - { - "enum": ["http://openid.net/specs/openid-connect-core-1_0.html"], - "description": "OIDC" - } - ] + "default": "http://openid.net/specs/openid-connect-core-1_0.html" }, "nameIdFormats": { "$ref": "#/definitions/nameIdFormats" diff --git a/backend/src/main/resources/metadata-sources-ui-schema-saml.json b/backend/src/main/resources/metadata-sources-ui-schema-saml.json index 28398dae4..73bb04aec 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-saml.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-saml.json @@ -5,6 +5,11 @@ "entityId" ], "properties": { + "protocol": { + "title": "label.source-protocol", + "description": "tooltip.source-protocol", + "type": "string" + }, "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", @@ -110,15 +115,11 @@ }, "oneOf": [ { - "enum": [ - "SAML 2" - ], + "enum": ["SAML 2"], "description": "SAML 2" }, { - "enum": [ - "SAML 1.1" - ], + "enum": ["SAML 1.1"], "description": "SAML 1.1" } ] diff --git a/ui/public/assets/schema/source/metadata-source-saml.json b/ui/public/assets/schema/source/metadata-source-saml.json index 44bc9b963..005c2830b 100644 --- a/ui/public/assets/schema/source/metadata-source-saml.json +++ b/ui/public/assets/schema/source/metadata-source-saml.json @@ -34,23 +34,9 @@ "items": { "$ref": "#/definitions/Contact" } }, "mdui": { "$ref": "#/definitions/MDUI" }, - "dependencies": { - "securityInfo": { - "oneOf": [ - { - "properties": { - "@type": { - "enum": [ - "OIDC" - ] - } - } - } - ] - } - }, "securityInfo": { "type": "object", + "widget": { "id": "fieldset" }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [ @@ -59,7 +45,7 @@ "authenticationRequestsSigned": { "enum": [true] }, - "keyDescriptors": { "minItems": 1 } + "x509Certificates": { "minItems": 1 } } }, { @@ -67,7 +53,7 @@ "authenticationRequestsSigned": { "enum": [false] }, - "keyDescriptors": { "minItems": 0 } + "x509Certificates": { "minItems": 0 } } } ] @@ -265,7 +251,7 @@ }, "Certificate": { "type": "object", - "required": ["type", "value"], + "required": ["type", "value", "elementType"], "properties": { "name": { "title": "label.certificate-name-display-only", @@ -354,6 +340,12 @@ "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" ], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "OIDC / OAUTH Binding" } ] }, @@ -487,28 +479,25 @@ "title": "label.organization-name", "description": "tooltip.organization-name", "type": "string", - "minLength": 1, "maxLength": 255 }, "displayName": { "title": "label.organization-display-name", "description": "tooltip.organization-display-name", "type": "string", - "minLength": 1, "maxLength": 255 }, "url": { "title": "label.organization-url", "description": "tooltip.organization-url", "type": "string", - "minLength": 1, "maxLength": 255 } }, "dependencies": { - "name": { "required": ["displayName", "url"] }, - "displayName": { "required": ["name", "url"] }, - "url": { "required": ["name", "displayName"] } + "url": ["name", "displayName"], + "name": ["displayName", "url"], + "displayName": ["name", "url"] } }, "nameIdFormats": { diff --git a/ui/src/app/dashboard/view/SourcesTab.js b/ui/src/app/dashboard/view/SourcesTab.js index b0d1352d3..dbeeb0a06 100644 --- a/ui/src/app/dashboard/view/SourcesTab.js +++ b/ui/src/app/dashboard/view/SourcesTab.js @@ -10,7 +10,7 @@ import { Spinner } from '../../core/components/Spinner'; import { NotificationContext, createNotificationAction, NotificationTypes } from '../../notifications/hoc/Notifications'; -const searchProps = ['serviceProviderName', 'entityId', 'createdBy']; +const searchProps = ['serviceProviderName', 'entityId', 'createdBy', 'protocol']; export function SourcesTab () { diff --git a/ui/src/app/form/component/widgets/SelectWidget.js b/ui/src/app/form/component/widgets/SelectWidget.js index 57f18b532..38c4374d8 100644 --- a/ui/src/app/form/component/widgets/SelectWidget.js +++ b/ui/src/app/form/component/widgets/SelectWidget.js @@ -94,13 +94,15 @@ const SelectWidget = ({ {schema.description && } + {readonly ? + + : 0 ? "is-invalid" : ""} onBlur={ @@ -134,6 +136,7 @@ const SelectWidget = ({ )} + } {rawErrors?.length > 0 && touched && ( {rawErrors.map((error, i) => { diff --git a/ui/src/app/metadata/domain/source/component/SourceList.js b/ui/src/app/metadata/domain/source/component/SourceList.js index 8e8a10825..d462528a1 100644 --- a/ui/src/app/metadata/domain/source/component/SourceList.js +++ b/ui/src/app/metadata/domain/source/component/SourceList.js @@ -32,6 +32,7 @@ export default function SourceList({ entities, onDelete, onEnable, onChangeGroup Title Entity ID + Protocol Author Created Date Enabled @@ -55,6 +56,9 @@ export default function SourceList({ entities, onDelete, onEnable, onChangeGroup {source.entityId} + + {source.protocol} + {source.createdBy} diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js index 9719feb28..15d4bc257 100644 --- a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -31,11 +31,21 @@ export const OidcSourceEditor = defaultsDeep({ } ] }, + protocolSupportEnum: { + "ui:readonly": true + }, extensions: { OAuthRPExtensions: { layout: { groups: [ { + classNames: 'col-md-6 col-xs-12', + fields: [ + 'attributes' + ], + }, + { + classNames: 'border-start col-md-6 col-xs-12', fields: [ 'postLogoutRedirectUris', 'defaultAcrValues', @@ -43,11 +53,6 @@ export const OidcSourceEditor = defaultsDeep({ 'audience' ], }, - { - fields: [ - 'attributes' - ], - } ] }, postLogoutRedirectUris: { @@ -99,12 +104,21 @@ export const OidcSourceWizard = defaultsDeep({ } ] }, + protocolSupportEnum: { + "ui:readonly": true + }, extensions: { OAuthRPExtensions: { layout: { groups: [ { classNames: 'col-md-6 col-xs-12', + fields: [ + 'attributes' + ], + }, + { + classNames: 'border-start col-md-6 col-xs-12', fields: [ 'postLogoutRedirectUris', 'defaultAcrValues', @@ -112,12 +126,6 @@ export const OidcSourceWizard = defaultsDeep({ 'audience' ], }, - { - classNames: 'col-md-6 col-xs-12', - fields: [ - 'attributes' - ], - } ] }, postLogoutRedirectUris: { diff --git a/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js index 03630ef92..4de3041a4 100644 --- a/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/SamlSourceDefinition.js @@ -1,5 +1,5 @@ import defaultsDeep from 'lodash/defaultsDeep'; -import API_BASE_PATH from '../../../../App.constant'; +import {API_BASE_PATH} from '../../../../App.constant'; import { SourceBase, SourceEditor, SourceWizard } from './SourceDefinition'; export const SamlSourceBase = defaultsDeep({ @@ -19,8 +19,6 @@ export const SamlSourceBase = defaultsDeep({ }, SourceBase.uiSchema) }, SourceBase); -console.log(SamlSourceBase); - export const SamlSourceEditor = defaultsDeep({ ...SourceEditor, }, SamlSourceBase); diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index c84b4b410..ee7b55cfb 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -26,7 +26,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) reValidateMode: 'onChange', defaultValues: { serviceProviderName: null, - protocol: null, + protocol: 'SAML', entityID: null, }, resolver: undefined, From 5c1fd76eb207a5cc1dc2a72057e8acfa2b99e942 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 29 Sep 2022 14:30:50 -0700 Subject: [PATCH 21/77] SHIBUI-2380 minor cleanup --- backend/build.gradle | 6 - .../resources/metadata-sources-ui-schema.json | 546 ------------------ 2 files changed, 552 deletions(-) delete mode 100644 backend/src/main/resources/metadata-sources-ui-schema.json diff --git a/backend/build.gradle b/backend/build.gradle index a4ca532b1..b0c823d47 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -135,12 +135,6 @@ dependencies { compile "net.shibboleth.idp:${it}:${project.'shibbolethVersion'}" } -// // Shib OIDC -// ['metadata', 'profile', 'crypto'].each { -// testCompile "net.shibboleth.oidc:oidc-common-${it}-api:${project.'shibOIDCVersion'}" -// testCompile "net.shibboleth.oidc:oidc-common-${it}-impl:${project.'shibOIDCVersion'}" -// } - implementation "net.shibboleth.oidc:oidc-common-saml-api:${project.'shibOIDCVersion'}" // hibernate deps diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json deleted file mode 100644 index 877f2cada..000000000 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ /dev/null @@ -1,546 +0,0 @@ -{ - "type": "object", - "required": [ - "protocol", - "serviceProviderName", - "entityId" - ], - "properties": { - "protocol": { - "title": "label.metadata-source-protocol", - "description": "tooltip.metadata-source-protocol", - "type": "string", - "enum": [ - "OIDC", - "SAML" - ], - "enumNames": [ - "value.oidc", - "value.saml" - ] - }, - "serviceProviderName": { - "title": "label.service-provider-name", - "description": "tooltip.service-provider-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "entityId": { - "title": "label.entity-id", - "description": "tooltip.entity-id", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "serviceEnabled": { - "title": "label.enable-this-service", - "description": "tooltip.enable-this-service-upon-saving", - "type": "boolean" - }, - "organization": { - "$ref": "#/definitions/Organization" - }, - "contacts": { - "title": "label.contact-information", - "description": "tooltip.contact-information", - "type": "array", - "items": { - "$ref": "#/definitions/Contact" - } - }, - "mdui": { - "$ref": "#/definitions/MDUI" - }, - "securityInfo": { - "type": "object", - "dependencies": { - "authenticationRequestsSigned": { - "oneOf": [ - { - "properties": { - "authenticationRequestsSigned": { - "enum": [true] - }, - "x509Certificates": { - "minItems": 1 - } - } - }, - { - "properties": { - "authenticationRequestsSigned": { - "enum": [false] - }, - "x509Certificates": { - "minItems": 0 - } - } - } - ] - } - }, - "properties": { - "x509CertificateAvailable": { - "type": "boolean" - }, - "authenticationRequestsSigned": { - "title": "label.authentication-requests-signed", - "description": "tooltip.authentication-requests-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "wantAssertionsSigned": { - "title": "label.want-assertions-signed", - "description": "tooltip.want-assertions-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "x509Certificates": { - "title": "label.x509-certificates", - "description": "tooltip.x509-certificates", - "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } - } - } - }, - "assertionConsumerServices": { - "title": "label.assertion-consumer-service-endpoints", - "description": "tooltip.assertion-consumer-service-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/AssertionConsumerService" - } - }, - "serviceProviderSsoDescriptor": { - "type": "object", - "properties": { - "protocolSupportEnum": { - "title": "label.protocol-support-enumeration", - "description": "tooltip.protocol-support-enumeration", - "type": "string", - "widget": { - "id": "select" - }, - "oneOf": [ - { - "enum": [ - "SAML 2" - ], - "description": "SAML 2" - }, - { - "enum": [ - "SAML 1.1" - ], - "description": "SAML 1.1" - }, - { - "enum": [ - "http://openid.net/specs/openid-connect-core-1_0.html" - ], - "description": "OIDC" - } - ] - }, - "nameIdFormats": { - "$ref": "#/definitions/nameIdFormats" - } - } - }, - "logoutEndpoints": { - "title": "label.logout-endpoints", - "description": "tooltip.logout-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/LogoutEndpoint" - } - }, - "relyingPartyOverrides": { - "type": "object", - "properties": {} - }, - "attributeRelease": { - "type": "array", - "title": "label.attribute-release", - "description": "Attribute release table - select the attributes you want to release (default unchecked)", - "items": { - "type": "string" - }, - "uniqueItems": true - } - }, - "definitions": { - "Contact": { - "type": "object", - "required": [ - "name", - "type", - "emailAddress" - ], - "properties": { - "name": { - "title": "label.contact-name", - "description": "tooltip.contact-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "type": { - "title": "label.contact-type", - "description": "tooltip.contact-type", - "type": "string", - "widget": "select", - "minLength": 1, - "oneOf": [ - { - "enum": [ - "support" - ], - "description": "value.support" - }, - { - "enum": [ - "technical" - ], - "description": "value.technical" - }, - { - "enum": [ - "administrative" - ], - "description": "value.administrative" - }, - { - "enum": [ - "other" - ], - "description": "value.other" - } - ] - }, - "emailAddress": { - "title": "label.contact-email-address", - "description": "tooltip.contact-email", - "type": "string", - "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", - "minLength": 1, - "maxLength": 255 - } - } - }, - "Certificate": { - "type": "object", - "required": [ - "type", - "value" - ], - "properties": { - "name": { - "title": "label.certificate-name-display-only", - "description": "tooltip.certificate-name", - "type": "string", - "maxLength": 255 - }, - "type": { - "title": "label.certificate-type", - "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, - "oneOf": [ - { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], - "description": "value.encryption" - }, - { - "enum": [ - "both" - ], - "description": "value.both" - } - ] - }, - "value": { - "title": "label.certificate", - "description": "tooltip.certificate", - "type": "string", - "widget": "textarea", - "minLength": 1 - } - } - }, - "AssertionConsumerService": { - "type": "object", - "required": [ - "locationUrl", - "binding" - ], - "properties": { - "locationUrl": { - "title": "label.assertion-consumer-service-location", - "description": "tooltip.assertion-consumer-service-location", - "type": "string", - "widget": { - "id": "string", - "help": "message.valid-url" - }, - "minLength": 1, - "maxLength": 255 - }, - "binding": { - "title": "label.assertion-consumer-service-location-binding", - "description": "tooltip.assertion-consumer-service-location-binding", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - }, - { - "enum": [ - "https://tools.ietf.org/html/rfc6749#section-3.1.2" - ], - "description": "OIDC / OAUTH Binding" - } - ] - }, - "makeDefault": { - "title": "label.mark-as-default", - "description": "tooltip.mark-as-default", - "type": "boolean" - } - } - }, - "LogoutEndpoint": { - "description": "tooltip.new-endpoint", - "type": "object", - "fieldsets": [ - { - "fields": [ - "url", - "bindingType" - ] - } - ], - "required": [ - "url", - "bindingType" - ], - "properties": { - "url": { - "title": "label.url", - "description": "tooltip.url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "bindingType": { - "title": "label.binding-type", - "description": "tooltip.binding-type", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - } - ] - } - } - }, - "MDUI": { - "type": "object", - "widget": { - "id": "fieldset" - }, - "fieldsets": [ - { - "type": "group", - "fields": [ - "displayName", - "informationUrl", - "description" - ] - }, - { - "type": "group", - "fields": [ - "privacyStatementUrl", - "logoUrl", - "logoWidth", - "logoHeight" - ] - } - ], - "properties": { - "displayName": { - "title": "label.display-name", - "description": "tooltip.mdui-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "informationUrl": { - "title": "label.information-url", - "description": "tooltip.mdui-information-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "privacyStatementUrl": { - "title": "label.privacy-statement-url", - "description": "tooltip.mdui-privacy-statement-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "description": { - "title": "label.description", - "description": "tooltip.mdui-description", - "type": "string", - "widget": { - "id": "textarea" - }, - "minLength": 1, - "maxLength": 255 - }, - "logoUrl": { - "title": "label.logo-url", - "description": "tooltip.mdui-logo-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "logoHeight": { - "title": "label.logo-height", - "description": "tooltip.mdui-logo-height", - "minimum": 0, - "type": "integer" - }, - "logoWidth": { - "title": "label.logo-width", - "description": "tooltip.mdui-logo-width", - "minimum": 0, - "type": "integer" - } - } - }, - "Organization": { - "type": "object", - "properties": { - "name": { - "title": "label.organization-name", - "description": "tooltip.organization-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "displayName": { - "title": "label.organization-display-name", - "description": "tooltip.organization-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "url": { - "title": "label.organization-url", - "description": "tooltip.organization-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - } - }, - "dependencies": { - "name": { - "required": [ - "displayName", - "url" - ] - }, - "displayName": { - "required": [ - "name", - "url" - ] - }, - "url": { - "required": [ - "name", - "displayName" - ] - } - } - } - } -} \ No newline at end of file From 45a5c3163514e7b6130cea5942bbce5fbdf5ba7c Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 29 Sep 2022 14:47:50 -0700 Subject: [PATCH 22/77] SHIBUI-2380 unit test (envers) fix --- .../EntityDescriptorEnversVersioningTests.groovy | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy index 071cd130f..79a00d44d 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/EntityDescriptorEnversVersioningTests.groovy @@ -34,6 +34,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.XSString import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.AssertionConsumerServiceRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ContactRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.KeyDescriptorRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.LogoutEndpointRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.MduiRepresentation import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.OrganizationRepresentation @@ -380,8 +381,7 @@ class EntityDescriptorEnversVersioningTests extends Specification { def representation = new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { it.authenticationRequestsSigned = true - it.x509CertificateAvailable = true - it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'sign', type: 'signing', value: 'signingValue')] + it.keyDescriptors = [new KeyDescriptorRepresentation(name: 'sign', type: 'signing', value: 'signingValue', elementType: 'X509Data')] it } it @@ -411,9 +411,8 @@ class EntityDescriptorEnversVersioningTests extends Specification { representation = new EntityDescriptorRepresentation().with { it.securityInfo = new SecurityInfoRepresentation().with { it.authenticationRequestsSigned = false - it.x509CertificateAvailable = true - it.x509Certificates = [new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'sign', type: 'signing', value: 'signingValue'), - new SecurityInfoRepresentation.X509CertificateRepresentation(name: 'encrypt', type: 'encryption', value: 'encryptionValue')] + it.keyDescriptors = [new KeyDescriptorRepresentation(name: 'sign', type: 'signing', value: 'signingValue', elementType: 'X509Data'), + new KeyDescriptorRepresentation(name: 'encrypt', type: 'encryption', value: 'encryptionValue', elementType: 'X509Data')] it } it @@ -655,4 +654,4 @@ class EntityDescriptorEnversVersioningTests extends Specification { attrs.attributes[1].attributeValues[0].xsStringvalue == 'attr1' attrs.attributes[1].attributeValues[1] == null } -} +} \ No newline at end of file From b498edcdade303e96f60b42aed24f5f98531155b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 29 Sep 2022 15:05:21 -0700 Subject: [PATCH 23/77] SHIBUI-2380 restored file that was removed --- .../resources/metadata-sources-ui-schema.json | 523 ++++++++++++++++++ 1 file changed, 523 insertions(+) create mode 100644 backend/src/main/resources/metadata-sources-ui-schema.json diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json new file mode 100644 index 000000000..93ad3ec81 --- /dev/null +++ b/backend/src/main/resources/metadata-sources-ui-schema.json @@ -0,0 +1,523 @@ +{ + "type": "object", + "required": [ + "serviceProviderName", + "entityId" + ], + "properties": { + "serviceProviderName": { + "title": "label.service-provider-name", + "description": "tooltip.service-provider-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "entityId": { + "title": "label.entity-id", + "description": "tooltip.entity-id", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "serviceEnabled": { + "title": "label.enable-this-service", + "description": "tooltip.enable-this-service-upon-saving", + "type": "boolean" + }, + "organization": { + "$ref": "#/definitions/Organization" + }, + "contacts": { + "title": "label.contact-information", + "description": "tooltip.contact-information", + "type": "array", + "items": { + "$ref": "#/definitions/Contact" + } + }, + "mdui": { + "$ref": "#/definitions/MDUI" + }, + "securityInfo": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "dependencies": { + "authenticationRequestsSigned": { + "oneOf": [ + { + "properties": { + "authenticationRequestsSigned": { + "enum": [true] + }, + "x509Certificates": { + "minItems": 1 + } + } + }, + { + "properties": { + "authenticationRequestsSigned": { + "enum": [false] + }, + "x509Certificates": { + "minItems": 0 + } + } + } + ] + } + }, + "properties": { + "x509CertificateAvailable": { + "type": "boolean" + }, + "authenticationRequestsSigned": { + "title": "label.authentication-requests-signed", + "description": "tooltip.authentication-requests-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "wantAssertionsSigned": { + "title": "label.want-assertions-signed", + "description": "tooltip.want-assertions-signed", + "type": "boolean", + "enumNames": [ + "value.true", + "value.false" + ] + }, + "x509Certificates": { + "title": "label.x509-certificates", + "description": "tooltip.x509-certificates", + "type": "array", + "items": { + "$ref": "#/definitions/Certificate" + } + } + } + }, + "assertionConsumerServices": { + "title": "label.assertion-consumer-service-endpoints", + "description": "tooltip.assertion-consumer-service-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/AssertionConsumerService" + } + }, + "serviceProviderSsoDescriptor": { + "type": "object", + "properties": { + "protocolSupportEnum": { + "title": "label.protocol-support-enumeration", + "description": "tooltip.protocol-support-enumeration", + "type": "string", + "widget": { + "id": "select" + }, + "oneOf": [ + { + "enum": [ + "SAML 2" + ], + "description": "SAML 2" + }, + { + "enum": [ + "SAML 1.1" + ], + "description": "SAML 1.1" + } + ] + }, + "nameIdFormats": { + "$ref": "#/definitions/nameIdFormats" + } + } + }, + "logoutEndpoints": { + "title": "label.logout-endpoints", + "description": "tooltip.logout-endpoints", + "type": "array", + "items": { + "$ref": "#/definitions/LogoutEndpoint" + } + }, + "relyingPartyOverrides": { + "type": "object", + "properties": {} + }, + "attributeRelease": { + "type": "array", + "title": "label.attribute-release", + "description": "Attribute release table - select the attributes you want to release (default unchecked)", + "items": { + "type": "string" + }, + "uniqueItems": true + } + }, + "definitions": { + "Contact": { + "type": "object", + "required": [ + "name", + "type", + "emailAddress" + ], + "properties": { + "name": { + "title": "label.contact-name", + "description": "tooltip.contact-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "type": { + "title": "label.contact-type", + "description": "tooltip.contact-type", + "type": "string", + "widget": "select", + "minLength": 1, + "oneOf": [ + { + "enum": [ + "support" + ], + "description": "value.support" + }, + { + "enum": [ + "technical" + ], + "description": "value.technical" + }, + { + "enum": [ + "administrative" + ], + "description": "value.administrative" + }, + { + "enum": [ + "other" + ], + "description": "value.other" + } + ] + }, + "emailAddress": { + "title": "label.contact-email-address", + "description": "tooltip.contact-email", + "type": "string", + "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", + "minLength": 1, + "maxLength": 255 + } + } + }, + "Certificate": { + "type": "object", + "required": [ + "type", + "value" + ], + "properties": { + "name": { + "title": "label.certificate-name-display-only", + "description": "tooltip.certificate-name", + "type": "string", + "maxLength": 255 + }, + "type": { + "title": "label.certificate-type", + "type": "string", + "widget": { + "id": "radio", + "class": "form-check-inline" + }, + "oneOf": [ + { + "enum": [ + "signing" + ], + "description": "value.signing" + }, + { + "enum": [ + "encryption" + ], + "description": "value.encryption" + }, + { + "enum": [ + "both" + ], + "description": "value.both" + } + ] + }, + "value": { + "title": "label.certificate", + "description": "tooltip.certificate", + "type": "string", + "widget": "textarea", + "minLength": 1 + } + } + }, + "AssertionConsumerService": { + "type": "object", + "required": [ + "locationUrl", + "binding" + ], + "properties": { + "locationUrl": { + "title": "label.assertion-consumer-service-location", + "description": "tooltip.assertion-consumer-service-location", + "type": "string", + "widget": { + "id": "string", + "help": "message.valid-url" + }, + "minLength": 1, + "maxLength": 255 + }, + "binding": { + "title": "label.assertion-consumer-service-location-binding", + "description": "tooltip.assertion-consumer-service-location-binding", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + ], + "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + } + ] + }, + "makeDefault": { + "title": "label.mark-as-default", + "description": "tooltip.mark-as-default", + "type": "boolean" + } + } + }, + "LogoutEndpoint": { + "description": "tooltip.new-endpoint", + "type": "object", + "fieldsets": [ + { + "fields": [ + "url", + "bindingType" + ] + } + ], + "required": [ + "url", + "bindingType" + ], + "properties": { + "url": { + "title": "label.url", + "description": "tooltip.url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "bindingType": { + "title": "label.binding-type", + "description": "tooltip.binding-type", + "type": "string", + "widget": "select", + "oneOf": [ + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + }, + { + "enum": [ + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + ], + "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" + } + ] + } + } + }, + "MDUI": { + "type": "object", + "widget": { + "id": "fieldset" + }, + "fieldsets": [ + { + "type": "group", + "fields": [ + "displayName", + "informationUrl", + "description" + ] + }, + { + "type": "group", + "fields": [ + "privacyStatementUrl", + "logoUrl", + "logoWidth", + "logoHeight" + ] + } + ], + "properties": { + "displayName": { + "title": "label.display-name", + "description": "tooltip.mdui-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "informationUrl": { + "title": "label.information-url", + "description": "tooltip.mdui-information-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "privacyStatementUrl": { + "title": "label.privacy-statement-url", + "description": "tooltip.mdui-privacy-statement-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "description": { + "title": "label.description", + "description": "tooltip.mdui-description", + "type": "string", + "widget": { + "id": "textarea" + }, + "minLength": 1, + "maxLength": 255 + }, + "logoUrl": { + "title": "label.logo-url", + "description": "tooltip.mdui-logo-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "logoHeight": { + "title": "label.logo-height", + "description": "tooltip.mdui-logo-height", + "minimum": 0, + "type": "integer" + }, + "logoWidth": { + "title": "label.logo-width", + "description": "tooltip.mdui-logo-width", + "minimum": 0, + "type": "integer" + } + } + }, + "Organization": { + "type": "object", + "properties": { + "name": { + "title": "label.organization-name", + "description": "tooltip.organization-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "displayName": { + "title": "label.organization-display-name", + "description": "tooltip.organization-display-name", + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "url": { + "title": "label.organization-url", + "description": "tooltip.organization-url", + "type": "string", + "minLength": 1, + "maxLength": 255 + } + }, + "dependencies": { + "name": { + "required": [ + "displayName", + "url" + ] + }, + "displayName": { + "required": [ + "name", + "url" + ] + }, + "url": { + "required": [ + "name", + "displayName" + ] + } + } + } + } +} \ No newline at end of file From 56b588240843ca622eb9927a9b51c418f920ec5c Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 29 Sep 2022 15:34:49 -0700 Subject: [PATCH 24/77] SHIBUI-2380 restored file that was removed --- .../resources/metadata-sources-ui-schema.json | 29 +++++++++++++++++-- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json index 93ad3ec81..818304bfb 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ b/backend/src/main/resources/metadata-sources-ui-schema.json @@ -1,10 +1,24 @@ { "type": "object", "required": [ + "protocol", "serviceProviderName", "entityId" ], "properties": { + "protocol": { + "title": "label.metadata-source-protocol", + "description": "tooltip.metadata-source-protocol", + "type": "string", + "enum": [ + "OIDC", + "SAML" + ], + "enumNames": [ + "value.oidc", + "value.saml" + ] + }, "serviceProviderName": { "title": "label.service-provider-name", "description": "tooltip.service-provider-name", @@ -40,9 +54,6 @@ }, "securityInfo": { "type": "object", - "widget": { - "id": "fieldset" - }, "dependencies": { "authenticationRequestsSigned": { "oneOf": [ @@ -131,6 +142,12 @@ "SAML 1.1" ], "description": "SAML 1.1" + }, + { + "enum": [ + "http://openid.net/specs/openid-connect-core-1_0.html" + ], + "description": "OIDC" } ] }, @@ -329,6 +346,12 @@ "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" ], "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" + }, + { + "enum": [ + "https://tools.ietf.org/html/rfc6749#section-3.1.2" + ], + "description": "OIDC / OAUTH Binding" } ] }, From 77ee74952d105973d04f9b02eaf8e455e8be6fc3 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 30 Sep 2022 08:55:02 -0700 Subject: [PATCH 25/77] Fixed UI Tests --- ui/src/app/metadata/domain/index.test.js | 4 ++-- .../source/definition/SourceDefinition.test.js | 1 + ui/src/app/metadata/hooks/schema.test.js | 2 ++ .../wizard/MetadataSourceProtocolSelector.js | 2 +- ui/src/testing/uiSchema.js | 16 +++++++++++++--- 5 files changed, 19 insertions(+), 6 deletions(-) diff --git a/ui/src/app/metadata/domain/index.test.js b/ui/src/app/metadata/domain/index.test.js index dd5d62c63..537d701a2 100644 --- a/ui/src/app/metadata/domain/index.test.js +++ b/ui/src/app/metadata/domain/index.test.js @@ -1,7 +1,7 @@ import { NameIDFilterEditor } from './filter/definition/NameIdFilterDefinition'; import { getDefinition } from './index'; import { FileSystemMetadataProviderEditor } from './provider/definition/FileSystemMetadataProviderDefinition'; -import { SourceEditor } from './source/definition/SourceDefinition'; +import { OidcSourceEditor } from './source/definition/OidcSourceDefinition'; jest.mock('../../App.constant', () => ({ get API_BASE_PATH() { @@ -11,7 +11,7 @@ jest.mock('../../App.constant', () => ({ describe('getDefinitions method', () => { it('should retrieve the definition', () => { - expect(getDefinition('source')).toBe(SourceEditor); + expect(getDefinition('OIDC')).toBe(OidcSourceEditor); expect(getDefinition('NameIDFormat')).toBe(NameIDFilterEditor); expect(getDefinition('FilesystemMetadataResolver')).toBe(FileSystemMetadataProviderEditor); }); diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js index 92801c052..51a3d3217 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js @@ -1,4 +1,5 @@ import { SourceBase } from './SourceDefinition'; +jest.mock('../../metadata/hoc/MetadataSchema'); jest.mock('../../../../App.constant', () => ({ get API_BASE_PATH() { diff --git a/ui/src/app/metadata/hooks/schema.test.js b/ui/src/app/metadata/hooks/schema.test.js index b1d68e55a..cd881e6eb 100644 --- a/ui/src/app/metadata/hooks/schema.test.js +++ b/ui/src/app/metadata/hooks/schema.test.js @@ -15,6 +15,8 @@ jest.mock('../../App.constant', () => ({ } })); +jest.mock('../../metadata/hoc/MetadataSchema'); + describe('useUiSchema', () => { let realUseMemo; let useMemoMock; diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index ee7b55cfb..c273b8df3 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -8,7 +8,7 @@ import Translate from '../../i18n/components/translate'; import { InfoIcon } from '../../form/component/InfoIcon'; import { useTranslator } from '../../i18n/hooks'; import { useMetadataSources } from '../hooks/api'; -import Button from 'react-bootstrap/esm/Button'; +import Button from 'react-bootstrap/Button'; export function MetadataSourceProtocolSelector({ types = [], loading, children}) { diff --git a/ui/src/testing/uiSchema.js b/ui/src/testing/uiSchema.js index a58082e38..7a181d1ca 100644 --- a/ui/src/testing/uiSchema.js +++ b/ui/src/testing/uiSchema.js @@ -9,6 +9,7 @@ const schema = { { "size": 6, "fields": [ + "protocol", "serviceProviderName", "entityId", "organization" @@ -27,7 +28,7 @@ const schema = { ] }, { - "size": 6, + "size": 12, "fields": [ "serviceProviderSsoDescriptor" ] @@ -135,7 +136,7 @@ const schema = { "fields": [ "authenticationRequestsSigned", "wantAssertionsSigned", - "x509Certificates" + "keyDescriptors" ] } ] @@ -152,11 +153,17 @@ const schema = { "inline": true } }, - "x509Certificates": { + "keyDescriptors": { "type": "certificate", "ui:options": { "orderable": false }, + "ui:order": [ + "name", + "elementType", + "type", + "value", + ], "items": { "type": { "ui:widget": "radio", @@ -208,6 +215,9 @@ const schema = { "serviceProviderName": {}, "entityId": {}, "organization": {}, + "protocol": { + "ui:readonly": true, + }, "ui:disabled": false }; From 752e521a42144dc2ce612f302c8ef8e47223413d Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 30 Sep 2022 10:22:39 -0700 Subject: [PATCH 26/77] Moved module out of definition file --- ui/src/app/metadata/copy/CopySource.js | 2 +- .../source/definition/SourceDefinition.js | 31 ------------------ .../definition/SourceDefinition.test.js | 1 - .../domain/source/definition/sections.js | 32 +++++++++++++++++++ ui/src/app/metadata/hooks/schema.test.js | 2 -- 5 files changed, 33 insertions(+), 35 deletions(-) create mode 100644 ui/src/app/metadata/domain/source/definition/sections.js diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index 60e866d7e..2a7a6b183 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -9,7 +9,7 @@ import { Translate } from '../../i18n/components/translate'; import { EntityTypeahead } from './EntityTypeahead'; import kebabCase from 'lodash/kebabCase'; import { useMetadataSources } from '../hooks/api'; -import { useMetadataSourceSections } from '../domain/source/definition/SourceDefinition'; +import { useMetadataSourceSections } from '../domain/source/definition/sections'; export function CopySource({ copy, onNext }) { diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js index 69bdc156b..542dd83a4 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.js @@ -5,7 +5,6 @@ import defaultsDeep from 'lodash/defaultsDeep'; import {removeNull} from '../../../../core/utility/remove_null'; import { detailedDiff } from 'deep-object-diff'; import isNil from 'lodash/isNil'; -import { useMetadataSchemaContext } from '../../../hoc/MetadataSchema'; export const SourceBase = { @@ -521,33 +520,3 @@ export const SourceWizard = { ] } -export const sections = [ - { i18nKey: 'organizationInformation', property: 'organization' }, - { i18nKey: 'contacts', property: 'contacts' }, - { i18nKey: 'uiMduiInfo', property: 'mdui' }, - { i18nKey: 'spSsoDescriptorInfo', property: 'serviceProviderSsoDescriptor' }, - { i18nKey: 'logoutEndpoints', property: 'logoutEndpoints' }, - { i18nKey: 'securityDescriptorInfo', property: 'securityInfo' }, - { i18nKey: 'assertionConsumerServices', property: 'assertionConsumerServices' }, - { i18nKey: 'relyingPartyOverrides', property: 'relyingPartyOverrides' }, - { i18nKey: 'attributeRelease', property: 'attributeRelease' } -]; - -export function useMetadataSourceSections() { - const schema = useMetadataSchemaContext(); - - const keys = Object.keys(schema.properties); - const properties = sections.map((s) => s.property); - - const reduced = keys.reduce( - (collection, key) => { - if (properties.indexOf(key) > -1) { - collection.push(sections.find(s => s.property === key)); - } - return collection; - }, - [] - ); - - return reduced; -} \ No newline at end of file diff --git a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js index 51a3d3217..92801c052 100644 --- a/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js +++ b/ui/src/app/metadata/domain/source/definition/SourceDefinition.test.js @@ -1,5 +1,4 @@ import { SourceBase } from './SourceDefinition'; -jest.mock('../../metadata/hoc/MetadataSchema'); jest.mock('../../../../App.constant', () => ({ get API_BASE_PATH() { diff --git a/ui/src/app/metadata/domain/source/definition/sections.js b/ui/src/app/metadata/domain/source/definition/sections.js new file mode 100644 index 000000000..3746ccd61 --- /dev/null +++ b/ui/src/app/metadata/domain/source/definition/sections.js @@ -0,0 +1,32 @@ +import { useMetadataSchemaContext } from '../../../hoc/MetadataSchema'; + +export const sections = [ + { i18nKey: 'organizationInformation', property: 'organization' }, + { i18nKey: 'contacts', property: 'contacts' }, + { i18nKey: 'uiMduiInfo', property: 'mdui' }, + { i18nKey: 'spSsoDescriptorInfo', property: 'serviceProviderSsoDescriptor' }, + { i18nKey: 'logoutEndpoints', property: 'logoutEndpoints' }, + { i18nKey: 'securityDescriptorInfo', property: 'securityInfo' }, + { i18nKey: 'assertionConsumerServices', property: 'assertionConsumerServices' }, + { i18nKey: 'relyingPartyOverrides', property: 'relyingPartyOverrides' }, + { i18nKey: 'attributeRelease', property: 'attributeRelease' } +]; + +export function useMetadataSourceSections() { + const schema = useMetadataSchemaContext(); + + const keys = Object.keys(schema.properties); + const properties = sections.map((s) => s.property); + + const reduced = keys.reduce( + (collection, key) => { + if (properties.indexOf(key) > -1) { + collection.push(sections.find(s => s.property === key)); + } + return collection; + }, + [] + ); + + return reduced; +} \ No newline at end of file diff --git a/ui/src/app/metadata/hooks/schema.test.js b/ui/src/app/metadata/hooks/schema.test.js index cd881e6eb..b1d68e55a 100644 --- a/ui/src/app/metadata/hooks/schema.test.js +++ b/ui/src/app/metadata/hooks/schema.test.js @@ -15,8 +15,6 @@ jest.mock('../../App.constant', () => ({ } })); -jest.mock('../../metadata/hoc/MetadataSchema'); - describe('useUiSchema', () => { let realUseMemo; let useMemoMock; From 68666fec3185c0a441c388fd62fbd4e548fc765e Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 30 Sep 2022 13:59:22 -0700 Subject: [PATCH 27/77] Fixed tooltips, readonly field --- .../main/resources/i18n/messages.properties | 15 +- .../resources/metadata-sources-ui-schema.json | 546 ------------------ .../domain/source/component/SourceList.js | 2 +- .../source/definition/OidcSourceDefinition.js | 3 + .../wizard/MetadataSourceProtocolSelector.js | 8 +- 5 files changed, 17 insertions(+), 557 deletions(-) delete mode 100644 backend/src/main/resources/metadata-sources-ui-schema.json diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index bac168379..9abce2699 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -293,7 +293,7 @@ label.finish-summary-validation=Finished! label.select-entity-id-to-copy=Select the Entity ID to copy label.metadata-source-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) label.new-entity-id=New Entity ID -label.metadata-source-protocol=Identity Protocol +label.source-protocol=Authentication Protocol label.select-source-protocol=Select Protocol label.sections-to-copy=Sections to Copy? @@ -423,7 +423,7 @@ label.remove-empty-entities-descriptors=Remove Empty Entities Descriptors? label.select-metadata-provider-type=Select Metadata Provider Type label.select-metadata-filter-type=Select Metadata Filter Type -label.select-metadata-source-protocol=Select Metadata Source Protocol +label.select-source-protocol=Select Authentication Protocol label.filter-list=Filter List label.common-attributes=Common Attributes label.reloading-attributes=Reloading Attributes @@ -638,11 +638,11 @@ message.session-timeout-body=Your session has timed out. Please login again. message.session-timeout=An error has occurred while saving. Your session may have timed out. tooltip.entity-id=An entityID is the SAML identifier that uniquely names a service provider. -tooltip.service-provider-name=Service Provider Name (Dashboard Display Only) -tooltip.metadata-source-protocol=Identity Protocol +tooltip.service-provider-name=Used only in the Shibboleth IDP UI, this name is used to distinguish the service provider in the dashboard. +tooltip.source-protocol=Authentication Protocol to use for this Metadata Source. (SAML, OIDC, CAS, etc) tooltip.force-authn=Disallows use (or reuse) of authentication results and login flows that don\u0027t provide a real-time proof of user presence in the login process tooltip.ignore-request-signatures=Whether to skip validation of signatures on requests when dealing with badly broken or incompetently operated services -tooltip.service-provider-name-dashboard-display-only=Service Provider Name (Dashboard Display Only) +tooltip.service-provider-name-dashboard-display-only=Used only in the Shibboleth IDP UI, this name is used to distinguish the service provider in the dashboard. tooltip.service-provider-entity-id=Service Provider Entity ID tooltip.organization-name=Name of the organization standing up the entity. tooltip.organization-display-name=Name of the organization standing up the entity to be used for display purposes. @@ -662,7 +662,8 @@ tooltip.authentication-requests-signed=Whether to sign requests. Signing request tooltip.want-assertions-signed=Whether to sign assertions. Element declares that the service provider wants the element to be digitally signed. tooltip.certificate-name=Value used by the IDP UI to identify certificates. tooltip.certificate-type=Describes the use to which the credential will be put (as defined by the SAML standard) -tooltip.certificate=A certificate containing a public key to use to require and verify an XML signature over the resource. +tooltip.certificate=Value used for the key descriptor. (Certificate, ClientSecret, etc) +tooltip.key-descriptors=A certificate containing a public key to use to require and verify an XML signature over the resource. tooltip.logout-endpoints=If your SP supports SAML 2.0 Single Logout, you will need to include one or more endpoint elements in the metadata. tooltip.logout-endpoints-url=The location of the handler (when combined with the base handlerURL). This is the location to which an IdP sends messages using whatever protocol and binding it shares with the SP. Each combination of SLO protocol and binding is installed at a unique location to improve efficiency. tooltip.logout-endpoints-binding-type=Identifies the protocol binding supported by the handler. Bindings describe how the message is packaged by the IdP (or by the browser in some cases) for consumption by the handler. @@ -806,7 +807,9 @@ message.algorithms-unique=Each algorithm may only be used once. label.source-protocol=Authentication Protocol label.key-descriptors=Key Descriptors label.certificate-value=Value +tooltip.certificate-value=Value used for the key descriptor. (Certificate, ClientSecret, etc) label.element-type=Element Type +tooltip.element-type=Type of element used to contain the certificate in metadata. (x509, etc) label.oauth-rp-extensions=OAuth Relying Party Extensions label.post-logout-redirect-uris=Post Logout Redirect URIs diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json deleted file mode 100644 index 818304bfb..000000000 --- a/backend/src/main/resources/metadata-sources-ui-schema.json +++ /dev/null @@ -1,546 +0,0 @@ -{ - "type": "object", - "required": [ - "protocol", - "serviceProviderName", - "entityId" - ], - "properties": { - "protocol": { - "title": "label.metadata-source-protocol", - "description": "tooltip.metadata-source-protocol", - "type": "string", - "enum": [ - "OIDC", - "SAML" - ], - "enumNames": [ - "value.oidc", - "value.saml" - ] - }, - "serviceProviderName": { - "title": "label.service-provider-name", - "description": "tooltip.service-provider-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "entityId": { - "title": "label.entity-id", - "description": "tooltip.entity-id", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "serviceEnabled": { - "title": "label.enable-this-service", - "description": "tooltip.enable-this-service-upon-saving", - "type": "boolean" - }, - "organization": { - "$ref": "#/definitions/Organization" - }, - "contacts": { - "title": "label.contact-information", - "description": "tooltip.contact-information", - "type": "array", - "items": { - "$ref": "#/definitions/Contact" - } - }, - "mdui": { - "$ref": "#/definitions/MDUI" - }, - "securityInfo": { - "type": "object", - "dependencies": { - "authenticationRequestsSigned": { - "oneOf": [ - { - "properties": { - "authenticationRequestsSigned": { - "enum": [true] - }, - "x509Certificates": { - "minItems": 1 - } - } - }, - { - "properties": { - "authenticationRequestsSigned": { - "enum": [false] - }, - "x509Certificates": { - "minItems": 0 - } - } - } - ] - } - }, - "properties": { - "x509CertificateAvailable": { - "type": "boolean" - }, - "authenticationRequestsSigned": { - "title": "label.authentication-requests-signed", - "description": "tooltip.authentication-requests-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "wantAssertionsSigned": { - "title": "label.want-assertions-signed", - "description": "tooltip.want-assertions-signed", - "type": "boolean", - "enumNames": [ - "value.true", - "value.false" - ] - }, - "x509Certificates": { - "title": "label.x509-certificates", - "description": "tooltip.x509-certificates", - "type": "array", - "items": { - "$ref": "#/definitions/Certificate" - } - } - } - }, - "assertionConsumerServices": { - "title": "label.assertion-consumer-service-endpoints", - "description": "tooltip.assertion-consumer-service-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/AssertionConsumerService" - } - }, - "serviceProviderSsoDescriptor": { - "type": "object", - "properties": { - "protocolSupportEnum": { - "title": "label.protocol-support-enumeration", - "description": "tooltip.protocol-support-enumeration", - "type": "string", - "widget": { - "id": "select" - }, - "oneOf": [ - { - "enum": [ - "SAML 2" - ], - "description": "SAML 2" - }, - { - "enum": [ - "SAML 1.1" - ], - "description": "SAML 1.1" - }, - { - "enum": [ - "http://openid.net/specs/openid-connect-core-1_0.html" - ], - "description": "OIDC" - } - ] - }, - "nameIdFormats": { - "$ref": "#/definitions/nameIdFormats" - } - } - }, - "logoutEndpoints": { - "title": "label.logout-endpoints", - "description": "tooltip.logout-endpoints", - "type": "array", - "items": { - "$ref": "#/definitions/LogoutEndpoint" - } - }, - "relyingPartyOverrides": { - "type": "object", - "properties": {} - }, - "attributeRelease": { - "type": "array", - "title": "label.attribute-release", - "description": "Attribute release table - select the attributes you want to release (default unchecked)", - "items": { - "type": "string" - }, - "uniqueItems": true - } - }, - "definitions": { - "Contact": { - "type": "object", - "required": [ - "name", - "type", - "emailAddress" - ], - "properties": { - "name": { - "title": "label.contact-name", - "description": "tooltip.contact-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "type": { - "title": "label.contact-type", - "description": "tooltip.contact-type", - "type": "string", - "widget": "select", - "minLength": 1, - "oneOf": [ - { - "enum": [ - "support" - ], - "description": "value.support" - }, - { - "enum": [ - "technical" - ], - "description": "value.technical" - }, - { - "enum": [ - "administrative" - ], - "description": "value.administrative" - }, - { - "enum": [ - "other" - ], - "description": "value.other" - } - ] - }, - "emailAddress": { - "title": "label.contact-email-address", - "description": "tooltip.contact-email", - "type": "string", - "pattern": "^(mailto:)?(?=.{1,254}$)(?=.{1,64}@)[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+(\\.[-!#$%&'*+/0-9=?A-Z^_`a-z{|}~]+)*@[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?(\\.[A-Za-z0-9]([A-Za-z0-9-]{0,61}[A-Za-z0-9])?)*$", - "minLength": 1, - "maxLength": 255 - } - } - }, - "Certificate": { - "type": "object", - "required": [ - "type", - "value" - ], - "properties": { - "name": { - "title": "label.certificate-name-display-only", - "description": "tooltip.certificate-name", - "type": "string", - "maxLength": 255 - }, - "type": { - "title": "label.certificate-type", - "type": "string", - "widget": { - "id": "radio", - "class": "form-check-inline" - }, - "oneOf": [ - { - "enum": [ - "signing" - ], - "description": "value.signing" - }, - { - "enum": [ - "encryption" - ], - "description": "value.encryption" - }, - { - "enum": [ - "both" - ], - "description": "value.both" - } - ] - }, - "value": { - "title": "label.certificate", - "description": "tooltip.certificate", - "type": "string", - "widget": "textarea", - "minLength": 1 - } - } - }, - "AssertionConsumerService": { - "type": "object", - "required": [ - "locationUrl", - "binding" - ], - "properties": { - "locationUrl": { - "title": "label.assertion-consumer-service-location", - "description": "tooltip.assertion-consumer-service-location", - "type": "string", - "widget": { - "id": "string", - "help": "message.valid-url" - }, - "minLength": 1, - "maxLength": 255 - }, - "binding": { - "title": "label.assertion-consumer-service-location-binding", - "description": "tooltip.assertion-consumer-service-location-binding", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:browser-post" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - ], - "description": "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" - }, - { - "enum": [ - "https://tools.ietf.org/html/rfc6749#section-3.1.2" - ], - "description": "OIDC / OAUTH Binding" - } - ] - }, - "makeDefault": { - "title": "label.mark-as-default", - "description": "tooltip.mark-as-default", - "type": "boolean" - } - } - }, - "LogoutEndpoint": { - "description": "tooltip.new-endpoint", - "type": "object", - "fieldsets": [ - { - "fields": [ - "url", - "bindingType" - ] - } - ], - "required": [ - "url", - "bindingType" - ], - "properties": { - "url": { - "title": "label.url", - "description": "tooltip.url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "bindingType": { - "title": "label.binding-type", - "description": "tooltip.binding-type", - "type": "string", - "widget": "select", - "oneOf": [ - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" - }, - { - "enum": [ - "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - ], - "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" - } - ] - } - } - }, - "MDUI": { - "type": "object", - "widget": { - "id": "fieldset" - }, - "fieldsets": [ - { - "type": "group", - "fields": [ - "displayName", - "informationUrl", - "description" - ] - }, - { - "type": "group", - "fields": [ - "privacyStatementUrl", - "logoUrl", - "logoWidth", - "logoHeight" - ] - } - ], - "properties": { - "displayName": { - "title": "label.display-name", - "description": "tooltip.mdui-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "informationUrl": { - "title": "label.information-url", - "description": "tooltip.mdui-information-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "privacyStatementUrl": { - "title": "label.privacy-statement-url", - "description": "tooltip.mdui-privacy-statement-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "description": { - "title": "label.description", - "description": "tooltip.mdui-description", - "type": "string", - "widget": { - "id": "textarea" - }, - "minLength": 1, - "maxLength": 255 - }, - "logoUrl": { - "title": "label.logo-url", - "description": "tooltip.mdui-logo-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "logoHeight": { - "title": "label.logo-height", - "description": "tooltip.mdui-logo-height", - "minimum": 0, - "type": "integer" - }, - "logoWidth": { - "title": "label.logo-width", - "description": "tooltip.mdui-logo-width", - "minimum": 0, - "type": "integer" - } - } - }, - "Organization": { - "type": "object", - "properties": { - "name": { - "title": "label.organization-name", - "description": "tooltip.organization-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "displayName": { - "title": "label.organization-display-name", - "description": "tooltip.organization-display-name", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "url": { - "title": "label.organization-url", - "description": "tooltip.organization-url", - "type": "string", - "minLength": 1, - "maxLength": 255 - } - }, - "dependencies": { - "name": { - "required": [ - "displayName", - "url" - ] - }, - "displayName": { - "required": [ - "name", - "url" - ] - }, - "url": { - "required": [ - "name", - "displayName" - ] - } - } - } - } -} \ No newline at end of file diff --git a/ui/src/app/metadata/domain/source/component/SourceList.js b/ui/src/app/metadata/domain/source/component/SourceList.js index d462528a1..671c08a0b 100644 --- a/ui/src/app/metadata/domain/source/component/SourceList.js +++ b/ui/src/app/metadata/domain/source/component/SourceList.js @@ -32,7 +32,7 @@ export default function SourceList({ entities, onDelete, onEnable, onChangeGroup Title Entity ID - Protocol + Protocol Author Created Date Enabled diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js index 15d4bc257..bcc19dad9 100644 --- a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -11,6 +11,9 @@ export const OidcSourceBase = defaultsDeep({ export const OidcSourceEditor = defaultsDeep({ ...SourceEditor, uiSchema: defaultsDeep({ + protocol: { + 'ui:readonly': true + }, serviceProviderSsoDescriptor: { ...SourceBase.uiSchema.serviceProviderSsoDescriptor, layout: { diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index c273b8df3..d95cadef1 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -94,14 +94,14 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) - + {loading && } - + - + {types.map(t => )} @@ -111,7 +111,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) - + Date: Fri, 30 Sep 2022 15:45:47 -0700 Subject: [PATCH 28/77] SHIBUI-2409 Fixing clientSecretRef between front and backend --- .../frontend/KeyDescriptorRepresentation.java | 2 +- .../JPAEntityDescriptorServiceImpl.java | 2 +- .../util/EntityDescriptorConversionUtils.java | 6 +- .../EntityDescriptorControllerTests.groovy | 58 +++++++++---------- .../test/resources/json/SHIBUI-2380-1.json | 6 ++ 5 files changed, 38 insertions(+), 36 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java index aa6c564ea..b81a65b24 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/KeyDescriptorRepresentation.java @@ -16,6 +16,6 @@ public class KeyDescriptorRepresentation implements Serializable { private ElementType elementType; public enum ElementType { - jwksData, jwksUri, clientSecret, clientSecretKeyReference, X509Data, unsupported + jwksData, jwksUri, clientSecret, clientSecretRef, X509Data, unsupported } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 4a54c7543..4973ca110 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -543,7 +543,7 @@ private KeyDescriptorRepresentation.ElementType determineKeyInfoType(KeyInfo key case "ClientSecret": return KeyDescriptorRepresentation.ElementType.clientSecret; case "ClientSecretKeyReference": - return KeyDescriptorRepresentation.ElementType.clientSecretKeyReference; + return KeyDescriptorRepresentation.ElementType.clientSecretRef; case "JwksData": return KeyDescriptorRepresentation.ElementType.jwksData; case "JwksUri": diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index 7a32ff156..1a44ba44d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -1,6 +1,5 @@ package edu.internet2.tier.shibboleth.admin.util; -import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.base.Strings; import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService; import edu.internet2.tier.shibboleth.admin.ui.domain.Audience; @@ -51,12 +50,10 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.PostLogoutRedirectUriBuilder; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.RequestUri; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.RequestUriBuilder; -import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.service.EntityService; import lombok.NonNull; import lombok.Setter; -import org.opensaml.core.xml.XMLObject; import org.opensaml.xmlsec.signature.KeyInfo; import org.opensaml.xmlsec.signature.X509Certificate; import org.opensaml.xmlsec.signature.X509Data; @@ -66,7 +63,6 @@ import java.lang.reflect.Field; import java.util.ArrayList; import java.util.Arrays; -import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Optional; @@ -120,7 +116,7 @@ public static KeyDescriptor createKeyDescriptor(String name, String usageType, S xmlObject.setValue(value); keyInfo.getXMLObjects().add(xmlObject); break; - case clientSecretKeyReference: + case clientSecretRef: xmlObject = openSamlObjects.buildDefaultInstanceOfType(ClientSecretKeyReference.class); xmlObject.setValue(value); keyInfo.getXMLObjects().add(xmlObject); diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index a8eda4349..7c9ee1537 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -717,35 +717,35 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { then: result.andExpect(status().isCreated()) - .andExpect(content().contentType(APPLICATION_JSON)) - .andExpect(jsonPath("\$.entityId").value("mockSamlClientId2")) - .andExpect(jsonPath("\$.serviceEnabled").value(false)) - .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) - .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) - .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseEnc").value("A256GCM")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.applicationType").value("web")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseEnc").value("A192GCM")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoSignedResponseAlg").value("RS384")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseAlg").value("A192KW")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.grantTypes").value("authorization_code")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareId").value("mockSoftwareId")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectEncryptionEnc").value("A128GCM")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.initiateLoginUri").value("https://example.org/initiateLogin")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectSigningAlg").value("RS256")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.scopes").value("openid profile")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseAlg").value("A256KW")) - .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareVersion").value("mockSoftwareVersion")) - .andExpect(jsonPath(shortNameToOAuth + "postLogoutRedirectUris[0]").value("https://example.org/postLogout")) - .andExpect(jsonPath(shortNameToOAuth + "requestUris[0]").value("https://example.org/request")) - .andExpect(jsonPath(shortNameToOAuth + "defaultAcrValues").isArray()) - .andExpect(jsonPath(shortNameToOAuth + "attributes.requireAuthTime").value(Boolean.FALSE)) - .andExpect(jsonPath(shortNameToOAuth + "attributes.defaultMaxAge").value(Integer.valueOf(0))) + .andExpect(content().contentType(APPLICATION_JSON)) + .andExpect(jsonPath("\$.entityId").value("mockSamlClientId2")) + .andExpect(jsonPath("\$.serviceEnabled").value(false)) + .andExpect(jsonPath("\$.idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html")) + .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseEnc").value("A256GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.applicationType").value("web")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseEnc").value("A192GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoSignedResponseAlg").value("RS384")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.userInfoEncryptedResponseAlg").value("A192KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.grantTypes").value("authorization_code")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareId").value("mockSoftwareId")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectEncryptionEnc").value("A128GCM")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.initiateLoginUri").value("https://example.org/initiateLogin")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.tokenEndpointAuthMethod").value("client_secret_basic")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requestObjectSigningAlg").value("RS256")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.scopes").value("openid profile")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.idTokenEncryptedResponseAlg").value("A256KW")) + .andExpect(jsonPath(shortNameToOAuth + "attributes.softwareVersion").value("mockSoftwareVersion")) + .andExpect(jsonPath(shortNameToOAuth + "postLogoutRedirectUris[0]").value("https://example.org/postLogout")) + .andExpect(jsonPath(shortNameToOAuth + "requestUris[0]").value("https://example.org/request")) + .andExpect(jsonPath(shortNameToOAuth + "defaultAcrValues").isArray()) + .andExpect(jsonPath(shortNameToOAuth + "attributes.requireAuthTime").value(Boolean.FALSE)) + .andExpect(jsonPath(shortNameToOAuth + "attributes.defaultMaxAge").value(Integer.valueOf(0))) } @WithMockAdmin diff --git a/backend/src/test/resources/json/SHIBUI-2380-1.json b/backend/src/test/resources/json/SHIBUI-2380-1.json index 833ca5bff..29a3a8e69 100644 --- a/backend/src/test/resources/json/SHIBUI-2380-1.json +++ b/backend/src/test/resources/json/SHIBUI-2380-1.json @@ -41,6 +41,12 @@ "value": "mockClientSecretValue", "type": "both", "elementType": "clientSecret" + }, + { + "value": "mockClientSecretValue", + "name": "mockClientSecretKeyReference", + "type": "both", + "elementType": "clientSecretRef" } ] }, From e0b16d642f1c0f6c2e354c0917d3a81dac9341c7 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 3 Oct 2022 14:51:14 -0700 Subject: [PATCH 29/77] Fixed message --- backend/src/main/resources/i18n/messages.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 9abce2699..5e578d7ea 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -819,7 +819,7 @@ tooltip.default-acr-values=Each value is defined in an extension element. label.request-uris=Request URIs tooltip.request-uris=Each value is defined in an extension element. label.audience=Audience -tooltip.audience=Each value is defined in an extension element (the element itself is a standard SAML element imported from the Assertion schema).The audience claim is not drawn from any standard, but an extension supported by Shibboleth to control/validate the “resource” parameter used in various OAuth protocol extensions, particularly in the client_credentials grant flow. +tooltip.audience=Each value is defined in an extension element (the element itself is a standard SAML element imported from the Assertion schema).The audience claim is not drawn from any standard, but an extension supported by Shibboleth to control/validate the resource parameter used in various OAuth protocol extensions, particularly in the client_credentials grant flow. label.client-uri=Client URI tooltip.client-uri=OPTIONAL. URL of the home page of the Client. The value of this field MUST point to a valid Web page. From 86012a7ee3f9d28824b2ce03872ec0c6f02220f4 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 3 Oct 2022 15:38:08 -0700 Subject: [PATCH 30/77] Fixed protocol for copy --- ui/src/app/metadata/copy/CopySource.js | 4 ++++ ui/src/app/metadata/copy/SaveCopy.js | 8 +++++++- ui/src/app/metadata/hoc/MetadataSelector.js | 1 - ui/src/app/metadata/view/MetadataCopy.js | 2 +- 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index 2a7a6b183..0fc9d953d 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -47,6 +47,8 @@ export function CopySource({ copy, onNext }) { const target = watch('target'); + const form = watch(); + const { errors, isValid } = formState; React.useEffect(() => { @@ -57,6 +59,8 @@ export function CopySource({ copy, onNext }) { const sections = useMetadataSourceSections(); + React.useEffect(() => console.log(form), [form]); + return ( <>
diff --git a/ui/src/app/metadata/copy/SaveCopy.js b/ui/src/app/metadata/copy/SaveCopy.js index 9381d662a..423f3040f 100644 --- a/ui/src/app/metadata/copy/SaveCopy.js +++ b/ui/src/app/metadata/copy/SaveCopy.js @@ -12,11 +12,16 @@ import { MetadataConfiguration } from '../component/MetadataConfiguration'; import Translate from '../../i18n/components/translate'; export function useCopiedModel (copy) { + const { properties, target, serviceProviderName, entityId } = copy; - const copied = removeNull(properties.reduce((c, section) => ({ ...c, ...{ [section]: target[section] } }), {})); + const { protocol } = target; + + let copied = removeNull(properties.reduce((c, section) => ({ ...c, ...{ [section]: target[section] } }), {})); + const model = { serviceProviderName, entityId, + protocol, ...copied }; return model; @@ -31,6 +36,7 @@ export function SaveCopy ({ copy, saving, onSave, onBack }) { const schema = React.useContext(MetadataSchemaContext); const model = useCopiedModel(copy); + const configuration = useCopiedConfiguration(model, schema, definition); const { handleSubmit } = useForm({ diff --git a/ui/src/app/metadata/hoc/MetadataSelector.js b/ui/src/app/metadata/hoc/MetadataSelector.js index 54a49d4df..5518cd7cd 100644 --- a/ui/src/app/metadata/hoc/MetadataSelector.js +++ b/ui/src/app/metadata/hoc/MetadataSelector.js @@ -39,7 +39,6 @@ export function MetadataSelector({ children, ...props }) { function reload() { setLoading(true); loadMetadata(id); - } React.useEffect(() => reload(), [id]); diff --git a/ui/src/app/metadata/view/MetadataCopy.js b/ui/src/app/metadata/view/MetadataCopy.js index 5a529387d..29df9ef3b 100644 --- a/ui/src/app/metadata/view/MetadataCopy.js +++ b/ui/src/app/metadata/view/MetadataCopy.js @@ -47,7 +47,7 @@ export function MetadataCopy ({ onShowNav }) { return ( {!confirm && - + } {confirm && copy && From 904c61103966d437168c597acf1027ce4f34929b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 4 Oct 2022 11:50:41 -0700 Subject: [PATCH 31/77] SHIBUI-2380/2410 Fixing copy issues --- .../admin/ui/service/JPAEntityDescriptorServiceImpl.java | 5 ++++- .../admin/util/EntityDescriptorConversionUtils.java | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 4973ca110..b2b264a7a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -99,7 +99,7 @@ private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescripto setupLogout(ed, representation); setupRelyingPartyOverrides(ed, representation); - if (ed.getProtocol() == EntityDescriptorProtocol.OIDC) { + if (ed.getProtocol() == EntityDescriptorProtocol.OIDC && ed.getSPSSODescriptor("") != null) { ed.getSPSSODescriptor("").addSupportedProtocol("http://openid.net/specs/openid-connect-core-1_0.html"); } //Let envers recognize update revision type for EntityDescriptor type @@ -114,6 +114,9 @@ private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescripto */ private Map buildOAuthRPExtensionsMap(EntityDescriptor ed) { HashMap result = new HashMap<>(); + if (!ed.getSPSSODescriptor("").getOptionalExtensions().isPresent()) { + return result; + } for(XMLObject extension : ed.getSPSSODescriptor("").getExtensions().getOrderedChildren()) { if (extension.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)){ OAuthRPExtensions oAuthRPExtensions = (OAuthRPExtensions) extension; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java index 1a44ba44d..c9386399b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java @@ -331,7 +331,7 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep SPSSODescriptor spssoDescriptor = getSPSSODescriptorFromEntityDescriptor(ed); spssoDescriptor.setSupportedProtocols(new ArrayList<>()); - if (!Strings.isNullOrEmpty(representation.getServiceProviderSsoDescriptor().getProtocolSupportEnum())) { + if (representation.getServiceProviderSsoDescriptor() != null && !Strings.isNullOrEmpty(representation.getServiceProviderSsoDescriptor().getProtocolSupportEnum())) { spssoDescriptor.setSupportedProtocols( Arrays.stream(representation.getServiceProviderSsoDescriptor().getProtocolSupportEnum().split(",")).map(p -> MDDCConstants.PROTOCOL_BINDINGS.get(p.trim())).collect(Collectors.toList()) ); @@ -347,7 +347,7 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep } // Setup Extensions - if (representation.getProtocol() == EntityDescriptorProtocol.OIDC) { + if (representation.getProtocol() == EntityDescriptorProtocol.OIDC && representation.getServiceProviderSsoDescriptor(false) != null) { spssoDescriptor.setExtensions(buildOAuthRPExtensionsFromRepresentation(representation.getServiceProviderSsoDescriptor(false))); } } else { From 06d49eb27040e1295a7a692c29cfff272e5413cf Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 4 Oct 2022 13:00:39 -0700 Subject: [PATCH 32/77] SHIBUI-2380/2411 Fixing audience issues --- .../resources/metadata-sources-ui-schema-oidc.json | 2 +- .../assets/schema/source/metadata-source-oidc.json | 2 +- .../domain/source/definition/OidcSourceDefinition.js | 10 ++++------ 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index 109742cd5..a98bfc55d 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -152,7 +152,7 @@ "type": "string" } }, - "audience": { + "audiences": { "title": "label.audience", "description": "tooltip.audience", "type": "array", diff --git a/ui/public/assets/schema/source/metadata-source-oidc.json b/ui/public/assets/schema/source/metadata-source-oidc.json index d8be99ec6..6714441fe 100644 --- a/ui/public/assets/schema/source/metadata-source-oidc.json +++ b/ui/public/assets/schema/source/metadata-source-oidc.json @@ -136,7 +136,7 @@ "type": "string" } }, - "audience": { + "audiences": { "title": "label.audience", "description": "tooltip.audience", "type": "array", diff --git a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js index bcc19dad9..11192fe18 100644 --- a/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js +++ b/ui/src/app/metadata/domain/source/definition/OidcSourceDefinition.js @@ -53,7 +53,7 @@ export const OidcSourceEditor = defaultsDeep({ 'postLogoutRedirectUris', 'defaultAcrValues', 'requestUris', - 'audience' + 'audiences' ], }, ] @@ -73,7 +73,7 @@ export const OidcSourceEditor = defaultsDeep({ orderable: false }, }, - audience: { + audiences: { "ui:options": { orderable: false }, @@ -126,7 +126,7 @@ export const OidcSourceWizard = defaultsDeep({ 'postLogoutRedirectUris', 'defaultAcrValues', 'requestUris', - 'audience' + 'audiences' ], }, ] @@ -146,7 +146,7 @@ export const OidcSourceWizard = defaultsDeep({ orderable: false }, }, - audience: { + audiences: { "ui:options": { orderable: false }, @@ -156,5 +156,3 @@ export const OidcSourceWizard = defaultsDeep({ } }, SourceBase.uiSchema) }, OidcSourceBase); - - From f5bf0d82ca9716180488d08f6f7251afc45e3aac Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 5 Oct 2022 11:36:00 -0700 Subject: [PATCH 33/77] Fixed spelling issue --- backend/src/main/resources/i18n/messages.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 5e578d7ea..d8146c9b9 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -847,7 +847,7 @@ label.grant-types=Grant Types tooltip.grant-types=OPTIONAL. JSON array containing a list of the OAuth 2.0 Grant Types that the Client is declaring that it will restrict itself to using. label.software-id=Software ID tooltip.software-id=Unique identifier of software. -label.request-object-encryption-enc=Requse Object Encryption Encoding +label.request-object-encryption-enc=Request Object Encryption Encoding tooltip.request-object-encryption-enc=OPTIONAL. JWE enc algorithm [JWA] the RP is declaring that it may use for encrypting Request Objects sent to the OP. label.initiate-login-uri=Initiate Login URI tooltip.initiate-login-uri=OPTIONAL. URI using the https scheme that a third party can use to initiate a login by the RP From 8e5ab06b6cd903a5aadb0d35748bb24a13014419 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 6 Oct 2022 15:32:55 -0700 Subject: [PATCH 34/77] SHIBUI-2380 adding in support for OIDC specific relying overrides --- .../MetadataSourcesUiDefinitionController.groovy | 4 ++-- .../ui/service/JsonSchemaBuilderService.groovy | 15 +++++++++++++-- .../domain/CustomEntityAttributeDefinition.java | 4 +++- .../ui/domain/IRelyingPartyOverrideProperty.java | 8 ++++++-- .../ui/domain/RelyingPartyOverrideProperty.java | 7 ++++++- 5 files changed, 30 insertions(+), 8 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy index 60cd362cf..a2b13e8e1 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy @@ -53,8 +53,8 @@ class MetadataSourcesUiDefinitionController { def parsedJson = jacksonObjectMapper.readValue(url, Map) jsonSchemaBuilderService.hideServiceEnabledFromNonAdmins(parsedJson) jsonSchemaBuilderService.addReleaseAttributesToJson(parsedJson['properties']['attributeRelease']['items']) - jsonSchemaBuilderService.addRelyingPartyOverridesToJson(parsedJson['properties']['relyingPartyOverrides']) - jsonSchemaBuilderService.addRelyingPartyOverridesCollectionDefinitionsToJson(parsedJson["definitions"]) + jsonSchemaBuilderService.addRelyingPartyOverridesToJson(parsedJson['properties']['relyingPartyOverrides'], protocol.toLowerCase()) + jsonSchemaBuilderService.addRelyingPartyOverridesCollectionDefinitionsToJson(parsedJson["definitions"], protocol.toLowerCase()) return ResponseEntity.ok(parsedJson) } catch (IOException e) { diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy index 5109ee46c..d5084e21a 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy @@ -42,8 +42,15 @@ class JsonSchemaBuilderService { } void addRelyingPartyOverridesToJson(Object json) { + addRelyingPartyOverridesToJson(json, "saml") + } + + void addRelyingPartyOverridesToJson(Object json, String protocol) { def properties = [:] - customPropertiesConfiguration.getOverrides().each { + customPropertiesConfiguration.getOverrides().stream().filter { + it -> it.protocol.contains(protocol) + }.each { + if (it.protocol) def property if (it['displayType'] == 'list' || it['displayType'] == 'set' || it['displayType'] == 'selection_list') { property = [$ref: '#/definitions/' + it['name']] @@ -61,8 +68,12 @@ class JsonSchemaBuilderService { } void addRelyingPartyOverridesCollectionDefinitionsToJson(Object json) { + addRelyingPartyOverridesCollectionDefinitionsToJson(json, "saml") + } + + void addRelyingPartyOverridesCollectionDefinitionsToJson(Object json, String protocol) { customPropertiesConfiguration.getOverrides().stream().filter { - it -> it['displayType'] && (it['displayType'] == 'list' || it['displayType'] == 'set' || it['displayType'] == 'selection_list') + it -> it.protocol.contains(protocol) && it['displayType'] && (it['displayType'] == 'list' || it['displayType'] == 'set' || it['displayType'] == 'selection_list') }.each { def definition = [title : it['displayName'], description: it['helpText'], diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java index 6e7ced3e2..2c5c7e360 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java @@ -65,7 +65,9 @@ public class CustomEntityAttributeDefinition implements IRelyingPartyOverridePro @Id @Column(name = "resource_id", nullable = false) String resourceId = UUID.randomUUID().toString(); - + + String protocol = "saml"; + @Override public Set getDefaultValues() { return customAttrListDefinitions; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/IRelyingPartyOverrideProperty.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/IRelyingPartyOverrideProperty.java index 076fce7dd..989f2d7cd 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/IRelyingPartyOverrideProperty.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/IRelyingPartyOverrideProperty.java @@ -32,7 +32,9 @@ public interface IRelyingPartyOverrideProperty { public String getPersistType(); public String getPersistValue(); - + + public String getProtocol(); + /** * When the override actually is used in the UI, the "type" list is fairly limited, so each implementing class * should adjust the real value so the UI gets a value it expects. For actual file configured overrides, this @@ -61,4 +63,6 @@ public interface IRelyingPartyOverrideProperty { public void setPersistType(String persistType); public void setPersistValue(String persistValue); -} + + public void setProtocol(String protocol); +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java index 9c75bd382..622b50f69 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java @@ -27,6 +27,7 @@ public class RelyingPartyOverrideProperty implements IRelyingPartyOverrideProper private String name; private String persistType; private String persistValue; + private String protocol = "saml"; @Override public Boolean getFromConfigFile() { @@ -43,7 +44,11 @@ public CustomAttributeType getAttributeType() { return CustomAttributeType.valueOf(displayType.toUpperCase()); } } - + + public String getProtocol() { + return protocol == null ? "saml" : protocol; + } + public String getTypeForUI() { return getDisplayType(); } From 46b686b04922122f58034bec9411e50a28e39574 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 7 Oct 2022 10:20:41 -0700 Subject: [PATCH 35/77] SHIBUI-2380 fix for integration testing --- backend/build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/build.gradle b/backend/build.gradle index b0c823d47..506df6553 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -212,6 +212,7 @@ dependencies { integrationTestCompile platform("org.spockframework:spock-bom:2.1-groovy-3.0") integrationTestCompile "org.spockframework:spock-core" integrationTestCompile "org.spockframework:spock-spring" + integrationTestRuntime "net.shibboleth.oidc:oidc-common-saml-api:${project.'shibOIDCVersion'}" // CSV file support compile 'com.opencsv:opencsv:4.4', { From 01450046200e2937fdc1021e157115c8e74447c1 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 7 Oct 2022 10:41:06 -0700 Subject: [PATCH 36/77] SHIBUI-2380 changing default for existing relying overrides to be either oidc or saml --- .../admin/ui/domain/RelyingPartyOverrideProperty.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java index 622b50f69..c76455f23 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java @@ -27,7 +27,7 @@ public class RelyingPartyOverrideProperty implements IRelyingPartyOverrideProper private String name; private String persistType; private String persistValue; - private String protocol = "saml"; + private String protocol = "saml, oidc"; @Override public Boolean getFromConfigFile() { @@ -46,7 +46,7 @@ public CustomAttributeType getAttributeType() { } public String getProtocol() { - return protocol == null ? "saml" : protocol; + return protocol == null ? "saml, oidc" : protocol; } public String getTypeForUI() { From 6dff6c818747e600d14998bf2c92750a5e0c7a31 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Fri, 7 Oct 2022 12:08:16 -0700 Subject: [PATCH 37/77] SHIBUI-2380 fixing NPE issue --- .../admin/ui/service/JsonSchemaBuilderService.groovy | 4 ++-- .../admin/ui/domain/CustomEntityAttributeDefinition.java | 8 +++++++- .../admin/ui/domain/RelyingPartyOverrideProperty.java | 1 + 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy index d5084e21a..0ed02bc47 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy @@ -48,7 +48,7 @@ class JsonSchemaBuilderService { void addRelyingPartyOverridesToJson(Object json, String protocol) { def properties = [:] customPropertiesConfiguration.getOverrides().stream().filter { - it -> it.protocol.contains(protocol) + it -> it.getProtocol().contains(protocol) }.each { if (it.protocol) def property @@ -73,7 +73,7 @@ class JsonSchemaBuilderService { void addRelyingPartyOverridesCollectionDefinitionsToJson(Object json, String protocol) { customPropertiesConfiguration.getOverrides().stream().filter { - it -> it.protocol.contains(protocol) && it['displayType'] && (it['displayType'] == 'list' || it['displayType'] == 'set' || it['displayType'] == 'selection_list') + it -> it.getProtocol().contains(protocol) && it['displayType'] && (it['displayType'] == 'list' || it['displayType'] == 'set' || it['displayType'] == 'selection_list') }.each { def definition = [title : it['displayName'], description: it['helpText'], diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java index 2c5c7e360..0a7d2c3c7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java @@ -12,6 +12,7 @@ import javax.persistence.JoinColumn; import javax.persistence.Transient; +import liquibase.pro.packaged.O; import org.apache.commons.lang3.StringUtils; import org.hibernate.annotations.Fetch; import org.hibernate.annotations.FetchMode; @@ -94,7 +95,12 @@ public String getTypeForUI() { return "string"; } } - + + @Override + public String getProtocol() { + return protocol == null ? "saml, oidc" : protocol; + } + @Override public void setDefaultValues(Set defaultValues) { // This is here to comply with the interface only and should not be used to change the set of values in this implementation diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java index c76455f23..b896f2352 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java @@ -45,6 +45,7 @@ public CustomAttributeType getAttributeType() { } } + @Override public String getProtocol() { return protocol == null ? "saml, oidc" : protocol; } From b2493ce6a8e08fd2ee60ecb660d5100f7c2e2b55 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Sun, 9 Oct 2022 17:05:11 -0400 Subject: [PATCH 38/77] SHIBUI-2380 Added CRUD test for OIDC metadata sources. --- .../admin/ui/SeleniumSIDETest.groovy | 1 + .../integration/resources/SHIBUI-2380.side | 1044 +++++++++++++++++ 2 files changed, 1045 insertions(+) create mode 100644 backend/src/integration/resources/SHIBUI-2380.side diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 4a903610e..0f499c744 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -161,5 +161,6 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-2270: Verify full property set' | '/SHIBUI-2270-2.side' 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' + 'SHIBUI-2380: OIDC metadata source CRUD' | '/SHIBUI-2380.side' } } diff --git a/backend/src/integration/resources/SHIBUI-2380.side b/backend/src/integration/resources/SHIBUI-2380.side new file mode 100644 index 000000000..0cb6b42ad --- /dev/null +++ b/backend/src/integration/resources/SHIBUI-2380.side @@ -0,0 +1,1044 @@ +{ + "id": "1b31a551-eb09-4bd4-8db9-694bf1539a46", + "version": "2.0", + "name": "SHIBUI-2380", + "url": "http://localhost:10101", + "tests": [{ + "id": "841ade0e-83bd-4a4b-94f2-de6bd5c536b2", + "name": "SHIBUI-2380", + "commands": [{ + "id": "d6b23986-6d14-4b10-be7b-a7e6f576e3b2", + "comment": "", + "command": "open", + "target": "/login", + "targets": [], + "value": "" + }, { + "id": "f77ecd77-01c2-4463-944e-1a69600f5297", + "comment": "", + "command": "type", + "target": "name=username", + "targets": [ + ["name=username", "name"], + ["css=tr:nth-child(1) input", "css:finder"], + ["xpath=//input[@name='username']", "xpath:attributes"], + ["xpath=//input", "xpath:position"] + ], + "value": "admin" + }, { + "id": "c9bf0a22-faa9-494c-b2ed-6c9653248551", + "comment": "", + "command": "type", + "target": "name=password", + "targets": [ + ["name=password", "name"], + ["css=tr:nth-child(2) input", "css:finder"], + ["xpath=//input[@name='password']", "xpath:attributes"], + ["xpath=//tr[2]/td[2]/input", "xpath:position"] + ], + "value": "adminpass" + }, { + "id": "7ab1d854-3582-4101-bd19-f94b8f438090", + "comment": "", + "command": "sendKeys", + "target": "name=password", + "targets": [ + ["name=password", "name"], + ["css=tr:nth-child(2) input", "css:finder"], + ["xpath=//input[@name='password']", "xpath:attributes"], + ["xpath=//tr[2]/td[2]/input", "xpath:position"] + ], + "value": "${KEY_ENTER}" + }, { + "id": "4059cae7-b9f9-49d0-a213-343bcaba66d1", + "comment": "", + "command": "waitForElementVisible", + "target": "id=metadata-nav-dropdown-toggle", + "targets": [], + "value": "30000" + }, { + "id": "f03af8d5-5875-4a2c-b93a-c3ddcbd4b16a", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "081f495b-4d84-4758-824c-1e85b6311e7f", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }, { + "id": "9e912dd5-6ace-45be-bafd-2d1655906575", + "comment": "", + "command": "open", + "target": "/", + "targets": [], + "value": "" + }, { + "id": "ad3811ad-f95b-4cca-a5d9-63a10063a652", + "comment": "", + "command": "click", + "target": "id=metadata-nav-dropdown-toggle", + "targets": [ + ["id=metadata-nav-dropdown-toggle", "id"], + ["css=#metadata-nav-dropdown-toggle", "css:finder"], + ["xpath=//button[@id='metadata-nav-dropdown-toggle']", "xpath:attributes"], + ["xpath=//div[@id='metadata-nav-dropdown']/button", "xpath:idRelative"], + ["xpath=//div[2]/button", "xpath:position"], + ["xpath=//button[contains(.,'Add New')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "1caf8be6-a4d9-4b3b-ace1-0f76d3600d62", + "comment": "", + "command": "click", + "target": "id=metadata-nav-dropdown-source", + "targets": [ + ["id=metadata-nav-dropdown-source", "id"], + ["linkText=Add a new metadata source", "linkText"], + ["css=#metadata-nav-dropdown-source", "css:finder"], + ["xpath=//a[contains(text(),'Add a new metadata source')]", "xpath:link"], + ["xpath=//a[@id='metadata-nav-dropdown-source']", "xpath:attributes"], + ["xpath=//div[@id='metadata-nav-dropdown']/div/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/source/new')]", "xpath:href"], + ["xpath=//div[2]/div/a", "xpath:position"], + ["xpath=//a[contains(.,'Add a new metadata source')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "218e51fd-49e6-400b-9d7f-61bcd8e0c074", + "comment": "", + "command": "click", + "target": "name=serviceProviderName", + "targets": [ + ["name=serviceProviderName", "name"], + ["css=.mb-3:nth-child(2) > .form-control", "css:finder"], + ["xpath=//input[@name='serviceProviderName']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div[2]/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] + ], + "value": "" + }, { + "id": "9ee43e46-ab9e-46b1-8eb2-9718fb98bda2", + "comment": "", + "command": "type", + "target": "name=serviceProviderName", + "targets": [ + ["id=field1", "id"], + ["name=field1", "name"], + ["css=#field1", "css:finder"], + ["xpath=//input[@id='field1']", "xpath:attributes"], + ["xpath=//input", "xpath:position"] + ], + "value": "Test Provider" + }, { + "id": "7fe7298b-275c-4797-8d1b-f4547b63eb02", + "comment": "", + "command": "type", + "target": "name=entityId", + "targets": [ + ["id=root_entityId", "id"], + ["css=#root_entityId", "css:finder"], + ["xpath=//input[@id='root_entityId']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/div/form/div/div/div/div/div/div[2]/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/input", "xpath:position"] + ], + "value": "test-1234" + }, { + "id": "fbdc7e0b-0356-429e-a433-ecf95954cdea", + "comment": "", + "command": "click", + "target": "name=protocol", + "targets": [ + ["name=protocol", "name"], + ["css=.form-select", "css:finder"], + ["xpath=//select[@name='protocol']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/select", "xpath:idRelative"], + ["xpath=//select", "xpath:position"] + ], + "value": "" + }, { + "id": "51b41578-40ee-4c3d-a7ec-c1aa1f9ceb9c", + "comment": "", + "command": "select", + "target": "name=protocol", + "targets": [], + "value": "label=OIDC (OpenID Connect)" + }, { + "id": "ff9d3663-b4f2-4ede-a7db-0fa730087424", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/nav/ul/li[2]/button/span", "xpath:idRelative"], + ["xpath=//li[2]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'2. Common Attributes')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "403d713e-614a-4ff0-ba2e-bdd26495562a", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'3. User Interface / MDUI Information')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "aa4e4fc0-375f-4f7c-9edf-c50fe0731f17", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'4. SP SSO Descriptor Information')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "dfbd8622-d6c3-4ea3-b35d-2db88bb49398", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_clientUri", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_clientUri", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_clientUri", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_clientUri']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div/div/div/div/div/div/div/div/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "https://example.org/clientUri" + }, { + "id": "8463843d-56f0-4f83-b57c-53ae82a1f004", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_responseTypes", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_responseTypes", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_responseTypes", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_responseTypes']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[2]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/input", "xpath:position"] + ], + "value": "code id_token" + }, { + "id": "5ec23c8d-c7a5-4c22-abf8-891fdce9efea", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_sectorIdentifierUri", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_sectorIdentifierUri", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_sectorIdentifierUri", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_sectorIdentifierUri']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[3]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/input", "xpath:position"] + ], + "value": "https://example.org/sectorIdentifier" + }, { + "id": "f52f97cd-f0f8-49ea-a391-cb4f2a042e28", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[4]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/input", "xpath:position"] + ], + "value": "A256KW" + }, { + "id": "fcc1eae8-4023-4d2c-8102-88c8db1be36d", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_applicationType", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_applicationType", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_applicationType", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_applicationType']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[5]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/input", "xpath:position"] + ], + "value": "web" + }, { + "id": "1ae94896-8e1f-469c-a628-7c79d042d987", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthSigningAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthSigningAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthSigningAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthSigningAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[6]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/input", "xpath:position"] + ], + "value": "RS512" + }, { + "id": "00cc831f-c3e1-4134-94f3-e2e93d4f7714", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseEnc", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseEnc", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseEnc", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenEncryptedResponseEnc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[7]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/input", "xpath:position"] + ], + "value": "A256GCM" + }, { + "id": "5aef1d15-1745-47ea-80af-350429ba2243", + "comment": "", + "command": "click", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requireAuthTime", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requireAuthTime", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requireAuthTime", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requireAuthTime']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[8]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[8]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "de943279-0490-4ead-820f-e817697aef9d", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseEnc", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseEnc", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseEnc", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseEnc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[9]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[9]/div/div/div/div/input", "xpath:position"] + ], + "value": "A192GCM" + }, { + "id": "cb488cb2-e547-4879-a5ea-4f1ccb657ffc", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoSignedResponseAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoSignedResponseAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoSignedResponseAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoSignedResponseAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[10]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[10]/div/div/div/div/input", "xpath:position"] + ], + "value": "RS384" + }, { + "id": "5b7be019-60e5-4a51-8d61-c960b5e6fe04", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_userInfoEncryptedResponseAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[11]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[11]/div/div/div/div/input", "xpath:position"] + ], + "value": "A192KW" + }, { + "id": "83cf4511-326f-4ac7-8d20-bf72af37a599", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_grantTypes", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_grantTypes", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_grantTypes", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_grantTypes']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[12]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[12]/div/div/div/div/input", "xpath:position"] + ], + "value": "authorization_code" + }, { + "id": "e054d947-f27f-49eb-bb87-c8a825e52f6c", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareId", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareId", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareId", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareId']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[13]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[13]/div/div/div/div/input", "xpath:position"] + ], + "value": "mockSoftwareId" + }, { + "id": "01807fb9-dc5a-49dc-ba78-957fe7b0e582", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionEnc", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionEnc", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionEnc", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionEnc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[14]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[14]/div/div/div/div/input", "xpath:position"] + ], + "value": "A128GCM" + }, { + "id": "e309a59b-bd25-425a-ad5f-4bb26fa7be54", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_initiateLoginUri", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_initiateLoginUri", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_initiateLoginUri", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_initiateLoginUri']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[15]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[15]/div/div/div/div/input", "xpath:position"] + ], + "value": "https://example.org/initiateLogin" + }, { + "id": "239dc3b2-6fd3-492d-b35b-15f23499a56b", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectEncryptionAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[16]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[16]/div/div/div/div/input", "xpath:position"] + ], + "value": "A128KW" + }, { + "id": "b6fdb579-f397-4b26-971b-423e29bab54a", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthMethod", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthMethod", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthMethod", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_tokenEndpointAuthMethod']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[17]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[17]/div/div/div/div/input", "xpath:position"] + ], + "value": "client_secret_basic" + }, { + "id": "18ca44b0-14c6-4279-b9ec-21fe815b3a75", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectSigningAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectSigningAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectSigningAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_requestObjectSigningAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[18]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[18]/div/div/div/div/input", "xpath:position"] + ], + "value": "RS256" + }, { + "id": "1d04d162-58c7-4f4d-bb1b-fa66c240ed2f", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_scopes", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_scopes", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_scopes", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_scopes']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[19]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[19]/div/div/div/div/input", "xpath:position"] + ], + "value": "openid profile" + }, { + "id": "cfae5613-728b-4857-b6f8-6ade832a6bd1", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenSignedResponseAlg", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenSignedResponseAlg", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenSignedResponseAlg", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_idTokenSignedResponseAlg']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[20]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[20]/div/div/div/div/input", "xpath:position"] + ], + "value": "RS512" + }, { + "id": "705d566f-353b-4f07-9efd-ed9be65bec9a", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareVersion", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareVersion", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareVersion", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_softwareVersion']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[21]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[21]/div/div/div/div/input", "xpath:position"] + ], + "value": "mockSoftwareVersion" + }, { + "id": "12c39600-b13a-4835-a95a-e0b33554099a", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_defaultMaxAge", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_defaultMaxAge", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_defaultMaxAge", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_attributes_defaultMaxAge']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div/div/div/div/div[22]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[22]/div/div/div/div/input", "xpath:position"] + ], + "value": "0" + }, { + "id": "ac46ecb7-4dde-4062-a5c4-6fbc08364315", + "comment": "", + "command": "click", + "target": "css=.mb-3:nth-child(1) > div > .p-0 > .p-0 .array-add-button", + "targets": [ + ["css=.mb-3:nth-child(1) > div > .p-0 > .p-0 .array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[32]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/button", "xpath:position"] + ], + "value": "" + }, { + "id": "6b93d36a-9da9-4f5f-9996-1c223eaf8612", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_postLogoutRedirectUris_0", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_postLogoutRedirectUris_0", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_postLogoutRedirectUris_0", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_postLogoutRedirectUris_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "https://example.org/postLogout" + }, { + "id": "46349a97-b780-44b3-ad17-92bf3074a4ee", + "comment": "", + "command": "click", + "target": "css=.d-empty-none:nth-child(2) > .mb-3:nth-child(2) .array-add-button > .svg-inline--fa", + "targets": [ + ["css=.d-empty-none:nth-child(2) > .mb-3:nth-child(2) .array-add-button > .svg-inline--fa", "css:finder"] + ], + "value": "" + }, { + "id": "b82a94e4-fbbf-49fd-9167-82316f4f3ca1", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_0", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_0", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_0", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[2]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "password" + }, { + "id": "c842f5bd-5729-430d-b0b8-035aa2fb1243", + "comment": "", + "command": "click", + "target": "css=.d-empty-none:nth-child(2) > .mb-3:nth-child(2) .array-add-button", + "targets": [ + ["css=.d-empty-none:nth-child(2) > .mb-3:nth-child(2) .array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[35]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[2]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div[2]/div/div/div/div/button", "xpath:position"] + ], + "value": "" + }, { + "id": "cdc8718f-b13a-4628-a854-1049459e1de0", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_1", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_1", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_1", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_defaultAcrValues_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[2]/div/div/div/div[2]/div[2]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "mfa" + }, { + "id": "82b1d75d-0920-4ef1-87e6-e0fe5f70668a", + "comment": "", + "command": "click", + "target": "css=.mb-3:nth-child(3) .array-add-button", + "targets": [ + ["css=.mb-3:nth-child(3) .array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[39]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/button", "xpath:position"] + ], + "value": "" + }, { + "id": "5cd86585-37cf-4c94-b7ab-ff4b947a01ca", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_requestUris_0", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_requestUris_0", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_requestUris_0", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_requestUris_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[3]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "https://example.org/request" + }, { + "id": "57fa7f0b-0c39-459f-ab77-74f67b8f7fa8", + "comment": "", + "command": "click", + "target": "css=.mb-3:nth-child(4) .array-add-button", + "targets": [ + ["css=.mb-3:nth-child(4) .array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[42]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[4]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/button", "xpath:position"] + ], + "value": "" + }, { + "id": "dba6152f-cb59-4c3e-91bb-562dfc5afc6c", + "comment": "", + "command": "type", + "target": "id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_audiences_0", + "targets": [ + ["id=root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_audiences_0", "id"], + ["css=#root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_audiences_0", "css:finder"], + ["xpath=//input[@id='root_serviceProviderSsoDescriptor_extensions_OAuthRPExtensions_audiences_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/div[2]/div[4]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div[2]/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "http://mypeeps" + }, { + "id": "669441c2-b00d-4be3-93d9-ac48b73b4959", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.next", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button", "xpath:idRelative"], + ["xpath=//li[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "2bf3a3b6-9612-4510-bf76-77cbd03e440c", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.next", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button", "xpath:idRelative"], + ["xpath=//li[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "51821fe8-6130-418a-9d59-4d0074ffa164", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'7. Assertion Consumer Service')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "9f0638b7-c626-47b0-8bdf-ca129573ea31", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'8. Relying Party Overrides')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "ce20a359-5745-46dc-95b9-c08d0ced4332", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.next", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button", "xpath:idRelative"], + ["xpath=//li[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "dff6e93b-46c3-42e4-9cb5-b5cd97c20928", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.next", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button", "xpath:idRelative"], + ["xpath=//li[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "c2659a0b-1e0b-47aa-ae40-aa40c03b3a42", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'OIDC')]", "xpath:innerText"] + ], + "value": "OIDC" + }, { + "id": "c25870db-d6b9-49c8-846f-839e06df1e8c", + "comment": "", + "command": "assertText", + "target": "css=.mb-4:nth-child(4) .p-2 > div > div > div > .d-flex > .d-block:nth-child(2)", + "targets": [ + ["css=.mb-4:nth-child(4) .p-2 > div > div > div > .d-flex > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:idRelative"], + ["xpath=//section[4]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'http://openid.net/specs/openid-connect-core-1_0.html')]", "xpath:innerText"] + ], + "value": "http://openid.net/specs/openid-connect-core-1_0.html" + }, { + "id": "2ade9c64-4724-4a3f-9598-dd4007cce548", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(2) .d-flex:nth-child(1) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(2) .d-flex:nth-child(1) > .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[2]/ul/li/span", "xpath:idRelative"], + ["xpath=//div[2]/ul/li/span", "xpath:position"], + ["xpath=//span[contains(.,'password')]", "xpath:innerText"] + ], + "value": "password" + }, { + "id": "8cce063c-ab2b-4dc9-9e06-c55e3135ed6b", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(5) > div:nth-child(2) .text-truncate", + "targets": [ + ["css=div:nth-child(5) > div:nth-child(2) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[5]/div[2]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'code id_token')]", "xpath:innerText"] + ], + "value": "code id_token" + }, { + "id": "d6002b4f-ba9d-4362-8a7d-72ba8549ff1d", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(5) > div:nth-child(8) .text-truncate", + "targets": [ + ["css=div:nth-child(5) > div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'true')]", "xpath:innerText"] + ], + "value": "true" + }, { + "id": "c0cbc26c-ee8c-4c0e-a032-0a0314877e96", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(17) .text-truncate", + "targets": [ + ["css=div:nth-child(17) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[17]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[17]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'client_secret_basic')]", "xpath:innerText"] + ], + "value": "client_secret_basic" + }, { + "id": "87e8a450-05eb-4774-95e0-e6c4c0e07fe5", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(20) .text-truncate", + "targets": [ + ["css=div:nth-child(20) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[20]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[20]/div/span[2]", "xpath:position"] + ], + "value": "RS512" + }, { + "id": "72f99f17-450a-4f9c-b791-3b6f7b61e76c", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(22) .text-truncate", + "targets": [ + ["css=div:nth-child(22) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[22]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[22]/div/span[2]", "xpath:position"] + ], + "value": "0" + }, { + "id": "544c6cc9-6d83-4498-aeeb-a82e4243ff04", + "comment": "", + "command": "click", + "target": "css=.save", + "targets": [ + ["css=.save", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button", "xpath:idRelative"], + ["xpath=//li[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "d8c89d85-ee6b-4555-bc49-ef0352acc2fd", + "comment": "", + "command": "waitForElementVisible", + "target": "linkText=Test Provider", + "targets": [ + ["linkText=Test Provider", "linkText"], + ["css=.align-middle > a", "css:finder"], + ["xpath=//a[contains(text(),'Test Provider')]", "xpath:link"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/source/71d92677-252d-45f4-a0f2-4e141445f99b/configuration/options')]", "xpath:href"], + ["xpath=//td/a", "xpath:position"], + ["xpath=//a[contains(.,'Test Provider')]", "xpath:innerText"] + ], + "value": "30000" + }, { + "id": "c2053dae-b5e8-4a91-ae0c-184a19e00bb8", + "comment": "", + "command": "assertText", + "target": "css=.align-middle:nth-child(3)", + "targets": [ + ["css=.align-middle:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[3]", "xpath:idRelative"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'OIDC')]", "xpath:innerText"] + ], + "value": "OIDC" + }, { + "id": "48527a89-9ce3-497a-9ed3-cc6c7381785e", + "comment": "", + "command": "click", + "target": "linkText=Test Provider", + "targets": [ + ["linkText=Test Provider", "linkText"], + ["css=.align-middle > a", "css:finder"], + ["xpath=//a[contains(text(),'Test Provider')]", "xpath:link"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/source/fdaed37b-6b1d-4c40-970f-f844212c50f5/configuration/options')]", "xpath:href"], + ["xpath=//td/a", "xpath:position"], + ["xpath=//a[contains(.,'Test Provider')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "84fdd3d6-ea59-4b87-ba23-4688bde74d74", + "comment": "", + "command": "waitForElementVisible", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [], + "value": "30000" + }, { + "id": "67c55322-a860-4293-b861-9b6b507f1407", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'OIDC')]", "xpath:innerText"] + ], + "value": "OIDC" + }, { + "id": "6394f132-18db-4ebb-a783-bcb75b7ac3b6", + "comment": "", + "command": "click", + "target": "css=.mb-4:nth-child(5) .edit-link", + "targets": [ + ["css=.mb-4:nth-child(5) .edit-link", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[3]/div/div/div/button", "xpath:idRelative"], + ["xpath=//section[3]/div/div/div/button", "xpath:position"] + ], + "value": "" + }, { + "id": "412f0649-4c25-4733-98f0-9a88189049f0", + "comment": "", + "command": "click", + "target": "css=.d-empty-none:nth-child(1) .array-add-button", + "targets": [ + ["css=.d-empty-none:nth-child(1) .array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[17]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "6e385d66-8121-44ce-b60c-218e185c1fc3", + "comment": "", + "command": "click", + "target": "css=.toggle-button", + "targets": [ + ["css=.toggle-button", "css:finder"], + ["xpath=(//button[@type='button'])[19]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Options')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "dc7cfb31-b890-4d3c-9581-b6a85accff63", + "comment": "", + "command": "click", + "target": "css=#option-selector-items-root_serviceProviderSsoDescriptor_nameIdFormats_0-item-2 > span", + "targets": [ + ["css=#option-selector-items-root_serviceProviderSsoDescriptor_nameIdFormats_0-item-2 > span", "css:finder"], + ["xpath=//a[@id='option-selector-items-root_serviceProviderSsoDescriptor_nameIdFormats_0-item-2']/span", "xpath:idRelative"], + ["xpath=//a[3]/span", "xpath:position"], + ["xpath=//span[contains(.,'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "4a49cf7c-9f9d-421f-869c-aaf01bdc5e04", + "comment": "", + "command": "click", + "target": "css=.btn-info", + "targets": [ + ["css=.btn-info", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div[2]/button", "xpath:position"], + ["xpath=//button[contains(.,' Save')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "48081980-585d-4c2b-9bcb-ea314180a46e", + "comment": "", + "command": "waitForElementVisible", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [], + "value": "30000" + }, { + "id": "8c5ffc00-40b5-437e-9773-0c8585749809", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'OIDC')]", "xpath:innerText"] + ], + "value": "OIDC" + }, { + "id": "3ce15bdb-9dd4-474b-bb91-2d1b1aa7cb9b", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(16) .text-truncate", + "targets": [ + ["css=div:nth-child(16) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[3]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[16]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[16]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'A128KW')]", "xpath:innerText"] + ], + "value": "A128KW" + }, { + "id": "90f74dbe-db02-4ea1-ab34-b85da5656344", + "comment": "", + "command": "waitForElementVisible", + "target": "css=div:nth-child(1) > .d-flex > .list-unstyled .d-block", + "targets": [], + "value": "30000" + }, { + "id": "8dec922e-65f0-4c55-b35b-530983855a5b", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(1) > .d-flex > .list-unstyled .d-block", + "targets": [ + ["css=div:nth-child(1) > .d-flex > .list-unstyled .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[3]/div/div[2]/div[2]/div/div[2]/ul/li/span", "xpath:idRelative"], + ["xpath=//ul/li/span", "xpath:position"], + ["xpath=//span[contains(.,'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent')]", "xpath:innerText"] + ], + "value": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" + }, { + "id": "df3c936e-4ae8-4cb2-9a23-1bd21ad58bc2", + "comment": "", + "command": "pause", + "target": "5000", + "targets": [], + "value": "" + }, { + "id": "7c558cfd-79be-4541-8b38-f4036e01b407", + "comment": "", + "command": "click", + "target": "css=.btn-danger", + "targets": [ + ["css=.btn-danger", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/div/div/div/div/button[2]", "xpath:idRelative"], + ["xpath=//button[2]", "xpath:position"], + ["xpath=//button[contains(.,'Delete')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "15c0be9b-0f31-44a4-8291-7130cae2b7a0", + "comment": "", + "command": "waitForElementVisible", + "target": "css=.btn-danger:nth-child(1)", + "targets": [], + "value": "30000" + }, { + "id": "af4811da-9f6e-4751-b9d9-0d5bd56e39ee", + "comment": "", + "command": "click", + "target": "css=.btn-danger:nth-child(1)", + "targets": [ + ["css=.btn-danger:nth-child(1)", "css:finder"], + ["xpath=(//button[@type='button'])[16]", "xpath:attributes"], + ["xpath=//div[4]/div/div/div[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "eb9c18d9-d0fc-4723-840b-7be59434bebf", + "comment": "", + "command": "waitForElementVisible", + "target": "css=.alert", + "targets": [], + "value": "30000" + }, { + "id": "f27630e9-561e-49f6-b557-b2c7ff0647fc", + "comment": "", + "command": "assertText", + "target": "css=.alert", + "targets": [], + "value": "Metadata source has been deleted." + }, { + "id": "3a583629-3a81-44fa-8f99-3c50d817d8b3", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "36c87ced-a658-4fed-8b7d-b9cc0fbc729c", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] + }], + "suites": [{ + "id": "d2caeac4-7520-4e3c-96b1-840610b6983c", + "name": "Default Suite", + "persistSession": false, + "parallel": false, + "timeout": 300, + "tests": ["841ade0e-83bd-4a4b-94f2-de6bd5c536b2"] + }], + "urls": ["http://localhost:10101/"], + "plugins": [] +} \ No newline at end of file From 86be037e1ed00fa5a51065c70955dcbaa9e8421f Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 10 Oct 2022 13:10:17 -0700 Subject: [PATCH 39/77] Added ids for tests --- ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index d95cadef1..a9f99dab1 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -100,7 +100,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) - + {types.map(t => )} @@ -114,6 +114,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) !(sourceNames.indexOf(v) > -1) @@ -132,6 +133,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) !(sourceIds.indexOf(v) > -1) From 14d5717fc299a0a83d8cccaa55af764b709d4200 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Mon, 10 Oct 2022 17:40:19 -0400 Subject: [PATCH 40/77] SHIBUI-2380 Pushing a test for Ryan. --- .../admin/ui/SeleniumSIDETest.groovy | 10 +- .../integration/resources/SHIBUI-1281.side | 252 +++++++----------- 2 files changed, 94 insertions(+), 168 deletions(-) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 0f499c744..1a56bb42e 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -107,12 +107,12 @@ class SeleniumSIDETest extends Specification { where: name | file - 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' +/* 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' 'SHIBUI-1364: Compare FSMP' | '/SHIBUI-1364-2.side' 'SHIBUI-1364: Compare LDMP' | '/SHIBUI-1364-3.side' - 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side' + 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side'*/ 'SHIBUI-1281: Metadata Source Dashboard' | '/SHIBUI-1281.side' - 'SHIBUI-1311: Metadata Provider Dashboard' | '/SHIBUI-1311.side' +/* 'SHIBUI-1311: Metadata Provider Dashboard' | '/SHIBUI-1311.side' 'SHIBUI-950: Metadata Source from XML w/ digest' | '/SHIBUI-950.side' 'SHIBUI-1352: Create LocalDynamic provider' | '/SHIBUI-1352-1.side' 'SHIBUI-1352: Create FileSystem provider' | '/SHIBUI-1352-2.side' @@ -154,13 +154,13 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-2052: Logged in user & role appear on dashboard' | '/SHIBUI-2052.side' 'SHIBUI-2116: Verify entity attribute bundle highlights' | '/SHIBUI-2116.side' // Note that this script WILL NOT PASS in the Selenium IDE due to ${driver} not being set (it is provided by this groovy script). 'SHIBUI-2267: Verify new RPO CRUD' | '/SHIBUI-2267.side' + 'SHIBUI-2380: OIDC metadata source CRUD' | '/SHIBUI-2380.side' 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' 'SHIBUI-1674: Verify metadata provider tooltips' | '/SHIBUI-1674-2.side' 'SHIBUI-1674: Verify advanced menu tooltips' | '/SHIBUI-1674-3.side' 'SHIBUI-2270: Verify property set CRUD' | '/SHIBUI-2270-1.side' 'SHIBUI-2270: Verify full property set' | '/SHIBUI-2270-2.side' 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' - 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' - 'SHIBUI-2380: OIDC metadata source CRUD' | '/SHIBUI-2380.side' + 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side'*/ } } diff --git a/backend/src/integration/resources/SHIBUI-1281.side b/backend/src/integration/resources/SHIBUI-1281.side index 06e730ecd..a6494bfc2 100644 --- a/backend/src/integration/resources/SHIBUI-1281.side +++ b/backend/src/integration/resources/SHIBUI-1281.side @@ -989,67 +989,55 @@ ], "value": "" }, { - "id": "3e11e54a-1b36-43ed-a8e5-d91f1fbed991", + "id": "ac04f81f-934f-45f2-b956-5c5c7a2e94c6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "css=.array-add-button", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "5acb8e19-16a3-4139-a961-1b58c11c4681", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=field50", "id"], - ["name=field50", "name"], - ["css=#field50", "css:finder"], - ["xpath=//input[@id='field50']", "xpath:attributes"], - ["xpath=//div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 1 Name" }, { "id": "23ff8b87-ac6c-4f82-a779-aa91be11f49c", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_type-signing", - "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-signing", "id"], - ["name=root_securityInfo_x509Certificates_0_type", "name"], - ["css=#root_securityInfo_x509Certificates_0_type-signing", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-signing']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] - ], - "value": "" - }, { - "id": "dd15088c-ddc9-42fd-8f8d-f73338be71b6", - "comment": "", - "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_type-signing", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_type-signing", "id"], + ["name=root_securityInfo_keyDescriptors_0_type", "name"], + ["css=#root_securityInfo_keyDescriptors_0_type-signing", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_type-signing']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "813bf709-6c73-41ac-837a-5be076fa43c7", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["name=field52", "name"], - ["css=.text-widget", "css:finder"], - ["xpath=//textarea[@name='field52']", "xpath:attributes"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "This is cert 1." @@ -1066,68 +1054,43 @@ ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" - }, { - "id": "cbe577f6-3d18-49d9-95ab-2e597e5308a6", - "comment": "", - "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_name", - "targets": [ - ["id=root_securityInfo_x509Certificates_1_name", "id"], - ["css=#root_securityInfo_x509Certificates_1_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] - ], - "value": "" }, { "id": "ae98e813-77f4-424e-9141-d48e6127d9b6", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=field54", "id"], - ["name=field54", "name"], - ["css=#field54", "css:finder"], - ["xpath=//input[@id='field54']", "xpath:attributes"], - ["xpath=//li[2]/div/div/div[2]/sf-form-element/div/sf-widget-chooser/custom-object/div/div/fieldset/div/div/sf-form-element/div/sf-widget-chooser/custom-string/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 2 Name" }, { "id": "835ad053-0a10-4606-a148-c7ba36be316f", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_type-encryption", + "target": "id=root_securityInfo_keyDescriptors_1_type-encryption", "targets": [ - ["id=root_securityInfo_x509Certificates_1_type-encryption", "id"], - ["css=#root_securityInfo_x509Certificates_1_type-encryption", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_type-encryption']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:position"] - ], - "value": "" - }, { - "id": "e272cafa-3aba-4aff-972e-b1d45e627b88", - "comment": "", - "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_value", - "targets": [ - ["id=root_securityInfo_x509Certificates_1_value", "id"], - ["css=#root_securityInfo_x509Certificates_1_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_1_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_type-encryption", "id"], + ["css=#root_securityInfo_keyDescriptors_1_type-encryption", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_type-encryption']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:position"] ], "value": "" }, { "id": "ae42d668-92ba-4cb8-9daf-a2a64ac18404", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["name=field56", "name"], - ["css=.ng-untouched:nth-child(3)", "css:finder"], - ["xpath=//textarea[@name='field56']", "xpath:attributes"], - ["xpath=//li[2]/div/div/div[2]/sf-form-element/div/sf-widget-chooser/custom-object/div/div/fieldset/div/div[3]/sf-form-element/div/sf-widget-chooser/textarea-component/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "This is cert 2." }, { @@ -1632,29 +1595,17 @@ ["xpath=//div/button/translate-i18n", "xpath:position"] ], "value": "" - }, { - "id": "1a1b509e-1768-4291-820d-26f4b73a9d71", - "comment": "", - "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", - "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[5]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] - ], - "value": "" }, { "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=field83", "id"], - ["css=#field83", "css:finder"], - ["xpath=//input[@id='field83']", "xpath:attributes"], - ["xpath=//div[@id='field83-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -1696,12 +1647,13 @@ "id": "cbf15c4c-35d9-4f80-ba3d-bfe960048cd1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[22]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1748,12 +1700,13 @@ "id": "2b063eb8-f2d6-4a59-85bb-b04c467d9874", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[29]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1775,7 +1728,7 @@ ["xpath=//a[@id='option-selector-items-root_relyingPartyOverrides_authenticationMethods_1-item-1']", "xpath:attributes"], ["xpath=//div[@id='option-selector-items-root_relyingPartyOverrides_authenticationMethods_1']/a[2]", "xpath:idRelative"], ["xpath=(//a[contains(@href, '#')])[2]", "xpath:href"], - ["xpath=//div[2]/a[2]", "xpath:position"], + ["xpath=//a[2]", "xpath:position"], ["xpath=//a[contains(.,'urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken')]", "xpath:innerText"] ], "value": "" @@ -1800,12 +1753,13 @@ "id": "64e215d9-6e46-422f-882c-13b6fb102622", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1841,47 +1795,19 @@ ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button/translate-i18n", "xpath:position"] ], "value": "" - }, { - "id": "dacd34b0-9e48-4838-b137-bf22dd027ed0", - "comment": "", - "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", - "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[10]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] - ], - "value": "" }, { "id": "cc9dd18b-ee87-4aa7-91f2-59f02834759b", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=field87", "id"], - ["css=#field87", "css:finder"], - ["xpath=//input[@id='field87']", "xpath:attributes"], - ["xpath=//div[@id='field87-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" - }, { - "id": "1e11daff-c541-43a3-b05a-5ab23ed08d64", - "comment": "", - "command": "click", - "target": "id=option-selector-items-root_relyingPartyOverrides_authenticationMethods_3-item-3", - "targets": [ - ["id=option-selector-items-root_relyingPartyOverrides_authenticationMethods_3-item-3", "id"], - ["linkText=otherThings", "linkText"], - ["css=#option-selector-items-root_relyingPartyOverrides_authenticationMethods_3-item-3", "css:finder"], - ["xpath=//a[@id='option-selector-items-root_relyingPartyOverrides_authenticationMethods_3-item-3']", "xpath:attributes"], - ["xpath=//div[@id='option-selector-items-root_relyingPartyOverrides_authenticationMethods_3']/a[4]", "xpath:idRelative"], - ["xpath=(//a[contains(@href, '#')])[4]", "xpath:href"], - ["xpath=//a[4]", "xpath:position"], - ["xpath=//a[contains(.,'otherThings')]", "xpath:innerText"] - ], - "value": "" }, { "id": "7c85fe59-dc95-4328-a010-33d1a06a5ce5", "comment": "", @@ -2111,21 +2037,21 @@ "target": "css=td:nth-child(2)", "targets": [], "value": "" - },{ - "id": "4ec2c493-85e4-403b-9b09-031c5728f498", - "comment": "", - "command": "open", - "target": "/api/heheheheheheheWipeout", - "targets": [], - "value": "" - }, { - "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", - "comment": "", - "command": "assertText", - "target": "css=body", - "targets": [], - "value": "yes, you did it" - }] + }, { + "id": "4ec2c493-85e4-403b-9b09-031c5728f498", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] }], "suites": [{ "id": "d2caeac4-7520-4e3c-96b1-840610b6983c", From 55e45f5e758ad8177013eb9ac885a2a68fcd6367 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 12 Oct 2022 07:46:42 -0700 Subject: [PATCH 41/77] Removed clientSecret options --- .../src/main/resources/metadata-sources-ui-schema-oidc.json | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index a98bfc55d..d463762e2 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -367,9 +367,7 @@ "enum": [ "X509Data", "jwksUri", - "jwksData", - "clientSecret", - "clientSecretRef" + "jwksData" ] }, "type": { From be7d6f28059dfb6961d02983834f81464f065889 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 12 Oct 2022 11:00:55 -0700 Subject: [PATCH 42/77] Fixed tooltip --- backend/src/main/resources/i18n/messages.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index d8146c9b9..bb76787d6 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -662,7 +662,7 @@ tooltip.authentication-requests-signed=Whether to sign requests. Signing request tooltip.want-assertions-signed=Whether to sign assertions. Element declares that the service provider wants the element to be digitally signed. tooltip.certificate-name=Value used by the IDP UI to identify certificates. tooltip.certificate-type=Describes the use to which the credential will be put (as defined by the SAML standard) -tooltip.certificate=Value used for the key descriptor. (Certificate, ClientSecret, etc) +tooltip.certificate=Value used for the key descriptor. (Certificate, etc) tooltip.key-descriptors=A certificate containing a public key to use to require and verify an XML signature over the resource. tooltip.logout-endpoints=If your SP supports SAML 2.0 Single Logout, you will need to include one or more endpoint elements in the metadata. tooltip.logout-endpoints-url=The location of the handler (when combined with the base handlerURL). This is the location to which an IdP sends messages using whatever protocol and binding it shares with the SP. Each combination of SLO protocol and binding is installed at a unique location to improve efficiency. @@ -807,7 +807,7 @@ message.algorithms-unique=Each algorithm may only be used once. label.source-protocol=Authentication Protocol label.key-descriptors=Key Descriptors label.certificate-value=Value -tooltip.certificate-value=Value used for the key descriptor. (Certificate, ClientSecret, etc) +tooltip.certificate-value=Value used for the key descriptor. (Certificate, etc) label.element-type=Element Type tooltip.element-type=Type of element used to contain the certificate in metadata. (x509, etc) label.oauth-rp-extensions=OAuth Relying Party Extensions From cd757316a9caf202b721cdc149bc2670dcd8c829 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Fri, 14 Oct 2022 14:24:34 -0400 Subject: [PATCH 43/77] SHIBUI-2380 More test fixes. Inclues a broken test for Charles to check out. --- .../admin/ui/SeleniumSIDETest.groovy | 8 +- .../integration/resources/SHIBUI-1281.side | 30 +- .../integration/resources/SHIBUI-1333.side | 278 +++++++++-------- .../integration/resources/SHIBUI-1334-1.side | 293 ++++++++++-------- 4 files changed, 339 insertions(+), 270 deletions(-) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 1a56bb42e..1b1a78bec 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -110,15 +110,15 @@ class SeleniumSIDETest extends Specification { /* 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' 'SHIBUI-1364: Compare FSMP' | '/SHIBUI-1364-2.side' 'SHIBUI-1364: Compare LDMP' | '/SHIBUI-1364-3.side' - 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side'*/ + 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side' 'SHIBUI-1281: Metadata Source Dashboard' | '/SHIBUI-1281.side' -/* 'SHIBUI-1311: Metadata Provider Dashboard' | '/SHIBUI-1311.side' + 'SHIBUI-1311: Metadata Provider Dashboard' | '/SHIBUI-1311.side' 'SHIBUI-950: Metadata Source from XML w/ digest' | '/SHIBUI-950.side' 'SHIBUI-1352: Create LocalDynamic provider' | '/SHIBUI-1352-1.side' 'SHIBUI-1352: Create FileSystem provider' | '/SHIBUI-1352-2.side' - 'SHIBUI-1333: Verify metadata source configuration' | '/SHIBUI-1333.side' + 'SHIBUI-1333: Verify metadata source configuration' | '/SHIBUI-1333.side'*/ 'SHIBUI-1334: Verify metadata source versioning' | '/SHIBUI-1334-1.side' - 'SHIBUI-1334: Verify metadata provider versioning' | '/SHIBUI-1334-2.side' +/* 'SHIBUI-1334: Verify metadata provider versioning' | '/SHIBUI-1334-2.side' 'SHIBUI-1335: Verify File Backed HTTP Metadata Provider Filters' | '/SHIBUI-1335-1.side' 'SHIBUI-1335: Verify Filesystem Metadata Provider' | '/SHIBUI-1335-2.side' 'SHIBUI-1335: Verify Local Dynamic Metadata Provider' | '/SHIBUI-1335-3.side' diff --git a/backend/src/integration/resources/SHIBUI-1281.side b/backend/src/integration/resources/SHIBUI-1281.side index a6494bfc2..44d10c326 100644 --- a/backend/src/integration/resources/SHIBUI-1281.side +++ b/backend/src/integration/resources/SHIBUI-1281.side @@ -1808,6 +1808,13 @@ ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" + }, { + "id": "c01aaef5-b886-41aa-be33-2e30f988d2f7", + "comment": "", + "command": "sendKeys", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", + "targets": [], + "value": "${KEY_ENTER}" }, { "id": "7c85fe59-dc95-4328-a010-33d1a06a5ce5", "comment": "", @@ -1859,11 +1866,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -1922,7 +1929,7 @@ ["xpath=//section/div/div/span", "xpath:position"], ["xpath=//span[contains(.,'Current Metadata Sources')]", "xpath:innerText"] ], - "value": "10000" + "value": "30000" }, { "id": "ba9fb8e8-d332-45bd-accd-703284744136", "comment": "", @@ -1949,7 +1956,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "86ceae7b-49f1-4830-b965-b58a11e06445", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -1958,6 +1965,17 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=td:nth-child(3)", "css:finder"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'root')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "87281e0a-322f-4d3a-9703-3e6966f26759", diff --git a/backend/src/integration/resources/SHIBUI-1333.side b/backend/src/integration/resources/SHIBUI-1333.side index 4a61515ff..d78082478 100644 --- a/backend/src/integration/resources/SHIBUI-1333.side +++ b/backend/src/integration/resources/SHIBUI-1333.side @@ -789,11 +789,12 @@ "id": "23fd8856-32df-48ed-a198-a74e8ca71b10", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[5]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[9]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[5]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "id"], + ["css=#option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" @@ -988,16 +989,29 @@ ["xpath=//div[2]/div/div/div/input", "xpath:position"] ], "value": "" + }, { + "id": "9cabc071-a431-41b1-903a-f773d4597b0b", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" }, { "id": "3e11e54a-1b36-43ed-a8e5-d91f1fbed991", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1005,39 +1019,39 @@ "id": "5acb8e19-16a3-4139-a961-1b58c11c4681", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=field50", "id"], - ["name=field50", "name"], - ["css=#field50", "css:finder"], - ["xpath=//input[@id='field50']", "xpath:attributes"], - ["xpath=//div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 1 Name" }, { "id": "23ff8b87-ac6c-4f82-a779-aa91be11f49c", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_type-signing", + "target": "id=root_securityInfo_keyDescriptors_0_type-signing", "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-signing", "id"], - ["name=root_securityInfo_x509Certificates_0_type", "name"], - ["css=#root_securityInfo_x509Certificates_0_type-signing", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-signing']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_type-signing", "id"], + ["name=root_securityInfo_keyDescriptors_0_type", "name"], + ["css=#root_securityInfo_keyDescriptors_0_type-signing", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_type-signing']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "dd15088c-ddc9-42fd-8f8d-f73338be71b6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "" @@ -1045,11 +1059,12 @@ "id": "813bf709-6c73-41ac-837a-5be076fa43c7", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["name=field52", "name"], - ["css=.text-widget", "css:finder"], - ["xpath=//textarea[@name='field52']", "xpath:attributes"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "This is cert 1." @@ -1070,12 +1085,12 @@ "id": "cbe577f6-3d18-49d9-95ab-2e597e5308a6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_1_name", "id"], - ["css=#root_securityInfo_x509Certificates_1_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1083,7 +1098,7 @@ "id": "ae98e813-77f4-424e-9141-d48e6127d9b6", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ ["id=field54", "id"], ["name=field54", "name"], @@ -1096,38 +1111,39 @@ "id": "835ad053-0a10-4606-a148-c7ba36be316f", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_type-encryption", + "target": "id=root_securityInfo_keyDescriptors_1_type-encryption", "targets": [ - ["id=root_securityInfo_x509Certificates_1_type-encryption", "id"], - ["css=#root_securityInfo_x509Certificates_1_type-encryption", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_type-encryption']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_type-encryption", "id"], + ["css=#root_securityInfo_keyDescriptors_1_type-encryption", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_type-encryption']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:position"] ], "value": "" }, { "id": "e272cafa-3aba-4aff-972e-b1d45e627b88", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_1_value", "id"], - ["css=#root_securityInfo_x509Certificates_1_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_1_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "" }, { "id": "ae42d668-92ba-4cb8-9daf-a2a64ac18404", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["name=field56", "name"], - ["css=.ng-untouched:nth-child(3)", "css:finder"], - ["xpath=//textarea[@name='field56']", "xpath:attributes"], - ["xpath=//li[2]/div/div/div[2]/sf-form-element/div/sf-widget-chooser/custom-object/div/div/fieldset/div/div[3]/sf-form-element/div/sf-widget-chooser/textarea-component/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "This is cert 2." }, { @@ -1622,11 +1638,12 @@ "id": "1a1b509e-1768-4291-820d-26f4b73a9d71", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[10]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1634,13 +1651,13 @@ "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=field83", "id"], - ["css=#field83", "css:finder"], - ["xpath=//input[@id='field83']", "xpath:attributes"], - ["xpath=//div[@id='field83-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -1682,12 +1699,13 @@ "id": "cbf15c4c-35d9-4f80-ba3d-bfe960048cd1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/0-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[7]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/0-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1734,12 +1752,13 @@ "id": "2b063eb8-f2d6-4a59-85bb-b04c467d9874", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/1-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[8]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/1-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[2]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1786,12 +1805,13 @@ "id": "64e215d9-6e46-422f-882c-13b6fb102622", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1831,25 +1851,26 @@ "id": "dacd34b0-9e48-4838-b137-bf22dd027ed0", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[12]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "cc9dd18b-ee87-4aa7-91f2-59f02834759b", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=field87", "id"], - ["css=#field87", "css:finder"], - ["xpath=//input[@id='field87']", "xpath:attributes"], - ["xpath=//div[@id='field87-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" }, { @@ -1914,11 +1935,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -1981,7 +2002,7 @@ ["xpath=//td/a", "xpath:position"], ["xpath=//a[contains(.,'Test Provider')]", "xpath:innerText"] ], - "value": "10000" + "value": "30000" }, { "id": "ba9fb8e8-d332-45bd-accd-703284744136", "comment": "", @@ -2009,7 +2030,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "8defbd22-a27a-40ed-b430-e71092d834b3", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -2018,6 +2039,17 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=td:nth-child(3)", "css:finder"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'root')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "87281e0a-322f-4d3a-9703-3e6966f26759", @@ -2135,7 +2167,7 @@ ["xpath=//span[2]", "xpath:position"], ["xpath=//span[contains(.,'admin')]", "xpath:innerText"] ], - "value": "10000" + "value": "30000" }, { "id": "c9ea2708-7c12-43ce-b827-f0f34d2f2831", "comment": "", @@ -2152,11 +2184,11 @@ "id": "16271513-203c-4528-870f-dcf73f4d81cb", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2164,10 +2196,10 @@ "id": "3f2c3eab-ecbf-45f3-bcdc-a5cad766b27c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", + "target": "css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "targets": [ - ["css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[5]/div[2]/div[3]/span", "xpath:idRelative"], + ["css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[6]/div[2]/div[3]/span", "xpath:idRelative"], ["xpath=//div[3]/span", "xpath:position"], ["xpath=//span[contains(.,'user@test.org')]", "xpath:innerText"] ], @@ -2212,11 +2244,11 @@ "id": "fe47ffd2-d2a0-4264-90fe-31b998f81ac2", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(2) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"] + ["css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(2) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"] ], "value": "true" }, { @@ -2254,21 +2286,21 @@ ["xpath=//section[8]/div/div[2]/object-property/array-property/div/div/div[3]/div/span", "xpath:position"] ], "value": "true" - },{ - "id": "4ec2c493-85e4-403b-9b09-031c5728f498", - "comment": "", - "command": "open", - "target": "/api/heheheheheheheWipeout", - "targets": [], - "value": "" - }, { - "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", - "comment": "", - "command": "assertText", - "target": "css=body", - "targets": [], - "value": "yes, you did it" - }] + }, { + "id": "4ec2c493-85e4-403b-9b09-031c5728f498", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] }], "suites": [{ "id": "d2caeac4-7520-4e3c-96b1-840610b6983c", diff --git a/backend/src/integration/resources/SHIBUI-1334-1.side b/backend/src/integration/resources/SHIBUI-1334-1.side index af9840182..2f85c5ebf 100644 --- a/backend/src/integration/resources/SHIBUI-1334-1.side +++ b/backend/src/integration/resources/SHIBUI-1334-1.side @@ -790,12 +790,13 @@ "id": "23fd8856-32df-48ed-a198-a74e8ca71b10", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[5]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[3]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[5]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[3]/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "id"], + ["css=#option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -991,16 +992,29 @@ ["xpath=//div[2]/div/div/div/input", "xpath:position"] ], "value": "" + }, { + "id": "9543d0a5-a5fa-460e-9996-5502d9e86910", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" }, { "id": "3e11e54a-1b36-43ed-a8e5-d91f1fbed991", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1008,39 +1022,39 @@ "id": "5acb8e19-16a3-4139-a961-1b58c11c4681", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=field50", "id"], - ["name=field50", "name"], - ["css=#field50", "css:finder"], - ["xpath=//input[@id='field50']", "xpath:attributes"], - ["xpath=//div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 1 Name" }, { "id": "23ff8b87-ac6c-4f82-a779-aa91be11f49c", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_type-signing", + "target": "id=root_securityInfo_keyDescriptors_0_type-signing", "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-signing", "id"], - ["name=root_securityInfo_x509Certificates_0_type", "name"], - ["css=#root_securityInfo_x509Certificates_0_type-signing", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-signing']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_type-signing", "id"], + ["name=root_securityInfo_keyDescriptors_0_type", "name"], + ["css=#root_securityInfo_keyDescriptors_0_type-signing", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_type-signing']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "dd15088c-ddc9-42fd-8f8d-f73338be71b6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "" @@ -1048,11 +1062,12 @@ "id": "813bf709-6c73-41ac-837a-5be076fa43c7", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["name=field52", "name"], - ["css=.text-widget", "css:finder"], - ["xpath=//textarea[@name='field52']", "xpath:attributes"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "This is cert 1." @@ -1073,12 +1088,12 @@ "id": "cbe577f6-3d18-49d9-95ab-2e597e5308a6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_1_name", "id"], - ["css=#root_securityInfo_x509Certificates_1_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1086,51 +1101,52 @@ "id": "ae98e813-77f4-424e-9141-d48e6127d9b6", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=field54", "id"], - ["name=field54", "name"], - ["css=#field54", "css:finder"], - ["xpath=//input[@id='field54']", "xpath:attributes"], - ["xpath=//li[2]/div/div/div[2]/sf-form-element/div/sf-widget-chooser/custom-object/div/div/fieldset/div/div/sf-form-element/div/sf-widget-chooser/custom-string/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 2 Name" }, { "id": "835ad053-0a10-4606-a148-c7ba36be316f", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_type-encryption", + "target": "id=root_securityInfo_keyDescriptors_1_type-encryption", "targets": [ - ["id=root_securityInfo_x509Certificates_1_type-encryption", "id"], - ["css=#root_securityInfo_x509Certificates_1_type-encryption", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_type-encryption']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_type-encryption", "id"], + ["css=#root_securityInfo_keyDescriptors_1_type-encryption", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_type-encryption']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:position"] ], "value": "" }, { "id": "e272cafa-3aba-4aff-972e-b1d45e627b88", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_1_value", "id"], - ["css=#root_securityInfo_x509Certificates_1_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_1_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "" }, { "id": "ae42d668-92ba-4cb8-9daf-a2a64ac18404", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["name=field56", "name"], - ["css=.ng-untouched:nth-child(3)", "css:finder"], - ["xpath=//textarea[@name='field56']", "xpath:attributes"], - ["xpath=//li[2]/div/div/div[2]/sf-form-element/div/sf-widget-chooser/custom-object/div/div/fieldset/div/div[3]/sf-form-element/div/sf-widget-chooser/textarea-component/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "This is cert 2." }, { @@ -1628,44 +1644,35 @@ "id": "1a1b509e-1768-4291-820d-26f4b73a9d71", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=/relyingPartyOverrides/nameIdFormats/4", "id"], - ["css=#\\/relyingPartyOverrides\\/nameIdFormats\\/4", "css:finder"], - ["xpath=//input[@id='/relyingPartyOverrides/nameIdFormats/4']", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/nameIdFormats/4-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { - "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", + "id": "74a9ac1e-d9ba-41e4-bf1f-c96152639159", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=field83", "id"], - ["css=#field83", "css:finder"], - ["xpath=//input[@id='field83']", "xpath:attributes"], - ["xpath=//div[@id='field83-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { - "id": "26146f5e-533f-42c6-b1e6-e107a471ba8f", + "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", "comment": "", - "command": "click", - "target": "id=option-selector-items-root_relyingPartyOverrides_nameIdFormats_4-item-4", - "targets": [ - ["id=option-selector-items-root_relyingPartyOverrides_nameIdFormats_4-item-4", "id"], - ["linkText=somethingElse", "linkText"], - ["css=#option-selector-items-root_relyingPartyOverrides_nameIdFormats_4-item-4", "css:finder"], - ["xpath=//a[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_4-item-4']", "xpath:attributes"], - ["xpath=//div[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_4']/a[5]", "xpath:idRelative"], - ["xpath=(//a[contains(@href, '#')])[5]", "xpath:href"], - ["xpath=//a[5]", "xpath:position"], - ["xpath=//a[contains(.,'somethingElse')]", "xpath:innerText"] - ], - "value": "" + "command": "sendKeys", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", + "targets": [], + "value": "${KEY_ENTER}" }, { "id": "c8bb3bee-3d61-4324-a3aa-38b78232b969", "comment": "", @@ -1689,12 +1696,13 @@ "id": "cbf15c4c-35d9-4f80-ba3d-bfe960048cd1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/0-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[7]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/0-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1741,12 +1749,13 @@ "id": "2b063eb8-f2d6-4a59-85bb-b04c467d9874", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/1-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[8]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/1-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[2]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1793,12 +1802,13 @@ "id": "64e215d9-6e46-422f-882c-13b6fb102622", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1838,26 +1848,26 @@ "id": "dacd34b0-9e48-4838-b137-bf22dd027ed0", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=/relyingPartyOverrides/authenticationMethods/3", "id"], - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/3", "css:finder"], - ["xpath=//input[@id='/relyingPartyOverrides/authenticationMethods/3']", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/3-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "cc9dd18b-ee87-4aa7-91f2-59f02834759b", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=field87", "id"], - ["css=#field87", "css:finder"], - ["xpath=//input[@id='field87']", "xpath:attributes"], - ["xpath=//div[@id='field87-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" }, { @@ -1924,11 +1934,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -1971,24 +1981,22 @@ "id": "a1050ebe-55c5-4eac-8d12-615f3ff1cd72", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(6) .p-2 > div > div > div:nth-child(2) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(8) div:nth-child(6) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(6) .p-2 > div > div > div:nth-child(2) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[6]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[6]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'true')]", "xpath:innerText"] + ["css=.mb-4:nth-child(8) div:nth-child(6) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[6]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[6]/div/span[2]", "xpath:position"] ], "value": "true" }, { "id": "43b130ff-e8a5-493d-a418-f1f8623f1de3", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(6) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(6) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[6]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[6]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'false')]", "xpath:innerText"] + ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"] ], "value": "false" }, { @@ -2042,7 +2050,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "12d22b1e-3669-4a42-9eb8-7a6035349af0", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -2051,6 +2059,17 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=td:nth-child(3)", "css:finder"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'root')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "87281e0a-322f-4d3a-9703-3e6966f26759", @@ -2180,11 +2199,11 @@ "id": "16271513-203c-4528-870f-dcf73f4d81cb", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2192,10 +2211,10 @@ "id": "3f2c3eab-ecbf-45f3-bcdc-a5cad766b27c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", + "target": "css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "targets": [ - ["css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[5]/div[2]/div[3]/span", "xpath:idRelative"], + ["css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[6]/div[2]/div[3]/span", "xpath:idRelative"], ["xpath=//div[3]/span", "xpath:position"], ["xpath=//span[contains(.,'user@test.org')]", "xpath:innerText"] ], @@ -2453,7 +2472,7 @@ ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], ["xpath=//div/span[2]", "xpath:position"] ], - "value": "10000" + "value": "30000" }, { "id": "1c0b7514-92b7-4e07-b462-467113f4a8cd", "comment": "", From c654f284824dec8bff37b97aa2e6dd8daa8db030 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 17 Oct 2022 12:13:06 -0700 Subject: [PATCH 44/77] SHIBUI-2380 Fixed NPE issue when viewing version history of entity descriptor --- .../admin/ui/service/JPAEntityDescriptorServiceImpl.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index b2b264a7a..62876378f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -517,7 +517,7 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed keyDescriptorRep.setElementType(keyInfoType); if (keyInfoType != KeyDescriptorRepresentation.ElementType.unsupported) { List children = keyInfo.getOrderedChildren().stream().filter(xmlObj -> { - boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue; + boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue || xmlObj == null; return !xmlWeDoNotWant; }).collect(Collectors.toList()); XMLObject obj = children.get(0); @@ -533,7 +533,7 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed private KeyDescriptorRepresentation.ElementType determineKeyInfoType(KeyInfo keyInfo) { List children = keyInfo.getOrderedChildren().stream().filter(xmlObj -> { - boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue; + boolean xmlWeDoNotWant = xmlObj instanceof KeyName || xmlObj instanceof KeyValue || xmlObj == null; return !xmlWeDoNotWant; }).collect(Collectors.toList()); if (children.size() < 1) { From 765dd32c9fa813d2e530b85ef6586441a6d696f1 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Mon, 17 Oct 2022 15:20:37 -0400 Subject: [PATCH 45/77] SHIBUI-2380 Various selenium test fixes to reflect changes in the UI. --- .../admin/ui/SeleniumSIDETest.groovy | 8 +- .../integration/resources/SHIBUI-1385-1.side | 245 +++++++++------- .../integration/resources/SHIBUI-1407-1.side | 265 ++++++++++-------- .../integration/resources/SHIBUI-1503-1.side | 51 +++- .../integration/resources/SHIBUI-1674-1.side | 16 +- .../integration/resources/SHIBUI-1742-1.side | 56 ++-- .../integration/resources/SHIBUI-2267.side | 13 +- 7 files changed, 379 insertions(+), 275 deletions(-) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 1b1a78bec..d7dd72abb 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -107,7 +107,7 @@ class SeleniumSIDETest extends Specification { where: name | file -/* 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' + 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' 'SHIBUI-1364: Compare FSMP' | '/SHIBUI-1364-2.side' 'SHIBUI-1364: Compare LDMP' | '/SHIBUI-1364-3.side' 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side' @@ -116,9 +116,9 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-950: Metadata Source from XML w/ digest' | '/SHIBUI-950.side' 'SHIBUI-1352: Create LocalDynamic provider' | '/SHIBUI-1352-1.side' 'SHIBUI-1352: Create FileSystem provider' | '/SHIBUI-1352-2.side' - 'SHIBUI-1333: Verify metadata source configuration' | '/SHIBUI-1333.side'*/ + 'SHIBUI-1333: Verify metadata source configuration' | '/SHIBUI-1333.side' 'SHIBUI-1334: Verify metadata source versioning' | '/SHIBUI-1334-1.side' -/* 'SHIBUI-1334: Verify metadata provider versioning' | '/SHIBUI-1334-2.side' + 'SHIBUI-1334: Verify metadata provider versioning' | '/SHIBUI-1334-2.side' 'SHIBUI-1335: Verify File Backed HTTP Metadata Provider Filters' | '/SHIBUI-1335-1.side' 'SHIBUI-1335: Verify Filesystem Metadata Provider' | '/SHIBUI-1335-2.side' 'SHIBUI-1335: Verify Local Dynamic Metadata Provider' | '/SHIBUI-1335-3.side' @@ -161,6 +161,6 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-2270: Verify property set CRUD' | '/SHIBUI-2270-1.side' 'SHIBUI-2270: Verify full property set' | '/SHIBUI-2270-2.side' 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' - 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side'*/ + 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' } } diff --git a/backend/src/integration/resources/SHIBUI-1385-1.side b/backend/src/integration/resources/SHIBUI-1385-1.side index 43178ab01..7d3b47a31 100644 --- a/backend/src/integration/resources/SHIBUI-1385-1.side +++ b/backend/src/integration/resources/SHIBUI-1385-1.side @@ -811,11 +811,12 @@ "id": "23fd8856-32df-48ed-a198-a74e8ca71b10", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[5]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[9]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[5]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "id"], + ["css=#option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" @@ -1013,16 +1014,29 @@ ["xpath=//div[2]/div/div/div/input", "xpath:position"] ], "value": "" + }, { + "id": "a9f38744-ba6b-4722-a3c8-c93aa3d51e42", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" }, { "id": "3e11e54a-1b36-43ed-a8e5-d91f1fbed991", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1030,12 +1044,12 @@ "id": "5acb8e19-16a3-4139-a961-1b58c11c4681", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 1 Name" @@ -1043,26 +1057,26 @@ "id": "23ff8b87-ac6c-4f82-a779-aa91be11f49c", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_type-signing", + "target": "id=root_securityInfo_keyDescriptors_0_type-signing", "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-signing", "id"], - ["name=root_securityInfo_x509Certificates_0_type", "name"], - ["css=#root_securityInfo_x509Certificates_0_type-signing", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-signing']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_type-signing", "id"], + ["name=root_securityInfo_keyDescriptors_0_type", "name"], + ["css=#root_securityInfo_keyDescriptors_0_type-signing", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_type-signing']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "dd15088c-ddc9-42fd-8f8d-f73338be71b6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "" @@ -1070,12 +1084,12 @@ "id": "813bf709-6c73-41ac-837a-5be076fa43c7", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "This is cert 1." @@ -1096,12 +1110,12 @@ "id": "cbe577f6-3d18-49d9-95ab-2e597e5308a6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_1_name", "id"], - ["css=#root_securityInfo_x509Certificates_1_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1109,12 +1123,12 @@ "id": "ae98e813-77f4-424e-9141-d48e6127d9b6", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_1_name", "id"], - ["css=#root_securityInfo_x509Certificates_1_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 2 Name" @@ -1122,39 +1136,39 @@ "id": "835ad053-0a10-4606-a148-c7ba36be316f", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_type-encryption", + "target": "id=root_securityInfo_keyDescriptors_1_type-encryption", "targets": [ - ["id=root_securityInfo_x509Certificates_1_type-encryption", "id"], - ["css=#root_securityInfo_x509Certificates_1_type-encryption", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_1_type-encryption']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_type-encryption", "id"], + ["css=#root_securityInfo_keyDescriptors_1_type-encryption", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_type-encryption']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:position"] ], "value": "" }, { "id": "e272cafa-3aba-4aff-972e-b1d45e627b88", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_1_value", "id"], - ["css=#root_securityInfo_x509Certificates_1_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_1_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "" }, { "id": "ae42d668-92ba-4cb8-9daf-a2a64ac18404", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_1_value", "id"], - ["css=#root_securityInfo_x509Certificates_1_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_1_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "This is cert 2." }, { @@ -1661,11 +1675,12 @@ "id": "1a1b509e-1768-4291-820d-26f4b73a9d71", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[10]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1673,13 +1688,13 @@ "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=field83", "id"], - ["css=#field83", "css:finder"], - ["xpath=//input[@id='field83']", "xpath:attributes"], - ["xpath=//div[@id='field83-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -1721,12 +1736,13 @@ "id": "cbf15c4c-35d9-4f80-ba3d-bfe960048cd1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/0-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[7]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/0-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1772,12 +1788,13 @@ "id": "2b063eb8-f2d6-4a59-85bb-b04c467d9874", "comment": "", "command": "click", - "target": "xpath=//div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/1-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[8]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/1-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[2]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1823,12 +1840,13 @@ "id": "64e215d9-6e46-422f-882c-13b6fb102622", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1870,26 +1888,26 @@ "id": "dacd34b0-9e48-4838-b137-bf22dd027ed0", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=/relyingPartyOverrides/authenticationMethods/3", "id"], - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/3", "css:finder"], - ["xpath=//input[@id='/relyingPartyOverrides/authenticationMethods/3']", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/3-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "cc9dd18b-ee87-4aa7-91f2-59f02834759b", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=field87", "id"], - ["css=#field87", "css:finder"], - ["xpath=//input[@id='field87']", "xpath:attributes"], - ["xpath=//div[@id='field87-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" }, { @@ -1954,11 +1972,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .border-bottom > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2048,7 +2066,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "5a83524d-ccbb-4be2-b5d0-969184b9cb4e", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -2057,6 +2075,17 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=td:nth-child(3)", "css:finder"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'root')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "87281e0a-322f-4d3a-9703-3e6966f26759", @@ -2191,11 +2220,11 @@ "id": "16271513-203c-4528-870f-dcf73f4d81cb", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2203,10 +2232,10 @@ "id": "3f2c3eab-ecbf-45f3-bcdc-a5cad766b27c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", + "target": "css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "targets": [ - ["css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[5]/div[2]/div[3]/span", "xpath:idRelative"], + ["css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[6]/div[2]/div[3]/span", "xpath:idRelative"], ["xpath=//div[3]/span", "xpath:position"], ["xpath=//span[contains(.,'user@test.org')]", "xpath:innerText"] ], diff --git a/backend/src/integration/resources/SHIBUI-1407-1.side b/backend/src/integration/resources/SHIBUI-1407-1.side index dea518e4a..d8ff784a9 100644 --- a/backend/src/integration/resources/SHIBUI-1407-1.side +++ b/backend/src/integration/resources/SHIBUI-1407-1.side @@ -804,13 +804,13 @@ "id": "23fd8856-32df-48ed-a198-a74e8ca71b10", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[5]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "targets": [ - ["id=field34", "id"], - ["css=#field34", "css:finder"], - ["xpath=//input[@id='field34']", "xpath:attributes"], - ["xpath=//div[@id='field34-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "id"], + ["css=#option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_serviceProviderSsoDescriptor_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[4]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -1007,16 +1007,29 @@ ["xpath=//div[2]/div/div/div/input", "xpath:position"] ], "value": "" + }, { + "id": "b6b3051b-c11e-468f-8f7c-d4fde7bddfcb", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" }, { "id": "3e11e54a-1b36-43ed-a8e5-d91f1fbed991", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1024,12 +1037,12 @@ "id": "5acb8e19-16a3-4139-a961-1b58c11c4681", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_name", + "target": "id=root_securityInfo_keyDescriptors_0_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_name", "id"], + ["css=#root_securityInfo_keyDescriptors_0_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 1 Name" @@ -1037,26 +1050,26 @@ "id": "23ff8b87-ac6c-4f82-a779-aa91be11f49c", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_type-signing", + "target": "id=root_securityInfo_keyDescriptors_0_type-signing", "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-signing", "id"], - ["name=root_securityInfo_x509Certificates_0_type", "name"], - ["css=#root_securityInfo_x509Certificates_0_type-signing", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-signing']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_0_type-signing", "id"], + ["name=root_securityInfo_keyDescriptors_0_type", "name"], + ["css=#root_securityInfo_keyDescriptors_0_type-signing", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_0_type-signing']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "dd15088c-ddc9-42fd-8f8d-f73338be71b6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "" @@ -1064,12 +1077,12 @@ "id": "813bf709-6c73-41ac-837a-5be076fa43c7", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_0_value", + "target": "id=root_securityInfo_keyDescriptors_0_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], + ["id=root_securityInfo_keyDescriptors_0_value", "id"], + ["css=#root_securityInfo_keyDescriptors_0_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_0_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], ["xpath=//textarea", "xpath:position"] ], "value": "This is cert 1." @@ -1090,65 +1103,65 @@ "id": "cbe577f6-3d18-49d9-95ab-2e597e5308a6", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "ae98e813-77f4-424e-9141-d48e6127d9b6", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_name", + "target": "id=root_securityInfo_keyDescriptors_1_name", "targets": [ - ["id=root_securityInfo_x509Certificates_0_name", "id"], - ["css=#root_securityInfo_x509Certificates_0_name", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_name']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_name", "id"], + ["css=#root_securityInfo_keyDescriptors_1_name", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "Cert 2 Name" }, { "id": "835ad053-0a10-4606-a148-c7ba36be316f", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_type-encryption", + "target": "id=root_securityInfo_keyDescriptors_1_type-encryption", "targets": [ - ["id=root_securityInfo_x509Certificates_0_type-encryption", "id"], - ["css=#root_securityInfo_x509Certificates_0_type-encryption", "css:finder"], - ["xpath=//input[@id='root_securityInfo_x509Certificates_0_type-encryption']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[2]/div/div/div/div/div[2]/input", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div[2]/input", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_type-encryption", "id"], + ["css=#root_securityInfo_keyDescriptors_1_type-encryption", "css:finder"], + ["xpath=//input[@id='root_securityInfo_keyDescriptors_1_type-encryption']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/div[2]/input", "xpath:position"] ], "value": "" }, { "id": "e272cafa-3aba-4aff-972e-b1d45e627b88", "comment": "", "command": "click", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "" }, { "id": "ae42d668-92ba-4cb8-9daf-a2a64ac18404", "comment": "", "command": "type", - "target": "id=root_securityInfo_x509Certificates_1_value", + "target": "id=root_securityInfo_keyDescriptors_1_value", "targets": [ - ["id=root_securityInfo_x509Certificates_0_value", "id"], - ["css=#root_securityInfo_x509Certificates_0_value", "css:finder"], - ["xpath=//textarea[@id='root_securityInfo_x509Certificates_0_value']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[7]/div/div/div/div/div/div[3]/div/div/div/div[2]/div/div/div/div[2]/div/div/div/div/div[3]/div/div/div/div/textarea", "xpath:idRelative"], - ["xpath=//textarea", "xpath:position"] + ["id=root_securityInfo_keyDescriptors_1_value", "id"], + ["css=#root_securityInfo_keyDescriptors_1_value", "css:finder"], + ["xpath=//textarea[@id='root_securityInfo_keyDescriptors_1_value']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[6]/div/div/div/div/div/div[3]/div/div/div/div[2]/div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div[2]/div/div/div/div/div[4]/div/div/div/div/textarea", "xpath:position"] ], "value": "This is cert 2." }, { @@ -1655,26 +1668,26 @@ "id": "1a1b509e-1768-4291-820d-26f4b73a9d71", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=/relyingPartyOverrides/nameIdFormats/4", "id"], - ["css=#\\/relyingPartyOverrides\\/nameIdFormats\\/4", "css:finder"], - ["xpath=//input[@id='/relyingPartyOverrides/nameIdFormats/4']", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/nameIdFormats/4-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "433d6e9d-9d03-4042-9ee0-6284570f8a3c", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["id=field83", "id"], - ["css=#field83", "css:finder"], - ["xpath=//input[@id='field83']", "xpath:attributes"], - ["xpath=//div[@id='field83-container']/div/input", "xpath:idRelative"], - ["xpath=//li[5]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "somethingElse" }, { @@ -1723,12 +1736,13 @@ "id": "cbf15c4c-35d9-4f80-ba3d-bfe960048cd1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/0-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[7]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/0-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1777,12 +1791,13 @@ "id": "2b063eb8-f2d6-4a59-85bb-b04c467d9874", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/1-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[8]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/1-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[2]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1831,12 +1846,13 @@ "id": "64e215d9-6e46-422f-882c-13b6fb102622", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1878,26 +1894,26 @@ "id": "dacd34b0-9e48-4838-b137-bf22dd027ed0", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=/relyingPartyOverrides/authenticationMethods/3", "id"], - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/3", "css:finder"], - ["xpath=//input[@id='/relyingPartyOverrides/authenticationMethods/3']", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/3-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "cc9dd18b-ee87-4aa7-91f2-59f02834759b", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div[2]/div/div/form/div/div[1]/div/div/div[9]/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["id=field87", "id"], - ["css=#field87", "css:finder"], - ["xpath=//input[@id='field87']", "xpath:attributes"], - ["xpath=//div[@id='field87-container']/div/input", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[4]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "otherThings" }, { @@ -1971,11 +1987,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .border-bottom > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2062,7 +2078,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "37636c97-2c2b-4fe8-978b-8bb19430b361", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -2071,6 +2087,18 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=.align-middle:nth-child(4)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[4]", "xpath:idRelative"], + ["xpath=//td[4]", "xpath:position"], + ["xpath=//td[contains(.,'admin')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "fbcf1587-cb27-4deb-80c6-78b4d4aa2478", @@ -2188,11 +2216,11 @@ "id": "16271513-203c-4528-870f-dcf73f4d81cb", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'test-1234')]", "xpath:innerText"] ], "value": "test-1234" @@ -2200,10 +2228,10 @@ "id": "3f2c3eab-ecbf-45f3-bcdc-a5cad766b27c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", + "target": "css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "targets": [ - ["css=div:nth-child(5) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[5]/div[2]/div[3]/span", "xpath:idRelative"], + ["css=div:nth-child(6) > .py-2:nth-child(2) > .d-flex:nth-child(3) > .d-block", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[6]/div[2]/div[3]/span", "xpath:idRelative"], ["xpath=//div[3]/span", "xpath:position"], ["xpath=//span[contains(.,'user@test.org')]", "xpath:innerText"] ], @@ -2248,11 +2276,12 @@ "id": "fe47ffd2-d2a0-4264-90fe-31b998f81ac2", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(7) div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(7) .p-2 > div > div > div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"] + ["css=.mb-4:nth-child(7) div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" }, { diff --git a/backend/src/integration/resources/SHIBUI-1503-1.side b/backend/src/integration/resources/SHIBUI-1503-1.side index e8c611e9e..cb0be998d 100644 --- a/backend/src/integration/resources/SHIBUI-1503-1.side +++ b/backend/src/integration/resources/SHIBUI-1503-1.side @@ -488,8 +488,14 @@ "id": "9be511e0-ed11-4707-8490-6fa248e4138e", "comment": "", "command": "assertNotChecked", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", - "targets": [], + "target": "xpath=//span/div/input", + "targets": [ + ["id=enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "id"], + ["css=#enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "css:finder"], + ["xpath=//input[@id='enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[6]/span/div/input", "xpath:idRelative"], + ["xpath=//span/div/input", "xpath:position"] + ], "value": "" }, { "id": "157e70d6-fa1c-4118-bce4-ab52000b6c16", @@ -539,10 +545,11 @@ "id": "6ba5a2fb-8c68-4743-99d6-1fa44644f399", "comment": "", "command": "assertText", - "target": "css=td:nth-child(3)", + "target": "css=td:nth-child(4)", "targets": [ - ["css=td:nth-child(3)", "css:finder"], - ["xpath=//td[3]", "xpath:position"], + ["css=.align-middle:nth-child(4)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[4]", "xpath:idRelative"], + ["xpath=//td[4]", "xpath:position"], ["xpath=//td[contains(.,'nonadmin')]", "xpath:innerText"] ], "value": "nonadmin" @@ -550,11 +557,13 @@ "id": "eb63aa9f-4ac5-4852-8941-740b9f49a769", "comment": "", "command": "click", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", + "target": "xpath=//input", "targets": [ - ["css=.custom-control-label", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[5]/span/div/label", "xpath:idRelative"], - ["xpath=//label", "xpath:position"] + ["id=enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "id"], + ["css=#enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "css:finder"], + ["xpath=//input[@id='enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[6]/span/div/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] ], "value": "" }, { @@ -600,9 +609,29 @@ "id": "f76a12a3-2054-4be2-a6a6-2221afd493fb", "comment": "", "command": "assertChecked", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", - "targets": [], + "target": "xpath=//span/div/input", + "targets": [ + ["id=enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "id"], + ["css=#enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2", "css:finder"], + ["xpath=//input[@id='enable-switch-43a10ef8-09e0-4e86-b3bc-404c4e9293b2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[6]/span/div/input", "xpath:idRelative"], + ["xpath=//span/div/input", "xpath:position"] + ], "value": "Enabled" + }, { + "id": "6288b2e8-6cec-4fa9-9f34-a9a39c79bbb0", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "bedd3f8c-501e-4d66-acf3-95ded657db44", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" }] }], "suites": [{ diff --git a/backend/src/integration/resources/SHIBUI-1674-1.side b/backend/src/integration/resources/SHIBUI-1674-1.side index e2c62c188..f57151faf 100644 --- a/backend/src/integration/resources/SHIBUI-1674-1.side +++ b/backend/src/integration/resources/SHIBUI-1674-1.side @@ -119,16 +119,16 @@ "id": "93d20204-7dfa-44c0-8e61-6741e73594f5", "comment": "", "command": "waitForElementPresent", - "target": "css=.mb-3:nth-child(2) .btn path", + "target": "css=.mb-3:nth-child(3) .info-icon path", "targets": [], "value": "30000" }, { "id": "a7b2b925-2274-4dcc-a4e3-3b727c9a047a", "comment": "", "command": "mouseOver", - "target": "css=.mb-3:nth-child(2) .btn path", + "target": "css=.mb-3:nth-child(3) .info-icon path", "targets": [ - ["css=.mb-3:nth-child(2) .btn path", "css:finder"] + ["css=.mb-3:nth-child(3) .info-icon path", "css:finder"] ], "value": "" }, { @@ -385,11 +385,9 @@ "id": "54a74399-69aa-4412-85c2-a5bbb543d8be", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(8) path:nth-child(1)", + "target": "css=.row:nth-child(9) path:nth-child(1)", "targets": [ - ["css=.app-root", "css:finder"], - ["xpath=//div[@id='root']/div", "xpath:idRelative"], - ["xpath=//div[3]/div", "xpath:position"] + ["css=.row:nth-child(9) path:nth-child(1)", "css:finder"] ], "value": "" }, { @@ -721,9 +719,9 @@ "id": "2928ba27-b934-499e-8dda-8441dbbb463d", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(7) path:nth-child(1)", + "target": "css=.row:nth-child(8) path:nth-child(1)", "targets": [ - ["css=.row:nth-child(7) path:nth-child(1)", "css:finder"] + ["css=.row:nth-child(8) path:nth-child(1)", "css:finder"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1742-1.side b/backend/src/integration/resources/SHIBUI-1742-1.side index 09985e641..80328ee7b 100644 --- a/backend/src/integration/resources/SHIBUI-1742-1.side +++ b/backend/src/integration/resources/SHIBUI-1742-1.side @@ -119,8 +119,8 @@ }, { "id": "21ab7479-9782-4b44-a169-732c957c6d01", "comment": "", - "command": "waitForElementNotVisible", - "target": "xpath=//div[@role=\"alert\"]", + "command": "assertElementPresent", + "target": "css=.alert", "targets": [], "value": "30000" }, { @@ -510,11 +510,13 @@ "id": "9585df73-48e3-4ca3-b13c-74ecdee11461", "comment": "", "command": "click", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", + "target": "xpath=//span/div/input", "targets": [ - ["css=.justify-content-center", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[5]/span", "xpath:idRelative"], - ["xpath=//td[5]/span", "xpath:position"] + ["id=enable-switch-758810ff-8c20-4145-ab70-05e981f78027", "id"], + ["css=#enable-switch-758810ff-8c20-4145-ab70-05e981f78027", "css:finder"], + ["xpath=//input[@id='enable-switch-758810ff-8c20-4145-ab70-05e981f78027']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[6]/span/div/input", "xpath:idRelative"], + ["xpath=//span/div/input", "xpath:position"] ], "value": "" }, { @@ -591,35 +593,41 @@ "id": "4bdddea6-4e3d-4947-a1cc-b05a795d56c5", "comment": "", "command": "waitForElementVisible", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", - "targets": [], + "target": "xpath=//span/div/input", + "targets": [ + ["id=enable-switch-758810ff-8c20-4145-ab70-05e981f78027", "id"], + ["css=#enable-switch-758810ff-8c20-4145-ab70-05e981f78027", "css:finder"], + ["xpath=//input[@id='enable-switch-758810ff-8c20-4145-ab70-05e981f78027']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[6]/span/div/input", "xpath:idRelative"], + ["xpath=//span/div/input", "xpath:position"] + ], "value": "3000" }, { "id": "79423a30-b82b-443f-b0ea-80370a6d397b", "comment": "", "command": "assertChecked", - "target": "xpath=//table/tbody/tr/td[5]/span/div/input", + "target": "xpath=//span/div/input", "targets": [ ["css=.custom-control-label", "css:finder"], ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[5]/span/div/label", "xpath:idRelative"], ["xpath=//span/div/label", "xpath:position"] ], "value": "" - },{ - "id": "4ec2c493-85e4-403b-9b09-031c5728f498", - "comment": "", - "command": "open", - "target": "/api/heheheheheheheWipeout", - "targets": [], - "value": "" - }, { - "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", - "comment": "", - "command": "assertText", - "target": "css=body", - "targets": [], - "value": "yes, you did it" - }] + }, { + "id": "4ec2c493-85e4-403b-9b09-031c5728f498", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] }], "suites": [{ "id": "8a97286b-5660-452c-9f23-4c5f5bf8de3b", diff --git a/backend/src/integration/resources/SHIBUI-2267.side b/backend/src/integration/resources/SHIBUI-2267.side index ac4919662..d1fd93f87 100644 --- a/backend/src/integration/resources/SHIBUI-2267.side +++ b/backend/src/integration/resources/SHIBUI-2267.side @@ -310,7 +310,7 @@ ], "value": "test-1234" }, { - "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "id": "83491735-f305-45f9-922c-697ac167c4e6", "comment": "", "command": "assertText", "target": "css=td:nth-child(3)", @@ -319,6 +319,17 @@ ["xpath=//td[3]", "xpath:position"], ["xpath=//td[contains(.,'root')]", "xpath:innerText"] ], + "value": "SAML" + }, { + "id": "b2d9f789-fb94-459f-9947-5364cebc43d1", + "comment": "", + "command": "assertText", + "target": "css=td:nth-child(4)", + "targets": [ + ["css=td:nth-child(3)", "css:finder"], + ["xpath=//td[3]", "xpath:position"], + ["xpath=//td[contains(.,'root')]", "xpath:innerText"] + ], "value": "admin" }, { "id": "549253bc-b6e0-4968-8058-f52700e9e3b2", From 97cc723c298fa1802d74a40b7ba512205825bc4c Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 17 Oct 2022 15:19:09 -0700 Subject: [PATCH 46/77] Updated id attribute --- ui/src/app/metadata/domain/source/component/SourceList.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/src/app/metadata/domain/source/component/SourceList.js b/ui/src/app/metadata/domain/source/component/SourceList.js index 671c08a0b..923f41273 100644 --- a/ui/src/app/metadata/domain/source/component/SourceList.js +++ b/ui/src/app/metadata/domain/source/component/SourceList.js @@ -68,7 +68,7 @@ export default function SourceList({ entities, onDelete, onEnable, onChangeGroup {onEnable && canEnable ? onEnable(source, checked)} From fb8a2f976bf4655cc282acbae48c0ad9f3f7e969 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 18 Oct 2022 07:43:58 -0700 Subject: [PATCH 47/77] Fixed validation regex for sources --- .../wizard/MetadataSourceProtocolSelector.js | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js index a9f99dab1..9256a698d 100644 --- a/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js +++ b/ui/src/app/metadata/wizard/MetadataSourceProtocolSelector.js @@ -8,6 +8,7 @@ import Translate from '../../i18n/components/translate'; import { InfoIcon } from '../../form/component/InfoIcon'; import { useTranslator } from '../../i18n/hooks'; import { useMetadataSources } from '../hooks/api'; +import { useUserGroup } from '../../core/user/UserContext'; import Button from 'react-bootstrap/Button'; export function MetadataSourceProtocolSelector({ types = [], loading, children}) { @@ -51,7 +52,7 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) setSourceIds(data.map(s => s.entityId)); }, [data]); - React.useState(() => console.log(sourceNames), [sourceNames]); + const group = useUserGroup(); return ( <>{showSelector ? @@ -135,12 +136,17 @@ export function MetadataSourceProtocolSelector({ types = [], loading, children}) !(sourceIds.indexOf(v) > -1) - }})} /> + type="text" {...register('entityId', { + required: true, + validate: { + unique: v => !(sourceIds.indexOf(v) > -1) + }, + pattern: new RegExp(group?.validationRegex) + })} /> {errors?.entityId?.type === 'unique' && } {errors?.entityId?.type === 'required' && } + {errors?.entityId?.type === 'pattern' && } From 279c2b712801851c24e061f20846f8db9fefd541 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 18 Oct 2022 11:45:18 -0700 Subject: [PATCH 48/77] SHIBUI-2380 Adding OIDC/OAUTH specific Relying party overrides --- backend/src/main/resources/application.yml | 262 +++++++++++++++++- .../main/resources/i18n/messages.properties | 83 ++++++ 2 files changed, 344 insertions(+), 1 deletion(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index 46042589e..de3a1eba5 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -163,4 +163,264 @@ custom: displayType: boolean helpText: tooltip.ignore-request-signatures attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures - attributeFriendlyName: ignoreRequestSignatures \ No newline at end of file + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: list + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: list + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: list + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: list + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: list + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: list + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: list + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: list + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: list + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetime + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: list + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: list + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes \ No newline at end of file diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index bb76787d6..69571640b 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -865,3 +865,86 @@ label.software-version=Software Version tooltip.software-version=Version of Software label.default-max-age=Default Max Age tooltip.default-max-age=Specifies that the End-User MUST be actively authenticated if the End-User was authenticated longer ago than the specified number of seconds. + +# OIDC/OAUTH Relaying Party Overrides +label.disallowedFeatures=Disallowed Features +label.inboundInterceptorFlows=Inbound Interceptor Flows +label.outboundInterceptorFlows=Outbound Interceptor Flows +label.securityConfiguration=Security Configuration +label.tokenEndpointAuthMethods=Token Endpoint Authentication Methods +label.defaultAuthenticationMethods=Default Authentication Methods +label.postAuthenticationFlows=Post Authentication Flows +label.proxyCount=Proxy Count +label.revocationLifetime=Revocation Lifetime +label.revocationMethod=Revocation Method +label.accessTokenLifetime=Access Token Lifetime +label.accessTokenType=Access Token Type +label.allowPKCEPlain.oidc=Allow PKCE Plain (OIDC) +label.enforceRefreshTokenRotation=Enforce Refresh Token Rotation +label.forcePKCE.oidc=Force PKCE (OIDC) +label.grantTypes=Grant Types +label.refreshTokenLifetime=Refresh Token Lifetime +label.resolveAttributes.oauth=Resolve Attributes (Oauth) +label.authorizationCodeFlowEnabled=Authorization Code Flow Enabled +label.hybridFlowEnabled=Hybrid Flow Enabled +label.implicitFlowEnabled=Implicit Flow Enabled +label.refreshTokensEnabled=Refresh Tokens Enabled +label.accessTokenLifetime=Access Token Lifetime +label.accessTokenType=Access Token Type +label.acrRequestAlwaysEssential=Acr Request Always Essential +label.allowPKCEPlain.oauth=Allow PKCE Plain (OAUTH) +label.alwaysIncludedAttributes=Always Included Attributes +label.authorizeCodeLifetime=Authorize Code Lifetime +label.deniedUserInfoAttributes=Denied User Info Attributes +label.encodeConsentInTokens=Encode Consent In Tokens +label.encodedAttributes=Encoded Attributes +label.forcePKCE.oauth=Force PKCE (OAUTH) +label.IDTokenLifetime.browser=IDToken Lifetime (browser) +label.includeIssuerInResponse=Include Issuer In Response +label.refreshTokenLifetime=Refresh Token Lifetime +label.alwaysIncludedAttributes=Always Included Attributes +label.encryptionOptional=Encryption Optional +label.IDTokenLifetime=IDToken Lifetime +label.deniedUserInfoAttributes=Denied User Info Attributes +label.resolveAttributes.oidc=Resolve Attributes (OIDC) + +tooltip.disallowedFeatures=A bitmask of features to disallow. the mask values being specific to individual profiles +tooltip.inboundInterceptorFlows=Ordered list of profile interceptor flows to run prior to message processing +tooltip.outboundInterceptorFlows=Ordered list of profile interceptor flows to run prior to outbound message handling +tooltip.securityConfiguration=An object containing all of the default security-related objects needed for peer authentication and encryption. See SecurityConfiguration for complete details. +tooltip.tokenEndpointAuthMethods=Enabled endpoint client authentication methods +tooltip.defaultAuthenticationMethods=Ordered list of Java Principals to be used to select appropriate login flow(s) to attempt in the event that a relying party does not signal a preference. See AuthenticationFlowSelection. +tooltip.postAuthenticationFlows=Ordered list of profile interceptor flows to run after successful authentication +tooltip.proxyCount=Limits use of proxying either to service providers downstream or when requesting authentication from identity providers upstream. This will generally depend on whether a particular protocol supports the feature. +tooltip.revocationLifetime=The revocation lifetime used when revoking the full chain (see CHAIN above). +tooltip.revocationMethod=The revocation method: CHAIN refers to revoking whole chain of tokens (from authorization code to all access/refresh tokens) and TOKEN refers to revoking single token +tooltip.accessTokenLifetime=Lifetime of access token issued to client +tooltip.accessTokenType=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. +tooltip.allowPKCEPlain=Whether client is allowed to use PKCE code challenge method plain +tooltip.enforceRefreshTokenRotation=Whether to enforce refresh token rotation. If enabled the refresh token is revoked whenever it is used for issuing a new refresh token. +tooltip.forcePKCE=Whether client is required to use PKCE +tooltip.grantTypes=OAuth grant types to allow +tooltip.refreshTokenLifetime=Lifetime of refresh token issued to client +tooltip.resolveAttributes.oidc=Whether to resolve attributes during the token issuance process +tooltip.authorizationCodeFlowEnabled=Whether to enable the authorization code flow +tooltip.hybridFlowEnabled=Whether to enable the hybrid flow +tooltip.implicitFlowEnabled=Whether to enable the implicit flow +tooltip.refreshTokensEnabled=Whether to enable refresh token support +tooltip.accessTokenLifetime=Lifetime of access token +tooltip.accessTokenType=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. +tooltip.acrRequestAlwaysEssential=Whether to treat "acr" claim requests as essential regardless of request +tooltip.allowPKCEPlain=Whether client is allowed to use PKCE code challenge method plain +tooltip.alwaysIncludedAttributes=Specifies IdPAttributes to always include in ID token regardless of response_type +tooltip.authorizeCodeLifetime=Lifetime of authorization code +tooltip.deniedUserInfoAttributes=Specifies IdPAttributes to omit from UserInfo token +tooltip.encodeConsentInTokens=Whether to embed consent decision(s) in access/refresh tokens and authorization code to allow for client-side consent storage +tooltip.encodedAttributes=Specifies IdPAttributes to encode into tokens for recovery on back-channel token requests +tooltip.forcePKCE=Whether client is required to use PKCE +tooltip.IDTokenLifetime.browser=Lifetime of ID token (browser) +tooltip.includeIssuerInResponse=Whether to include issuer -parameter in the responses as specified by RFC 9207. If set to true also consider including authorization_response_iss_parameter_supported to the OP metadata. +tooltip.refreshTokenLifetime=Lifetime of refresh token +tooltip.alwaysIncludedAttributes=Specifies IdPAttributes to always include in ID token regardless of response_type +tooltip.encryptionOptional=Whether the absence of encryption details in a client?s metadata should fail when issuing an ID token +tooltip.IDTokenLifetime=Lifetime of ID token issued to client +tooltip.deniedUserInfoAttributes=Specifies IdPAttributes to omit from UserInfo token +tooltip.resolveAttributes.oauth=Whether to run the attribute resolution/filtering step \ No newline at end of file From 7a1c218a386d1065bba391dbb524fee444755a5a Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 18 Oct 2022 15:49:06 -0700 Subject: [PATCH 49/77] SHIBUI-2380 application.yml updates for testing and for RPOs --- .../src/enversTest/resources/application.yml | 166 ++++++++++++++++++ backend/src/main/resources/application.yml | 64 +++++-- backend/src/test/resources/application.yml | 166 ++++++++++++++++++ 3 files changed, 384 insertions(+), 12 deletions(-) create mode 100644 backend/src/enversTest/resources/application.yml create mode 100644 backend/src/test/resources/application.yml diff --git a/backend/src/enversTest/resources/application.yml b/backend/src/enversTest/resources/application.yml new file mode 100644 index 000000000..bfba124cd --- /dev/null +++ b/backend/src/enversTest/resources/application.yml @@ -0,0 +1,166 @@ +#spring: +# jpa: +# show-sql: false +# properties: +# hibernate: +# format_sql: true +# dialect: org.hibernate.dialect.PostgreSQL95Dialect +# OR SEE: https://access.redhat.com/webassets/avalon/d/red-hat-jboss-enterprise-application-platform/7.2/javadocs/org/hibernate/dialect/package-summary.html + +#shibui: +## Default password must be set for the default user to be configured and setup +# default-rootuser:root +## need to include the encoding for the password - be sure to quote the entire value as shown +# default-password: "{noop}foopassword" +# pac4j-enabled: true +# pac4j: +# keystorePath: "/etc/shibui/samlKeystore.jks" +# keystorePassword: "changeit" +# privateKeyPassword: "changeit" +# serviceProviderEntityId: "https://idp.example.com/shibui" +# serviceProviderMetadataPath: "/etc/shibui/sp-metadata.xml" +# identityProviderMetadataPath: "/etc/shibui/idp-metadata.xml" +# forceServiceProviderMetadataGeneration: false +# callbackUrl: "https://localhost:8443/callback" +# postLogoutURL: "https://idp.example.com/idp/profile/Logout" # Must set this to get IDP logout +# maximumAuthenticationLifetime: 3600000 +# requireAssertedRoleForNewUsers: false +# saml2ProfileMapping: +# username: urn:oid:0.9.2342.19200300.100.1.1 +# firstname: urn:oid:2.5.4.42 +# lastname: urn:oid:2.5.4.4 +# email: urn:oid:0.9.2342.19200300.100.1.3 +# groups: urn:oid:1.3.6.1.4.1.5923.1.5.1.1 # attributeId - isMemberOf +# roles: --define name of the attribute containing the incoming user roles-- + +custom: + attributes: + # Default attributes + - name: eduPersonPrincipalName + displayName: label.attribute-eduPersonPrincipalName + - name: uid + displayName: label.attribute-uid + - name: mail + displayName: label.attribute-mail + - name: surname + displayName: label.attribute-surname + - name: givenName + displayName: label.attribute-givenName + - name: eduPersonAffiliation + displayName: label.attribute-eduPersonAffiliation + - name: eduPersonScopedAffiliation + displayName: label.attribute-eduPersonScopedAffiliation + - name: eduPersonPrimaryAffiliation + displayName: label.attribute-eduPersonPrimaryAffiliation + - name: eduPersonEntitlement + displayName: label.attribute-eduPersonEntitlement + - name: eduPersonAssurance + displayName: label.attribute-eduPersonAssurance + - name: eduPersonUniqueId + displayName: label.attribute-eduPersonUniqueId + - name: employeeNumber + displayName: label.attribute-employeeNumber + # Custom attributes + + # The following contains a map of "relying party overrides". + # The structure of an entry is as follows: + # - name: The name of the entry. used to uniquely identify this entry. + # displayName: This will normally be the label used when displaying this override in the UI + # displayType: The type to use when displaying this option + # helpText: This is the help-icon hover-over text + # defaultValues: One or more values to be displayed as default options in the UI + # persistType: Optional. If it is necessary to persist something different than the override's display type, + # set that type here. For example, display a boolean, but persist a string. + # persistValue: Required only when persistType is used. Defines the value to be persisted. + # attributeName: This is the name of the attribute to be used in the xml. This is assumed to be a URI. + # attributeFriendlyName: This is the friendly name associated with the above attributeName. + # + # It is imperative when defining these that the "displayType" and "persistType" are known types. + # Typos or unsupported values here will result in that override being skipped! + # Supported types are as follows: boolean, integer, string, set, list + # Note that "persistType" doesn't have to match "displayType". However, the only unmatching combination currently + # supported is a "displayType" of "boolean" and "persistType" of "string". + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + invert: true + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + invert: true + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + invert: true + - name: responderId + displayName: label.responder-id + displayType: string + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures \ No newline at end of file diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index de3a1eba5..d63d3b9b3 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -165,24 +165,28 @@ custom: attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures attributeFriendlyName: ignoreRequestSignatures - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures displayName: label.disallowedFeatures helpText: tooltip.disallowedFeatures displayType: string attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures protocol: oidc - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows displayName: label.inboundInterceptorFlows helpText: tooltip.inboundInterceptorFlows - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows protocol: oidc - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows displayName: label.outboundInterceptorFlows helpText: tooltip.outboundInterceptorFlows - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows protocol: oidc - name: securityConfiguration + attributeFriendlyName: securityConfiguration displayName: label.securityConfiguration helpText: tooltip.securityConfiguration displayType: string @@ -190,31 +194,36 @@ custom: attributeName: http://shibboleth.net/ns/profiles/securityConfiguration protocol: oidc - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods displayName: label.tokenEndpointAuthMethods helpText: tooltip.tokenEndpointAuthMethods - displayType: list + displayType: string defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods protocol: oidc - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods displayName: label.defaultAuthenticationMethods helpText: tooltip.defaultAuthenticationMethods - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods protocol: oidc - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows displayName: label.postAuthenticationFlows helpText: tooltip.postAuthenticationFlows - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows protocol: oidc - name: proxyCount + attributeFriendlyName: proxyCount displayName: label.proxyCount helpText: tooltip.proxyCount displayType: integer attributeName: http://shibboleth.net/ns/profiles/proxyCount protocol: oidc - name: revocationLifetime + attributeFriendlyName: revocationLifetime displayName: label.revocationLifetime helpText: tooltip.revocationLifetime displayType: string @@ -222,6 +231,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime protocol: oidc - name: revocationMethod + attributeFriendlyName: revocationMethod displayName: label.revocationMethod helpText: tooltip.revocationMethod displayType: selection_list @@ -232,6 +242,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime displayName: label.accessTokenLifetime helpText: tooltip.accessTokenLifetime displayType: string @@ -239,37 +250,43 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - name: accessTokenType + attributeFriendlyName: accessTokenType displayName: label.accessTokenType helpText: tooltip.accessTokenType displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth displayName: label.allowPKCEPlain.oauth helpText: tooltip.allowPKCEPlain.oauth displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain protocol: oidc - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation displayName: label.enforceRefreshTokenRotation helpText: tooltip.enforceRefreshTokenRotation displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation protocol: oidc - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth displayName: label.forcePKCE.oauth helpText: tooltip.forcePKCE.oauth displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE protocol: oidc - name: grantTypes + attributeFriendlyName: grantTypes displayName: label.grantTypes helpText: tooltip.grantTypes - displayType: list + displayType: string defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime displayName: label.refreshTokenLifetime helpText: tooltip.refreshTokenLifetime displayType: string @@ -277,6 +294,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime protocol: oidc - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean @@ -284,6 +302,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean @@ -291,6 +310,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean @@ -298,6 +318,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean @@ -305,6 +326,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean @@ -312,6 +334,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime displayName: label.accessTokenLifetime helpText: tooltip.accessTokenLifetime displayType: string @@ -319,30 +342,35 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - name: accessTokenType + attributeFriendlyName: accessTokenType displayName: label.accessTokenType helpText: tooltip.accessTokenType displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential displayName: label.acrRequestAlwaysEssential helpText: tooltip.acrRequestAlwaysEssential displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential protocol: oidc - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc displayName: label.allowPKCEPlain.oidc helpText: tooltip.allowPKCEPlain.oidc displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes displayName: label.alwaysIncludedAttributes helpText: tooltip.alwaysIncludedAttributes - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime displayName: label.authorizeCodeLifetime helpText: tooltip.authorizeCodeLifetime displayType: string @@ -350,30 +378,35 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes displayName: label.deniedUserInfoAttributes helpText: tooltip.deniedUserInfoAttributes - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens displayName: label.encodeConsentInTokens helpText: tooltip.encodeConsentInTokens displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens protocol: oidc - name: encodedAttributes + attributeFriendlyName: encodedAttributes displayName: label.encodedAttributes helpText: tooltip.encodedAttributes - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes protocol: oidc - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc displayName: label.forcePKCE.oidc helpText: tooltip.forcePKCE.oidc displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE protocol: oidc - - name: IDTokenLifetime + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser displayName: label.IDTokenLifetime.browser helpText: tooltip.IDTokenLifetime.broswer displayType: string @@ -381,12 +414,14 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime protocol: oidc - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse displayName: label.includeIssuerInResponse helpText: tooltip.includeIssuerInResponse displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime displayName: label.refreshTokenLifetime helpText: tooltip.refreshTokenLifetime displayType: string @@ -394,12 +429,14 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes displayName: label.alwaysIncludedAttributes helpText: tooltip.alwaysIncludedAttributes - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc - name: encryptionOptional + attributeFriendlyName: encryptionOptional displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean @@ -407,6 +444,7 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime displayName: label.IDTokenLifetime helpText: tooltip.IDTokenLifetime displayType: string @@ -414,12 +452,14 @@ custom: attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime protocol: oidc - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes displayName: label.deniedUserInfoAttributes helpText: tooltip.deniedUserInfoAttributes - displayType: list + displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes protocol: oidc - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC displayName: label.resolveAttributes.oidc helpText: tooltip.resolveAttributes.oidc displayType: boolean diff --git a/backend/src/test/resources/application.yml b/backend/src/test/resources/application.yml new file mode 100644 index 000000000..bfba124cd --- /dev/null +++ b/backend/src/test/resources/application.yml @@ -0,0 +1,166 @@ +#spring: +# jpa: +# show-sql: false +# properties: +# hibernate: +# format_sql: true +# dialect: org.hibernate.dialect.PostgreSQL95Dialect +# OR SEE: https://access.redhat.com/webassets/avalon/d/red-hat-jboss-enterprise-application-platform/7.2/javadocs/org/hibernate/dialect/package-summary.html + +#shibui: +## Default password must be set for the default user to be configured and setup +# default-rootuser:root +## need to include the encoding for the password - be sure to quote the entire value as shown +# default-password: "{noop}foopassword" +# pac4j-enabled: true +# pac4j: +# keystorePath: "/etc/shibui/samlKeystore.jks" +# keystorePassword: "changeit" +# privateKeyPassword: "changeit" +# serviceProviderEntityId: "https://idp.example.com/shibui" +# serviceProviderMetadataPath: "/etc/shibui/sp-metadata.xml" +# identityProviderMetadataPath: "/etc/shibui/idp-metadata.xml" +# forceServiceProviderMetadataGeneration: false +# callbackUrl: "https://localhost:8443/callback" +# postLogoutURL: "https://idp.example.com/idp/profile/Logout" # Must set this to get IDP logout +# maximumAuthenticationLifetime: 3600000 +# requireAssertedRoleForNewUsers: false +# saml2ProfileMapping: +# username: urn:oid:0.9.2342.19200300.100.1.1 +# firstname: urn:oid:2.5.4.42 +# lastname: urn:oid:2.5.4.4 +# email: urn:oid:0.9.2342.19200300.100.1.3 +# groups: urn:oid:1.3.6.1.4.1.5923.1.5.1.1 # attributeId - isMemberOf +# roles: --define name of the attribute containing the incoming user roles-- + +custom: + attributes: + # Default attributes + - name: eduPersonPrincipalName + displayName: label.attribute-eduPersonPrincipalName + - name: uid + displayName: label.attribute-uid + - name: mail + displayName: label.attribute-mail + - name: surname + displayName: label.attribute-surname + - name: givenName + displayName: label.attribute-givenName + - name: eduPersonAffiliation + displayName: label.attribute-eduPersonAffiliation + - name: eduPersonScopedAffiliation + displayName: label.attribute-eduPersonScopedAffiliation + - name: eduPersonPrimaryAffiliation + displayName: label.attribute-eduPersonPrimaryAffiliation + - name: eduPersonEntitlement + displayName: label.attribute-eduPersonEntitlement + - name: eduPersonAssurance + displayName: label.attribute-eduPersonAssurance + - name: eduPersonUniqueId + displayName: label.attribute-eduPersonUniqueId + - name: employeeNumber + displayName: label.attribute-employeeNumber + # Custom attributes + + # The following contains a map of "relying party overrides". + # The structure of an entry is as follows: + # - name: The name of the entry. used to uniquely identify this entry. + # displayName: This will normally be the label used when displaying this override in the UI + # displayType: The type to use when displaying this option + # helpText: This is the help-icon hover-over text + # defaultValues: One or more values to be displayed as default options in the UI + # persistType: Optional. If it is necessary to persist something different than the override's display type, + # set that type here. For example, display a boolean, but persist a string. + # persistValue: Required only when persistType is used. Defines the value to be persisted. + # attributeName: This is the name of the attribute to be used in the xml. This is assumed to be a URI. + # attributeFriendlyName: This is the friendly name associated with the above attributeName. + # + # It is imperative when defining these that the "displayType" and "persistType" are known types. + # Typos or unsupported values here will result in that override being skipped! + # Supported types are as follows: boolean, integer, string, set, list + # Note that "persistType" doesn't have to match "displayType". However, the only unmatching combination currently + # supported is a "displayType" of "boolean" and "persistType" of "string". + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + invert: true + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + invert: true + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + invert: true + - name: responderId + displayName: label.responder-id + displayType: string + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures \ No newline at end of file From 4f6c517ea6cf1fcb724aeacf973832d3bd59353d Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 18 Oct 2022 16:07:04 -0700 Subject: [PATCH 50/77] SHIBUI-2380 import cleanup --- .../CustomEntityAttributeDefinition.java | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java index 0a7d2c3c7..3c3058df4 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/CustomEntityAttributeDefinition.java @@ -1,8 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; -import java.util.HashSet; -import java.util.Set; -import java.util.UUID; +import lombok.Data; +import org.hibernate.annotations.Fetch; +import org.hibernate.annotations.FetchMode; +import org.hibernate.envers.Audited; import javax.persistence.CollectionTable; import javax.persistence.Column; @@ -11,14 +12,9 @@ import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.Transient; - -import liquibase.pro.packaged.O; -import org.apache.commons.lang3.StringUtils; -import org.hibernate.annotations.Fetch; -import org.hibernate.annotations.FetchMode; -import org.hibernate.envers.Audited; - -import lombok.Data; +import java.util.HashSet; +import java.util.Set; +import java.util.UUID; @Entity(name = "custom_entity_attribute_definition") @Audited From 574a6b73786b207bdc8c68e0fb2d31a166675b16 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 20 Oct 2022 10:01:35 -0700 Subject: [PATCH 51/77] SHIBUI-2380 Fixing oidc entry in relying party overrides list --- backend/src/main/resources/application.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index d63d3b9b3..2c3f24b17 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -463,4 +463,5 @@ custom: displayName: label.resolveAttributes.oidc helpText: tooltip.resolveAttributes.oidc displayType: boolean - attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes \ No newline at end of file + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc \ No newline at end of file From afad4b3672e6cb55658d29817eb7cc2d426bf5ea Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 20 Oct 2022 11:14:19 -0700 Subject: [PATCH 52/77] SHIBUI-2380 Adding defaults for the protocol (which could happen with historical data) --- .../src/main/resources/metadata-sources-ui-schema-oidc.json | 3 ++- .../src/main/resources/metadata-sources-ui-schema-saml.json | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json index d463762e2..814153b01 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-oidc.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-oidc.json @@ -8,7 +8,8 @@ "protocol": { "title": "label.source-protocol", "description": "tooltip.source-protocol", - "type": "string" + "type": "string", + "default": "oidc" }, "serviceProviderName": { "title": "label.service-provider-name", diff --git a/backend/src/main/resources/metadata-sources-ui-schema-saml.json b/backend/src/main/resources/metadata-sources-ui-schema-saml.json index 73bb04aec..4406d43ad 100644 --- a/backend/src/main/resources/metadata-sources-ui-schema-saml.json +++ b/backend/src/main/resources/metadata-sources-ui-schema-saml.json @@ -8,7 +8,8 @@ "protocol": { "title": "label.source-protocol", "description": "tooltip.source-protocol", - "type": "string" + "type": "string", + "default": "saml" }, "serviceProviderName": { "title": "label.service-provider-name", From c99265d98214d1c6e84155d5faeaea2a8929fcc0 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 20 Oct 2022 14:26:08 -0700 Subject: [PATCH 53/77] SHIBUI-2380 Updating all the application.yml files with the new set of overrides --- testbed/authentication/shibui/application.yml | 387 +++++++++++++++++- testbed/integration/shibui/application.yml | 385 +++++++++++++++++ testbed/mariadb/conf/application.yml | 318 +++++++++++++- testbed/mysql/conf/application.yml | 318 +++++++++++++- testbed/postgres/conf/application.yml | 318 +++++++++++++- testbed/sqlServer/conf/application.yml | 318 +++++++++++++- 6 files changed, 2011 insertions(+), 33 deletions(-) diff --git a/testbed/authentication/shibui/application.yml b/testbed/authentication/shibui/application.yml index cb789f06c..4a8fdee76 100644 --- a/testbed/authentication/shibui/application.yml +++ b/testbed/authentication/shibui/application.yml @@ -25,4 +25,389 @@ shibui: lastName: urn:oid:2.5.4.4 email: urn:oid:0.9.2342.19200300.100.1.3 groups: urn:oid:2.5.4.15 # businessCategory - roles: urn:oid:1.3.6.1.4.1.5923.1.1.1.7 # eduPersonEntitlement \ No newline at end of file + roles: urn:oid:1.3.6.1.4.1.5923.1.1.1.7 # eduPersonEntitlement + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + invert: true + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + invert: true + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + invert: true + - name: responderId + displayName: label.responder-id + displayType: string + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc \ No newline at end of file diff --git a/testbed/integration/shibui/application.yml b/testbed/integration/shibui/application.yml index 9ac3a21f9..71d615a33 100644 --- a/testbed/integration/shibui/application.yml +++ b/testbed/integration/shibui/application.yml @@ -18,3 +18,388 @@ shibui: metadata-dir: /var/shibboleth/dynamic_metadata metadataProviders: target: file:/var/shibboleth/dynamic_config/metadata-providers.xml + overrides: + # Default overrides + - name: signAssertion + displayName: label.sign-the-assertion + displayType: boolean + helpText: tooltip.sign-assertion + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions + attributeFriendlyName: signAssertions + - name: dontSignResponse + displayName: label.dont-sign-the-response + displayType: boolean + helpText: tooltip.dont-sign-response + attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses + attributeFriendlyName: signResponses + invert: true + - name: turnOffEncryption + displayName: label.turn-off-encryption-of-response + displayType: boolean + helpText: tooltip.turn-off-encryption + attributeName: http://shibboleth.net/ns/profiles/encryptAssertions + attributeFriendlyName: encryptAssertions + invert: true + - name: useSha + displayName: label.use-sha1-signing-algorithm + displayType: boolean + helpText: tooltip.usa-sha-algorithm + persistType: string + persistValue: shibboleth.SecurityConfiguration.SHA1 + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + attributeFriendlyName: securityConfiguration + - name: ignoreAuthenticationMethod + displayName: label.ignore-any-sp-requested-authentication-method + displayType: boolean + helpText: tooltip.ignore-auth-method + persistType: string + persistValue: 0x1 + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + attributeFriendlyName: disallowedFeatures + - name: omitNotBefore + displayName: label.omit-not-before-condition + displayType: boolean + helpText: tooltip.omit-not-before-condition + attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore + attributeFriendlyName: includeConditionsNotBefore + invert: true + - name: responderId + displayName: label.responder-id + displayType: string + helpText: tooltip.responder-id + attributeName: http://shibboleth.net/ns/profiles/responderId + attributeFriendlyName: responderId + - name: nameIdFormats + displayName: label.nameid-format-to-send + displayType: set + helpText: tooltip.nameid-format + defaultValues: + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + attributeName: http://shibboleth.net/ns/profiles/nameIDFormatPrecedence + attributeFriendlyName: nameIDFormatPrecedence + - name: authenticationMethods + displayName: label.authentication-methods-to-use + displayType: set + helpText: tooltip.authentication-methods-to-use + defaultValues: + - https://refeds.org/profile/mfa + - urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken + - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + - name: forceAuthn + displayName: label.force-authn + displayType: boolean + helpText: tooltip.force-authn + attributeName: http://shibboleth.net/ns/profiles/forceAuthn + attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc \ No newline at end of file diff --git a/testbed/mariadb/conf/application.yml b/testbed/mariadb/conf/application.yml index 82fe6fec7..9cf826d01 100644 --- a/testbed/mariadb/conf/application.yml +++ b/testbed/mariadb/conf/application.yml @@ -54,28 +54,26 @@ custom: - name: signAssertion displayName: label.sign-the-assertion displayType: boolean - defaultValue: false helpText: tooltip.sign-assertion attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions attributeFriendlyName: signAssertions - name: dontSignResponse displayName: label.dont-sign-the-response displayType: boolean - defaultValue: false helpText: tooltip.dont-sign-response attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses attributeFriendlyName: signResponses + invert: true - name: turnOffEncryption displayName: label.turn-off-encryption-of-response displayType: boolean - defaultValue: false helpText: tooltip.turn-off-encryption attributeName: http://shibboleth.net/ns/profiles/encryptAssertions attributeFriendlyName: encryptAssertions + invert: true - name: useSha displayName: label.use-sha1-signing-algorithm displayType: boolean - defaultValue: false helpText: tooltip.usa-sha-algorithm persistType: string persistValue: shibboleth.SecurityConfiguration.SHA1 @@ -84,7 +82,6 @@ custom: - name: ignoreAuthenticationMethod displayName: label.ignore-any-sp-requested-authentication-method displayType: boolean - defaultValue: false helpText: tooltip.ignore-auth-method persistType: string persistValue: 0x1 @@ -93,14 +90,13 @@ custom: - name: omitNotBefore displayName: label.omit-not-before-condition displayType: boolean - defaultValue: false helpText: tooltip.omit-not-before-condition attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore attributeFriendlyName: includeConditionsNotBefore + invert: true - name: responderId displayName: label.responder-id displayType: string - defaultValue: null helpText: tooltip.responder-id attributeName: http://shibboleth.net/ns/profiles/responderId attributeFriendlyName: responderId @@ -128,10 +124,316 @@ custom: - name: forceAuthn displayName: label.force-authn displayType: boolean - defaultValue: false helpText: tooltip.force-authn attributeName: http://shibboleth.net/ns/profiles/forceAuthn attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc logging: level: org.pac4j: "TRACE" diff --git a/testbed/mysql/conf/application.yml b/testbed/mysql/conf/application.yml index 6eddb1625..a9204e697 100644 --- a/testbed/mysql/conf/application.yml +++ b/testbed/mysql/conf/application.yml @@ -54,28 +54,26 @@ custom: - name: signAssertion displayName: label.sign-the-assertion displayType: boolean - defaultValue: false helpText: tooltip.sign-assertion attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions attributeFriendlyName: signAssertions - name: dontSignResponse displayName: label.dont-sign-the-response displayType: boolean - defaultValue: false helpText: tooltip.dont-sign-response attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses attributeFriendlyName: signResponses + invert: true - name: turnOffEncryption displayName: label.turn-off-encryption-of-response displayType: boolean - defaultValue: false helpText: tooltip.turn-off-encryption attributeName: http://shibboleth.net/ns/profiles/encryptAssertions attributeFriendlyName: encryptAssertions + invert: true - name: useSha displayName: label.use-sha1-signing-algorithm displayType: boolean - defaultValue: false helpText: tooltip.usa-sha-algorithm persistType: string persistValue: shibboleth.SecurityConfiguration.SHA1 @@ -84,7 +82,6 @@ custom: - name: ignoreAuthenticationMethod displayName: label.ignore-any-sp-requested-authentication-method displayType: boolean - defaultValue: false helpText: tooltip.ignore-auth-method persistType: string persistValue: 0x1 @@ -93,14 +90,13 @@ custom: - name: omitNotBefore displayName: label.omit-not-before-condition displayType: boolean - defaultValue: false helpText: tooltip.omit-not-before-condition attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore attributeFriendlyName: includeConditionsNotBefore + invert: true - name: responderId displayName: label.responder-id displayType: string - defaultValue: null helpText: tooltip.responder-id attributeName: http://shibboleth.net/ns/profiles/responderId attributeFriendlyName: responderId @@ -128,10 +124,316 @@ custom: - name: forceAuthn displayName: label.force-authn displayType: boolean - defaultValue: false helpText: tooltip.force-authn attributeName: http://shibboleth.net/ns/profiles/forceAuthn attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc logging: level: org.pac4j: "TRACE" diff --git a/testbed/postgres/conf/application.yml b/testbed/postgres/conf/application.yml index 56fd5e709..d6ca89dc3 100644 --- a/testbed/postgres/conf/application.yml +++ b/testbed/postgres/conf/application.yml @@ -56,28 +56,26 @@ custom: - name: signAssertion displayName: label.sign-the-assertion displayType: boolean - defaultValue: false helpText: tooltip.sign-assertion attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions attributeFriendlyName: signAssertions - name: dontSignResponse displayName: label.dont-sign-the-response displayType: boolean - defaultValue: false helpText: tooltip.dont-sign-response attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses attributeFriendlyName: signResponses + invert: true - name: turnOffEncryption displayName: label.turn-off-encryption-of-response displayType: boolean - defaultValue: false helpText: tooltip.turn-off-encryption attributeName: http://shibboleth.net/ns/profiles/encryptAssertions attributeFriendlyName: encryptAssertions + invert: true - name: useSha displayName: label.use-sha1-signing-algorithm displayType: boolean - defaultValue: false helpText: tooltip.usa-sha-algorithm persistType: string persistValue: shibboleth.SecurityConfiguration.SHA1 @@ -86,7 +84,6 @@ custom: - name: ignoreAuthenticationMethod displayName: label.ignore-any-sp-requested-authentication-method displayType: boolean - defaultValue: false helpText: tooltip.ignore-auth-method persistType: string persistValue: 0x1 @@ -95,14 +92,13 @@ custom: - name: omitNotBefore displayName: label.omit-not-before-condition displayType: boolean - defaultValue: false helpText: tooltip.omit-not-before-condition attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore attributeFriendlyName: includeConditionsNotBefore + invert: true - name: responderId displayName: label.responder-id displayType: string - defaultValue: null helpText: tooltip.responder-id attributeName: http://shibboleth.net/ns/profiles/responderId attributeFriendlyName: responderId @@ -130,10 +126,316 @@ custom: - name: forceAuthn displayName: label.force-authn displayType: boolean - defaultValue: false helpText: tooltip.force-authn attributeName: http://shibboleth.net/ns/profiles/forceAuthn attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc logging: level: org.pac4j: "TRACE" diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml index f69ccb318..e905446b8 100644 --- a/testbed/sqlServer/conf/application.yml +++ b/testbed/sqlServer/conf/application.yml @@ -54,28 +54,26 @@ custom: - name: signAssertion displayName: label.sign-the-assertion displayType: boolean - defaultValue: false helpText: tooltip.sign-assertion attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions attributeFriendlyName: signAssertions - name: dontSignResponse displayName: label.dont-sign-the-response displayType: boolean - defaultValue: false helpText: tooltip.dont-sign-response attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses attributeFriendlyName: signResponses + invert: true - name: turnOffEncryption displayName: label.turn-off-encryption-of-response displayType: boolean - defaultValue: false helpText: tooltip.turn-off-encryption attributeName: http://shibboleth.net/ns/profiles/encryptAssertions attributeFriendlyName: encryptAssertions + invert: true - name: useSha displayName: label.use-sha1-signing-algorithm displayType: boolean - defaultValue: false helpText: tooltip.usa-sha-algorithm persistType: string persistValue: shibboleth.SecurityConfiguration.SHA1 @@ -84,7 +82,6 @@ custom: - name: ignoreAuthenticationMethod displayName: label.ignore-any-sp-requested-authentication-method displayType: boolean - defaultValue: false helpText: tooltip.ignore-auth-method persistType: string persistValue: 0x1 @@ -93,14 +90,13 @@ custom: - name: omitNotBefore displayName: label.omit-not-before-condition displayType: boolean - defaultValue: false helpText: tooltip.omit-not-before-condition attributeName: http://shibboleth.net/ns/profiles/includeConditionsNotBefore attributeFriendlyName: includeConditionsNotBefore + invert: true - name: responderId displayName: label.responder-id displayType: string - defaultValue: null helpText: tooltip.responder-id attributeName: http://shibboleth.net/ns/profiles/responderId attributeFriendlyName: responderId @@ -128,10 +124,316 @@ custom: - name: forceAuthn displayName: label.force-authn displayType: boolean - defaultValue: false helpText: tooltip.force-authn attributeName: http://shibboleth.net/ns/profiles/forceAuthn attributeFriendlyName: forceAuthn + - name: ignoreRequestSignatures + displayName: label.ignore-request-signatures + displayType: boolean + helpText: tooltip.ignore-request-signatures + attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures + attributeFriendlyName: ignoreRequestSignatures + - name: disallowedFeatures + attributeFriendlyName: disallowedFeatures + displayName: label.disallowedFeatures + helpText: tooltip.disallowedFeatures + displayType: string + attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures + protocol: oidc + - name: inboundInterceptorFlows + attributeFriendlyName: inboundInterceptorFlows + displayName: label.inboundInterceptorFlows + helpText: tooltip.inboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/inboundInterceptorFlows + protocol: oidc + - name: outboundInterceptorFlows + attributeFriendlyName: outboundInterceptorFlows + displayName: label.outboundInterceptorFlows + helpText: tooltip.outboundInterceptorFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows + protocol: oidc + - name: securityConfiguration + attributeFriendlyName: securityConfiguration + displayName: label.securityConfiguration + helpText: tooltip.securityConfiguration + displayType: string + defaultValue: shibboleth.DefaultSecurityConfiguration + attributeName: http://shibboleth.net/ns/profiles/securityConfiguration + protocol: oidc + - name: tokenEndpointAuthMethods + attributeFriendlyName: tokenEndpointAuthMethods + displayName: label.tokenEndpointAuthMethods + helpText: tooltip.tokenEndpointAuthMethods + displayType: string + defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt + attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods + protocol: oidc + - name: defaultAuthenticationMethods + attributeFriendlyName: defaultAuthenticationMethods + displayName: label.defaultAuthenticationMethods + helpText: tooltip.defaultAuthenticationMethods + displayType: string + attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods + protocol: oidc + - name: postAuthenticationFlows + attributeFriendlyName: postAuthenticationFlows + displayName: label.postAuthenticationFlows + helpText: tooltip.postAuthenticationFlows + displayType: string + attributeName: http://shibboleth.net/ns/profiles/postAuthenticationFlows + protocol: oidc + - name: proxyCount + attributeFriendlyName: proxyCount + displayName: label.proxyCount + helpText: tooltip.proxyCount + displayType: integer + attributeName: http://shibboleth.net/ns/profiles/proxyCount + protocol: oidc + - name: revocationLifetime + attributeFriendlyName: revocationLifetime + displayName: label.revocationLifetime + helpText: tooltip.revocationLifetime + displayType: string + defaultValue: PT6H + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationLifetime + protocol: oidc + - name: revocationMethod + attributeFriendlyName: revocationMethod + displayName: label.revocationMethod + helpText: tooltip.revocationMethod + displayType: selection_list + defaultValues: + - CHAIN + - TOKEN + defaultValue: CHAIN + attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType + protocol: oidc + - name: allowPKCEPlainOauth + attributeFriendlyName: allowPKCEPlainOauth + displayName: label.allowPKCEPlain.oauth + helpText: tooltip.allowPKCEPlain.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/allowPKCEPlain + protocol: oidc + - name: enforceRefreshTokenRotation + attributeFriendlyName: enforceRefreshTokenRotation + displayName: label.enforceRefreshTokenRotation + helpText: tooltip.enforceRefreshTokenRotation + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/enforceRefreshTokenRotation + protocol: oidc + - name: forcePKCEOauth + attributeFriendlyName: forcePKCEOauth + displayName: label.forcePKCE.oauth + helpText: tooltip.forcePKCE.oauth + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/forcePKCE + protocol: oidc + - name: grantTypes + attributeFriendlyName: grantTypes + displayName: label.grantTypes + helpText: tooltip.grantTypes + displayType: string + defaultValue: authorization_code, refresh_token + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime + protocol: oidc + - name: resolveAttributesOauth + attributeFriendlyName: resolveAttributesOauth + displayName: label.resolveAttributes.oauth + helpText: tooltip.resolveAttributes.oauth + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes + protocol: oidc + - name: authorizationCodeFlowEnabled + attributeFriendlyName: authorizationCodeFlowEnabled + displayName: label.authorizationCodeFlowEnabled + helpText: tooltip.authorizationCodeFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled + protocol: oidc + - name: hybridFlowEnabled + attributeFriendlyName: hybridFlowEnabled + displayName: label.hybridFlowEnabled + helpText: tooltip.hybridFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled + protocol: oidc + - name: implicitFlowEnabled + attributeFriendlyName: implicitFlowEnabled + displayName: label.implicitFlowEnabled + helpText: tooltip.implicitFlowEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled + protocol: oidc + - name: refreshTokensEnabled + attributeFriendlyName: refreshTokensEnabled + displayName: label.refreshTokensEnabled + helpText: tooltip.refreshTokensEnabled + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled + protocol: oidc + - name: accessTokenLifetime + attributeFriendlyName: accessTokenLifetime + displayName: label.accessTokenLifetime + helpText: tooltip.accessTokenLifetime + displayType: string + defaultValue: PT10M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime + protocol: oidc + - name: accessTokenType + attributeFriendlyName: accessTokenType + displayName: label.accessTokenType + helpText: tooltip.accessTokenType + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType + protocol: oidc + - name: acrRequestAlwaysEssential + attributeFriendlyName: acrRequestAlwaysEssential + displayName: label.acrRequestAlwaysEssential + helpText: tooltip.acrRequestAlwaysEssential + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/acrRequestAlwaysEssential + protocol: oidc + - name: allowPKCEPlainOidc + attributeFriendlyName: allowPKCEPlainOidc + displayName: label.allowPKCEPlain.oidc + helpText: tooltip.allowPKCEPlain.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes + protocol: oidc + - name: authorizeCodeLifetime + attributeFriendlyName: authorizeCodeLifetime + displayName: label.authorizeCodeLifetime + helpText: tooltip.authorizeCodeLifetime + displayType: string + defaultValue: PT5M + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes + protocol: oidc + - name: encodeConsentInTokens + attributeFriendlyName: encodeConsentInTokens + displayName: label.encodeConsentInTokens + helpText: tooltip.encodeConsentInTokens + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodeConsentInTokens + protocol: oidc + - name: encodedAttributes + attributeFriendlyName: encodedAttributes + displayName: label.encodedAttributes + helpText: tooltip.encodedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/encodedAttributes + protocol: oidc + - name: forcePKCEOidc + attributeFriendlyName: forcePKCEOidc + displayName: label.forcePKCE.oidc + helpText: tooltip.forcePKCE.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/forcePKCE + protocol: oidc + - name: IDTokenLifetimeBrowser + attributeFriendlyName: IDTokenLifetimeBrowser + displayName: label.IDTokenLifetime.browser + helpText: tooltip.IDTokenLifetime.broswer + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime + protocol: oidc + - name: includeIssuerInResponse + attributeFriendlyName: includeIssuerInResponse + displayName: label.includeIssuerInResponse + helpText: tooltip.includeIssuerInResponse + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse + protocol: oidc + - name: refreshTokenLifetime + attributeFriendlyName: refreshTokenLifetime + displayName: label.refreshTokenLifetime + helpText: tooltip.refreshTokenLifetime + displayType: string + defaultValue: PT2H + attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime + protocol: oidc + - name: alwaysIncludedAttributes + attributeFriendlyName: alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes + helpText: tooltip.alwaysIncludedAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes + protocol: oidc + - name: encryptionOptional + attributeFriendlyName: encryptionOptional + displayName: label.encryptionOptional + helpText: tooltip.encryptionOptional + displayType: boolean + defaultValue: TRUE + attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional + protocol: oidc + - name: IDTokenLifetime + attributeFriendlyName: IDTokenLifetime + displayName: label.IDTokenLifetime + helpText: tooltip.IDTokenLifetime + displayType: string + defaultValue: PT1H + attributeName: http://shibboleth.net/ns/profiles/oidc/token/IDTokenLifetime + protocol: oidc + - name: deniedUserInfoAttributes + attributeFriendlyName: deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes + helpText: tooltip.deniedUserInfoAttributes + displayType: string + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/deniedUserInfoAttributes + protocol: oidc + - name: resolveAttributesOIDC + attributeFriendlyName: resolveAttributesOIDC + displayName: label.resolveAttributes.oidc + helpText: tooltip.resolveAttributes.oidc + displayType: boolean + attributeName: http://shibboleth.net/ns/profiles/oidc/userinfo/resolveAttributes + protocol: oidc logging: level: org.pac4j: "TRACE" From a2768fb2eb2077b15624d71c011e78776a215061 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 20 Oct 2022 16:05:05 -0700 Subject: [PATCH 54/77] SHIBUI-2380 fixing repository issues with returning the protocol for EntityDescriptorProjections --- .../EntityDescriptorProjection.java | 65 +++++++++++++++---- .../EntityDescriptorRepository.java | 10 ++- .../EntityDescriptorControllerTests.groovy | 7 +- 3 files changed, 67 insertions(+), 15 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index c0640edc3..22e78ba59 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -1,22 +1,61 @@ package edu.internet2.tier.shibboleth.admin.ui.repository; +import com.fasterxml.jackson.annotation.JsonGetter; +import com.fasterxml.jackson.annotation.JsonInclude; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.Setter; import java.time.LocalDateTime; -public interface EntityDescriptorProjection { - default String getId() { - return getResourceId(); +public class EntityDescriptorProjection { + @Getter + String id; + String entityID; + String entityId; + @Getter + String resourceId; + @Getter + String serviceProviderName; + @Getter + String createdBy; + @Getter + LocalDateTime createdDate; + @Getter + boolean serviceEnabled; + @Getter + String idOfOwner; + EntityDescriptorProtocol protocol; + + public EntityDescriptorProjection(String entityID, String resourceId, String serviceProviderName, String createdBy, + LocalDateTime createdDate, boolean serviceEnabled, String idOfOwner, String protocol) { + this.entityID = entityID; + this.entityId = entityID; + this.resourceId = resourceId; + this.id = resourceId; + this.serviceProviderName = serviceProviderName; + this.createdBy = createdBy; + this.createdDate = createdDate; + this.serviceEnabled = serviceEnabled; + this.idOfOwner = idOfOwner; + setProtocol(protocol); + } + + public String getEntityID() { + return entityID; + } + + public String getEntityId() { + return entityId; + } + + public EntityDescriptorProtocol getProtocol() { + return protocol == null ? EntityDescriptorProtocol.SAML : protocol; } - String getEntityID(); - default String getEntityId() { - return getEntityID(); + + public void setProtocol(String index) { + int i = Integer.valueOf(index); + protocol = EntityDescriptorProtocol.values()[i]; } - String getResourceId(); - String getServiceProviderName(); - String getCreatedBy(); - LocalDateTime getCreatedDate(); - boolean getServiceEnabled(); - String getIdOfOwner(); - EntityDescriptorProtocol getProtocol(); } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java index bb2b275d6..68cac3803 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java @@ -3,6 +3,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import java.util.List; import java.util.stream.Stream; @@ -12,9 +13,16 @@ * Repository to manage {@link EntityDescriptor} instances. */ public interface EntityDescriptorRepository extends JpaRepository { + @Query(value = "select new edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection(e.entityID, e.resourceId, e.serviceProviderName, e.createdBy, " + + "e.createdDate, e.serviceEnabled, e.idOfOwner, case e.protocol when null then 'SAML' else e.protocol end ) " + + "from EntityDescriptor e") List findAllBy(); - List findAllByIdOfOwner(String ownerId); + @Query(value = "select new edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection(e.entityID, e.resourceId, e.serviceProviderName, e.createdBy, " + + "e.createdDate, e.serviceEnabled, e.idOfOwner, case e.protocol when null then 'SAML' else e.protocol end ) " + + "from EntityDescriptor e " + + "where e.idOfOwner = :ownerId") + List findAllByIdOfOwner(@Param("ownerId") String ownerId); EntityDescriptor findByEntityID(String entityId); diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index 7c9ee1537..33de12c2f 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -27,6 +27,7 @@ import lombok.SneakyThrows import org.springframework.beans.factory.annotation.Autowired import org.springframework.core.io.ClassPathResource import org.springframework.security.test.context.support.WithMockUser +import org.springframework.test.web.servlet.result.MockMvcResultHandlers import org.springframework.test.web.servlet.setup.MockMvcBuilders import org.springframework.transaction.annotation.Transactional import org.springframework.web.client.RestTemplate @@ -160,11 +161,13 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { def result = mockMvc.perform(get('/api/EntityDescriptors')) then: - result.andExpect(expectedHttpResponseStatus).andExpect(content().contentType(expectedResponseContentType)) + result.andDo(MockMvcResultHandlers.print()) + .andExpect(expectedHttpResponseStatus).andExpect(content().contentType(expectedResponseContentType)) .andExpect(jsonPath("\$.[0].id").value("uuid-1")) .andExpect(jsonPath("\$.[0].entityId").value("eid1")) .andExpect(jsonPath("\$.[0].serviceEnabled").value(true)) .andExpect(jsonPath("\$.[0].idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.[0].protocol").value("SAML")) } @WithMockAdmin @@ -189,10 +192,12 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest { .andExpect(jsonPath("\$.[0].entityId").value("eid1")) .andExpect(jsonPath("\$.[0].serviceEnabled").value(true)) .andExpect(jsonPath("\$.[0].idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.[0].protocol").value("SAML")) .andExpect(jsonPath("\$.[1].id").value("uuid-2")) .andExpect(jsonPath("\$.[1].entityId").value("eid2")) .andExpect(jsonPath("\$.[1].serviceEnabled").value(false)) .andExpect(jsonPath("\$.[1].idOfOwner").value("admingroup")) + .andExpect(jsonPath("\$.[1].protocol").value("SAML")) } @WithMockUser(value = "someUser", roles = ["USER"]) From 64cdc99fbe60849f2bda34353c057369c1aae165 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 21 Oct 2022 10:25:07 -0700 Subject: [PATCH 55/77] Fixed add button ids for array values --- ui/src/app/form/component/AddButton.js | 2 ++ ui/src/app/form/component/fields/StringListWithDefaultField.js | 1 + ui/src/app/form/component/templates/ArrayFieldTemplate.js | 3 +++ 3 files changed, 6 insertions(+) diff --git a/ui/src/app/form/component/AddButton.js b/ui/src/app/form/component/AddButton.js index c5bb7714e..62b2ef975 100644 --- a/ui/src/app/form/component/AddButton.js +++ b/ui/src/app/form/component/AddButton.js @@ -6,9 +6,11 @@ import Button from "react-bootstrap/Button"; import Translate from "../../i18n/components/translate"; const AddButton = ({className, ...props}) => ( + <> + ); export default AddButton; \ No newline at end of file diff --git a/ui/src/app/form/component/fields/StringListWithDefaultField.js b/ui/src/app/form/component/fields/StringListWithDefaultField.js index 4457dba44..0c62998e7 100644 --- a/ui/src/app/form/component/fields/StringListWithDefaultField.js +++ b/ui/src/app/form/component/fields/StringListWithDefaultField.js @@ -105,6 +105,7 @@ const StringListWithDefaultField = ({ required={props.required} />} { title={props.uiSchema["ui:title"] || props.title} required={props.required} /> + hi there {props.canAdd && ( { />} {props.canAdd && ( Date: Fri, 21 Oct 2022 14:15:53 -0700 Subject: [PATCH 56/77] SHIBUI-2380 fixing issues with the oidc relying party overrides --- .../service/JsonSchemaBuilderService.groovy | 2 +- backend/src/main/resources/application.yml | 66 +++++++++---------- .../main/resources/i18n/messages.properties | 48 +++++++------- testbed/authentication/shibui/application.yml | 66 +++++++++---------- testbed/integration/shibui/application.yml | 66 +++++++++---------- testbed/mariadb/conf/application.yml | 66 +++++++++---------- testbed/mysql/conf/application.yml | 66 +++++++++---------- testbed/postgres/conf/application.yml | 66 +++++++++---------- testbed/sqlServer/conf/application.yml | 66 +++++++++---------- 9 files changed, 256 insertions(+), 256 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy index 0ed02bc47..b13cc2575 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy @@ -59,7 +59,7 @@ class JsonSchemaBuilderService { [title : it['displayName'], description : it['helpText'], type : ((IRelyingPartyOverrideProperty)it).getTypeForUI(), - default : it['displayType'] == 'boolean' ? Boolean.getBoolean(it['defaultValue']) : it['defaultValue'], + default : it['displayType'] == 'boolean' ? Boolean.parseBoolean(it['defaultValue']) : it['defaultValue'], examples : it['examples']] } properties[(String) it['name']] = property diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index 2c3f24b17..a737e13e4 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -241,18 +241,18 @@ custom: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -285,10 +285,10 @@ custom: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -298,7 +298,7 @@ custom: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -306,7 +306,7 @@ custom: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -314,7 +314,7 @@ custom: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -322,7 +322,7 @@ custom: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -330,21 +330,21 @@ custom: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -362,10 +362,10 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -377,10 +377,10 @@ custom: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -420,18 +420,18 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -440,7 +440,7 @@ custom: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 69571640b..50723320a 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -877,32 +877,32 @@ label.postAuthenticationFlows=Post Authentication Flows label.proxyCount=Proxy Count label.revocationLifetime=Revocation Lifetime label.revocationMethod=Revocation Method -label.accessTokenLifetime=Access Token Lifetime -label.accessTokenType=Access Token Type +label.accessTokenLifetime.oauth=Access Token Lifetime (OAUTH) +label.accessTokenType.oauth=Access Token Type (OAUTH) label.allowPKCEPlain.oidc=Allow PKCE Plain (OIDC) label.enforceRefreshTokenRotation=Enforce Refresh Token Rotation label.forcePKCE.oidc=Force PKCE (OIDC) label.grantTypes=Grant Types -label.refreshTokenLifetime=Refresh Token Lifetime -label.resolveAttributes.oauth=Resolve Attributes (Oauth) +label.refreshTokenLifetime.oauth=Refresh Token Lifetime (OAUTH) +label.resolveAttributes.oauth=Resolve Attributes (OAUTH) label.authorizationCodeFlowEnabled=Authorization Code Flow Enabled label.hybridFlowEnabled=Hybrid Flow Enabled label.implicitFlowEnabled=Implicit Flow Enabled label.refreshTokensEnabled=Refresh Tokens Enabled -label.accessTokenLifetime=Access Token Lifetime -label.accessTokenType=Access Token Type +label.accessTokenLifetime.oidc=Access Token Lifetime (OIDC) +label.accessTokenType.oidc=Access Token Type (OIDC) label.acrRequestAlwaysEssential=Acr Request Always Essential label.allowPKCEPlain.oauth=Allow PKCE Plain (OAUTH) -label.alwaysIncludedAttributes=Always Included Attributes +label.alwaysIncludedAttributes.token=Always Included Attributes (Token) label.authorizeCodeLifetime=Authorize Code Lifetime -label.deniedUserInfoAttributes=Denied User Info Attributes +label.deniedUserInfoAttributes.browser=Denied User Info Attributes (browser) label.encodeConsentInTokens=Encode Consent In Tokens label.encodedAttributes=Encoded Attributes label.forcePKCE.oauth=Force PKCE (OAUTH) label.IDTokenLifetime.browser=IDToken Lifetime (browser) label.includeIssuerInResponse=Include Issuer In Response -label.refreshTokenLifetime=Refresh Token Lifetime -label.alwaysIncludedAttributes=Always Included Attributes +label.refreshTokenLifetime.oidc=Refresh Token Lifetime (OIDC) +label.alwaysIncludedAttributes.browser=Always Included Attributes (browser) label.encryptionOptional=Encryption Optional label.IDTokenLifetime=IDToken Lifetime label.deniedUserInfoAttributes=Denied User Info Attributes @@ -918,33 +918,33 @@ tooltip.postAuthenticationFlows=Ordered list of profile interceptor flows to run tooltip.proxyCount=Limits use of proxying either to service providers downstream or when requesting authentication from identity providers upstream. This will generally depend on whether a particular protocol supports the feature. tooltip.revocationLifetime=The revocation lifetime used when revoking the full chain (see CHAIN above). tooltip.revocationMethod=The revocation method: CHAIN refers to revoking whole chain of tokens (from authorization code to all access/refresh tokens) and TOKEN refers to revoking single token -tooltip.accessTokenLifetime=Lifetime of access token issued to client -tooltip.accessTokenType=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. -tooltip.allowPKCEPlain=Whether client is allowed to use PKCE code challenge method plain +tooltip.accessTokenLifetime.oauth=Lifetime of access token issued to client (OAUTH) +tooltip.accessTokenType.oauth=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. +tooltip.allowPKCEPlain.oauth=Whether client is allowed to use PKCE code challenge method plain (OAUTH) tooltip.enforceRefreshTokenRotation=Whether to enforce refresh token rotation. If enabled the refresh token is revoked whenever it is used for issuing a new refresh token. -tooltip.forcePKCE=Whether client is required to use PKCE +tooltip.forcePKCE.oauth=Whether client is required to use PKCE (OAUTH) tooltip.grantTypes=OAuth grant types to allow -tooltip.refreshTokenLifetime=Lifetime of refresh token issued to client +tooltip.refreshTokenLifetime.oidc=Lifetime of refresh token issued to client tooltip.resolveAttributes.oidc=Whether to resolve attributes during the token issuance process tooltip.authorizationCodeFlowEnabled=Whether to enable the authorization code flow tooltip.hybridFlowEnabled=Whether to enable the hybrid flow tooltip.implicitFlowEnabled=Whether to enable the implicit flow tooltip.refreshTokensEnabled=Whether to enable refresh token support -tooltip.accessTokenLifetime=Lifetime of access token -tooltip.accessTokenType=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. +tooltip.accessTokenLifetime.oidc=Lifetime of access token (OIDC) +tooltip.accessTokenType.oidc=Format of access token. Supported values are 'JWT' or nothing/empty/null implying opaque tokens. tooltip.acrRequestAlwaysEssential=Whether to treat "acr" claim requests as essential regardless of request -tooltip.allowPKCEPlain=Whether client is allowed to use PKCE code challenge method plain -tooltip.alwaysIncludedAttributes=Specifies IdPAttributes to always include in ID token regardless of response_type +tooltip.allowPKCEPlain.oidc=Whether client is allowed to use PKCE code challenge method plain (OIDC) +tooltip.alwaysIncludedAttributes.token=Specifies IdPAttributes to always include in ID token regardless of response_type tooltip.authorizeCodeLifetime=Lifetime of authorization code -tooltip.deniedUserInfoAttributes=Specifies IdPAttributes to omit from UserInfo token +tooltip.deniedUserInfoAttributes.browser=Specifies IdPAttributes to omit from UserInfo token (browser) tooltip.encodeConsentInTokens=Whether to embed consent decision(s) in access/refresh tokens and authorization code to allow for client-side consent storage tooltip.encodedAttributes=Specifies IdPAttributes to encode into tokens for recovery on back-channel token requests -tooltip.forcePKCE=Whether client is required to use PKCE +tooltip.forcePKCE.oidc=Whether client is required to use PKCE (OIDC) tooltip.IDTokenLifetime.browser=Lifetime of ID token (browser) tooltip.includeIssuerInResponse=Whether to include issuer -parameter in the responses as specified by RFC 9207. If set to true also consider including authorization_response_iss_parameter_supported to the OP metadata. -tooltip.refreshTokenLifetime=Lifetime of refresh token -tooltip.alwaysIncludedAttributes=Specifies IdPAttributes to always include in ID token regardless of response_type -tooltip.encryptionOptional=Whether the absence of encryption details in a client?s metadata should fail when issuing an ID token +tooltip.refreshTokenLifetime.oauth=Lifetime of refresh token +tooltip.alwaysIncludedAttributes.browser=Specifies IdPAttributes to always include in ID token regardless of response_type +tooltip.encryptionOptional=Whether the absence of encryption details in a client's metadata should fail when issuing an ID token tooltip.IDTokenLifetime=Lifetime of ID token issued to client tooltip.deniedUserInfoAttributes=Specifies IdPAttributes to omit from UserInfo token tooltip.resolveAttributes.oauth=Whether to run the attribute resolution/filtering step \ No newline at end of file diff --git a/testbed/authentication/shibui/application.yml b/testbed/authentication/shibui/application.yml index 4a8fdee76..73f30063f 100644 --- a/testbed/authentication/shibui/application.yml +++ b/testbed/authentication/shibui/application.yml @@ -187,18 +187,18 @@ shibui: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -231,10 +231,10 @@ shibui: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -244,7 +244,7 @@ shibui: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -252,7 +252,7 @@ shibui: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -260,7 +260,7 @@ shibui: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -268,7 +268,7 @@ shibui: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -276,21 +276,21 @@ shibui: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -308,10 +308,10 @@ shibui: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -323,10 +323,10 @@ shibui: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -366,18 +366,18 @@ shibui: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -386,7 +386,7 @@ shibui: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/testbed/integration/shibui/application.yml b/testbed/integration/shibui/application.yml index 71d615a33..9bdb080df 100644 --- a/testbed/integration/shibui/application.yml +++ b/testbed/integration/shibui/application.yml @@ -179,18 +179,18 @@ shibui: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -223,10 +223,10 @@ shibui: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -236,7 +236,7 @@ shibui: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -244,7 +244,7 @@ shibui: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -252,7 +252,7 @@ shibui: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -260,7 +260,7 @@ shibui: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -268,21 +268,21 @@ shibui: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -300,10 +300,10 @@ shibui: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -315,10 +315,10 @@ shibui: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -358,18 +358,18 @@ shibui: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -378,7 +378,7 @@ shibui: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/testbed/mariadb/conf/application.yml b/testbed/mariadb/conf/application.yml index 9cf826d01..8acae5ea1 100644 --- a/testbed/mariadb/conf/application.yml +++ b/testbed/mariadb/conf/application.yml @@ -210,18 +210,18 @@ custom: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -254,10 +254,10 @@ custom: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -267,7 +267,7 @@ custom: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -275,7 +275,7 @@ custom: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -283,7 +283,7 @@ custom: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -291,7 +291,7 @@ custom: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -299,21 +299,21 @@ custom: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -331,10 +331,10 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -346,10 +346,10 @@ custom: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -389,18 +389,18 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -409,7 +409,7 @@ custom: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/testbed/mysql/conf/application.yml b/testbed/mysql/conf/application.yml index a9204e697..9f328ddd4 100644 --- a/testbed/mysql/conf/application.yml +++ b/testbed/mysql/conf/application.yml @@ -210,18 +210,18 @@ custom: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -254,10 +254,10 @@ custom: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -267,7 +267,7 @@ custom: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -275,7 +275,7 @@ custom: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -283,7 +283,7 @@ custom: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -291,7 +291,7 @@ custom: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -299,21 +299,21 @@ custom: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -331,10 +331,10 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -346,10 +346,10 @@ custom: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -389,18 +389,18 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -409,7 +409,7 @@ custom: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/testbed/postgres/conf/application.yml b/testbed/postgres/conf/application.yml index d6ca89dc3..ff1cfa696 100644 --- a/testbed/postgres/conf/application.yml +++ b/testbed/postgres/conf/application.yml @@ -212,18 +212,18 @@ custom: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -256,10 +256,10 @@ custom: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -269,7 +269,7 @@ custom: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -277,7 +277,7 @@ custom: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -285,7 +285,7 @@ custom: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -293,7 +293,7 @@ custom: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -301,21 +301,21 @@ custom: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -333,10 +333,10 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -348,10 +348,10 @@ custom: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -391,18 +391,18 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -411,7 +411,7 @@ custom: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime diff --git a/testbed/sqlServer/conf/application.yml b/testbed/sqlServer/conf/application.yml index e905446b8..f94a2852c 100644 --- a/testbed/sqlServer/conf/application.yml +++ b/testbed/sqlServer/conf/application.yml @@ -210,18 +210,18 @@ custom: defaultValue: CHAIN attributeName: http://shibboleth.net/ns/profiles/oauth2/revocation/revocationMethod protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOauth attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oauth + helpText: tooltip.accessTokenLifetime.oauth displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOauth attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oauth + helpText: tooltip.accessTokenType.oauth displayType: string attributeName: http://shibboleth.net/ns/profiles/oauth2/token/accessTokenType protocol: oidc @@ -254,10 +254,10 @@ custom: defaultValue: authorization_code, refresh_token attributeName: http://shibboleth.net/ns/profiles/oauth2/token/grantTypes protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOauth attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oauth + helpText: tooltip.refreshTokenLifetime.oauth displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oauth2/token/refreshTokenLifetime @@ -267,7 +267,7 @@ custom: displayName: label.resolveAttributes.oauth helpText: tooltip.resolveAttributes.oauth displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oauth2/token/resolveAttributes protocol: oidc - name: authorizationCodeFlowEnabled @@ -275,7 +275,7 @@ custom: displayName: label.authorizationCodeFlowEnabled helpText: tooltip.authorizationCodeFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/authorizationCodeFlowEnabled protocol: oidc - name: hybridFlowEnabled @@ -283,7 +283,7 @@ custom: displayName: label.hybridFlowEnabled helpText: tooltip.hybridFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/hybridFlowEnabled protocol: oidc - name: implicitFlowEnabled @@ -291,7 +291,7 @@ custom: displayName: label.implicitFlowEnabled helpText: tooltip.implicitFlowEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/implicitFlowEnabled protocol: oidc - name: refreshTokensEnabled @@ -299,21 +299,21 @@ custom: displayName: label.refreshTokensEnabled helpText: tooltip.refreshTokensEnabled displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/refreshTokensEnabled protocol: oidc - - name: accessTokenLifetime + - name: accessTokenLifetimeOidc attributeFriendlyName: accessTokenLifetime - displayName: label.accessTokenLifetime - helpText: tooltip.accessTokenLifetime + displayName: label.accessTokenLifetime.oidc + helpText: tooltip.accessTokenLifetime.oidc displayType: string defaultValue: PT10M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenLifetime protocol: oidc - - name: accessTokenType + - name: accessTokenTypeOidc attributeFriendlyName: accessTokenType - displayName: label.accessTokenType - helpText: tooltip.accessTokenType + displayName: label.accessTokenType.oidc + helpText: tooltip.accessTokenType.oidc displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/accessTokenType protocol: oidc @@ -331,10 +331,10 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/allowPKCEPlain protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesBrowser attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.browser + helpText: tooltip.alwaysIncludedAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/alwaysIncludedAttributes protocol: oidc @@ -346,10 +346,10 @@ custom: defaultValue: PT5M attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/authorizeCodeLifetime protocol: oidc - - name: deniedUserInfoAttributes + - name: deniedUserInfoAttributesBrowser attributeFriendlyName: deniedUserInfoAttributes - displayName: label.deniedUserInfoAttributes - helpText: tooltip.deniedUserInfoAttributes + displayName: label.deniedUserInfoAttributes.browser + helpText: tooltip.deniedUserInfoAttributes.browser displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/deniedUserInfoAttributes protocol: oidc @@ -389,18 +389,18 @@ custom: displayType: boolean attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/includeIssuerInResponse protocol: oidc - - name: refreshTokenLifetime + - name: refreshTokenLifetimeOidc attributeFriendlyName: refreshTokenLifetime - displayName: label.refreshTokenLifetime - helpText: tooltip.refreshTokenLifetime + displayName: label.refreshTokenLifetime.oidc + helpText: tooltip.refreshTokenLifetime.oidc displayType: string defaultValue: PT2H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/refreshTokenLifetime protocol: oidc - - name: alwaysIncludedAttributes + - name: alwaysIncludedAttributesToken attributeFriendlyName: alwaysIncludedAttributes - displayName: label.alwaysIncludedAttributes - helpText: tooltip.alwaysIncludedAttributes + displayName: label.alwaysIncludedAttributes.token + helpText: tooltip.alwaysIncludedAttributes.token displayType: string attributeName: http://shibboleth.net/ns/profiles/oidc/token/alwaysIncludedAttributes protocol: oidc @@ -409,7 +409,7 @@ custom: displayName: label.encryptionOptional helpText: tooltip.encryptionOptional displayType: boolean - defaultValue: TRUE + defaultValue: true attributeName: http://shibboleth.net/ns/profiles/oidc/token/encryptionOptional protocol: oidc - name: IDTokenLifetime From 7ec00c1d885b6d81bd79eeffcc03bdada5d469fe Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 21 Oct 2022 14:57:47 -0700 Subject: [PATCH 57/77] Added unique id for delete array item --- .../form/component/templates/ArrayFieldTemplate.js | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/ui/src/app/form/component/templates/ArrayFieldTemplate.js b/ui/src/app/form/component/templates/ArrayFieldTemplate.js index 19a5609c5..db1083afb 100644 --- a/ui/src/app/form/component/templates/ArrayFieldTemplate.js +++ b/ui/src/app/form/component/templates/ArrayFieldTemplate.js @@ -80,6 +80,9 @@ const ObjectArrayItem = ({type, ...props}) => { paddingRight: 6, fontWeight: "bold", }; + + console.log(props); + return (
@@ -122,6 +125,7 @@ const ObjectArrayItem = ({type, ...props}) => { {props.hasRemove && (
{ const uiSchemaOptions = props.uiSchema ? props.uiSchema['ui:options'] || {} : {}; + console.log(props); + return (
@@ -192,6 +198,7 @@ const DefaultArrayItem = (props) => { {props.hasRemove && (
{ title={props.uiSchema["ui:title"] || props.title} required={props.required} /> - hi there {props.canAdd && ( { {props.items && props.items.map(p => props.schema.items.type === 'object' || props.schema.items.$ref ? - ObjectArrayItem({ type: props.uiSchema.type, ...p }) + ObjectArrayItem({ type: props.uiSchema.type, ...p, uniqueIdForTest: props.idSchema.$id }) : - DefaultArrayItem({ ...p, uiSchema: props.uiSchema.items }) + DefaultArrayItem({ ...p, uiSchema: props.uiSchema.items, uniqueIdForTest: props.idSchema.$id }) )} From 57d2f0adfd9154376896ff093de35784db981c56 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Mon, 24 Oct 2022 16:08:13 -0400 Subject: [PATCH 58/77] SHIBUI-2380 More fixes. Maybe. --- .../integration/resources/SHIBUI-1281.side | 93 +++++--- .../integration/resources/SHIBUI-1333.side | 101 +++++---- .../integration/resources/SHIBUI-1334-1.side | 184 +++++++++------- .../integration/resources/SHIBUI-1335-1.side | 163 ++++++++------ .../integration/resources/SHIBUI-1335-4.side | 12 +- .../integration/resources/SHIBUI-1364-1.side | 202 ++++++++++-------- .../integration/resources/SHIBUI-1364-4.side | 12 +- 7 files changed, 454 insertions(+), 313 deletions(-) diff --git a/backend/src/integration/resources/SHIBUI-1281.side b/backend/src/integration/resources/SHIBUI-1281.side index 44d10c326..deb8a8cb3 100644 --- a/backend/src/integration/resources/SHIBUI-1281.side +++ b/backend/src/integration/resources/SHIBUI-1281.side @@ -1375,13 +1375,13 @@ "id": "ba74d18d-0996-485f-8a9f-01a39428eb0c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1430,11 +1430,13 @@ "id": "ec3afb37-30b4-4d07-93a6-dcf022605532", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1483,11 +1485,13 @@ "id": "8b340d1f-4944-4d10-a4cd-5e79be6804ef", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1536,11 +1540,13 @@ "id": "d6e7a640-a578-415b-9c1b-b2313b62ad46", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1589,10 +1595,13 @@ "id": "4c15be93-75be-4673-b703-07a705300d0f", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .btn > translate-i18n", "css:finder"], - ["xpath=//div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1628,12 +1637,14 @@ "id": "c8bb3bee-3d61-4324-a3aa-38b78232b969", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1683,10 +1694,14 @@ "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1736,10 +1751,14 @@ "id": "892ddc96-970b-4dde-9189-0dc9ed197dab", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1789,10 +1808,14 @@ "id": "f0dd4b79-eab5-4d4b-af2e-07ca661f8288", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .btn > translate-i18n", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1333.side b/backend/src/integration/resources/SHIBUI-1333.side index d78082478..dba5fdfc0 100644 --- a/backend/src/integration/resources/SHIBUI-1333.side +++ b/backend/src/integration/resources/SHIBUI-1333.side @@ -1414,13 +1414,13 @@ "id": "ba74d18d-0996-485f-8a9f-01a39428eb0c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1469,11 +1469,13 @@ "id": "ec3afb37-30b4-4d07-93a6-dcf022605532", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1522,11 +1524,13 @@ "id": "8b340d1f-4944-4d10-a4cd-5e79be6804ef", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1575,11 +1579,13 @@ "id": "d6e7a640-a578-415b-9c1b-b2313b62ad46", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1628,10 +1634,13 @@ "id": "4c15be93-75be-4673-b703-07a705300d0f", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .btn > translate-i18n", "css:finder"], - ["xpath=//div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1680,12 +1689,14 @@ "id": "c8bb3bee-3d61-4324-a3aa-38b78232b969", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1735,10 +1746,14 @@ "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1788,10 +1803,14 @@ "id": "892ddc96-970b-4dde-9189-0dc9ed197dab", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1841,10 +1860,14 @@ "id": "f0dd4b79-eab5-4d4b-af2e-07ca661f8288", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .btn > translate-i18n", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -2267,11 +2290,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1334-1.side b/backend/src/integration/resources/SHIBUI-1334-1.side index 2f85c5ebf..eccb04d61 100644 --- a/backend/src/integration/resources/SHIBUI-1334-1.side +++ b/backend/src/integration/resources/SHIBUI-1334-1.side @@ -1420,13 +1420,13 @@ "id": "ba74d18d-0996-485f-8a9f-01a39428eb0c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1475,11 +1475,13 @@ "id": "ec3afb37-30b4-4d07-93a6-dcf022605532", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1528,11 +1530,13 @@ "id": "8b340d1f-4944-4d10-a4cd-5e79be6804ef", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1581,11 +1585,13 @@ "id": "d6e7a640-a578-415b-9c1b-b2313b62ad46", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1634,10 +1640,13 @@ "id": "4c15be93-75be-4673-b703-07a705300d0f", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .btn > translate-i18n", "css:finder"], - ["xpath=//div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1677,12 +1686,14 @@ "id": "c8bb3bee-3d61-4324-a3aa-38b78232b969", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1728,14 +1739,25 @@ ["xpath=//a[contains(.,'https://refeds.org/profile/mfa')]", "xpath:innerText"] ], "value": "" + }, { + "id": "93f04a7e-da9b-4d5d-b739-4774994ec613", + "comment": "", + "command": "pause", + "target": "500", + "targets": [], + "value": "" }, { "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1754,8 +1776,8 @@ ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[4]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:position"] + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1785,10 +1807,14 @@ "id": "892ddc96-970b-4dde-9189-0dc9ed197dab", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1838,10 +1864,14 @@ "id": "f0dd4b79-eab5-4d4b-af2e-07ca661f8288", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .btn > translate-i18n", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1981,22 +2011,22 @@ "id": "a1050ebe-55c5-4eac-8d12-615f3ff1cd72", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(6) .d-block:nth-child(2)", + "target": "css=div:nth-child(9) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(6) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[6]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[6]/div/span[2]", "xpath:position"] + ["css=div:nth-child(9) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[9]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[9]/div/span[2]", "xpath:position"] ], "value": "true" }, { "id": "43b130ff-e8a5-493d-a418-f1f8623f1de3", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"] + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"] ], "value": "false" }, { @@ -2282,11 +2312,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" @@ -2466,7 +2496,7 @@ "id": "90cb59ce-695b-49d0-983b-01e445f3a384", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(2)", "targets": [ ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], @@ -2477,29 +2507,30 @@ "id": "1c0b7514-92b7-4e07-b462-467113f4a8cd", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "Service Provider v2" }, { "id": "853b7142-e733-4f2a-b7e0-8303f582740f", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(3)", "targets": [], "value": "10000" }, { "id": "fc7c4e1e-03c7-4108-9a8d-f469e7679ae4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=div:nth-child(2) > div > .bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Test Provider')]", "xpath:innerText"] ], "value": "Test Provider" }, { @@ -2529,46 +2560,45 @@ "id": "89945406-0c5f-4e3f-8bce-659f7f34cb3d", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > .bg-diff > .d-block:nth-child(2)", + "target": "css=div:nth-child(1) > .bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > .bg-diff > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'false')]", "xpath:innerText"] + ["css=div:nth-child(1) > .bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div/div/span[2]", "xpath:position"] ], "value": "false" }, { "id": "39628eb7-55cb-41d0-827c-b5bd6e80b6bb", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > .bg-diff > .d-block:nth-child(3)", + "target": "css=div:nth-child(1) > div:nth-child(2) > .bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > .bg-diff > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[2]/div/span[3]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[2]/div/span[3]", "xpath:position"], - ["xpath=//span[contains(.,'true')]", "xpath:innerText"] + ["css=div:nth-child(1) > div:nth-child(2) > .bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"] ], "value": "true" }, { "id": "69242724-afc5-4036-8c73-937a8b66dc5e", "comment": "", "command": "assertText", - "target": "css=div:nth-child(3) > .bg-diff > .d-block:nth-child(2)", + "target": "css=div:nth-child(1) > .bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(3) > .bg-diff > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"] + ["css=div:nth-child(1) > .bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div/div/span[3]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" }, { "id": "bc16d76e-e95a-4357-942c-f346831e42c1", "comment": "", "command": "assertText", - "target": "css=div:nth-child(3) > .bg-diff > .d-block:nth-child(3)", + "target": "css=div:nth-child(1) > div:nth-child(2) > .bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(3) > .bg-diff > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[3]/div/span[3]", "xpath:idRelative"], - ["xpath=//section[5]/div/div[2]/div[2]/div/div[3]/div/span[3]", "xpath:position"] + ["css=div:nth-child(1) > div:nth-child(2) > .bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[5]/div/div[2]/div[2]/div/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//section[5]/div/div[2]/div[2]/div/div[2]/div/span[3]", "xpath:position"] ], "value": "false" }, { diff --git a/backend/src/integration/resources/SHIBUI-1335-1.side b/backend/src/integration/resources/SHIBUI-1335-1.side index da5bd33c5..aa2c983f8 100644 --- a/backend/src/integration/resources/SHIBUI-1335-1.side +++ b/backend/src/integration/resources/SHIBUI-1335-1.side @@ -821,13 +821,13 @@ "id": "027b4448-eaf6-4f24-ae2f-5b592db910ed", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -876,10 +876,13 @@ "id": "d8e3df44-0db6-458e-b133-36b7ec08fbb7", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .btn > translate-i18n", "css:finder"], - ["xpath=//array-component/div/div/button/translate-i18n", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -928,11 +931,13 @@ "id": "4e595806-b2c6-43c6-bd1f-78e659f795e4", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//array-component/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -981,11 +986,13 @@ "id": "9902d02a-d7f7-4424-92f4-2a6072916421", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//array-component/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1034,11 +1041,13 @@ "id": "290e296a-97a9-41e3-bbd8-51edfebc550b", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//array-component/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1052,22 +1061,25 @@ "id": "624fd275-3ee2-4cd0-890a-4ae22b152ed4", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=div:nth-child(8) .d-flex > .btn", "css:finder"], - ["xpath=//array-component/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add   ')]", "xpath:innerText"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "e6c3d2db-386e-4b9b-a160-c091b025c1b9", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[10]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "nameIdFormat" @@ -1082,12 +1094,14 @@ "id": "82093807-448e-4a25-96bf-ed1dfca77452", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[30]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1101,12 +1115,13 @@ "id": "fcd7d891-5ea4-45a6-8554-4298ec5804c9", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[1]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/0-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[8]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/0-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1132,14 +1147,25 @@ ["xpath=//a[contains(.,'https://refeds.org/profile/mfa')]", "xpath:innerText"] ], "value": "" + }, { + "id": "80f1daee-410c-41de-9617-3fca29a01cd2", + "comment": "", + "command": "pause", + "target": "500", + "targets": [], + "value": "" }, { "id": "743e6d84-98b7-461a-8fb9-05826abb8e22", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1153,12 +1179,13 @@ "id": "81517bc9-7996-46be-9dfe-9eea57f0e616", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/1-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/1-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[2]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1188,10 +1215,14 @@ "id": "7a3a49b4-4348-4318-a35c-ba0a2192e811", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { @@ -1205,12 +1236,13 @@ "id": "c2f97ae8-fddf-4e48-b961-1d4154ceae9f", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=#\\/relyingPartyOverrides\\/authenticationMethods\\/2-container .btn", "css:finder"], - ["xpath=(//button[@type='button'])[10]", "xpath:attributes"], - ["xpath=//div[@id='/relyingPartyOverrides/authenticationMethods/2-container']/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li[3]/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1240,22 +1272,27 @@ "id": "efad42c9-5d79-42f6-a348-54ba5fe59e9d", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=div:nth-child(9) .d-flex > .btn", "css:finder"], - ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "9a7b2bfe-8702-40be-a6fe-a76b9a01cdde", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "someOverride" }, { diff --git a/backend/src/integration/resources/SHIBUI-1335-4.side b/backend/src/integration/resources/SHIBUI-1335-4.side index 93b6bfcfd..127a32f4c 100644 --- a/backend/src/integration/resources/SHIBUI-1335-4.side +++ b/backend/src/integration/resources/SHIBUI-1335-4.side @@ -735,13 +735,13 @@ "id": "c722da17-b739-4fa6-b731-8b347e3c96e3", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1364-1.side b/backend/src/integration/resources/SHIBUI-1364-1.side index 8fe9da05e..9b79c2cec 100644 --- a/backend/src/integration/resources/SHIBUI-1364-1.side +++ b/backend/src/integration/resources/SHIBUI-1364-1.side @@ -900,13 +900,13 @@ "id": "7753fdc3-fb29-436e-aa16-c331fa4772d6", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -941,9 +941,13 @@ "id": "7e21402f-383c-4995-89b6-b75db89c0ab5", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button > .svg-inline--fa", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button > .svg-inline--fa", "css:finder"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -974,13 +978,13 @@ "id": "8fbcab89-08ff-4c40-a2bc-79674b75720c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1011,13 +1015,13 @@ "id": "72506b7c-224d-4c45-81e6-1b1e5f3a08b8", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1049,24 +1053,25 @@ "id": "bac85588-bf58-4e2a-ba71-6d0a3941631e", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { "id": "dd44bd2e-84dc-4512-966f-97f893f530e9", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[5]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1074,11 +1079,12 @@ "id": "2d2e92a4-213d-4345-9b1c-f6fb04df3971", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[2]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=//input[@value='someNameID']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "someNameID" @@ -1102,24 +1108,27 @@ "id": "f2443263-2147-4457-ae68-9c46bb38940a", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[30]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "22ce2ccc-94d9-4b6c-8a6c-7544af49e00a", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[32]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1142,24 +1151,27 @@ "id": "ccd54cce-a783-4dbd-b64e-1932286b4a08", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[30]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "00087e23-8d82-4dc1-ae12-8043589e08f1", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[2]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[34]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1182,24 +1194,27 @@ "id": "58dc23a7-adae-4b09-a056-c1facfc3db89", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(4) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[4]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div[4]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "b1429afc-4501-4fb3-acf7-02f2cb90f7f3", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[3]/div/div[1]/div/div[1]/div/div/button", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[36]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1218,36 +1233,40 @@ "id": "268e6828-97c8-4f68-9f2d-9c443b16dcef", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[30]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], "value": "" }, { "id": "b6dc2be5-574b-4fd6-b1a1-786303efc60a", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[9]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { "id": "28aa7d61-803f-48af-a103-5945f84a1601", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[7]/div/div/div[1]/div/div[4]/div/div/div[1]/div/div/div[2]/div[4]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=//input[@value='SomeAuthnMethod']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_authenticationMethods_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_authenticationMethods_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_authenticationMethods_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "SomeAuthnMethod" }, { @@ -1639,11 +1658,12 @@ "id": "c18de9c9-ff9e-4784-897f-9b081102aa9e", "comment": "", "command": "click", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[8]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_formats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=(//input[@value=''])[5]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_formats_4", "id"], + ["css=#option-selector-root_formats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_formats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div[2]/div/form/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1651,11 +1671,12 @@ "id": "3d49dbfc-47e9-4629-a27c-1013e0e2bdac", "comment": "", "command": "type", - "target": "xpath=//section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div[1]/div/div[8]/div/div/div[1]/div/div/div[2]/div[5]/div/div[1]/div/div[1]/div/div/div[1]/input[1]", + "target": "id=option-selector-root_formats_4", "targets": [ - ["css=.focus", "css:finder"], - ["xpath=//input[@value='SomeOtherNameIDFormat']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["id=option-selector-root_formats_4", "id"], + ["css=#option-selector-root_formats_4", "css:finder"], + ["xpath=//input[@id='option-selector-root_formats_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div[2]/div/form/div/div/div/div[8]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "SomeOtherNameIDFormat" @@ -1695,6 +1716,13 @@ "target": "2000", "targets": [], "value": "" + }, { + "id": "54913800-9f95-4eb1-8ccc-bbaf0b43db5c", + "comment": "", + "command": "waitForElementVisible", + "target": "css=.list-group-item:nth-child(1) .mx-4", + "targets": [], + "value": "30000" }, { "id": "100902ee-6d6e-4148-a69b-b37746a4ad6e", "comment": "", diff --git a/backend/src/integration/resources/SHIBUI-1364-4.side b/backend/src/integration/resources/SHIBUI-1364-4.side index ef58a9c8d..d2bc8b32a 100644 --- a/backend/src/integration/resources/SHIBUI-1364-4.side +++ b/backend/src/integration/resources/SHIBUI-1364-4.side @@ -703,13 +703,13 @@ "id": "93505bd6-8a5e-4ef0-8f50-d2dc9bce71d6", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/div/div/button", "xpath:position"], - ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { From d60812180ed204b6b51d230a60864ae677e7b88f Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 24 Oct 2022 13:20:50 -0700 Subject: [PATCH 59/77] Removed console logs --- ui/src/app/admin/container/ConfigurationList.js | 1 - ui/src/app/form/component/templates/ArrayFieldTemplate.js | 4 ---- ui/src/app/metadata/copy/CopySource.js | 2 -- 3 files changed, 7 deletions(-) diff --git a/ui/src/app/admin/container/ConfigurationList.js b/ui/src/app/admin/container/ConfigurationList.js index cef6880b2..91dc3a6b2 100644 --- a/ui/src/app/admin/container/ConfigurationList.js +++ b/ui/src/app/admin/container/ConfigurationList.js @@ -37,7 +37,6 @@ export function ConfigurationList({ configurations, onDelete, loading }) { const file = await downloader.response.blob(); if (downloader.response.ok) { downloadAsZip('configuration', file); - console.log(file); } }; diff --git a/ui/src/app/form/component/templates/ArrayFieldTemplate.js b/ui/src/app/form/component/templates/ArrayFieldTemplate.js index db1083afb..295250299 100644 --- a/ui/src/app/form/component/templates/ArrayFieldTemplate.js +++ b/ui/src/app/form/component/templates/ArrayFieldTemplate.js @@ -81,8 +81,6 @@ const ObjectArrayItem = ({type, ...props}) => { fontWeight: "bold", }; - console.log(props); - return (
@@ -158,8 +156,6 @@ const DefaultArrayItem = (props) => { const uiSchemaOptions = props.uiSchema ? props.uiSchema['ui:options'] || {} : {}; - console.log(props); - return (
diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index 0fc9d953d..2a3f91312 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -59,8 +59,6 @@ export function CopySource({ copy, onNext }) { const sections = useMetadataSourceSections(); - React.useEffect(() => console.log(form), [form]); - return ( <>
From 2e9dbb24d3341c8a23a94fe5d51399d795ecc365 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 24 Oct 2022 13:44:39 -0700 Subject: [PATCH 60/77] SHIBUI-2380 Fixing issue with RPO included twice --- .../MetadataSourcesUiDefinitionController.groovy | 2 +- .../admin/ui/controller/EntityDescriptorController.java | 3 +-- .../admin/ui/service/JPAEntityDescriptorServiceImpl.java | 4 ++-- backend/src/main/resources/application.yml | 8 +------- 4 files changed, 5 insertions(+), 12 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy index a2b13e8e1..a6c1e3e20 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy @@ -58,7 +58,7 @@ class MetadataSourcesUiDefinitionController { return ResponseEntity.ok(parsedJson) } catch (IOException e) { - log.error("An error occurred while attempting to get json schema for metadata sources!", e) + log.error("An error occurred while attempting to get json schema [" + url + "] for metadata sources!", e) return ResponseEntity.status(INTERNAL_SERVER_ERROR).body([jsonParseError : e.getMessage(), sourceUiSchemaDefinitionFile: this.samlJsonSchemaLocation.url]) } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java index e4de49273..9cc2cb64d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java @@ -66,8 +66,7 @@ public EntityDescriptorController(EntityDescriptorVersionService versionService) @PostMapping("/EntityDescriptor") @Transactional - public ResponseEntity create(@RequestBody EntityDescriptorRepresentation edRepresentation) - throws ForbiddenException, ObjectIdExistsException, InvalidPatternMatchException { + public ResponseEntity create(@RequestBody EntityDescriptorRepresentation edRepresentation) throws ForbiddenException, ObjectIdExistsException, InvalidPatternMatchException { EntityDescriptorRepresentation persistedEd = entityDescriptorService.createNew(edRepresentation); return ResponseEntity.created(getResourceUriFor(persistedEd.getId())).body(persistedEd); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 62876378f..94ac5f2ca 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -376,13 +376,13 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope case DURATION: case SPRING_BEAN_ID: if (jpaAttribute.getAttributeValues().size() != 1) { - throw new RuntimeException("Multiple/No values detected where one is expected!"); + throw new RuntimeException("Multiple/No values detected where one is expected for override: " + jpaAttribute.getName()); } attributeValues = ModelRepresentationConversions.getValueFromXMLObject(jpaAttribute.getAttributeValues().get(0)); break; case INTEGER: if (jpaAttribute.getAttributeValues().size() != 1) { - throw new RuntimeException("Multiple/No values detected where one is expected!"); + throw new RuntimeException("Multiple/No values detected where one is expected for override: " + jpaAttribute.getName()); } attributeValues = ((XSInteger)jpaAttribute.getAttributeValues().get(0)).getValue(); break; diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index a737e13e4..da77c5fec 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -152,6 +152,7 @@ custom: - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods attributeFriendlyName: defaultAuthenticationMethods + protocol: saml,oidc - name: forceAuthn displayName: label.force-authn displayType: boolean @@ -201,13 +202,6 @@ custom: defaultValue: client_secret_basic, client_secret_post, client_secret_jwt, private_key_jwt attributeName: http://shibboleth.net/ns/profiles/tokenEndpointAuthMethods protocol: oidc - - name: defaultAuthenticationMethods - attributeFriendlyName: defaultAuthenticationMethods - displayName: label.defaultAuthenticationMethods - helpText: tooltip.defaultAuthenticationMethods - displayType: string - attributeName: http://shibboleth.net/ns/profiles/defaultAuthenticationMethods - protocol: oidc - name: postAuthenticationFlows attributeFriendlyName: postAuthenticationFlows displayName: label.postAuthenticationFlows From 4fe7a05c8d76ab4c856003255004a8f3d221f4eb Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 24 Oct 2022 13:50:53 -0700 Subject: [PATCH 61/77] Fixed unused variable error --- ui/src/app/metadata/copy/CopySource.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index 2a3f91312..2a7a6b183 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -47,8 +47,6 @@ export function CopySource({ copy, onNext }) { const target = watch('target'); - const form = watch(); - const { errors, isValid } = formState; React.useEffect(() => { From 4b368cce2061f27194ab278038aa5fc569b80fd0 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 25 Oct 2022 11:21:09 -0400 Subject: [PATCH 62/77] SHIBUI-2380 More test fixes. --- .../integration/resources/SHIBUI-1333.side | 8 +- .../integration/resources/SHIBUI-1334-1.side | 20 +- .../integration/resources/SHIBUI-1364-1.side | 8 +- .../integration/resources/SHIBUI-1385-1.side | 213 ++++++++++-------- .../integration/resources/SHIBUI-1407-1.side | 193 ++++++++-------- .../integration/resources/SHIBUI-1674-1.side | 8 +- .../integration/resources/SHIBUI-1674-2.side | 17 +- .../integration/resources/SHIBUI-1732-1.side | 6 +- .../integration/resources/SHIBUI-1732-2.side | 77 ++++--- .../integration/resources/SHIBUI-1732-3.side | 199 +++++++++------- .../integration/resources/SHIBUI-1732-4.side | 73 +++--- .../integration/resources/SHIBUI-1732-5.side | 73 +++--- .../integration/resources/SHIBUI-1732-6.side | 30 +-- .../integration/resources/SHIBUI-1732-7.side | 50 ++-- .../integration/resources/SHIBUI-1743-2.side | 46 ++-- .../integration/resources/SHIBUI-2267.side | 16 +- 16 files changed, 573 insertions(+), 464 deletions(-) diff --git a/backend/src/integration/resources/SHIBUI-1333.side b/backend/src/integration/resources/SHIBUI-1333.side index dba5fdfc0..b93b517c5 100644 --- a/backend/src/integration/resources/SHIBUI-1333.side +++ b/backend/src/integration/resources/SHIBUI-1333.side @@ -2290,11 +2290,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1334-1.side b/backend/src/integration/resources/SHIBUI-1334-1.side index eccb04d61..0526e3672 100644 --- a/backend/src/integration/resources/SHIBUI-1334-1.side +++ b/backend/src/integration/resources/SHIBUI-1334-1.side @@ -2022,13 +2022,13 @@ "id": "43b130ff-e8a5-493d-a418-f1f8623f1de3", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=div:nth-child(10) .text-truncate", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"] + ["css=div:nth-child(10) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[10]/div/span[2]", "xpath:position"] ], - "value": "false" + "value": "true" }, { "id": "1406d7e4-907d-4359-8de8-a40206f0993e", "comment": "", @@ -2312,11 +2312,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" @@ -2748,7 +2748,7 @@ "id": "bde2bbbb-df66-4e07-a770-ec9125fe3e81", "comment": "", "command": "pause", - "target": "5000", + "target": "7000", "targets": [], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1364-1.side b/backend/src/integration/resources/SHIBUI-1364-1.side index 9b79c2cec..0e8525b13 100644 --- a/backend/src/integration/resources/SHIBUI-1364-1.side +++ b/backend/src/integration/resources/SHIBUI-1364-1.side @@ -2364,7 +2364,11 @@ "command": "waitForElementEditable", "target": "css=#filters > div:nth-child(3) > div:nth-child(2) > div > button", "targets": [ - ["css=.d-flex:nth-child(3) > .border-primary:nth-child(2) .svg-inline--fa", "css:finder"] + ["css=.d-flex:nth-child(3) > .border-primary:nth-child(2) .mx-auto", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='filters']/div[3]/div[2]/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Compare')]", "xpath:innerText"] ], "value": "30000" }, { @@ -2373,7 +2377,7 @@ "command": "click", "target": "css=#filters > div:nth-child(3) > div:nth-child(2) > div > button", "targets": [ - ["css=.d-flex:nth-child(3) > .border-primary:nth-child(2) .svg-inline--fa", "css:finder"] + ["css=.d-flex:nth-child(3) > .border-primary:nth-child(2) path", "css:finder"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1385-1.side b/backend/src/integration/resources/SHIBUI-1385-1.side index 7d3b47a31..2383c5172 100644 --- a/backend/src/integration/resources/SHIBUI-1385-1.side +++ b/backend/src/integration/resources/SHIBUI-1385-1.side @@ -1442,11 +1442,12 @@ "id": "ba74d18d-0996-485f-8a9f-01a39428eb0c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1462,12 +1463,13 @@ "id": "2a91666b-5453-4064-8923-c3384835b6fd", "comment": "", "command": "click", - "target": "css=.toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", "targets": [ - ["css=.toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[15]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1497,11 +1499,12 @@ "id": "ec3afb37-30b4-4d07-93a6-dcf022605532", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1517,12 +1520,13 @@ "id": "fd33610c-dbca-410d-b2a4-117a1b2b6a79", "comment": "", "command": "click", - "target": "css=.mt-2:nth-child(2) .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_1", "targets": [ - ["css=.mt-2:nth-child(2) .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[17]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1544,7 +1548,7 @@ ["xpath=//a[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_1-item-1']", "xpath:attributes"], ["xpath=//div[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_1']/a[2]", "xpath:idRelative"], ["xpath=(//a[contains(@href, '#')])[2]", "xpath:href"], - ["xpath=//div[2]/a[2]", "xpath:position"], + ["xpath=//a[2]", "xpath:position"], ["xpath=//a[contains(.,'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress')]", "xpath:innerText"] ], "value": "" @@ -1552,11 +1556,12 @@ "id": "8b340d1f-4944-4d10-a4cd-5e79be6804ef", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1572,12 +1577,13 @@ "id": "208b33cf-f983-4a82-9b1b-19cdf2a937fc", "comment": "", "command": "click", - "target": "css=.mt-2:nth-child(3) .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_2", "targets": [ - ["css=.mt-2:nth-child(3) .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[19]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1607,11 +1613,12 @@ "id": "d6e7a640-a578-415b-9c1b-b2313b62ad46", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1627,12 +1634,13 @@ "id": "788a5b63-a75f-4aeb-9a5d-17c41e8f718e", "comment": "", "command": "click", - "target": "css=.mt-2:nth-child(4) .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_3", "targets": [ - ["css=.mt-2:nth-child(4) .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[21]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[4]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1662,11 +1670,12 @@ "id": "4c15be93-75be-4673-b703-07a705300d0f", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1680,7 +1689,7 @@ ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_4", "id"], ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_4", "css:finder"], ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_4']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/div/div/input", "xpath:idRelative"], ["xpath=//div[5]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" @@ -1717,12 +1726,13 @@ "id": "c8bb3bee-3d61-4324-a3aa-38b78232b969", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1769,12 +1779,13 @@ "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1821,12 +1832,13 @@ "id": "892ddc96-970b-4dde-9189-0dc9ed197dab", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1876,12 +1888,13 @@ "id": "f0dd4b79-eab5-4d4b-af2e-07ca661f8288", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -2303,11 +2316,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" @@ -2454,44 +2467,46 @@ "id": "2e91c30c-20dc-4023-96a9-b835bfebc77e", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "30000" }, { "id": "1c0b7514-92b7-4e07-b462-467113f4a8cd", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "Service Provider v2" }, { "id": "a870af31-cc79-4140-a9aa-0e714a5fc23e", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Test Provider')]", "xpath:innerText"] ], "value": "30000" }, { "id": "fc7c4e1e-03c7-4108-9a8d-f469e7679ae4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Test Provider')]", "xpath:innerText"] ], "value": "Test Provider" }, { @@ -2838,44 +2853,46 @@ "id": "bf094932-1233-48a0-a303-962d1dbd2fdb", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "30000" }, { "id": "18918b08-9ae1-4bc3-836c-73feb1812cde", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "Service Provider - Restored" }, { "id": "d8e9601b-8759-40ac-accd-dc317476f3f9", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Service Provider v2')]", "xpath:innerText"] ], "value": "30000" }, { "id": "e3dc2662-98da-46ad-a25e-fc8f57d29983", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Service Provider v2')]", "xpath:innerText"] ], "value": "Service Provider v2" }, { diff --git a/backend/src/integration/resources/SHIBUI-1407-1.side b/backend/src/integration/resources/SHIBUI-1407-1.side index d8ff784a9..229715fd7 100644 --- a/backend/src/integration/resources/SHIBUI-1407-1.side +++ b/backend/src/integration/resources/SHIBUI-1407-1.side @@ -1435,11 +1435,12 @@ "id": "ba74d18d-0996-485f-8a9f-01a39428eb0c", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1455,12 +1456,13 @@ "id": "2a91666b-5453-4064-8923-c3384835b6fd", "comment": "", "command": "click", - "target": "css=.toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", "targets": [ - ["css=.toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[15]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[2]/div/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1490,11 +1492,12 @@ "id": "ec3afb37-30b4-4d07-93a6-dcf022605532", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1510,12 +1513,13 @@ "id": "fd33610c-dbca-410d-b2a4-117a1b2b6a79", "comment": "", "command": "click", - "target": "css=.is-invalid > .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_1", "targets": [ - ["css=.is-invalid > .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[12]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[2]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[2]/div[2]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_1", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_1", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1545,11 +1549,12 @@ "id": "8b340d1f-4944-4d10-a4cd-5e79be6804ef", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1565,12 +1570,13 @@ "id": "208b33cf-f983-4a82-9b1b-19cdf2a937fc", "comment": "", "command": "click", - "target": "css=.mt-2:nth-child(3) .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_2", "targets": [ - ["css=.mt-2:nth-child(3) .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[19]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[3]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_2", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_2", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1600,11 +1606,12 @@ "id": "d6e7a640-a578-415b-9c1b-b2313b62ad46", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1620,12 +1627,13 @@ "id": "788a5b63-a75f-4aeb-9a5d-17c41e8f718e", "comment": "", "command": "click", - "target": "css=.mt-2:nth-child(4) .toggle-button", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_3", "targets": [ - ["css=.mt-2:nth-child(4) .toggle-button", "css:finder"], - ["xpath=(//button[@type='button'])[21]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[4]/div/div/div/div/div/div/button", "xpath:position"] + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_3", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_3", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/div/div/input", "xpath:position"] ], "value": "" }, { @@ -1655,11 +1663,12 @@ "id": "4c15be93-75be-4673-b703-07a705300d0f", "comment": "", "command": "click", - "target": "css=.row:nth-child(2) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "targets": [ - ["css=.row:nth-child(8) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/div/div/button", "xpath:idRelative"], ["xpath=//div/div/div/div/button", "xpath:position"], ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] ], @@ -1717,12 +1726,13 @@ "id": "a26984fc-83f5-41fc-ae39-8a0f1538f92f", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1772,12 +1782,13 @@ "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1827,12 +1838,13 @@ "id": "892ddc96-970b-4dde-9189-0dc9ed197dab", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1882,12 +1894,13 @@ "id": "f0dd4b79-eab5-4d4b-af2e-07ca661f8288", "comment": "", "command": "click", - "target": "css=.row:nth-child(4) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "targets": [ - ["css=.row:nth-child(9) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[25]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[9]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[9]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_authenticationMethods", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_authenticationMethods']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -2300,11 +2313,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" @@ -2312,11 +2325,11 @@ "id": "e8b794fc-20e2-4317-8bdd-73eee8e94951", "comment": "", "command": "assertText", - "target": "css=.d-flex:nth-child(3) > .py-2", + "target": "css=div:nth-child(9) .text-truncate", "targets": [ - ["css=.d-flex:nth-child(3) > .py-2", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[8]/div/div[2]/div[2]/div[3]/div", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div[3]/div", "xpath:position"] + ["css=div:nth-child(9) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[9]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[9]/div/span[2]", "xpath:position"] ], "value": "true" }, { @@ -2448,58 +2461,60 @@ "id": "4dbf4b6f-7de9-49e1-a23f-ff748f5a986b", "comment": "", "command": "pause", - "target": "3000", + "target": "7000", "targets": [], "value": "" }, { "id": "978829e9-fa70-4548-9a55-0e2ffa0df9a4", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "30000" }, { "id": "1c0b7514-92b7-4e07-b462-467113f4a8cd", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", + "target": "css=.bg-diff > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], - ["xpath=//div/span[2]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[2]", "xpath:position"] ], "value": "Service Provider v2" }, { "id": "c3137509-6eb0-4ec9-bf04-b4a015f8f640", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Test Provider')]", "xpath:innerText"] ], "value": "30000" }, { "id": "fc7c4e1e-03c7-4108-9a8d-f469e7679ae4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", + "target": "css=.bg-diff > .d-block:nth-child(3)", "targets": [ - ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .d-block:nth-child(3)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[3]", "xpath:idRelative"], - ["xpath=//span[3]", "xpath:position"] + ["css=.bg-diff > .d-block:nth-child(3)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[3]", "xpath:idRelative"], + ["xpath=//div[2]/div/span[3]", "xpath:position"], + ["xpath=//span[contains(.,'Test Provider')]", "xpath:innerText"] ], "value": "Test Provider" }, { "id": "39637add-5eb4-40d0-b840-8eb1972ede0f", "comment": "", "command": "pause", - "target": "1000", + "target": "10000", "targets": [], "value": "" }, { @@ -2529,7 +2544,7 @@ "id": "17b17783-b35b-4724-805a-84c2f2727ae8", "comment": "", "command": "storeAttribute", - "target": "xpath=//section[1]/div/div[2]/div[2]/div[1]/div@class", + "target": "xpath= //section[1]/div/div[2]/div[2]/div[2]/div@class", "targets": [], "value": "classes" }, { @@ -2557,7 +2572,7 @@ "id": "7a1a8ab1-8586-45db-b16c-b8cf0dd02443", "comment": "", "command": "storeAttribute", - "target": "xpath=//section[1]/div/div[2]/div[2]/div[2]@class", + "target": "xpath=//section[1]/div/div[2]/div[2]/div[1]@class", "targets": [], "value": "classes" }, { @@ -2578,7 +2593,7 @@ "id": "e9c047ad-fd1f-4ee8-bedb-3750f0c553e4", "comment": "", "command": "storeAttribute", - "target": "xpath=//section[1]/div/div[2]/div[2]/div[5]@class", + "target": "xpath=//section[1]/div/div[2]/div[2]/div[6]@class", "targets": [], "value": "classes" }, { diff --git a/backend/src/integration/resources/SHIBUI-1674-1.side b/backend/src/integration/resources/SHIBUI-1674-1.side index f57151faf..4c164c276 100644 --- a/backend/src/integration/resources/SHIBUI-1674-1.side +++ b/backend/src/integration/resources/SHIBUI-1674-1.side @@ -348,9 +348,9 @@ "id": "56f49fe8-340c-46fa-bda9-0b3c0de98bdb", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(1) > .col-12:nth-child(1) > .mb-3:nth-child(1) path:nth-child(1)", + "target": "css=.row:nth-child(5) .svg-inline--fa:nth-child(2)", "targets": [ - ["css=.row:nth-child(1) > .col-12:nth-child(1) > .mb-3:nth-child(1) path:nth-child(1)", "css:finder"] + ["css=.row:nth-child(5) .svg-inline--fa:nth-child(2)", "css:finder"] ], "value": "" }, { @@ -385,7 +385,7 @@ "id": "54a74399-69aa-4412-85c2-a5bbb543d8be", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(9) path:nth-child(1)", + "target": "css=.row:nth-child(11) path:nth-child(1)", "targets": [ ["css=.row:nth-child(9) path:nth-child(1)", "css:finder"] ], @@ -719,7 +719,7 @@ "id": "2928ba27-b934-499e-8dda-8441dbbb463d", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(8) path:nth-child(1)", + "target": "css=.row:nth-child(10) path:nth-child(1)", "targets": [ ["css=.row:nth-child(8) path:nth-child(1)", "css:finder"] ], diff --git a/backend/src/integration/resources/SHIBUI-1674-2.side b/backend/src/integration/resources/SHIBUI-1674-2.side index fb33695f5..7e24d99e2 100644 --- a/backend/src/integration/resources/SHIBUI-1674-2.side +++ b/backend/src/integration/resources/SHIBUI-1674-2.side @@ -170,6 +170,19 @@ ["xpath=//li[2]/button", "xpath:position"] ], "value": "" + }, { + "id": "93443481-aa70-4742-8501-a4a562235ae7", + "comment": "", + "command": "waitForElementEditable", + "target": "id=root_xmlId", + "targets": [ + ["id=root_xmlId", "id"], + ["css=#root_xmlId", "css:finder"], + ["xpath=//input[@id='root_xmlId']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[2]/div/div/div/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] + ], + "value": "30000" }, { "id": "6d8efa55-ad05-4a15-b65a-74622feff0af", "comment": "", @@ -1284,9 +1297,9 @@ "id": "583b61c9-b021-452b-b488-1faf2be311b6", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(6) .svg-inline--fa:nth-child(2)", + "target": "css=.row:nth-child(9) path:nth-child(1)", "targets": [ - ["css=.row:nth-child(6) .svg-inline--fa:nth-child(2)", "css:finder"] + ["css=.row:nth-child(9) path:nth-child(1)", "css:finder"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1732-1.side b/backend/src/integration/resources/SHIBUI-1732-1.side index 5ed256172..ff3b86e49 100644 --- a/backend/src/integration/resources/SHIBUI-1732-1.side +++ b/backend/src/integration/resources/SHIBUI-1732-1.side @@ -403,7 +403,7 @@ "target": "css=.row:nth-child(8) .form-label > span", "targets": [ ["css=.row:nth-child(8) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[8]/div/div/div/div/label/span", "xpath:idRelative"], ["xpath=//div[8]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom String Display')]", "xpath:innerText"] ], @@ -417,8 +417,8 @@ ["id=root_relyingPartyOverrides_CustomString", "id"], ["css=#root_relyingPartyOverrides_CustomString", "css:finder"], ["xpath=//input[@id='root_relyingPartyOverrides_CustomString']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[7]/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/input", "xpath:position"] + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[8]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[8]/div/div/div/div/input", "xpath:position"] ], "value": "Custom String Default" }, { diff --git a/backend/src/integration/resources/SHIBUI-1732-2.side b/backend/src/integration/resources/SHIBUI-1732-2.side index fdfad5dc8..35cf39dbe 100644 --- a/backend/src/integration/resources/SHIBUI-1732-2.side +++ b/backend/src/integration/resources/SHIBUI-1732-2.side @@ -196,6 +196,19 @@ ["xpath=//div[6]/div/div/input", "xpath:position"] ], "value": "Custom Boolean Help" + }, { + "id": "053668db-f394-490f-bc83-cf3333107383", + "comment": "", + "command": "click", + "target": "id=root_defaultValueBoolean-False", + "targets": [ + ["id=root_defaultValueBoolean-False", "id"], + ["css=#root_defaultValueBoolean-False", "css:finder"], + ["xpath=//input[@id='root_defaultValueBoolean-False']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div/form/div/div/div/div/div[2]/div/div/div/div[2]/input", "xpath:idRelative"], + ["xpath=//div[2]/input", "xpath:position"] + ], + "value": "" }, { "id": "1c1e0a14-a4be-406d-80c5-809de8704799", "comment": "", @@ -374,11 +387,11 @@ "id": "fb8782e1-3376-4c59-af8a-5cf383c78239", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) .d-flex > span", + "target": "css=.row:nth-child(5) .d-flex > span", "targets": [ - ["css=.row:nth-child(7) .d-flex > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[7]/div/div/div/div/div/label/span/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/label/span/span", "xpath:position"] + ["css=.row:nth-child(5) .d-flex > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/label/span/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/label/span/span", "xpath:position"] ], "value": "Custom Boolean Display" }, { @@ -435,11 +448,11 @@ "id": "a7db0511-2584-4cb0-bbaa-2341a705ef07", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Boolean Display')]", "xpath:innerText"] ], "value": "Custom Boolean Display" @@ -447,11 +460,11 @@ "id": "771a8f70-ed99-486f-90f3-3401215d8743", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" @@ -493,11 +506,11 @@ "id": "4dc24329-7c83-43c9-86d6-95f9bf5da92d", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Boolean Display')]", "xpath:innerText"] ], "value": "Custom Boolean Display" @@ -505,11 +518,11 @@ "id": "32f6aaa6-a256-4c36-932e-7c45b4045cba", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" @@ -840,11 +853,11 @@ "id": "73e0928e-a395-4cdd-b90c-229a01cbe7c4", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) > .col-12 > .mb-3 > div > .checkbox .d-flex > span", + "target": "css=.row:nth-child(5) .d-flex > span", "targets": [ - ["css=.row:nth-child(7) > .col-12 > .mb-3 > div > .checkbox .d-flex > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[7]/div/div/div/div/div/label/span/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/label/span/span", "xpath:position"] + ["css=.row:nth-child(5) .d-flex > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[5]/div/div/div/div/div/label/span/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/label/span/span", "xpath:position"] ], "value": "Custom Boolean Display" }, { @@ -897,11 +910,11 @@ "id": "d445f01f-b936-4ebb-b011-8ce2f056e06c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=div:nth-child(1) > div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[2]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Boolean Display')]", "xpath:innerText"] ], "value": "Custom Boolean Display" @@ -909,11 +922,11 @@ "id": "662f922e-4d41-4274-b7a3-aae312fe8c36", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(7) .text-truncate", + "target": "css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(1) > div:nth-child(7) .text-truncate", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"] + ["css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[2]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"] ], "value": "true" }, { diff --git a/backend/src/integration/resources/SHIBUI-1732-3.side b/backend/src/integration/resources/SHIBUI-1732-3.side index 436cdd74f..ad3bec798 100644 --- a/backend/src/integration/resources/SHIBUI-1732-3.side +++ b/backend/src/integration/resources/SHIBUI-1732-3.side @@ -462,11 +462,11 @@ "id": "95c2701d-82d8-4d2d-b83e-82bb4bd2cf8c", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) .control-label", + "target": "css=.row:nth-child(5) .control-label", "targets": [ - ["css=.row:nth-child(7) .control-label", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[7]/div/div/div/div/div/div/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/div/span", "xpath:position"], + ["css=.row:nth-child(5) .control-label", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "Custom List Display" @@ -474,12 +474,13 @@ "id": "d6d968f3-a549-4e0b-8fe0-0ad37d80fea7", "comment": "", "command": "click", - "target": "css=.row:nth-child(7) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "targets": [ - ["css=.row:nth-child(7) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[15]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_CustomList", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_CustomList']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -493,12 +494,13 @@ "id": "01d8abc6-d8a5-46d2-9487-d5b02b95521c", "comment": "", "command": "click", - "target": "css=.row:nth-child(7) .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "targets": [ - ["css=.row:nth-child(6) .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[14]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[6]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[6]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_CustomList", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_CustomList']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -571,11 +573,11 @@ "id": "9ce37583-508a-4ed4-9027-3b7c1f408895", "comment": "", "command": "assertText", - "target": "css=.align-items-start:nth-child(7) > .p-2", + "target": "css=.align-items-start:nth-child(5) > .p-2", "targets": [ - ["css=.align-items-start:nth-child(7) > .p-2", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/span", "xpath:idRelative"], - ["xpath=//div[7]/span", "xpath:position"], + ["css=.align-items-start:nth-child(5) > .p-2", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/span", "xpath:idRelative"], + ["xpath=//div[5]/span", "xpath:position"], ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "Custom List Display" @@ -586,7 +588,7 @@ "target": "css=.align-items-center:nth-child(1) > .d-block", "targets": [ ["css=.align-items-center:nth-child(1) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/ul/li/span", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/ul/li/span", "xpath:idRelative"], ["xpath=//li/span", "xpath:position"], ["xpath=//span[contains(.,'baz')]", "xpath:innerText"] ], @@ -598,7 +600,7 @@ "target": "css=.d-flex:nth-child(2) > .d-block", "targets": [ ["css=.d-flex:nth-child(2) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/ul/li[2]/span", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/ul/li[2]/span", "xpath:idRelative"], ["xpath=//li[2]/span", "xpath:position"], ["xpath=//span[contains(.,'bar')]", "xpath:innerText"] ], @@ -646,11 +648,11 @@ "id": "bc1292d6-d326-4146-baa8-62d9f4e97cf0", "comment": "", "command": "assertText", - "target": "css=.align-items-start:nth-child(7) > .p-2", + "target": "css=.align-items-start:nth-child(5) > .p-2", "targets": [ - ["css=.align-items-start:nth-child(6) > .p-2", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[6]/span", "xpath:idRelative"], - ["xpath=//div[6]/span", "xpath:position"], + ["css=.align-items-start:nth-child(5) > .p-2", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/span", "xpath:idRelative"], + ["xpath=//div[5]/span", "xpath:position"], ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "Custom List Display" @@ -661,7 +663,7 @@ "target": "css=.align-items-center:nth-child(1) > .d-block", "targets": [ ["css=.align-items-center:nth-child(1) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/ul/li/span", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/ul/li/span", "xpath:idRelative"], ["xpath=//ul/li/span", "xpath:position"], ["xpath=//span[contains(.,'baz')]", "xpath:innerText"] ], @@ -673,7 +675,7 @@ "target": "css=.d-flex:nth-child(2) > .d-block", "targets": [ ["css=.d-flex:nth-child(2) > .d-block", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/ul/li[2]/span", "xpath:idRelative"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/ul/li[2]/span", "xpath:idRelative"], ["xpath=//ul/li[2]/span", "xpath:position"], ["xpath=//span[contains(.,'bar')]", "xpath:innerText"] ], @@ -700,36 +702,64 @@ }, { "id": "65be7a0b-462f-43be-9e2f-c7dc71f15467", "comment": "", - "command": "select", - "target": "id=root_relyingPartyOverrides_CustomList_0", + "command": "click", + "target": "id=array-field-deletebtn-root_relyingPartyOverrides_CustomList-0", "targets": [ - ["id=root_relyingPartyOverrides_CustomList_0", "id"], - ["css=#root_relyingPartyOverrides_CustomList_0", "css:finder"], - ["xpath=//select[@id='root_relyingPartyOverrides_CustomList_0']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div[2]/div/div/div/div/div/div/select", "xpath:idRelative"], - ["xpath=//select", "xpath:position"] + ["id=array-field-deletebtn-root_relyingPartyOverrides_CustomList-0", "id"], + ["css=#array-field-deletebtn-root_relyingPartyOverrides_CustomList-0", "css:finder"], + ["xpath=//button[@id='array-field-deletebtn-root_relyingPartyOverrides_CustomList-0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div[2]/div/div/div[2]/div[3]/button", "xpath:idRelative"], + ["xpath=//div[2]/div[3]/button", "xpath:position"], + ["xpath=//button[contains(.,'Delete')]", "xpath:innerText"] ], - "value": "label=foo" + "value": "" }, { - "id": "e4abb650-c762-4060-bc81-428b4758f08e", + "id": "992e127d-5ac1-4796-b54f-f212683624ac", "comment": "", - "command": "select", - "target": "id=root_relyingPartyOverrides_CustomList_0", + "command": "pause", + "target": "1000", + "targets": [], + "value": "" + }, { + "id": "0376713b-60e5-4762-aa20-fa2d2e6111b0", + "comment": "", + "command": "click", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "targets": [ - ["id=root_relyingPartyOverrides_CustomList_0", "id"], - ["css=#root_relyingPartyOverrides_CustomList_0", "css:finder"], - ["xpath=//select[@id='root_relyingPartyOverrides_CustomList_0']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[8]/div/div/div/div[6]/div/div/div/div/div/div[2]/div/div/div/div/div/div/select", "xpath:idRelative"], - ["xpath=//select", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_CustomList", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_CustomList']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/button", "xpath:position"] ], - "value": "label=foo" + "value": "" }, { - "id": "992e127d-5ac1-4796-b54f-f212683624ac", + "id": "e0d80ad0-b1d3-47a5-9db3-7aac3c717e0f", "comment": "", "command": "pause", "target": "1000", "targets": [], "value": "" + }, { + "id": "c28c1996-bfb5-457d-ada1-48203f20ddcb", + "comment": "", + "command": "click", + "target": "css=.mt-2:nth-child(1) .m-0:nth-child(2) > .btn", + "targets": [ + ["css=.mt-2:nth-child(1) .m-0:nth-child(2) > .btn", "css:finder"], + ["xpath=(//button[@type='button'])[24]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/div/div[2]/div/div/div[2]/div[2]/button", "xpath:idRelative"], + ["xpath=//div[2]/div[2]/button", "xpath:position"], + ["xpath=//button[contains(.,'Move Down')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "67b63233-6394-4586-8e8a-fda847ec699a", + "comment": "", + "command": "pause", + "target": "5000", + "targets": [], + "value": "" }, { "id": "a43164b4-fc9b-4a9e-b57b-d31b22b42a1d", "comment": "", @@ -762,6 +792,13 @@ ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "30000" + }, { + "id": "4e9a02b6-b67f-496e-a168-2d4865f63f7b", + "comment": "", + "command": "pause", + "target": "5000", + "targets": [], + "value": "" }, { "id": "5e43fd63-8e71-4bf6-a7da-91ed55c202a2", "comment": "", @@ -1089,11 +1126,11 @@ "id": "f4efaf0c-a75f-4016-8808-1db34e6c29f2", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .control-label", + "target": "css=.row:nth-child(5) .control-label", "targets": [ - ["css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .control-label", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[7]/div/div/div/div/div/div/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/div/span", "xpath:position"], + ["css=.row:nth-child(5) .control-label", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[5]/div/div/div/div/div/div/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "Custom List Display" @@ -1101,12 +1138,13 @@ "id": "61f236f1-5170-4b98-ac5b-7262a65a7bb7", "comment": "", "command": "click", - "target": "css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "targets": [ - ["css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[20]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_CustomList", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_CustomList']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[5]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1166,11 +1204,11 @@ "id": "5d21315a-5180-4d09-9a02-a7739af2d452", "comment": "", "command": "assertText", - "target": "css=.align-items-start:nth-child(7) > .p-2", + "target": "css=.align-items-start:nth-child(5) > .p-2", "targets": [ - ["css=.align-items-start:nth-child(7) > .p-2", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/span", "xpath:idRelative"], - ["xpath=//div[7]/span", "xpath:position"], + ["css=.align-items-start:nth-child(5) > .p-2", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/span", "xpath:idRelative"], + ["xpath=//div[5]/span", "xpath:position"], ["xpath=//span[contains(.,'Custom List Display')]", "xpath:innerText"] ], "value": "Custom List Display" @@ -1178,12 +1216,11 @@ "id": "f357c4e6-acbb-4f90-ba48-18f6afec80f5", "comment": "", "command": "assertText", - "target": "css=.d-flex:nth-child(7) .d-block", + "target": "css=.d-flex:nth-child(5) .d-block", "targets": [ - ["css=.d-flex:nth-child(7) .d-block", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/ul/li/span", "xpath:idRelative"], - ["xpath=//div[7]/ul/li/span", "xpath:position"], - ["xpath=//span[contains(.,'bar')]", "xpath:innerText"] + ["css=.d-flex:nth-child(5) .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/ul/li/span", "xpath:idRelative"], + ["xpath=//div[5]/ul/li/span", "xpath:position"] ], "value": "bar" }, { @@ -1217,12 +1254,13 @@ "id": "774df87c-643a-4c71-985c-f7920f956fb6", "comment": "", "command": "click", - "target": "css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .array-add-button", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "targets": [ - ["css=.row:nth-child(7) > .col-12 > .mb-3 > div > .p-0 > .p-0 .array-add-button", "css:finder"], - ["xpath=(//button[@type='button'])[19]", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"] + ["id=array-field-addbtn-root_relyingPartyOverrides_CustomList", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_CustomList", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_CustomList']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[5]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/div/button", "xpath:position"] ], "value": "" }, { @@ -1262,12 +1300,11 @@ "id": "83aa335b-5efb-4ca2-9e41-f06213cc68e2", "comment": "", "command": "assertText", - "target": "css=.d-flex:nth-child(7) .d-flex:nth-child(1) > .d-block", + "target": "css=.d-flex:nth-child(5) .d-block", "targets": [ - ["css=.d-flex:nth-child(7) .d-flex:nth-child(1) > .d-block", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/ul/li/span", "xpath:idRelative"], - ["xpath=//div[7]/ul/li/span", "xpath:position"], - ["xpath=//span[contains(.,'bar')]", "xpath:innerText"] + ["css=.d-flex:nth-child(5) .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/ul/li/span", "xpath:idRelative"], + ["xpath=//div[5]/ul/li/span", "xpath:position"] ], "value": "bar" }, { @@ -1369,11 +1406,11 @@ "id": "60be08c4-004e-4a41-907c-e82fdbedddf2", "comment": "", "command": "assertText", - "target": "css=.d-flex:nth-child(7) > .list-unstyled:nth-child(3) > .d-flex:nth-child(1) > .d-block", + "target": "css=.list-unstyled:nth-child(3) > .d-flex:nth-child(1) > .d-block", "targets": [ - ["css=.d-flex:nth-child(7) > .list-unstyled:nth-child(3) > .d-flex:nth-child(1) > .d-block", "css:finder"], - ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[7]/ul/li/span", "xpath:idRelative"], - ["xpath=//div[7]/ul/li/span", "xpath:position"], + ["css=.list-unstyled:nth-child(3) > .d-flex:nth-child(1) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[5]/ul/li/span", "xpath:idRelative"], + ["xpath=//ul/li/span", "xpath:position"], ["xpath=//span[contains(.,'bar')]", "xpath:innerText"] ], "value": "bar" @@ -1384,7 +1421,7 @@ "target": "css=.d-flex:nth-child(2) > .d-block", "targets": [ ["css=.d-flex:nth-child(2) > .d-block", "css:finder"], - ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[7]/ul/li[2]/span", "xpath:idRelative"], + ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[5]/ul/li[2]/span", "xpath:idRelative"], ["xpath=//ul/li[2]/span", "xpath:position"] ], "value": "foo" @@ -1392,11 +1429,11 @@ "id": "ea3ef869-346f-444e-b364-a79567e63afa", "comment": "", "command": "assertText", - "target": "css=.list-unstyled:nth-child(4) .d-block", + "target": "css=.border-0 > .d-block", "targets": [ - ["css=.list-unstyled:nth-child(4) .d-block", "css:finder"], - ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[7]/ul[2]/li/span", "xpath:idRelative"], - ["xpath=//div[7]/ul[2]/li/span", "xpath:position"] + ["css=.border-0 > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/section[2]/div/div[2]/div[2]/div/div[5]/ul[2]/li/span", "xpath:idRelative"], + ["xpath=//ul[2]/li/span", "xpath:position"] ], "value": "bar" }, { diff --git a/backend/src/integration/resources/SHIBUI-1732-4.side b/backend/src/integration/resources/SHIBUI-1732-4.side index 707dc5808..95289802e 100644 --- a/backend/src/integration/resources/SHIBUI-1732-4.side +++ b/backend/src/integration/resources/SHIBUI-1732-4.side @@ -374,11 +374,11 @@ "id": "fc60ee8f-44fb-4e6a-b445-a7f78d13ee0b", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(8) .form-label > span", + "target": "css=.row:nth-child(3) > .col-12 > .mb-3 .form-label > span", "targets": [ - ["css=.row:nth-child(8) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[8]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(3) > .col-12 > .mb-3 .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[3]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] ], "value": "Custom Long Display" @@ -449,11 +449,11 @@ "id": "7da12988-b453-4025-adba-cc1b9e916a2f", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(8) div:nth-child(3) .d-block:nth-child(1)", "targets": [ - ["css=div:nth-child(8) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span", "xpath:idRelative"], - ["xpath=//div[8]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(3) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] ], "value": "Custom Long Display" @@ -461,11 +461,11 @@ "id": "ad3b6ecd-ad20-4a8e-be55-b9cda50e7091", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(8) div:nth-child(3) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'999999999999999999')]", "xpath:innerText"] ], "value": "999999999999999999" @@ -512,11 +512,11 @@ "id": "4f6f46bd-cbb0-4d04-a637-f6c33b394488", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(1)", "targets": [ - ["css=div:nth-child(8) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span", "xpath:idRelative"], - ["xpath=//div/div[8]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] ], "value": "Custom Long Display" @@ -524,11 +524,11 @@ "id": "ddc15b34-fa22-4a4a-a739-fab21337c82d", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(3) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'999999999999999999')]", "xpath:innerText"] ], "value": "999999999999999999" @@ -835,11 +835,11 @@ "id": "af84ef03-8d0a-4201-b217-40926b723582", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(8) .form-label > span", + "target": "css=.row:nth-child(3) > .col-12 .form-label > span", "targets": [ - ["css=.row:nth-child(8) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[8]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[8]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(3) > .col-12 .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[3]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] ], "value": "Custom Long Display" @@ -919,18 +919,23 @@ "id": "21365c88-4778-405a-94b9-527f706ca1bc", "comment": "", "command": "waitForElementVisible", - "target": "css=div:nth-child(1) > div:nth-child(7) .d-block:nth-child(1)", - "targets": [], + "target": "css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(1)", + "targets": [ + ["css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:idRelative"], + ["xpath=//div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:position"], + ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] + ], "value": "30000" }, { "id": "46402b0f-8b3c-459b-a325-665eafbb79f3", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(4) div:nth-child(8) .d-block:nth-child(1)", + "target": "css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(4) div:nth-child(8) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[8]/div/span", "xpath:idRelative"], - ["xpath=//section[2]/div/div[2]/div[2]/div/div[8]/div/span", "xpath:position"], + ["css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:idRelative"], + ["xpath=//div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Long Display')]", "xpath:innerText"] ], "value": "Custom Long Display" @@ -938,11 +943,11 @@ "id": "3064a431-f448-44c2-bc90-1dc746bf0f83", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(4) div:nth-child(8) .d-block:nth-child(2)", + "target": "css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(4) div:nth-child(8) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[2]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > .mb-4 div:nth-child(3) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/section[2]/div/div[2]/div[2]/div/div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'999999999999999999')]", "xpath:innerText"] ], "value": "999999999999999999" diff --git a/backend/src/integration/resources/SHIBUI-1732-5.side b/backend/src/integration/resources/SHIBUI-1732-5.side index 8991b0941..c68fe01f9 100644 --- a/backend/src/integration/resources/SHIBUI-1732-5.side +++ b/backend/src/integration/resources/SHIBUI-1732-5.side @@ -374,11 +374,11 @@ "id": "7e4914a1-bd67-451b-8618-ec89fbbdc608", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) .form-label > span", + "target": "css=.row:nth-child(5) .form-label > span", "targets": [ - ["css=.row:nth-child(7) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[7]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(5) .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] ], "value": "Custom Double Display" @@ -449,11 +449,11 @@ "id": "6a2b0c7e-4629-4f02-9361-ef6afdb97227", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] ], "value": "Custom Double Display" @@ -461,11 +461,11 @@ "id": "75f95b74-c4e5-49a3-858f-a516ca1ac57e", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'3.141592653589')]", "xpath:innerText"] ], "value": "3.141592653589" @@ -500,18 +500,23 @@ "id": "24edd27b-44c3-4705-ac8a-2773cd645464", "comment": "", "command": "waitForElementVisible", - "target": "css=.mb-4:nth-child(9) div:nth-child(6) .d-block:nth-child(1)", - "targets": [], + "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", + "targets": [ + ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], + ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] + ], "value": "Custom Double Display" }, { "id": "bfe564c1-7a44-4e18-8e12-f9a2069ca022", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] ], "value": "Custom Double Display" @@ -519,11 +524,11 @@ "id": "822de10a-24bc-45ca-a28c-242f880b7d11", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'3.141592653589')]", "xpath:innerText"] ], "value": "3.141592653589" @@ -837,11 +842,11 @@ "id": "302b95c3-ca6d-4f67-9553-d248544a121c", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(7) > .col-12 > .mb-3 > div > div > .form-label > span", + "target": "css=.row:nth-child(5) .form-label > span", "targets": [ - ["css=.row:nth-child(7) > .col-12 > .mb-3 > div > div > .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[7]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[7]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(5) .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[5]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] ], "value": "Custom Double Display" @@ -928,11 +933,11 @@ "id": "692d0155-2e73-45da-ba35-180e2195045e", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(7) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(1)", "targets": [ - ["css=div:nth-child(1) > div:nth-child(7) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/div/span", "xpath:idRelative"], - ["xpath=//div[2]/div[2]/div/div[7]/div/span", "xpath:position"], + ["css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:idRelative"], + ["xpath=//section[2]/div/div[2]/div[2]/div/div[5]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Double Display')]", "xpath:innerText"] ], "value": "Custom Double Display" @@ -940,11 +945,11 @@ "id": "fc1c7695-9b42-413f-9c17-a3fcce2be919", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(7) .text-truncate", + "target": "css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(1) > div:nth-child(7) .text-truncate", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(4) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[2]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'3.141592653589')]", "xpath:innerText"] ], "value": "3.141592653589" diff --git a/backend/src/integration/resources/SHIBUI-1732-6.side b/backend/src/integration/resources/SHIBUI-1732-6.side index 68a329d37..fc95dd5a3 100644 --- a/backend/src/integration/resources/SHIBUI-1732-6.side +++ b/backend/src/integration/resources/SHIBUI-1732-6.side @@ -1017,21 +1017,21 @@ "target": "css=table > tbody > tr", "targets": [], "value": "" - },{ - "id": "4ec2c493-85e4-403b-9b09-031c5728f498", - "comment": "", - "command": "open", - "target": "/api/heheheheheheheWipeout", - "targets": [], - "value": "" - }, { - "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", - "comment": "", - "command": "assertText", - "target": "css=body", - "targets": [], - "value": "yes, you did it" - }] + }, { + "id": "4ec2c493-85e4-403b-9b09-031c5728f498", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] }], "suites": [{ "id": "575d414c-556d-45f7-b2f2-c9971ad51348", diff --git a/backend/src/integration/resources/SHIBUI-1732-7.side b/backend/src/integration/resources/SHIBUI-1732-7.side index cd8f4786d..31b98ddc8 100644 --- a/backend/src/integration/resources/SHIBUI-1732-7.side +++ b/backend/src/integration/resources/SHIBUI-1732-7.side @@ -374,11 +374,11 @@ "id": "b5aaed88-02ef-49b7-93fb-55c179ae27c1", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(10) .form-label > span", + "target": "css=.row:nth-child(2) .form-label > span", "targets": [ - ["css=.row:nth-child(10) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[9]/div/div/div/div[10]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[10]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(2) .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[2]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Spring Display')]", "xpath:innerText"] ], "value": "Custom Spring Display" @@ -488,23 +488,23 @@ "id": "fe8b707d-37b1-4369-8f0f-574edbdec412", "comment": "", "command": "assertText", - "target": "css=div:nth-child(10) .d-block:nth-child(1)", + "target": "css=.mb-4:nth-child(9) div:nth-child(2) > .d-flex > .d-block:nth-child(1)", "targets": [ - ["css=div:nth-child(10) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[10]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'Custom Spring Bean Default Edited')]", "xpath:innerText"] + ["css=.mb-4:nth-child(9) div:nth-child(2) > .d-flex > .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[2]/div/span", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[2]/div/span", "xpath:position"], + ["xpath=//span[contains(.,'Custom Spring Display')]", "xpath:innerText"] ], "value": "Custom Spring Display" }, { "id": "3846ad98-da0d-4b51-abda-4c06225033c2", "comment": "", "command": "assertText", - "target": "css=div:nth-child(10) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(10) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[10]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'Custom Spring Bean Default Edited')]", "xpath:innerText"] ], "value": "Custom Spring Bean Default Edited" @@ -825,11 +825,11 @@ "id": "fbef6ebb-1f20-4dcd-a907-735e4113c382", "comment": "", "command": "assertText", - "target": "css=.row:nth-child(10) .form-label > span", + "target": "css=.row:nth-child(2) .form-label > span", "targets": [ - ["css=.row:nth-child(10) .form-label > span", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[10]/div/div/div/div/label/span", "xpath:idRelative"], - ["xpath=//div[10]/div/div/div/div/label/span", "xpath:position"], + ["css=.row:nth-child(2) .form-label > span", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div[2]/div/div/div/div/label/span", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/label/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Spring Display')]", "xpath:innerText"] ], "value": "Custom Spring Display" @@ -909,11 +909,11 @@ "id": "47f8360f-1b8d-4e0f-9792-e51d34dbee95", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(4) div:nth-child(10) .d-block:nth-child(1)", + "target": "css=div:nth-child(2) > .mb-4 div:nth-child(2) > .d-flex > .d-block:nth-child(1)", "targets": [ - ["css=.mb-4:nth-child(4) div:nth-child(10) .d-block:nth-child(1)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[10]/div/span", "xpath:idRelative"], - ["xpath=//section[2]/div/div[2]/div[2]/div/div[10]/div/span", "xpath:position"], + ["css=div:nth-child(2) > .mb-4 div:nth-child(2) > .d-flex > .d-block:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[2]/div/span", "xpath:idRelative"], + ["xpath=//div[2]/section[2]/div/div[2]/div[2]/div/div[2]/div/span", "xpath:position"], ["xpath=//span[contains(.,'Custom Spring Display')]", "xpath:innerText"] ], "value": "Custom Spring Display" @@ -921,11 +921,11 @@ "id": "93126f8b-823c-4b79-87c8-df32ece80ad6", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(4) div:nth-child(10) .d-block:nth-child(2)", + "target": "css=div:nth-child(2) > .mb-4 div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(4) div:nth-child(10) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[2]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > .mb-4 div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/section[2]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'Custom Spring Bean Default Edited')]", "xpath:innerText"] ], "value": "Custom Spring Bean Default Edited" diff --git a/backend/src/integration/resources/SHIBUI-1743-2.side b/backend/src/integration/resources/SHIBUI-1743-2.side index e2984ae63..88fd04ec4 100644 --- a/backend/src/integration/resources/SHIBUI-1743-2.side +++ b/backend/src/integration/resources/SHIBUI-1743-2.side @@ -301,11 +301,11 @@ "id": "1a61840b-2ac7-4335-be8c-b1152de04316", "comment": "", "command": "assertText", - "target": "css=.border-0 > .m-0", + "target": "css=.text-danger > .text-danger", "targets": [ - ["css=.border-0 > .m-0", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/div/form/div/div/div/div/div/div[2]/div/div/ul/li/small", "xpath:idRelative"], - ["xpath=//small", "xpath:position"], + ["css=.text-danger > .text-danger", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div[3]/small", "xpath:idRelative"], + ["xpath=//div[3]/small", "xpath:position"], ["xpath=//small[contains(.,'Pattern must match group url validation pattern: foo.*')]", "xpath:innerText"] ], "value": "Pattern must match group url validation pattern: foo.*" @@ -578,11 +578,11 @@ "id": "93b99f62-f09e-4ac3-a69f-d3fc5d8576d7", "comment": "", "command": "assertText", - "target": "css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", + "target": "css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "targets": [ - ["css=div:nth-child(2) > div:nth-child(2) > .d-flex > .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/span[2]", "xpath:position"], + ["css=div:nth-child(2) > div:nth-child(3) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div[3]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[3]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'foobar')]", "xpath:innerText"] ], "value": "foobar" @@ -597,21 +597,21 @@ ["xpath=//section[6]/div/div[2]/div[2]/div/div[2]/div/span", "xpath:position"] ], "value": "foobar" - },{ - "id": "4ec2c493-85e4-403b-9b09-031c5728f498", - "comment": "", - "command": "open", - "target": "/api/heheheheheheheWipeout", - "targets": [], - "value": "" - }, { - "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", - "comment": "", - "command": "assertText", - "target": "css=body", - "targets": [], - "value": "yes, you did it" - }] + }, { + "id": "4ec2c493-85e4-403b-9b09-031c5728f498", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "e074980a-8f21-4c22-8412-c4b6fcdcd1a4", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] }], "suites": [{ "id": "c1770d48-99b6-4866-af1c-d4e485b851ab", diff --git a/backend/src/integration/resources/SHIBUI-2267.side b/backend/src/integration/resources/SHIBUI-2267.side index d1fd93f87..3f27a1c35 100644 --- a/backend/src/integration/resources/SHIBUI-2267.side +++ b/backend/src/integration/resources/SHIBUI-2267.side @@ -254,11 +254,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" @@ -357,11 +357,11 @@ "id": "121a6247-05d6-4553-b565-ebee2552f7e9", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", + "target": "css=.mb-4:nth-child(9) div:nth-child(4) .d-block:nth-child(2)", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(4) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" From 9a6337d10189ad63efd1dbeabfab72a8d3dfe51d Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 25 Oct 2022 09:13:58 -0700 Subject: [PATCH 63/77] SHIBUI-2380 Bug fxing --- .../ui/repository/EntityDescriptorProjection.java | 12 ++++++------ .../ui/repository/EntityDescriptorRepository.java | 5 +++-- .../repository/EntityDescriptorRepositoryTest.groovy | 11 +++++++++++ 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index 22e78ba59..42d507828 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -26,10 +26,11 @@ public class EntityDescriptorProjection { boolean serviceEnabled; @Getter String idOfOwner; + EntityDescriptorProtocol protocol; public EntityDescriptorProjection(String entityID, String resourceId, String serviceProviderName, String createdBy, - LocalDateTime createdDate, boolean serviceEnabled, String idOfOwner, String protocol) { + LocalDateTime createdDate, boolean serviceEnabled, String idOfOwner, EntityDescriptorProtocol edp) { this.entityID = entityID; this.entityId = entityID; this.resourceId = resourceId; @@ -39,7 +40,7 @@ public EntityDescriptorProjection(String entityID, String resourceId, String ser this.createdDate = createdDate; this.serviceEnabled = serviceEnabled; this.idOfOwner = idOfOwner; - setProtocol(protocol); + this.protocol = edp == null ? EntityDescriptorProtocol.SAML : edp; } public String getEntityID() { @@ -54,8 +55,7 @@ public EntityDescriptorProtocol getProtocol() { return protocol == null ? EntityDescriptorProtocol.SAML : protocol; } - public void setProtocol(String index) { - int i = Integer.valueOf(index); - protocol = EntityDescriptorProtocol.values()[i]; - } +// public void setProtocol(int i) { +// protocol = EntityDescriptorProtocol.values()[i]; +// } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java index 68cac3803..3030f5678 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java @@ -2,6 +2,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; @@ -14,12 +15,12 @@ */ public interface EntityDescriptorRepository extends JpaRepository { @Query(value = "select new edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection(e.entityID, e.resourceId, e.serviceProviderName, e.createdBy, " + - "e.createdDate, e.serviceEnabled, e.idOfOwner, case e.protocol when null then 'SAML' else e.protocol end ) " + + "e.createdDate, e.serviceEnabled, e.idOfOwner, e.protocol) " + "from EntityDescriptor e") List findAllBy(); @Query(value = "select new edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection(e.entityID, e.resourceId, e.serviceProviderName, e.createdBy, " + - "e.createdDate, e.serviceEnabled, e.idOfOwner, case e.protocol when null then 'SAML' else e.protocol end ) " + + "e.createdDate, e.serviceEnabled, e.idOfOwner, e.protocol) " + "from EntityDescriptor e " + "where e.idOfOwner = :ownerId") List findAllByIdOfOwner(@Param("ownerId") String ownerId); diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy index 1615a81ee..906208ee6 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy @@ -2,11 +2,13 @@ package edu.internet2.tier.shibboleth.admin.ui.repository import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.security.model.Group import edu.internet2.tier.shibboleth.admin.ui.service.CustomEntityAttributesDefinitionServiceImpl import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService +import edu.internet2.tier.shibboleth.admin.ui.util.WithMockAdmin import org.apache.lucene.analysis.Analyzer import org.apache.lucene.analysis.en.EnglishAnalyzer import org.opensaml.saml.metadata.resolver.MetadataResolver @@ -57,13 +59,22 @@ class EntityDescriptorRepositoryTest extends AbstractBaseDataJpaTest { noExceptionThrown() } + @WithMockAdmin def "SHIBUI-1772"() { when: def input = openSamlObjects.unmarshalFromXml(this.class.getResource('/metadata/SHIBUI-1772.xml').bytes) as EntityDescriptor + input.protocol = null // This mimics an upgrade where older entries wont have a protocol in the db entityDescriptorRepository.save(input) then: noExceptionThrown() + + when: + List projections = entityDescriptorRepository.findAllBy() + + then: + projections.size() == 1 + projections.get(0).getProtocol() == EntityDescriptorProtocol.SAML } def "SHIBUI-1849 - extend data model for ownership"() { From a525bea983ded0dccec31c99b76aeb39ef7c25ec Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 25 Oct 2022 10:01:34 -0700 Subject: [PATCH 64/77] SHIBUI-2380 Bug fxing --- .../admin/ui/repository/EntityDescriptorProjection.java | 4 ---- backend/src/main/resources/application.yml | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index 42d507828..da7d307b1 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -54,8 +54,4 @@ public String getEntityId() { public EntityDescriptorProtocol getProtocol() { return protocol == null ? EntityDescriptorProtocol.SAML : protocol; } - -// public void setProtocol(int i) { -// protocol = EntityDescriptorProtocol.values()[i]; -// } } \ No newline at end of file diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index da77c5fec..18e314dd3 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -402,7 +402,7 @@ custom: - name: IDTokenLifetimeBrowser attributeFriendlyName: IDTokenLifetimeBrowser displayName: label.IDTokenLifetime.browser - helpText: tooltip.IDTokenLifetime.broswer + helpText: tooltip.IDTokenLifetime.browser displayType: string defaultValue: PT1H attributeName: http://shibboleth.net/ns/profiles/oidc/sso/browser/IDTokenLifetime From 5ce0a6eba18d58e2db101e2129260f589203825a Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 25 Oct 2022 14:39:22 -0400 Subject: [PATCH 65/77] SHIBUI-2380 WIP test for 2380. Something is broken. --- .../admin/ui/SeleniumSIDETest.groovy | 8 +- .../integration/resources/SHIBUI-2380.side | 413 +++++++++++++++++- 2 files changed, 411 insertions(+), 10 deletions(-) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index d7dd72abb..02327b4f7 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -107,7 +107,7 @@ class SeleniumSIDETest extends Specification { where: name | file - 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' +/* 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' 'SHIBUI-1364: Compare FSMP' | '/SHIBUI-1364-2.side' 'SHIBUI-1364: Compare LDMP' | '/SHIBUI-1364-3.side' 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side' @@ -153,14 +153,14 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-1744: Verify attribute bundles in entity attribute filters' | '/SHIBUI-1744-3.side' 'SHIBUI-2052: Logged in user & role appear on dashboard' | '/SHIBUI-2052.side' 'SHIBUI-2116: Verify entity attribute bundle highlights' | '/SHIBUI-2116.side' // Note that this script WILL NOT PASS in the Selenium IDE due to ${driver} not being set (it is provided by this groovy script). - 'SHIBUI-2267: Verify new RPO CRUD' | '/SHIBUI-2267.side' + 'SHIBUI-2267: Verify new RPO CRUD' | '/SHIBUI-2267.side'*/ 'SHIBUI-2380: OIDC metadata source CRUD' | '/SHIBUI-2380.side' - 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' +/* 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' 'SHIBUI-1674: Verify metadata provider tooltips' | '/SHIBUI-1674-2.side' 'SHIBUI-1674: Verify advanced menu tooltips' | '/SHIBUI-1674-3.side' 'SHIBUI-2270: Verify property set CRUD' | '/SHIBUI-2270-1.side' 'SHIBUI-2270: Verify full property set' | '/SHIBUI-2270-2.side' 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' - 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' + 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side'*/ } } diff --git a/backend/src/integration/resources/SHIBUI-2380.side b/backend/src/integration/resources/SHIBUI-2380.side index 0cb6b42ad..c9c1c4ed2 100644 --- a/backend/src/integration/resources/SHIBUI-2380.side +++ b/backend/src/integration/resources/SHIBUI-2380.side @@ -660,7 +660,336 @@ ], "value": "" }, { - "id": "ce20a359-5745-46dc-95b9-c08d0ced4332", + "id": "881d4939-af1c-4557-8ee1-e08abf3a5402", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_disallowedFeatures", + "targets": [ + ["id=root_relyingPartyOverrides_disallowedFeatures", "id"], + ["css=#root_relyingPartyOverrides_disallowedFeatures", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_disallowedFeatures']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/input", "xpath:position"] + ], + "value": "theseAreDisallowed" + }, { + "id": "da429ce2-0145-4c3d-a924-46d4549c6038", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_deniedUserInfoAttributes", + "targets": [ + ["id=root_relyingPartyOverrides_deniedUserInfoAttributes", "id"], + ["css=#root_relyingPartyOverrides_deniedUserInfoAttributes", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_deniedUserInfoAttributes']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[7]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/input", "xpath:position"] + ], + "value": "deniedAttributesAreDenied" + }, { + "id": "ba72fb79-0224-49e7-89bf-797ac6ae9235", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_forcePKCEOidc", + "targets": [ + ["id=root_relyingPartyOverrides_forcePKCEOidc", "id"], + ["css=#root_relyingPartyOverrides_forcePKCEOidc", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_forcePKCEOidc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[8]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[8]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "6ecf81c8-dc16-4ca8-a9bf-ed4b7f395b49", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_inboundInterceptorFlows", + "targets": [ + ["id=root_relyingPartyOverrides_inboundInterceptorFlows", "id"], + ["css=#root_relyingPartyOverrides_inboundInterceptorFlows", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_inboundInterceptorFlows']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[9]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[9]/div/div/div/div/input", "xpath:position"] + ], + "value": "inbound" + }, { + "id": "69418e6f-f9cf-451d-b772-2022832935c1", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_enforceRefreshTokenRotation", + "targets": [ + ["id=root_relyingPartyOverrides_enforceRefreshTokenRotation", "id"], + ["css=#root_relyingPartyOverrides_enforceRefreshTokenRotation", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_enforceRefreshTokenRotation']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[10]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[10]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "df26022f-ee7f-44f5-86ed-dc380cd1acd5", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_IDTokenLifetime", + "targets": [ + ["id=root_relyingPartyOverrides_IDTokenLifetime", "id"], + ["css=#root_relyingPartyOverrides_IDTokenLifetime", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_IDTokenLifetime']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[11]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[11]/div/div/div/div/input", "xpath:position"] + ], + "value": "PT3H" + }, { + "id": "c9fee04c-28c5-4d17-8e8d-0f9657d7f5bc", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_postAuthenticationFlows", + "targets": [ + ["id=root_relyingPartyOverrides_postAuthenticationFlows", "id"], + ["css=#root_relyingPartyOverrides_postAuthenticationFlows", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_postAuthenticationFlows']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[13]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[13]/div/div/div/div/input", "xpath:position"] + ], + "value": "postFlow" + }, { + "id": "765e99b7-924d-41dd-8127-a7ec9e66068d", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_resolveAttributesOIDC", + "targets": [ + ["id=root_relyingPartyOverrides_resolveAttributesOIDC", "id"], + ["css=#root_relyingPartyOverrides_resolveAttributesOIDC", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_resolveAttributesOIDC']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[16]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[16]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "11785519-bb92-44ce-b09b-94015fb37bb5", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_allowPKCEPlainOidc", + "targets": [ + ["id=root_relyingPartyOverrides_allowPKCEPlainOidc", "id"], + ["css=#root_relyingPartyOverrides_allowPKCEPlainOidc", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_allowPKCEPlainOidc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[17]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[17]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "e6ff2e6f-bac9-4d4d-9f7b-0a2caa9ad84e", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_accessTokenTypeOidc", + "targets": [ + ["id=root_relyingPartyOverrides_accessTokenTypeOidc", "id"], + ["css=#root_relyingPartyOverrides_accessTokenTypeOidc", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_accessTokenTypeOidc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[18]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[18]/div/div/div/div/input", "xpath:position"] + ], + "value": "someRandomTokenType" + }, { + "id": "afef99d6-b5c8-4830-b101-60f6992e9222", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_deniedUserInfoAttributesBrowser", + "targets": [ + ["id=root_relyingPartyOverrides_deniedUserInfoAttributesBrowser", "id"], + ["css=#root_relyingPartyOverrides_deniedUserInfoAttributesBrowser", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_deniedUserInfoAttributesBrowser']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[19]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[19]/div/div/div/div/input", "xpath:position"] + ], + "value": "thisIsAlsoDenied" + }, { + "id": "34762c54-165f-42e6-884c-5bba5dae7fbe", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_alwaysIncludedAttributesBrowser", + "targets": [ + ["id=root_relyingPartyOverrides_alwaysIncludedAttributesBrowser", "id"], + ["css=#root_relyingPartyOverrides_alwaysIncludedAttributesBrowser", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_alwaysIncludedAttributesBrowser']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[21]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[21]/div/div/div/div/input", "xpath:position"] + ], + "value": "theseAreIncluded" + }, { + "id": "5b6bfea2-fb7d-4389-88d9-cccc4a78dfa7", + "comment": "", + "command": "click", + "target": "id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", + "targets": [ + ["id=array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "id"], + ["css=#array-field-addbtn-root_relyingPartyOverrides_nameIdFormats", "css:finder"], + ["xpath=//button[@id='array-field-addbtn-root_relyingPartyOverrides_nameIdFormats']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[22]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "6b4a3dfe-6a0d-42e2-b0b4-1d51f0fc3d6a", + "comment": "", + "command": "click", + "target": "id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", + "targets": [ + ["id=option-selector-root_relyingPartyOverrides_nameIdFormats_0", "id"], + ["css=#option-selector-root_relyingPartyOverrides_nameIdFormats_0", "css:finder"], + ["xpath=//input[@id='option-selector-root_relyingPartyOverrides_nameIdFormats_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[22]/div/div/div/div/div/div[2]/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "079d4816-aae0-4d85-b237-55f10969be73", + "comment": "", + "command": "click", + "target": "id=option-selector-items-root_relyingPartyOverrides_nameIdFormats_0-item-2", + "targets": [ + ["id=option-selector-items-root_relyingPartyOverrides_nameIdFormats_0-item-2", "id"], + ["linkText=urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "linkText"], + ["css=#option-selector-items-root_relyingPartyOverrides_nameIdFormats_0-item-2", "css:finder"], + ["xpath=//a[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_0-item-2']", "xpath:attributes"], + ["xpath=//div[@id='option-selector-items-root_relyingPartyOverrides_nameIdFormats_0']/a[3]", "xpath:idRelative"], + ["xpath=(//a[contains(@href, '#')])[3]", "xpath:href"], + ["xpath=//a[3]", "xpath:position"], + ["xpath=//a[contains(.,'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "0996697f-9a93-4cb8-a607-4d4f77d91175", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_ignoreRequestSignatures", + "targets": [ + ["id=root_relyingPartyOverrides_ignoreRequestSignatures", "id"], + ["css=#root_relyingPartyOverrides_ignoreRequestSignatures", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_ignoreRequestSignatures']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[24]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[24]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "8eb20374-0865-4728-a60b-ea44a9a96d61", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_alwaysIncludedAttributesToken", + "targets": [ + ["id=root_relyingPartyOverrides_alwaysIncludedAttributesToken", "id"], + ["css=#root_relyingPartyOverrides_alwaysIncludedAttributesToken", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_alwaysIncludedAttributesToken']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[28]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[28]/div/div/div/div/input", "xpath:position"] + ], + "value": "moreTokens" + }, { + "id": "d3484839-a844-424e-9a2a-1e38bb275914", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_proxyCount", + "targets": [ + ["id=root_relyingPartyOverrides_proxyCount", "id"], + ["css=#root_relyingPartyOverrides_proxyCount", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_proxyCount']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[29]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[29]/div/div/div/div/input", "xpath:position"] + ], + "value": "9000" + }, { + "id": "22648c55-5ee6-4151-b924-5d53dacb722f", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_accessTokenTypeOauth", + "targets": [ + ["id=root_relyingPartyOverrides_accessTokenTypeOauth", "id"], + ["css=#root_relyingPartyOverrides_accessTokenTypeOauth", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_accessTokenTypeOauth']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[31]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[31]/div/div/div/div/input", "xpath:position"] + ], + "value": "oauthToken" + }, { + "id": "2d29ebff-fc38-47ea-acb2-882b66b8b81e", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_encodedAttributes", + "targets": [ + ["id=root_relyingPartyOverrides_encodedAttributes", "id"], + ["css=#root_relyingPartyOverrides_encodedAttributes", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_encodedAttributes']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[33]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[33]/div/div/div/div/input", "xpath:position"] + ], + "value": "theseAreEncoded" + }, { + "id": "c73247fe-7b86-4067-a817-c71bd39462f9", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_accessTokenLifetimeOauth", + "targets": [ + ["id=root_relyingPartyOverrides_accessTokenLifetimeOauth", "id"], + ["css=#root_relyingPartyOverrides_accessTokenLifetimeOauth", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_accessTokenLifetimeOauth']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[34]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[34]/div/div/div/div/input", "xpath:position"] + ], + "value": "PT13M" + }, { + "id": "2125bcad-5ff7-49d8-8171-09bdcfdea5f3", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_accessTokenLifetimeOidc", + "targets": [ + ["id=root_relyingPartyOverrides_accessTokenLifetimeOidc", "id"], + ["css=#root_relyingPartyOverrides_accessTokenLifetimeOidc", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_accessTokenLifetimeOidc']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[37]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[37]/div/div/div/div/input", "xpath:position"] + ], + "value": "PT14M" + }, { + "id": "452fd3c4-5cba-41c2-80b8-9b18ff44393f", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_IDTokenLifetimeBrowser", + "targets": [ + ["id=root_relyingPartyOverrides_IDTokenLifetimeBrowser", "id"], + ["css=#root_relyingPartyOverrides_IDTokenLifetimeBrowser", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_IDTokenLifetimeBrowser']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[39]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[39]/div/div/div/div/input", "xpath:position"] + ], + "value": "PT2H" + }, { + "id": "4922c407-3d44-46b0-93e1-0dddbca8239c", + "comment": "", + "command": "click", + "target": "id=root_relyingPartyOverrides_encodeConsentInTokens", + "targets": [ + ["id=root_relyingPartyOverrides_encodeConsentInTokens", "id"], + ["css=#root_relyingPartyOverrides_encodeConsentInTokens", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_encodeConsentInTokens']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[36]/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[36]/div/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "bdd13aa5-d942-4020-b528-4d9073f7a2d0", + "comment": "", + "command": "type", + "target": "id=root_relyingPartyOverrides_outboundInterceptorFlows", + "targets": [ + ["id=root_relyingPartyOverrides_outboundInterceptorFlows", "id"], + ["css=#root_relyingPartyOverrides_outboundInterceptorFlows", "css:finder"], + ["xpath=//input[@id='root_relyingPartyOverrides_outboundInterceptorFlows']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[50]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[50]/div/div/div/div/input", "xpath:position"] + ], + "value": "theseAreGoingOut" + }, { + "id": "87ca8ce0-ddee-4e71-b0b6-828aab64e966", "comment": "", "command": "click", "target": "css=.next", @@ -770,13 +1099,85 @@ "id": "72f99f17-450a-4f9c-b791-3b6f7b61e76c", "comment": "", "command": "assertText", - "target": "css=div:nth-child(22) .text-truncate", + "target": "css=.mb-4:nth-child(8) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(22) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[4]/div/div[2]/div[2]/div/div[3]/div/div[5]/div[22]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[22]/div/span[2]", "xpath:position"] + ["css=.mb-4:nth-child(8) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'PT2H')]", "xpath:innerText"] ], - "value": "0" + "value": "PT2H" + }, { + "id": "e6087be5-881a-4637-aa84-540ce6c80b54", + "comment": "", + "command": "assertText", + "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", + "targets": [ + ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'theseAreDisallowed')]", "xpath:innerText"] + ], + "value": "theseAreDisallowed" + }, { + "id": "97624c53-1510-4bbb-b661-8a22539b1d86", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(1) > div:nth-child(13) .text-truncate", + "targets": [ + ["css=div:nth-child(1) > div:nth-child(13) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[13]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/div[13]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'postFlow')]", "xpath:innerText"] + ], + "value": "postFlow" + }, { + "id": "336449c5-1e29-4534-8be3-96b334e044b6", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(1) > div:nth-child(18) .text-truncate", + "targets": [ + ["css=div:nth-child(1) > div:nth-child(18) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[18]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/div[18]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'someRandomTokenType')]", "xpath:innerText"] + ], + "value": "someRandomTokenType" + }, { + "id": "ab9a292a-358e-4f37-be17-969299b295c4", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(29) .text-truncate", + "targets": [ + ["css=div:nth-child(29) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[29]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[29]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'9000')]", "xpath:innerText"] + ], + "value": "9000" + }, { + "id": "9d62366b-bcb3-43bf-ba61-6e42ba5900e6", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(42) .text-truncate", + "targets": [ + ["css=div:nth-child(42) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[42]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[42]/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'PT6H')]", "xpath:innerText"] + ], + "value": "PT6H" + }, { + "id": "576b5fdc-2457-41ac-b85b-3bec3b874934", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(46) .text-truncate", + "targets": [ + ["css=div:nth-child(46) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[46]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[46]/div/span[2]", "xpath:position"] + ], + "value": "false" }, { "id": "544c6cc9-6d83-4498-aeeb-a82e4243ff04", "comment": "", From 1eb26ccfdc8c3460e7f486af2d9a6fbf1f849395 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 25 Oct 2022 12:24:10 -0700 Subject: [PATCH 66/77] SHIBUI-2380 Bug fxing --- backend/src/main/resources/i18n/messages.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 50723320a..a2ecaf585 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -919,7 +919,7 @@ tooltip.proxyCount=Limits use of proxying either to service providers downstream tooltip.revocationLifetime=The revocation lifetime used when revoking the full chain (see CHAIN above). tooltip.revocationMethod=The revocation method: CHAIN refers to revoking whole chain of tokens (from authorization code to all access/refresh tokens) and TOKEN refers to revoking single token tooltip.accessTokenLifetime.oauth=Lifetime of access token issued to client (OAUTH) -tooltip.accessTokenType.oauth=Format of access token. Supported values are ?JWT? or nothing/empty/null implying opaque tokens. +tooltip.accessTokenType.oauth=Format of access token. Supported values are 'JWT' or nothing/empty/null implying opaque tokens. tooltip.allowPKCEPlain.oauth=Whether client is allowed to use PKCE code challenge method plain (OAUTH) tooltip.enforceRefreshTokenRotation=Whether to enforce refresh token rotation. If enabled the refresh token is revoked whenever it is used for issuing a new refresh token. tooltip.forcePKCE.oauth=Whether client is required to use PKCE (OAUTH) From 622f3df9c60d24e59d3b3e58e8fb967b49131709 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 25 Oct 2022 13:04:46 -0700 Subject: [PATCH 67/77] SHIBUI-2380 Bug fxing --- .../admin/util/ModelRepresentationConversions.java | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/ModelRepresentationConversions.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/ModelRepresentationConversions.java index 1cf4273bd..fb205e903 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/ModelRepresentationConversions.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/ModelRepresentationConversions.java @@ -154,8 +154,7 @@ public static List getAttributeListFromA return (List) (List) attributeList; } - public static List getAttributeListFromRelyingPartyOverridesRepresentation - (Map relyingPartyOverridesRepresentation) { + public static List getAttributeListFromRelyingPartyOverridesRepresentation(Map relyingPartyOverridesRepresentation) { List overridePropertyList = customPropertiesConfiguration.getOverrides(); List list = new ArrayList<>(); @@ -176,10 +175,8 @@ public static List getAttributeListFromA public static Attribute getAttributeFromObjectAndRelyingPartyOverrideProperty(Object o, IRelyingPartyOverrideProperty overrideProperty) { switch (ModelRepresentationConversions.AttributeTypes.valueOf(overrideProperty.getDisplayType().toUpperCase())) { case BOOLEAN: - if ((o instanceof Boolean && ((Boolean) o)) || - (o instanceof String) && Boolean.valueOf((String) o)) { - if (overrideProperty.getPersistType() != null && - !overrideProperty.getPersistType().equalsIgnoreCase("boolean")) { + if ((o instanceof Boolean && ((Boolean) o)) || (o instanceof String) && Boolean.valueOf((String) o)) { + if (overrideProperty.getPersistType() != null && !overrideProperty.getPersistType().equalsIgnoreCase("boolean")) { return ATTRIBUTE_UTILITY.createAttributeWithStringValues(overrideProperty.getAttributeName(), overrideProperty.getAttributeFriendlyName(), overrideProperty.getPersistValue()); @@ -200,7 +197,7 @@ public static Attribute getAttributeFromObjectAndRelyingPartyOverrideProperty(Ob case INTEGER: return ATTRIBUTE_UTILITY.createAttributeWithIntegerValue(overrideProperty.getAttributeName(), overrideProperty.getAttributeFriendlyName(), - Integer.valueOf((String) o)); + (Integer) o); case STRING: case LONG: case DOUBLE: @@ -236,4 +233,4 @@ public enum AttributeTypes { SELECTION_LIST, // another name for LIST SPRING_BEAN_ID // treat as STRING } -} +} \ No newline at end of file From b84f9afa6ee861b8b3e6dabc5cabdb0399ed4ead Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 25 Oct 2022 13:21:15 -0700 Subject: [PATCH 68/77] SHIBUI-2380 Bug fxing --- backend/src/main/resources/application.yml | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index 18e314dd3..bbe104c23 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -110,6 +110,7 @@ custom: persistValue: shibboleth.SecurityConfiguration.SHA1 attributeName: http://shibboleth.net/ns/profiles/securityConfiguration attributeFriendlyName: securityConfiguration + protocol: saml,oidc - name: ignoreAuthenticationMethod displayName: label.ignore-any-sp-requested-authentication-method displayType: boolean @@ -118,6 +119,7 @@ custom: persistValue: 0x1 attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures attributeFriendlyName: disallowedFeatures + protocol: saml,oidc - name: omitNotBefore displayName: label.omit-not-before-condition displayType: boolean @@ -165,13 +167,6 @@ custom: helpText: tooltip.ignore-request-signatures attributeName: http://shibboleth.net/ns/profiles/ignoreRequestSignatures attributeFriendlyName: ignoreRequestSignatures - - name: disallowedFeatures - attributeFriendlyName: disallowedFeatures - displayName: label.disallowedFeatures - helpText: tooltip.disallowedFeatures - displayType: string - attributeName: http://shibboleth.net/ns/profiles/disallowedFeatures - protocol: oidc - name: inboundInterceptorFlows attributeFriendlyName: inboundInterceptorFlows displayName: label.inboundInterceptorFlows @@ -186,14 +181,6 @@ custom: displayType: string attributeName: http://shibboleth.net/ns/profiles/outboundInterceptorFlows protocol: oidc - - name: securityConfiguration - attributeFriendlyName: securityConfiguration - displayName: label.securityConfiguration - helpText: tooltip.securityConfiguration - displayType: string - defaultValue: shibboleth.DefaultSecurityConfiguration - attributeName: http://shibboleth.net/ns/profiles/securityConfiguration - protocol: oidc - name: tokenEndpointAuthMethods attributeFriendlyName: tokenEndpointAuthMethods displayName: label.tokenEndpointAuthMethods From f944f466f642ba2532c2745a8a1df93dba10bb8d Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 25 Oct 2022 14:50:12 -0700 Subject: [PATCH 69/77] SHIBUI-2388 Fixed performance issue --- ui/src/app/admin/component/ConfigurationForm.js | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ui/src/app/admin/component/ConfigurationForm.js b/ui/src/app/admin/component/ConfigurationForm.js index bceac7a42..3c5b2a84e 100644 --- a/ui/src/app/admin/component/ConfigurationForm.js +++ b/ui/src/app/admin/component/ConfigurationForm.js @@ -17,7 +17,7 @@ import { includes, uniqBy } from 'lodash'; export function ConfigurationForm({ configurations, configuration = {}, loading, onSave, onCancel }) { const [names, setNames] = React.useState([]); - + const { control, register, getValues, watch, formState: { errors, isValid }, handleSubmit } = useForm({ defaultValues: { ...configuration @@ -25,7 +25,7 @@ export function ConfigurationForm({ configurations, configuration = {}, loading, reValidateMode: 'onChange', mode: 'onChange', }); - + const { fields, append, remove } = useFieldArray({ control, name: "properties", @@ -35,10 +35,11 @@ export function ConfigurationForm({ configurations, configuration = {}, loading, }); const properties = useProperties(); - const selected = watch('properties'); const addProperties = (props) => { + const selected = getValues('properties'); + const parsed = props.reduce((coll, prop, idx) => { if (prop.isCategory) { return [...coll, ...properties.filter(p => p.category === prop.category)]; @@ -147,7 +148,7 @@ export function ConfigurationForm({ configurations, configuration = {}, loading, {fields.map((p, idx) => ( - + { p.propertyName } { p.category } { p.displayType === 'number' ? 'integer' : p.displayType } From 01aa77131e71caa94eace8c9c9133f803d4eb89c Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 26 Oct 2022 11:57:54 -0700 Subject: [PATCH 70/77] Fixed preview button when no response received --- ui/src/app/form/component/templates/FieldTemplate.js | 2 +- ui/src/app/metadata/hoc/FilterTargetPreview.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/src/app/form/component/templates/FieldTemplate.js b/ui/src/app/form/component/templates/FieldTemplate.js index e2b2dbe7b..f98078ef9 100644 --- a/ui/src/app/form/component/templates/FieldTemplate.js +++ b/ui/src/app/form/component/templates/FieldTemplate.js @@ -19,7 +19,7 @@ export function FieldTemplate ({ return ( <>{!props.hidden ? - +
{children}
diff --git a/ui/src/app/metadata/hoc/FilterTargetPreview.js b/ui/src/app/metadata/hoc/FilterTargetPreview.js index 2fd81e4c3..0e3fe1aab 100644 --- a/ui/src/app/metadata/hoc/FilterTargetPreview.js +++ b/ui/src/app/metadata/hoc/FilterTargetPreview.js @@ -35,7 +35,7 @@ export function FilterTargetPreview ({ entityId, children }) { return ( - {children(preview, loading, data)} + {data && children(preview, loading, data)} Preview XML From a9c2e3c491835f40b3404d00b374d01cea483342 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Wed, 26 Oct 2022 15:51:45 -0400 Subject: [PATCH 71/77] SHIBUI-2380 Final round of test fixes for 2380. I hope. --- .../admin/ui/SeleniumSIDETest.groovy | 8 +-- .../integration/resources/SHIBUI-1333.side | 8 +-- .../integration/resources/SHIBUI-1334-1.side | 18 +++--- .../integration/resources/SHIBUI-1335-1.side | 2 +- .../integration/resources/SHIBUI-1385-1.side | 15 +++-- .../integration/resources/SHIBUI-1407-1.side | 8 +-- .../integration/resources/SHIBUI-1674-1.side | 4 +- .../integration/resources/SHIBUI-2267.side | 16 ++--- .../integration/resources/SHIBUI-2380.side | 61 ++++++------------- 9 files changed, 61 insertions(+), 79 deletions(-) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 02327b4f7..d7dd72abb 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -107,7 +107,7 @@ class SeleniumSIDETest extends Specification { where: name | file -/* 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' + 'SHIBUI-1364: Compare FBHTTPMP with filters' | '/SHIBUI-1364-1.side' 'SHIBUI-1364: Compare FSMP' | '/SHIBUI-1364-2.side' 'SHIBUI-1364: Compare LDMP' | '/SHIBUI-1364-3.side' 'SHIBUI-1364: Compare DHTTPMP with filters' | '/SHIBUI-1364-4.side' @@ -153,14 +153,14 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-1744: Verify attribute bundles in entity attribute filters' | '/SHIBUI-1744-3.side' 'SHIBUI-2052: Logged in user & role appear on dashboard' | '/SHIBUI-2052.side' 'SHIBUI-2116: Verify entity attribute bundle highlights' | '/SHIBUI-2116.side' // Note that this script WILL NOT PASS in the Selenium IDE due to ${driver} not being set (it is provided by this groovy script). - 'SHIBUI-2267: Verify new RPO CRUD' | '/SHIBUI-2267.side'*/ + 'SHIBUI-2267: Verify new RPO CRUD' | '/SHIBUI-2267.side' 'SHIBUI-2380: OIDC metadata source CRUD' | '/SHIBUI-2380.side' -/* 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' + 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' 'SHIBUI-1674: Verify metadata provider tooltips' | '/SHIBUI-1674-2.side' 'SHIBUI-1674: Verify advanced menu tooltips' | '/SHIBUI-1674-3.side' 'SHIBUI-2270: Verify property set CRUD' | '/SHIBUI-2270-1.side' 'SHIBUI-2270: Verify full property set' | '/SHIBUI-2270-2.side' 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' - 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side'*/ + 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' } } diff --git a/backend/src/integration/resources/SHIBUI-1333.side b/backend/src/integration/resources/SHIBUI-1333.side index b93b517c5..dba5fdfc0 100644 --- a/backend/src/integration/resources/SHIBUI-1333.side +++ b/backend/src/integration/resources/SHIBUI-1333.side @@ -2290,11 +2290,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1334-1.side b/backend/src/integration/resources/SHIBUI-1334-1.side index 0526e3672..28458a417 100644 --- a/backend/src/integration/resources/SHIBUI-1334-1.side +++ b/backend/src/integration/resources/SHIBUI-1334-1.side @@ -2022,13 +2022,13 @@ "id": "43b130ff-e8a5-493d-a418-f1f8623f1de3", "comment": "", "command": "assertText", - "target": "css=div:nth-child(10) .text-truncate", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=div:nth-child(10) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[10]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[10]/div/span[2]", "xpath:position"] + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"] ], - "value": "true" + "value": "false" }, { "id": "1406d7e4-907d-4359-8de8-a40206f0993e", "comment": "", @@ -2312,11 +2312,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1335-1.side b/backend/src/integration/resources/SHIBUI-1335-1.side index aa2c983f8..3230fed42 100644 --- a/backend/src/integration/resources/SHIBUI-1335-1.side +++ b/backend/src/integration/resources/SHIBUI-1335-1.side @@ -1763,7 +1763,7 @@ "id": "febfcea8-8f72-4a17-b1a8-b1e323c8cced", "comment": "", "command": "pause", - "target": "2000", + "target": "3000", "targets": [], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-1385-1.side b/backend/src/integration/resources/SHIBUI-1385-1.side index 2383c5172..a81d2a2f2 100644 --- a/backend/src/integration/resources/SHIBUI-1385-1.side +++ b/backend/src/integration/resources/SHIBUI-1385-1.side @@ -1775,6 +1775,13 @@ ["xpath=//div[9]/sf-form-element/div/sf-widget-chooser/array-component/div/ul/li/div/sf-form-element/div/sf-widget-chooser/datalist-component/div/auto-complete/div/ul/li", "xpath:position"] ], "value": "" + }, { + "id": "56bd1406-bbc0-4610-961c-c1866e822d70", + "comment": "", + "command": "pause", + "target": "500", + "targets": [], + "value": "" }, { "id": "ed769470-9c3f-4c23-bbed-85513dcea800", "comment": "", @@ -2316,11 +2323,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1407-1.side b/backend/src/integration/resources/SHIBUI-1407-1.side index 229715fd7..7ab010496 100644 --- a/backend/src/integration/resources/SHIBUI-1407-1.side +++ b/backend/src/integration/resources/SHIBUI-1407-1.side @@ -2313,11 +2313,11 @@ "id": "951a21c9-4cd3-4989-8dc0-77760ca0dc95", "comment": "", "command": "assertText", - "target": "css=div:nth-child(8) .text-truncate", + "target": "css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(8) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[8]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(9) div:nth-child(7) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[7]/div/div[2]/div[2]/div/div[7]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'responder-id-123')]", "xpath:innerText"] ], "value": "responder-id-123" diff --git a/backend/src/integration/resources/SHIBUI-1674-1.side b/backend/src/integration/resources/SHIBUI-1674-1.side index 4c164c276..98b22bea0 100644 --- a/backend/src/integration/resources/SHIBUI-1674-1.side +++ b/backend/src/integration/resources/SHIBUI-1674-1.side @@ -348,9 +348,9 @@ "id": "56f49fe8-340c-46fa-bda9-0b3c0de98bdb", "comment": "", "command": "mouseOver", - "target": "css=.row:nth-child(5) .svg-inline--fa:nth-child(2)", + "target": "css=.row:nth-child(2) path:nth-child(1)", "targets": [ - ["css=.row:nth-child(5) .svg-inline--fa:nth-child(2)", "css:finder"] + ["css=.row:nth-child(2) path:nth-child(1)", "css:finder"] ], "value": "" }, { diff --git a/backend/src/integration/resources/SHIBUI-2267.side b/backend/src/integration/resources/SHIBUI-2267.side index 3f27a1c35..6ba7bea24 100644 --- a/backend/src/integration/resources/SHIBUI-2267.side +++ b/backend/src/integration/resources/SHIBUI-2267.side @@ -254,11 +254,11 @@ "id": "3baa7bd3-55c0-4d10-8aa3-c0daa63ec4d4", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" @@ -357,11 +357,11 @@ "id": "121a6247-05d6-4553-b565-ebee2552f7e9", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(9) div:nth-child(4) .d-block:nth-child(2)", + "target": "css=div:nth-child(8) .text-truncate", "targets": [ - ["css=.mb-4:nth-child(9) div:nth-child(4) .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[7]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:position"], + ["css=div:nth-child(8) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section[7]/div/div[2]/div[2]/div/div[8]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[8]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'true')]", "xpath:innerText"] ], "value": "true" diff --git a/backend/src/integration/resources/SHIBUI-2380.side b/backend/src/integration/resources/SHIBUI-2380.side index c9c1c4ed2..a81cad5c3 100644 --- a/backend/src/integration/resources/SHIBUI-2380.side +++ b/backend/src/integration/resources/SHIBUI-2380.side @@ -659,19 +659,6 @@ ["xpath=//span[contains(.,'8. Relying Party Overrides')]", "xpath:innerText"] ], "value": "" - }, { - "id": "881d4939-af1c-4557-8ee1-e08abf3a5402", - "comment": "", - "command": "type", - "target": "id=root_relyingPartyOverrides_disallowedFeatures", - "targets": [ - ["id=root_relyingPartyOverrides_disallowedFeatures", "id"], - ["css=#root_relyingPartyOverrides_disallowedFeatures", "css:finder"], - ["xpath=//input[@id='root_relyingPartyOverrides_disallowedFeatures']", "xpath:attributes"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[8]/div/div/div/div[5]/div/div/div/div/input", "xpath:idRelative"], - ["xpath=//div[5]/div/div/div/div/input", "xpath:position"] - ], - "value": "theseAreDisallowed" }, { "id": "da429ce2-0145-4c3d-a924-46d4549c6038", "comment": "", @@ -1099,35 +1086,23 @@ "id": "72f99f17-450a-4f9c-b791-3b6f7b61e76c", "comment": "", "command": "assertText", - "target": "css=.mb-4:nth-child(8) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", - "targets": [ - ["css=.mb-4:nth-child(8) div:nth-child(2) > .d-flex > .d-block:nth-child(2)", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:idRelative"], - ["xpath=//section[8]/div/div[2]/div[2]/div/div[2]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'PT2H')]", "xpath:innerText"] - ], - "value": "PT2H" - }, { - "id": "e6087be5-881a-4637-aa84-540ce6c80b54", - "comment": "", - "command": "assertText", "target": "css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "targets": [ ["css=.mb-4:nth-child(8) div:nth-child(5) .d-block:nth-child(2)", "css:finder"], ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:idRelative"], ["xpath=//section[8]/div/div[2]/div[2]/div/div[5]/div/span[2]", "xpath:position"], - ["xpath=//span[contains(.,'theseAreDisallowed')]", "xpath:innerText"] + ["xpath=//span[contains(.,'PT2H')]", "xpath:innerText"] ], - "value": "theseAreDisallowed" + "value": "PT2H" }, { "id": "97624c53-1510-4bbb-b661-8a22539b1d86", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(13) .text-truncate", + "target": "css=div:nth-child(1) > div:nth-child(22) .text-truncate", "targets": [ - ["css=div:nth-child(1) > div:nth-child(13) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[13]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/div[13]/div/span[2]", "xpath:position"], + ["css=div:nth-child(1) > div:nth-child(22) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[22]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div/div[22]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'postFlow')]", "xpath:innerText"] ], "value": "postFlow" @@ -1135,11 +1110,11 @@ "id": "336449c5-1e29-4534-8be3-96b334e044b6", "comment": "", "command": "assertText", - "target": "css=div:nth-child(1) > div:nth-child(18) .text-truncate", + "target": "css=div:nth-child(31) .text-truncate", "targets": [ - ["css=div:nth-child(1) > div:nth-child(18) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[18]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[2]/div/div[18]/div/span[2]", "xpath:position"], + ["css=div:nth-child(31) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[31]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[31]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'someRandomTokenType')]", "xpath:innerText"] ], "value": "someRandomTokenType" @@ -1147,11 +1122,11 @@ "id": "ab9a292a-358e-4f37-be17-969299b295c4", "comment": "", "command": "assertText", - "target": "css=div:nth-child(29) .text-truncate", + "target": "css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", "targets": [ - ["css=div:nth-child(29) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[29]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[29]/div/span[2]", "xpath:position"], + ["css=.mb-4:nth-child(8) div:nth-child(4) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:idRelative"], + ["xpath=//section[8]/div/div[2]/div[2]/div/div[4]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'9000')]", "xpath:innerText"] ], "value": "9000" @@ -1159,11 +1134,11 @@ "id": "9d62366b-bcb3-43bf-ba61-6e42ba5900e6", "comment": "", "command": "assertText", - "target": "css=div:nth-child(42) .text-truncate", + "target": "css=div:nth-child(35) .text-truncate", "targets": [ - ["css=div:nth-child(42) .text-truncate", "css:finder"], - ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[42]/div/span[2]", "xpath:idRelative"], - ["xpath=//div[42]/div/span[2]", "xpath:position"], + ["css=div:nth-child(35) .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[3]/div/section[8]/div/div[2]/div[2]/div/div[35]/div/span[2]", "xpath:idRelative"], + ["xpath=//div[35]/div/span[2]", "xpath:position"], ["xpath=//span[contains(.,'PT6H')]", "xpath:innerText"] ], "value": "PT6H" From 2e8f4e617a2adf842f6449f2da5ac32f34e22dcf Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 26 Oct 2022 14:36:44 -0700 Subject: [PATCH 72/77] SHIBUI-2380 Changes per code review --- .../admin/ui/repository/EntityDescriptorRepository.java | 3 +-- .../admin/ui/service/JPAEntityDescriptorServiceImpl.java | 2 +- .../admin/ui/repository/EntityDescriptorRepositoryTest.groovy | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java index 3030f5678..4c8d4ad30 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepository.java @@ -2,7 +2,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; @@ -17,7 +16,7 @@ public interface EntityDescriptorRepository extends JpaRepository findAllBy(); + List findAllReturnProjections(); @Query(value = "select new edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection(e.entityID, e.resourceId, e.serviceProviderName, e.createdBy, " + "e.createdDate, e.serviceEnabled, e.idOfOwner, e.protocol) " + diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 94ac5f2ca..7bf2b25b3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -439,7 +439,7 @@ public Iterable getAllDisabledAndNotOwnedByAdmin public List getAllEntityDescriptorProjectionsBasedOnUserAccess() throws ForbiddenException { switch (userService.getCurrentUserAccess()) { case ADMIN: - List o = entityDescriptorRepository.findAllBy(); + List o = entityDescriptorRepository.findAllReturnProjections(); return o; case GROUP: User user = userService.getCurrentUser(); diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy index 906208ee6..ed090c8bd 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy @@ -70,7 +70,7 @@ class EntityDescriptorRepositoryTest extends AbstractBaseDataJpaTest { noExceptionThrown() when: - List projections = entityDescriptorRepository.findAllBy() + List projections = entityDescriptorRepository.findAllReturnProjections() then: projections.size() == 1 From d69bce943bd2fb860181f8ef210f84bf2748cd5b Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 26 Oct 2022 15:39:05 -0700 Subject: [PATCH 73/77] SHIBUI-2380 Changes per code review --- .../admin/ui/domain/EntityDescriptor.java | 24 ++++++++++++++++++- .../JPAEntityDescriptorServiceImpl.java | 8 +++---- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java index 65cc39c92..40093ba8c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java @@ -304,7 +304,6 @@ public void setVersionModifiedTimestamp(Long versionModifiedTimestamp) { public String toString() { return MoreObjects.toStringHelper(this) .add("entityID", entityID) - // .add("organization", organization) .add("id", id) .toString(); } @@ -320,4 +319,27 @@ public OwnableType getOwnableType() { @Override public ActivatableType getActivatableType() { return ENTITY_DESCRIPTOR; } + + @JsonIgnore + public boolean wantsAssertionsSigned() { + SPSSODescriptor spssoDescriptor = getSPSSODescriptor(""); + return spssoDescriptor != null && spssoDescriptor.getWantAssertionsSigned() != null && spssoDescriptor.getWantAssertionsSigned(); + } + + @JsonIgnore + public boolean isAuthnRequestsSigned() { + SPSSODescriptor spssoDescriptor = getSPSSODescriptor(""); + return spssoDescriptor != null && spssoDescriptor.isAuthnRequestsSigned() != null && spssoDescriptor.isAuthnRequestsSigned(); + } + + @JsonIgnore + public boolean isOidcProtocol() { + return getSPSSODescriptor("") != null && getProtocol() == EntityDescriptorProtocol.OIDC; + } + + @JsonIgnore + public boolean hasKeyDescriptors() { + SPSSODescriptor spssoDescriptor = getSPSSODescriptor(""); + return spssoDescriptor != null && spssoDescriptor.getKeyDescriptors().size() > 0; + } } \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 7bf2b25b3..4a94fa105 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -264,7 +264,7 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope ); } - if (ed.getSPSSODescriptor("") != null && ed.getProtocol() == EntityDescriptorProtocol.OIDC) { + if (ed.isOidcProtocol()) { ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptorRepresentation = representation.getServiceProviderSsoDescriptor(true); serviceProviderSsoDescriptorRepresentation.addExtensions("OAuthRPExtensions", buildOAuthRPExtensionsMap(ed)); } @@ -480,14 +480,14 @@ public Map getRelyingPartyOverridesRepresentationFromAttributeLi private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed, EntityDescriptorRepresentation representation) { SecurityInfoRepresentation securityInfoRepresentation = representation.getSecurityInfo(); - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getWantAssertionsSigned() != null && ed.getSPSSODescriptor("").getWantAssertionsSigned()) { + if (ed.wantsAssertionsSigned()) { if (securityInfoRepresentation == null) { securityInfoRepresentation = new SecurityInfoRepresentation(); representation.setSecurityInfo(securityInfoRepresentation); } securityInfoRepresentation.setWantAssertionsSigned(true); } - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned() != null && ed.getSPSSODescriptor("").isAuthnRequestsSigned()) { + if (ed.isAuthnRequestsSigned()) { if (securityInfoRepresentation == null) { securityInfoRepresentation = new SecurityInfoRepresentation(); representation.setSecurityInfo(securityInfoRepresentation); @@ -496,7 +496,7 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed } // If the EntityDescriptor has key descriptors - parse them out. - if (ed.getSPSSODescriptor("") != null && ed.getSPSSODescriptor("").getKeyDescriptors().size() > 0) { + if (ed.hasKeyDescriptors()) { if (securityInfoRepresentation == null) { securityInfoRepresentation = new SecurityInfoRepresentation(); representation.setSecurityInfo(securityInfoRepresentation); From 37097ddd45a906dc12e2b92ccec0475839b507e2 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 26 Oct 2022 15:48:15 -0700 Subject: [PATCH 74/77] SHIBUI-2380 Imports cleanup --- .../admin/ui/configuration/DevConfig.groovy | 1 - .../JPAMetadataResolverServiceImpl.groovy | 6 ++-- .../service/JsonSchemaBuilderService.groovy | 1 - .../CoreShibUiConfiguration.java | 14 ++++++++- .../ui/configuration/SearchConfiguration.java | 3 +- .../ui/configuration/ShibUIConfiguration.java | 3 +- .../auto/EmailConfiguration.java | 4 +-- .../MigrationTasksContextLoadedListener.java | 11 ++++--- .../ui/controller/ActivateController.java | 23 +++++++-------- .../controller/ActivateExceptionHandler.java | 15 +++++----- .../controller/AttributeBundleController.java | 2 +- .../AttributeBundleExceptionHandler.java | 2 +- .../EntityDescriptorController.java | 2 +- ...yDescriptorControllerExceptionHandler.java | 2 +- .../controller/MetadataFiltersController.java | 8 ++--- ...etadataFiltersPositionOrderController.java | 1 - .../MetadataResolversController.java | 3 +- .../controller/ShibPropertiesController.java | 2 +- .../support/RestControllersSupport.java | 3 +- .../AbstractAlgorithmIdentifierType.java | 1 - .../admin/ui/domain/AbstractXMLObject.java | 5 +--- .../admin/ui/domain/AttributeBundle.java | 5 ---- .../admin/ui/domain/ContactPerson.java | 10 +++++-- .../admin/ui/domain/EntityAttributes.java | 1 - .../admin/ui/domain/EntityDescriptor.java | 4 --- .../admin/ui/domain/KeyDescriptor.java | 10 +++++-- .../admin/ui/domain/Organization.java | 11 ++++--- .../domain/RelyingPartyOverrideProperty.java | 6 ++-- .../ui/domain/RequestInitiatorBuilder.java | 1 - .../admin/ui/domain/RoleDescriptor.java | 9 ++---- .../admin/ui/domain/SPSSODescriptor.java | 8 +++-- .../domain/filters/AlgorithmFilterTarget.java | 1 - .../filters/EntityAttributesFilter.java | 9 +++--- .../filters/EntityRoleWhiteListFilter.java | 18 +++++------- .../ui/domain/filters/MetadataFilter.java | 8 +++-- .../filters/RequiredValidUntilFilter.java | 9 +++--- .../filters/SignatureValidationFilter.java | 9 +++--- ...ssertionConsumerServiceRepresentation.java | 6 ++-- .../EntityDescriptorRepresentation.java | 2 -- .../domain/oidc/AbstractValueXMLObject.java | 2 -- .../FileBackedHttpMetadataResolver.java | 3 +- .../LocalDynamicMetadataResolver.java | 5 ++-- .../ui/domain/resolvers/MetadataResolver.java | 3 +- ...penSamlFileBackedHTTPMetadataResolver.java | 1 - .../OpenSamlFilesystemMetadataResolver.java | 1 - ...penSamlResourceBackedMetadataResolver.java | 1 - .../MetadataResolverValidationService.java | 1 - .../shib/properties/ShibPropertySetting.java | 1 - .../envers/EnversVersionServiceSupport.java | 3 +- .../envers/PrincipalAwareRevisionEntity.java | 3 +- .../xml/AbstractSAMLObjectBuilder.java | 4 +-- .../xml/AbstractXMLObjectBuilder.java | 9 +++--- ...omEntityAttributeDefinitionRepository.java | 7 ++--- .../EntityDescriptorProjection.java | 4 --- .../MetadataProvidersScheduledTasks.java | 3 +- .../GroupControllerExceptionHandler.java | 9 +++--- .../security/controller/RolesController.java | 13 ++++----- .../controller/RolesExceptionHandler.java | 9 +++--- .../security/controller/UsersController.java | 23 +++++++-------- .../admin/ui/security/model/Group.java | 20 ++++++------- .../admin/ui/security/model/Ownership.java | 6 ++-- .../admin/ui/security/model/Role.java | 20 ++++++------- .../admin/ui/security/model/User.java | 29 +++++++++---------- .../security/repository/GroupsRepository.java | 5 +--- .../repository/OwnershipRepository.java | 11 ++++--- .../ui/security/service/IGroupService.java | 4 +-- .../ui/security/service/IRolesService.java | 8 ++--- .../ui/security/service/RolesServiceImpl.java | 15 +++++----- .../ui/security/service/UserService.java | 7 +++-- .../springsecurity/AdminUserService.java | 1 + .../ui/service/AttributeBundleService.java | 2 +- ...stomEntityAttributesDefinitionService.java | 6 ++-- ...EntityAttributesDefinitionServiceImpl.java | 11 +++---- .../ui/service/EntityIdsSearchService.java | 8 +---- .../EnversMetadataResolverVersionService.java | 1 - .../admin/ui/service/FilterService.java | 6 ++-- .../JPAEntityDescriptorServiceImpl.java | 21 +++++++------- .../ui/service/JPAEntityServiceImpl.java | 15 +++++----- .../ui/service/JPAFilterServiceImpl.java | 6 ++-- .../ui/service/MetadataResolverService.java | 5 ++-- .../ui/service/ShibConfigurationService.java | 2 +- .../service/ShibConfigurationServiceImpl.java | 2 +- ...TokenPlaceholderValueResolvingService.java | 3 +- .../admin/util/AttributeUtility.java | 2 -- 84 files changed, 256 insertions(+), 304 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy index a644a58a0..e08392454 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy @@ -21,7 +21,6 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions - import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Profile diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index f207512ae..0ca482f4c 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -5,14 +5,14 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration import edu.internet2.tier.shibboleth.admin.ui.domain.EncryptionMethod import edu.internet2.tier.shibboleth.admin.ui.domain.EncryptionMethodBuilder import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AlgorithmFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AlgorithmFilterTarget import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityRoleWhiteListFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.SignatureValidationFilter -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AlgorithmFilter -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AlgorithmFilterTarget import edu.internet2.tier.shibboleth.admin.ui.domain.filters.opensaml.OpenSamlNameIdFormatFilter import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ExternalMetadataResolver @@ -26,9 +26,9 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMet import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.Refilterable -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy index b13cc2575..7be383917 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy @@ -1,7 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.service import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomPropertiesConfiguration -import edu.internet2.tier.shibboleth.admin.ui.domain.AttributeBundle import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty import edu.internet2.tier.shibboleth.admin.ui.security.model.User import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java index fdc85e20f..53332dba4 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java @@ -16,7 +16,19 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; -import edu.internet2.tier.shibboleth.admin.ui.service.*; +import edu.internet2.tier.shibboleth.admin.ui.service.DefaultMetadataResolversPositionOrderContainerService; +import edu.internet2.tier.shibboleth.admin.ui.service.DirectoryService; +import edu.internet2.tier.shibboleth.admin.ui.service.DirectoryServiceImpl; +import edu.internet2.tier.shibboleth.admin.ui.service.EntityIdsSearchService; +import edu.internet2.tier.shibboleth.admin.ui.service.EntityIdsSearchServiceImpl; +import edu.internet2.tier.shibboleth.admin.ui.service.EntityService; +import edu.internet2.tier.shibboleth.admin.ui.service.FileCheckingFileWritingService; +import edu.internet2.tier.shibboleth.admin.ui.service.FileWritingService; +import edu.internet2.tier.shibboleth.admin.ui.service.FilterTargetService; +import edu.internet2.tier.shibboleth.admin.ui.service.JPAEntityServiceImpl; +import edu.internet2.tier.shibboleth.admin.ui.service.JPAFilterTargetServiceImpl; +import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; +import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolversPositionOrderContainerService; import edu.internet2.tier.shibboleth.admin.util.AttributeUtility; import edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils; import edu.internet2.tier.shibboleth.admin.util.LuceneUtility; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SearchConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SearchConfiguration.java index 3678954c3..b7e9c4443 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SearchConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SearchConfiguration.java @@ -8,7 +8,6 @@ import org.apache.lucene.analysis.TokenFilter; import org.apache.lucene.analysis.en.EnglishAnalyzer; import org.apache.lucene.analysis.ngram.NGramTokenFilter; -import org.apache.lucene.analysis.standard.StandardAnalyzer; import org.apache.lucene.analysis.standard.StandardTokenizer; import org.apache.lucene.index.IndexWriter; import org.apache.lucene.index.IndexWriterConfig; @@ -77,4 +76,4 @@ public IndexWriterService indexWriterService() { return indexWriter; }; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java index fc20a0265..50f5a2e75 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java @@ -7,7 +7,6 @@ import org.springframework.core.io.Resource; import java.util.List; -import java.util.Optional; import java.util.Set; @Configuration @@ -40,4 +39,4 @@ public class ShibUIConfiguration { * A list of roles to bootstrap into the system. */ private Set roles; -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/EmailConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/EmailConfiguration.java index 58169bc88..10cd04863 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/EmailConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/EmailConfiguration.java @@ -6,7 +6,6 @@ import lombok.Setter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.AutoConfigureAfter; -import org.springframework.boot.autoconfigure.AutoConfigureOrder; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.boot.autoconfigure.mail.MailSenderAutoConfiguration; import org.springframework.boot.context.properties.ConfigurationProperties; @@ -21,7 +20,6 @@ import org.thymeleaf.templateresolver.ITemplateResolver; import java.util.Collections; -import java.util.Optional; /** * @author Bill Smith (wsmith@unicon.net) @@ -111,4 +109,4 @@ public EmailService emailService() { systemEmailAddress, userRepository); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/MigrationTasksContextLoadedListener.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/MigrationTasksContextLoadedListener.java index d9dc38c1e..052f6ca1b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/MigrationTasksContextLoadedListener.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/MigrationTasksContextLoadedListener.java @@ -1,11 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.configuration.auto; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationListener; -import org.springframework.context.event.ContextRefreshedEvent; -import org.springframework.stereotype.Component; -import org.springframework.transaction.annotation.Transactional; - import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository; import edu.internet2.tier.shibboleth.admin.ui.security.model.Group; import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownership; @@ -13,6 +7,11 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.stereotype.Component; +import org.springframework.transaction.annotation.Transactional; /** * After the context loads, do any needed migration tasks diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateController.java index 487bd56c2..30ccaf6b6 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateController.java @@ -1,7 +1,15 @@ package edu.internet2.tier.shibboleth.admin.ui.controller; -import javax.script.ScriptException; - +import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; +import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; +import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; +import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService; +import edu.internet2.tier.shibboleth.admin.ui.service.FilterService; +import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tags; import org.springframework.beans.factory.annotation.Autowired; @@ -12,16 +20,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; -import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; -import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException; -import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService; -import edu.internet2.tier.shibboleth.admin.ui.service.FilterService; -import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; +import javax.script.ScriptException; @RestController @RequestMapping("/api/activate") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateExceptionHandler.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateExceptionHandler.java index fe6f7c0f2..2015febcb 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateExceptionHandler.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ActivateExceptionHandler.java @@ -1,9 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.controller; -import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; - -import javax.script.ScriptException; - +import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; +import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; +import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.ControllerAdvice; @@ -11,10 +11,9 @@ import org.springframework.web.context.request.WebRequest; import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler; -import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; -import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException; +import javax.script.ScriptException; + +import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; @ControllerAdvice(assignableTypes = {ActivateController.class}) public class ActivateExceptionHandler extends ResponseEntityExceptionHandler { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleController.java index 53335d340..a1fc130dc 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleController.java @@ -1,8 +1,8 @@ package edu.internet2.tier.shibboleth.admin.ui.controller; import edu.internet2.tier.shibboleth.admin.ui.domain.AttributeBundle; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.service.AttributeBundleService; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tags; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleExceptionHandler.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleExceptionHandler.java index 44f32f6ea..e4206da04 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleExceptionHandler.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/AttributeBundleExceptionHandler.java @@ -1,7 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.controller; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java index 9cc2cb64d..e6560bf7d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java @@ -2,10 +2,10 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService; import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorVersionService; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerExceptionHandler.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerExceptionHandler.java index e1afe9413..e6f46b5fe 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerExceptionHandler.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerExceptionHandler.java @@ -1,9 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.controller; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java index a70fc2f9b..f61e82508 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java @@ -8,14 +8,10 @@ import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; -import static java.util.stream.Collectors.toList; - import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tags; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; -import static org.springframework.http.HttpStatus.BAD_REQUEST; -import static org.springframework.http.HttpStatus.NOT_FOUND; import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.interceptor.TransactionAspectSupport; @@ -39,6 +35,10 @@ import java.util.function.Supplier; import java.util.stream.Stream; +import static java.util.stream.Collectors.toList; +import static org.springframework.http.HttpStatus.BAD_REQUEST; +import static org.springframework.http.HttpStatus.NOT_FOUND; + @RestController @RequestMapping("/api/MetadataResolvers/{metadataResolverId}") @Tags(value = {@Tag(name = "metadata filters")}) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersPositionOrderController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersPositionOrderController.java index fc44c188c..e596b266c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersPositionOrderController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersPositionOrderController.java @@ -19,7 +19,6 @@ import java.util.ArrayList; import java.util.Comparator; import java.util.List; -import java.util.stream.Collectors; import static java.util.stream.Collectors.toList; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java index 1b030ad74..51d0d4753 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java @@ -3,8 +3,8 @@ import com.fasterxml.jackson.databind.exc.InvalidTypeIdException; import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.validator.MetadataResolverValidationService; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver; +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.validator.MetadataResolverValidationService; import edu.internet2.tier.shibboleth.admin.ui.domain.versioning.Version; import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.IndexWriterService; @@ -35,7 +35,6 @@ import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ShibPropertiesController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ShibPropertiesController.java index b9936633a..895521160 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ShibPropertiesController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/ShibPropertiesController.java @@ -2,8 +2,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibPropertySet; import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibPropertySetting; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.service.ShibConfigurationService; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java index c908bd862..7fb608a5e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java @@ -15,6 +15,7 @@ import java.util.ArrayList; import java.util.List; + import static org.springframework.http.HttpStatus.BAD_REQUEST; import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; import static org.springframework.http.HttpStatus.NOT_FOUND; @@ -81,4 +82,4 @@ else if(errors instanceof List){ } } } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAlgorithmIdentifierType.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAlgorithmIdentifierType.java index 3a3eeef77..d56cfdd06 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAlgorithmIdentifierType.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractAlgorithmIdentifierType.java @@ -1,6 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; -import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java index 3b4ac0d92..22d5a3c0b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java @@ -5,12 +5,9 @@ import net.shibboleth.utilities.java.support.xml.QNameSupport; import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; -import org.opensaml.core.config.ConfigurationService; import org.opensaml.core.xml.Namespace; import org.opensaml.core.xml.NamespaceManager; import org.opensaml.core.xml.XMLObject; -import org.opensaml.core.xml.config.XMLObjectProviderRegistry; -import org.opensaml.core.xml.io.MarshallingException; import org.opensaml.core.xml.schema.XSBooleanValue; import org.opensaml.core.xml.util.IDIndex; import org.w3c.dom.Element; @@ -255,4 +252,4 @@ public String getSchemaTypeNamespacePrefix() { public void setSchemaTypeNamespacePrefix(String schemaTypeNamespacePrefix) { this.schemaTypeNamespacePrefix = schemaTypeNamespacePrefix; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AttributeBundle.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AttributeBundle.java index 2df1132ac..afbe1ee36 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AttributeBundle.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AttributeBundle.java @@ -1,16 +1,11 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; -import com.fasterxml.jackson.core.JsonGenerator; -import com.fasterxml.jackson.databind.SerializerProvider; -import com.fasterxml.jackson.databind.annotation.JsonSerialize; -import com.fasterxml.jackson.databind.ser.std.StdSerializer; import lombok.Data; import javax.persistence.Column; import javax.persistence.ElementCollection; import javax.persistence.Entity; import javax.persistence.Id; -import java.io.IOException; import java.util.HashSet; import java.util.Set; import java.util.UUID; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/ContactPerson.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/ContactPerson.java index ca0400f32..4ea49897b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/ContactPerson.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/ContactPerson.java @@ -7,7 +7,13 @@ import org.opensaml.saml.saml2.metadata.ContactPersonTypeEnumeration; import javax.annotation.Nullable; -import javax.persistence.*; +import javax.persistence.CascadeType; +import javax.persistence.Entity; +import javax.persistence.JoinColumn; +import javax.persistence.OneToMany; +import javax.persistence.OneToOne; +import javax.persistence.OrderColumn; +import javax.persistence.Transient; import java.util.ArrayList; import java.util.List; @@ -149,4 +155,4 @@ public List getOrderedChildren() { return list; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityAttributes.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityAttributes.java index effdd6be7..c8ca2485d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityAttributes.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityAttributes.java @@ -4,7 +4,6 @@ import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; import org.opensaml.saml.common.SAMLObject; -import org.opensaml.saml.ext.saml2mdattr.impl.EntityAttributesImpl; import org.opensaml.saml.saml2.core.Assertion; import javax.annotation.Nullable; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java index 40093ba8c..8a4133ea6 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java @@ -3,16 +3,13 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import com.google.common.base.MoreObjects; import com.google.common.collect.Lists; - import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownable; import edu.internet2.tier.shibboleth.admin.ui.security.model.OwnableType; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; - import org.hibernate.envers.Audited; import org.hibernate.envers.NotAudited; -import org.hibernate.envers.RelationTargetAuditMode; import org.opensaml.core.xml.XMLObject; import org.springframework.util.StringUtils; @@ -20,7 +17,6 @@ import javax.persistence.CascadeType; import javax.persistence.Entity; import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; import javax.persistence.OneToMany; import javax.persistence.OneToOne; import javax.persistence.OrderColumn; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyDescriptor.java index 2b07eea4c..8d7c6c8a7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyDescriptor.java @@ -7,7 +7,13 @@ import org.opensaml.xmlsec.signature.KeyInfo; import javax.annotation.Nullable; -import javax.persistence.*; +import javax.persistence.CascadeType; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.JoinColumn; +import javax.persistence.OneToMany; +import javax.persistence.OneToOne; +import javax.persistence.OrderColumn; import java.util.ArrayList; import java.util.List; @@ -84,4 +90,4 @@ public List getOrderedChildren() { return children; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Organization.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Organization.java index 7ea76b1f0..d2e69bd09 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Organization.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Organization.java @@ -5,7 +5,12 @@ import org.opensaml.core.xml.XMLObject; import javax.annotation.Nullable; -import javax.persistence.*; +import javax.persistence.CascadeType; +import javax.persistence.Entity; +import javax.persistence.JoinColumn; +import javax.persistence.OneToMany; +import javax.persistence.OneToOne; +import javax.persistence.OrderColumn; import java.util.ArrayList; import java.util.List; @@ -82,6 +87,4 @@ public List getOrderedChildren() { return children; } -} - - +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java index b896f2352..de98b763b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RelyingPartyOverrideProperty.java @@ -1,13 +1,11 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; -import java.util.Set; - -import org.apache.commons.lang3.StringUtils; - import lombok.Getter; import lombok.Setter; import lombok.ToString; +import java.util.Set; + /** * @author Bill Smith (wsmith@unicon.net) */ diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiatorBuilder.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiatorBuilder.java index 98d554e37..67b8ac7bd 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiatorBuilder.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiatorBuilder.java @@ -2,7 +2,6 @@ import org.opensaml.saml.common.AbstractSAMLObjectBuilder; import org.opensaml.saml.common.xml.SAMLConstants; -import org.w3c.dom.Element; import javax.annotation.Nonnull; import javax.annotation.Nullable; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java index cae6d277a..bf799023f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java @@ -8,18 +8,15 @@ import javax.annotation.Nonnull; import javax.annotation.Nullable; - import javax.persistence.CascadeType; +import javax.persistence.ElementCollection; import javax.persistence.Entity; +import javax.persistence.JoinColumn; import javax.persistence.OneToMany; +import javax.persistence.OneToOne; import javax.persistence.OrderColumn; import javax.persistence.Transient; -import javax.persistence.ElementCollection; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; - import javax.xml.namespace.QName; - import java.util.ArrayList; import java.util.Collection; import java.util.Collections; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/SPSSODescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/SPSSODescriptor.java index 52d37bf1f..2307b6c92 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/SPSSODescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/SPSSODescriptor.java @@ -1,13 +1,17 @@ package edu.internet2.tier.shibboleth.admin.ui.domain; -import com.google.common.collect.Lists; import lombok.EqualsAndHashCode; import org.hibernate.envers.Audited; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.schema.XSBooleanValue; import javax.annotation.Nullable; -import javax.persistence.*; +import javax.persistence.CascadeType; +import javax.persistence.Entity; +import javax.persistence.JoinColumn; +import javax.persistence.OneToMany; +import javax.persistence.OrderColumn; +import javax.persistence.Transient; import java.util.ArrayList; import java.util.Collections; import java.util.List; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java index 8a80dba6a..22a153a31 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java @@ -3,7 +3,6 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AbstractFilterTarget; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilter.java index d80b68242..ce24f0d6a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityAttributesFilter.java @@ -2,10 +2,6 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute; -import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromAttributeReleaseList; -import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromRelyingPartyOverridesRepresentation; -import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeReleaseListFromAttributeList; -import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getRelyingPartyOverridesRepresentationFromAttributeList; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; @@ -25,6 +21,11 @@ import java.util.Map; import java.util.Objects; +import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromAttributeReleaseList; +import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeListFromRelyingPartyOverridesRepresentation; +import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getAttributeReleaseListFromAttributeList; +import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getRelyingPartyOverridesRepresentationFromAttributeList; + @Entity @EqualsAndHashCode(callSuper = true, exclude = { "attributeRelease", "relyingPartyOverrides" }) @Getter diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityRoleWhiteListFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityRoleWhiteListFilter.java index 0ac107dda..909c744ae 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityRoleWhiteListFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/EntityRoleWhiteListFilter.java @@ -1,7 +1,10 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.filters; -import java.util.ArrayList; -import java.util.List; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; +import org.hibernate.envers.Audited; import javax.persistence.CollectionTable; import javax.persistence.Column; @@ -9,13 +12,8 @@ import javax.persistence.Entity; import javax.persistence.JoinColumn; import javax.persistence.OrderColumn; - -import org.hibernate.envers.Audited; - -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; +import java.util.ArrayList; +import java.util.List; @Entity @EqualsAndHashCode(callSuper = true) @@ -50,4 +48,4 @@ private EntityRoleWhiteListFilter updateConcreteFilterTypeData(EntityRoleWhiteLi public MetadataFilter updateConcreteFilterTypeData(MetadataFilter filterToBeUpdated) { return updateConcreteFilterTypeData((EntityRoleWhiteListFilter) filterToBeUpdated); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java index 29612b15d..63b1b67d7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java @@ -1,6 +1,10 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.filters; -import com.fasterxml.jackson.annotation.*; +import com.fasterxml.jackson.annotation.JsonGetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonSubTypes; +import com.fasterxml.jackson.annotation.JsonTypeInfo; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType; import edu.internet2.tier.shibboleth.admin.ui.domain.IActivatable; @@ -19,7 +23,7 @@ import javax.persistence.Transient; import java.util.UUID; -import static edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType.*; +import static edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType.FILTER; /** * Domain class to store information about {@link org.opensaml.saml.metadata.resolver.filter.MetadataFilter} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/RequiredValidUntilFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/RequiredValidUntilFilter.java index 80e6152aa..63d0f323b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/RequiredValidUntilFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/RequiredValidUntilFilter.java @@ -1,13 +1,12 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.filters; -import javax.persistence.Entity; - -import org.hibernate.envers.Audited; - import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; import lombok.ToString; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; @Entity @EqualsAndHashCode(callSuper = true) @@ -36,4 +35,4 @@ private RequiredValidUntilFilter updateConcreteFilterTypeData(RequiredValidUntil public MetadataFilter updateConcreteFilterTypeData(MetadataFilter filterToBeUpdated) { return updateConcreteFilterTypeData((RequiredValidUntilFilter) filterToBeUpdated); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/SignatureValidationFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/SignatureValidationFilter.java index cf6aa3151..40ef6467c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/SignatureValidationFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/SignatureValidationFilter.java @@ -1,13 +1,12 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.filters; -import javax.persistence.Entity; - -import org.hibernate.envers.Audited; - import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; import lombok.ToString; +import org.hibernate.envers.Audited; + +import javax.persistence.Entity; @Entity @EqualsAndHashCode(callSuper = true) @@ -54,4 +53,4 @@ private SignatureValidationFilter updateConcreteFilterTypeData(SignatureValidati public MetadataFilter updateConcreteFilterTypeData(MetadataFilter filterToBeUpdated) { return updateConcreteFilterTypeData((SignatureValidationFilter) filterToBeUpdated); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/AssertionConsumerServiceRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/AssertionConsumerServiceRepresentation.java index d178372a4..189073fe0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/AssertionConsumerServiceRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/AssertionConsumerServiceRepresentation.java @@ -1,10 +1,10 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.frontend; -import java.io.Serializable; - import lombok.Getter; import lombok.Setter; +import java.io.Serializable; + @Getter @Setter public class AssertionConsumerServiceRepresentation implements Serializable { @@ -17,4 +17,4 @@ public class AssertionConsumerServiceRepresentation implements Serializable { private boolean makeDefault; private Integer index; -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java index 9d2c0d631..27a11d890 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java @@ -3,8 +3,6 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; - -import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; import lombok.Getter; import lombok.Setter; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java index 7aeed4d6e..c4c55e2e6 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/AbstractValueXMLObject.java @@ -1,8 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.oidc; -import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; -import lombok.EqualsAndHashCode; import org.apache.commons.lang3.StringUtils; import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java index 9966d567f..24636a709 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java @@ -4,7 +4,6 @@ import lombok.Getter; import lombok.Setter; import lombok.ToString; - import org.hibernate.envers.Audited; import javax.persistence.Embedded; @@ -35,4 +34,4 @@ public FileBackedHttpMetadataResolver() { @Embedded private HttpMetadataResolverAttributes httpMetadataResolverAttributes; -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/LocalDynamicMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/LocalDynamicMetadataResolver.java index 49cc09642..c959af7a4 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/LocalDynamicMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/LocalDynamicMetadataResolver.java @@ -4,12 +4,11 @@ import lombok.Getter; import lombok.Setter; import lombok.ToString; +import org.hibernate.envers.Audited; import javax.persistence.Embedded; import javax.persistence.Entity; -import org.hibernate.envers.Audited; - @Entity @EqualsAndHashCode(callSuper = true) @Getter @@ -30,4 +29,4 @@ public LocalDynamicMetadataResolver() { @Embedded private DynamicMetadataResolverAttributes dynamicMetadataResolverAttributes; -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java index 19c96e753..700c543c7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java @@ -7,7 +7,6 @@ import com.fasterxml.jackson.annotation.JsonTypeInfo; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType; -import static edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType.METADATA_RESOLVER; import edu.internet2.tier.shibboleth.admin.ui.domain.IActivatable; import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; @@ -31,6 +30,8 @@ import java.util.List; import java.util.UUID; +import static edu.internet2.tier.shibboleth.admin.ui.domain.ActivatableType.METADATA_RESOLVER; + @Entity @Inheritance(strategy = InheritanceType.TABLE_PER_CLASS) @EqualsAndHashCode(callSuper = true, exclude = {"version", "versionModifiedTimestamp"}) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java index 4b642e52a..49770c317 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java @@ -20,7 +20,6 @@ import java.time.Instant; import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toPositiveNonZeroDuration; -import static edu.internet2.tier.shibboleth.admin.util.DurationUtility.toTimeDuration; import static edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers.placeholderResolverService; /** diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java index f8b9a856f..3137d2f60 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFilesystemMetadataResolver.java @@ -4,7 +4,6 @@ import net.shibboleth.utilities.java.support.resolver.ResolverException; import net.shibboleth.utilities.java.support.xml.ParserPool; import org.apache.lucene.index.IndexWriter; -import org.joda.time.DateTime; import org.opensaml.saml.metadata.resolver.filter.FilterException; import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain; import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlResourceBackedMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlResourceBackedMetadataResolver.java index 1c02099f6..f8fabc96c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlResourceBackedMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlResourceBackedMetadataResolver.java @@ -4,7 +4,6 @@ import net.shibboleth.utilities.java.support.resource.Resource; import net.shibboleth.utilities.java.support.xml.ParserPool; import org.apache.lucene.index.IndexWriter; -import org.joda.time.DateTime; import org.opensaml.saml.metadata.resolver.filter.FilterException; import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain; import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/validator/MetadataResolverValidationService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/validator/MetadataResolverValidationService.java index 3e9e3df51..32c1b3d6e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/validator/MetadataResolverValidationService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/validator/MetadataResolverValidationService.java @@ -1,7 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.validator; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.validator.IMetadataResolverValidator; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.validator.IMetadataResolverValidator.ValidationResult; import java.util.ArrayList; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/shib/properties/ShibPropertySetting.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/shib/properties/ShibPropertySetting.java index aeb1bd579..ae0c95885 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/shib/properties/ShibPropertySetting.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/shib/properties/ShibPropertySetting.java @@ -8,7 +8,6 @@ import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.Id; -import javax.persistence.ManyToOne; @Entity(name = "shib_property_setting") @Audited diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/EnversVersionServiceSupport.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/EnversVersionServiceSupport.java index bbf399227..12b80bbb7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/EnversVersionServiceSupport.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/EnversVersionServiceSupport.java @@ -7,7 +7,6 @@ import javax.persistence.EntityManager; import javax.persistence.NoResultException; -import java.time.ZoneOffset; import java.util.List; import static java.util.Comparator.comparing; @@ -71,4 +70,4 @@ private boolean isCurrentRevision(String resourceId, String versionId, Class return Integer.valueOf(versionId) == revision.intValue(); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalAwareRevisionEntity.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalAwareRevisionEntity.java index 0685eba92..404a8c5d8 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalAwareRevisionEntity.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalAwareRevisionEntity.java @@ -6,7 +6,6 @@ import org.hibernate.envers.RevisionEntity; import javax.persistence.Entity; -import javax.persistence.Table; /** * Extension of the default envers revision entity to track authenticated principals @@ -22,4 +21,4 @@ public class PrincipalAwareRevisionEntity extends DefaultTrackingModifiedEntitie public String idAsString() { return String.valueOf(getId()); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractSAMLObjectBuilder.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractSAMLObjectBuilder.java index b97f1db03..336bf723e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractSAMLObjectBuilder.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractSAMLObjectBuilder.java @@ -17,11 +17,11 @@ package edu.internet2.tier.shibboleth.admin.ui.opensaml.xml; -import javax.annotation.Nonnull; - import org.opensaml.saml.common.SAMLObject; import org.opensaml.saml.common.SAMLObjectBuilder; +import javax.annotation.Nonnull; + /** * Base builder for {@link org.opensaml.saml.common.SAMLObject}s. * diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractXMLObjectBuilder.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractXMLObjectBuilder.java index 1b49c3b56..deecbf1b1 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractXMLObjectBuilder.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/xml/AbstractXMLObjectBuilder.java @@ -17,18 +17,17 @@ package edu.internet2.tier.shibboleth.admin.ui.opensaml.xml; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; -import javax.xml.namespace.QName; - import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject; import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty; import net.shibboleth.utilities.java.support.xml.DOMTypeSupport; - import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.XMLObjectBuilder; import org.w3c.dom.Element; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; +import javax.xml.namespace.QName; + /** * Base implementation for XMLObject builders. *

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/CustomEntityAttributeDefinitionRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/CustomEntityAttributeDefinitionRepository.java index db3724ea5..19feba864 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/CustomEntityAttributeDefinitionRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/CustomEntityAttributeDefinitionRepository.java @@ -1,10 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.repository; -import java.util.List; - +import edu.internet2.tier.shibboleth.admin.ui.domain.CustomEntityAttributeDefinition; import org.springframework.data.jpa.repository.JpaRepository; -import edu.internet2.tier.shibboleth.admin.ui.domain.CustomEntityAttributeDefinition; +import java.util.List; /** * Repository to manage {@link CustomEntityAttributeDefinition} instances. @@ -19,4 +18,4 @@ public interface CustomEntityAttributeDefinitionRepository extends JpaRepository @SuppressWarnings("unchecked") CustomEntityAttributeDefinition save(CustomEntityAttributeDefinition attribute); -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java index da7d307b1..ecf6a5f2c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorProjection.java @@ -1,11 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.repository; -import com.fasterxml.jackson.annotation.JsonGetter; -import com.fasterxml.jackson.annotation.JsonInclude; import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol; -import lombok.AllArgsConstructor; import lombok.Getter; -import lombok.Setter; import java.time.LocalDateTime; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/scheduled/MetadataProvidersScheduledTasks.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/scheduled/MetadataProvidersScheduledTasks.java index a58b0df24..e89db306b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/scheduled/MetadataProvidersScheduledTasks.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/scheduled/MetadataProvidersScheduledTasks.java @@ -18,7 +18,6 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import java.io.IOException; -import java.io.OutputStream; import java.io.StringWriter; @Configuration @@ -51,4 +50,4 @@ public void generateMetadataProvidersFile() { logger.error(e.getLocalizedMessage(), e); } } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/GroupControllerExceptionHandler.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/GroupControllerExceptionHandler.java index b382f50ca..6dee93b1d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/GroupControllerExceptionHandler.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/GroupControllerExceptionHandler.java @@ -1,5 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.security.controller; +import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupDeleteException; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupExistsConflictException; import edu.internet2.tier.shibboleth.admin.ui.security.exception.InvalidGroupRegexException; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; @@ -10,11 +14,6 @@ import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler; import org.springframework.web.servlet.support.ServletUriComponentsBuilder; -import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupDeleteException; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupExistsConflictException; - @ControllerAdvice(assignableTypes = {GroupController.class}) public class GroupControllerExceptionHandler extends ResponseEntityExceptionHandler { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesController.java index 9b549efb3..c4fbcb552 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesController.java @@ -1,7 +1,10 @@ package edu.internet2.tier.shibboleth.admin.ui.security.controller; -import java.util.Optional; - +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; +import edu.internet2.tier.shibboleth.admin.ui.security.model.Role; +import edu.internet2.tier.shibboleth.admin.ui.security.service.IRolesService; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tags; import org.springframework.beans.factory.annotation.Autowired; @@ -18,11 +21,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; -import edu.internet2.tier.shibboleth.admin.ui.security.model.Role; -import edu.internet2.tier.shibboleth.admin.ui.security.service.IRolesService; +import java.util.Optional; @RestController @RequestMapping("/api/admin/roles") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesExceptionHandler.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesExceptionHandler.java index 494b1a6b1..d43e236c3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesExceptionHandler.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/RolesExceptionHandler.java @@ -1,5 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.security.controller; +import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -9,11 +13,6 @@ import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler; import org.springframework.web.servlet.support.ServletUriComponentsBuilder; -import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; - @ControllerAdvice(assignableTypes = {RolesController.class}) public class RolesExceptionHandler extends ResponseEntityExceptionHandler { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java index ed39250b4..a2faab3d0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java @@ -1,11 +1,11 @@ package edu.internet2.tier.shibboleth.admin.ui.security.controller; -import static org.springframework.http.HttpStatus.NOT_FOUND; - -import java.security.Principal; -import java.util.List; -import java.util.Optional; - +import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import edu.internet2.tier.shibboleth.admin.ui.security.exception.OwnershipConflictException; +import edu.internet2.tier.shibboleth.admin.ui.security.model.User; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; +import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.tags.Tags; import lombok.extern.slf4j.Slf4j; @@ -25,12 +25,11 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.client.HttpClientErrorException; -import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; -import edu.internet2.tier.shibboleth.admin.ui.security.exception.OwnershipConflictException; -import edu.internet2.tier.shibboleth.admin.ui.security.model.User; -import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; -import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; +import java.security.Principal; +import java.util.List; +import java.util.Optional; + +import static org.springframework.http.HttpStatus.NOT_FOUND; /** diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Group.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Group.java index c0d579c30..3274de7cc 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Group.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Group.java @@ -1,23 +1,21 @@ package edu.internet2.tier.shibboleth.admin.ui.security.model; -import java.util.HashSet; -import java.util.Set; -import java.util.UUID; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.EntityListeners; -import javax.persistence.Id; -import javax.persistence.Transient; - import com.fasterxml.jackson.annotation.JsonIgnore; - import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.GroupUpdatedEntityListener; import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.ILazyLoaderHelper; import lombok.Data; import lombok.EqualsAndHashCode.Exclude; import lombok.NoArgsConstructor; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.EntityListeners; +import javax.persistence.Id; +import javax.persistence.Transient; +import java.util.HashSet; +import java.util.Set; +import java.util.UUID; + @Data @NoArgsConstructor @EntityListeners(GroupUpdatedEntityListener.class) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Ownership.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Ownership.java index 3f44e8317..9e86620c3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Ownership.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Ownership.java @@ -1,13 +1,13 @@ package edu.internet2.tier.shibboleth.admin.ui.security.model; +import lombok.Data; +import lombok.NoArgsConstructor; + import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; -import lombok.Data; -import lombok.NoArgsConstructor; - @Entity(name = "ownership") @Data @NoArgsConstructor diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Role.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Role.java index ad9dd4844..581668059 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Role.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/Role.java @@ -1,16 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.security.model; -import java.util.HashSet; -import java.util.Set; -import java.util.UUID; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.ManyToMany; - import com.fasterxml.jackson.annotation.JsonIgnoreProperties; - import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import lombok.EqualsAndHashCode; import lombok.Getter; @@ -18,6 +8,14 @@ import lombok.Setter; import lombok.ToString; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.FetchType; +import javax.persistence.ManyToMany; +import java.util.HashSet; +import java.util.Set; +import java.util.UUID; + /** * Models a basic administrative role concept in the system. * @@ -54,4 +52,4 @@ public Role(String name, int rank) { this.rank = rank; } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java index 5ca34b4e6..523a5ad4d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/model/User.java @@ -1,23 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.security.model; -import java.util.HashSet; -import java.util.Set; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.EntityListeners; -import javax.persistence.FetchType; -import javax.persistence.JoinColumn; -import javax.persistence.JoinTable; -import javax.persistence.ManyToMany; -import javax.persistence.Table; -import javax.persistence.Transient; - -import org.apache.commons.lang.StringUtils; - import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; - import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.ILazyLoaderHelper; import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.UserUpdatedEntityListener; @@ -26,6 +10,19 @@ import lombok.NoArgsConstructor; import lombok.Setter; import lombok.ToString; +import org.apache.commons.lang.StringUtils; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.EntityListeners; +import javax.persistence.FetchType; +import javax.persistence.JoinColumn; +import javax.persistence.JoinTable; +import javax.persistence.ManyToMany; +import javax.persistence.Table; +import javax.persistence.Transient; +import java.util.HashSet; +import java.util.Set; /** * Models a basic administrative user in the system. diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/GroupsRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/GroupsRepository.java index daf3ce265..bd9c0c30c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/GroupsRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/GroupsRepository.java @@ -1,10 +1,7 @@ package edu.internet2.tier.shibboleth.admin.ui.security.repository; -import java.util.List; - -import org.springframework.data.jpa.repository.JpaRepository; - import edu.internet2.tier.shibboleth.admin.ui.security.model.Group; +import org.springframework.data.jpa.repository.JpaRepository; public interface GroupsRepository extends JpaRepository { void deleteByResourceId(String resourceId); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/OwnershipRepository.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/OwnershipRepository.java index 4aa8f4dfd..a854a2116 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/OwnershipRepository.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/repository/OwnershipRepository.java @@ -1,16 +1,15 @@ package edu.internet2.tier.shibboleth.admin.ui.security.repository; -import java.util.List; -import java.util.Set; - +import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownable; +import edu.internet2.tier.shibboleth.admin.ui.security.model.Owner; +import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownership; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; -import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownable; -import edu.internet2.tier.shibboleth.admin.ui.security.model.Owner; -import edu.internet2.tier.shibboleth.admin.ui.security.model.Ownership; +import java.util.List; +import java.util.Set; public interface OwnershipRepository extends JpaRepository { /** diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IGroupService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IGroupService.java index 66fd089a9..c2bf9b03d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IGroupService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IGroupService.java @@ -1,13 +1,13 @@ package edu.internet2.tier.shibboleth.admin.ui.security.service; -import java.util.List; - import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupDeleteException; import edu.internet2.tier.shibboleth.admin.ui.security.exception.GroupExistsConflictException; import edu.internet2.tier.shibboleth.admin.ui.security.exception.InvalidGroupRegexException; import edu.internet2.tier.shibboleth.admin.ui.security.model.Group; +import java.util.List; + public interface IGroupService { Group createGroup(Group group) throws GroupExistsConflictException, InvalidGroupRegexException; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IRolesService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IRolesService.java index 46d3f81f5..2bb38e0d5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IRolesService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IRolesService.java @@ -1,14 +1,14 @@ package edu.internet2.tier.shibboleth.admin.ui.security.service; -import java.util.List; -import java.util.Optional; -import java.util.Set; - import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; import edu.internet2.tier.shibboleth.admin.ui.security.model.Role; +import java.util.List; +import java.util.Optional; +import java.util.Set; + public interface IRolesService { Role createRole(Role role) throws RoleExistsConflictException; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/RolesServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/RolesServiceImpl.java index 18385084b..389e9b61d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/RolesServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/RolesServiceImpl.java @@ -1,18 +1,17 @@ package edu.internet2.tier.shibboleth.admin.ui.security.service; -import java.util.HashSet; -import java.util.List; -import java.util.Optional; -import java.util.Set; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleDeleteException; import edu.internet2.tier.shibboleth.admin.ui.security.exception.RoleExistsConflictException; import edu.internet2.tier.shibboleth.admin.ui.security.model.Role; import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.HashSet; +import java.util.List; +import java.util.Optional; +import java.util.Set; @Service public class RolesServiceImpl implements IRolesService { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java index dfe21708a..670f60c39 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java @@ -15,9 +15,6 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.OwnershipRepository; import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; -import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.ADMIN; -import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.GROUP; -import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.NONE; import lombok.NoArgsConstructor; import org.apache.commons.lang.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -31,6 +28,10 @@ import java.util.Optional; import java.util.Set; +import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.ADMIN; +import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.GROUP; +import static edu.internet2.tier.shibboleth.admin.ui.security.service.UserAccess.NONE; + @Service @NoArgsConstructor public class UserService { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java index 8782362a4..74f1b4245 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/AdminUserService.java @@ -12,6 +12,7 @@ import org.springframework.transaction.annotation.Transactional; import java.util.Set; + import static java.util.stream.Collectors.toSet; /** diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/AttributeBundleService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/AttributeBundleService.java index 52b869693..9b5fe243b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/AttributeBundleService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/AttributeBundleService.java @@ -1,8 +1,8 @@ package edu.internet2.tier.shibboleth.admin.ui.service; import edu.internet2.tier.shibboleth.admin.ui.domain.AttributeBundle; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.repository.AttributeBundleRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionService.java index f4539a15e..ab9b8300c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionService.java @@ -1,9 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import java.util.List; - import edu.internet2.tier.shibboleth.admin.ui.domain.CustomEntityAttributeDefinition; +import java.util.List; + public interface CustomEntityAttributesDefinitionService { CustomEntityAttributeDefinition createOrUpdateDefinition(CustomEntityAttributeDefinition definition); @@ -14,4 +14,4 @@ public interface CustomEntityAttributesDefinitionService { List getAllDefinitions(); -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionServiceImpl.java index 98454c058..7cd2c132a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/CustomEntityAttributesDefinitionServiceImpl.java @@ -1,17 +1,14 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import java.util.List; - -import javax.persistence.EntityManager; - +import edu.internet2.tier.shibboleth.admin.ui.domain.CustomEntityAttributeDefinition; +import edu.internet2.tier.shibboleth.admin.ui.repository.CustomEntityAttributeDefinitionRepository; +import edu.internet2.tier.shibboleth.admin.ui.service.events.CustomEntityAttributeDefinitionChangeEvent; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationEventPublisher; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -import edu.internet2.tier.shibboleth.admin.ui.domain.CustomEntityAttributeDefinition; -import edu.internet2.tier.shibboleth.admin.ui.repository.CustomEntityAttributeDefinitionRepository; -import edu.internet2.tier.shibboleth.admin.ui.service.events.CustomEntityAttributeDefinitionChangeEvent; +import java.util.List; @Service public class CustomEntityAttributesDefinitionServiceImpl implements CustomEntityAttributesDefinitionService { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityIdsSearchService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityIdsSearchService.java index 2e1707e4e..a6e3bcb68 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityIdsSearchService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityIdsSearchService.java @@ -1,12 +1,6 @@ package edu.internet2.tier.shibboleth.admin.ui.service; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityIdsSearchResultRepresentation; -import edu.internet2.tier.shibboleth.admin.util.LuceneUtility; -import net.andreinc.mockneat.MockNeat; - -import java.util.ArrayList; -import java.util.List; -import java.util.Optional; /** * API component responsible for entity ids search. @@ -21,4 +15,4 @@ public interface EntityIdsSearchService { * @return EntityIdsSearchResultRepresentation */ EntityIdsSearchResultRepresentation findBySearchTermAndOptionalLimit(String resourceId, String searchTerm, int limit); -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java index 558af5789..a9312fbf0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java @@ -1,6 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; import edu.internet2.tier.shibboleth.admin.ui.domain.versioning.Version; import edu.internet2.tier.shibboleth.admin.ui.envers.EnversVersionServiceSupport; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/FilterService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/FilterService.java index d5823ef9f..e123e05ab 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/FilterService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/FilterService.java @@ -1,12 +1,12 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import javax.script.ScriptException; - import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.FilterRepresentation; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; + +import javax.script.ScriptException; /** * Main backend facade API that defines operations pertaining to manipulating {@link EntityAttributesFilter} objects. diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java index 4a94fa105..f5fcbd0ad 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java @@ -21,10 +21,10 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.ServiceProviderSsoDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.OAuthRPExtensions; import edu.internet2.tier.shibboleth.admin.ui.domain.oidc.ValueXMLObject; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; import edu.internet2.tier.shibboleth.admin.ui.exception.InvalidPatternMatchException; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorProjection; import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository; @@ -36,17 +36,8 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.OwnershipRepository; import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupACSs; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupContacts; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupLogout; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupOrganization; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupRelyingPartyOverrides; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupSPSSODescriptor; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupSecurity; -import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupUIInfo; import edu.internet2.tier.shibboleth.admin.util.MDDCConstants; import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions; -import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getStringListOfAttributeValues; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; @@ -65,6 +56,16 @@ import java.util.Optional; import java.util.stream.Collectors; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupACSs; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupContacts; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupLogout; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupOrganization; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupRelyingPartyOverrides; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupSPSSODescriptor; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupSecurity; +import static edu.internet2.tier.shibboleth.admin.util.EntityDescriptorConversionUtils.setupUIInfo; +import static edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions.getStringListOfAttributeValues; + @Slf4j @Service public class JPAEntityDescriptorServiceImpl implements EntityDescriptorService { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityServiceImpl.java index 595ce896b..4f6b0142b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityServiceImpl.java @@ -1,17 +1,16 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - -import org.opensaml.saml.saml2.core.Attribute; -import org.springframework.beans.factory.annotation.Autowired; - import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomPropertiesConfiguration; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.util.AttributeUtility; import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions; +import org.opensaml.saml.saml2.core.Attribute; +import org.springframework.beans.factory.annotation.Autowired; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; public class JPAEntityServiceImpl implements EntityService { @@ -72,4 +71,4 @@ public List getAttributeListFromAttributeReleaseList(List att public List getAttributeListFromRelyingPartyOverridesRepresentation(Map relyingPartyOverridesRepresentation) { return ModelRepresentationConversions.getAttributeListFromRelyingPartyOverridesRepresentation(relyingPartyOverridesRepresentation); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAFilterServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAFilterServiceImpl.java index aeab05669..928ad2607 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAFilterServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAFilterServiceImpl.java @@ -4,22 +4,20 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.FilterRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.repository.FilterRepository; import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; - import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.interceptor.TransactionAspectSupport; +import javax.script.ScriptException; import java.util.ArrayList; import java.util.List; import java.util.Optional; -import javax.script.ScriptException; - /** * Default implementation of {@link FilterService} * diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java index b32e0d9f9..6cccc3dd0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java @@ -1,12 +1,11 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import org.w3c.dom.Document; - import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ForbiddenException; import edu.internet2.tier.shibboleth.admin.ui.exception.InitializationException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; +import org.w3c.dom.Document; public interface MetadataResolverService { public MetadataResolver findByResourceId(String resourceId) throws PersistentEntityNotFound; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationService.java index 8c1533a6d..99e0a3d03 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationService.java @@ -2,8 +2,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibConfigurationProperty; import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibPropertySet; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.repository.ProjectionIdAndName; import java.util.Collection; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationServiceImpl.java index 21a5605e9..41fa3c961 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationServiceImpl.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/ShibConfigurationServiceImpl.java @@ -3,8 +3,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibConfigurationProperty; import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibPropertySet; import edu.internet2.tier.shibboleth.admin.ui.domain.shib.properties.ShibPropertySetting; -import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.exception.ObjectIdExistsException; +import edu.internet2.tier.shibboleth.admin.ui.exception.PersistentEntityNotFound; import edu.internet2.tier.shibboleth.admin.ui.repository.ProjectionIdAndName; import edu.internet2.tier.shibboleth.admin.ui.repository.ShibConfigurationRepository; import edu.internet2.tier.shibboleth.admin.ui.repository.ShibPropertySetRepository; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/TokenPlaceholderValueResolvingService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/TokenPlaceholderValueResolvingService.java index 19d8217ff..7fe0bf7b2 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/TokenPlaceholderValueResolvingService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/TokenPlaceholderValueResolvingService.java @@ -1,6 +1,5 @@ package edu.internet2.tier.shibboleth.admin.ui.service; -import org.springframework.core.env.PropertyResolver; import org.springframework.core.env.PropertySources; /** @@ -17,4 +16,4 @@ public interface TokenPlaceholderValueResolvingService { static TokenPlaceholderValueResolvingService shibbolethPlaceholderPrefixAware(PropertySources propertySources) { return new ShibbolethPlaceholderTokenAwareValueResolvingService(propertySources); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/AttributeUtility.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/AttributeUtility.java index 1b23fd9ec..ede9a5baf 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/AttributeUtility.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/AttributeUtility.java @@ -1,7 +1,6 @@ package edu.internet2.tier.shibboleth.admin.util; import edu.internet2.tier.shibboleth.admin.ui.domain.AttributeValue; -import edu.internet2.tier.shibboleth.admin.ui.domain.XSAny; import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean; import edu.internet2.tier.shibboleth.admin.ui.domain.XSInteger; import edu.internet2.tier.shibboleth.admin.ui.domain.XSString; @@ -9,7 +8,6 @@ import org.opensaml.core.xml.schema.XSBooleanValue; import java.util.List; -import java.util.Set; /** * @author Bill Smith (wsmith@unicon.net) From 2755280069a83e6ed261d22f78e701c326e02e4a Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 27 Oct 2022 08:52:01 -0700 Subject: [PATCH 75/77] Fixed removal of duplicate entity ids --- .../form/component/fields/FilterTargetField.js | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/ui/src/app/form/component/fields/FilterTargetField.js b/ui/src/app/form/component/fields/FilterTargetField.js index d42738059..9fabd0661 100644 --- a/ui/src/app/form/component/fields/FilterTargetField.js +++ b/ui/src/app/form/component/fields/FilterTargetField.js @@ -18,6 +18,7 @@ import Editor from 'react-simple-code-editor'; // import 'prismjs/components/prism-javascript'; import { FilterTargetPreview } from '../../../metadata/hoc/FilterTargetPreview'; +import { remove } from 'lodash'; const ToggleButton = ({ isOpen, onClick, disabled }) => ( From dfdfda35ae51e873a2664b6ce192a1b3aefcae52 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 27 Oct 2022 10:56:43 -0700 Subject: [PATCH 76/77] Fixed issue with copying OIDC sources --- ui/src/app/metadata/copy/CopySource.js | 10 ++++++ ui/src/app/metadata/hoc/MetadataSchema.js | 38 +++++++++++++++++------ 2 files changed, 38 insertions(+), 10 deletions(-) diff --git a/ui/src/app/metadata/copy/CopySource.js b/ui/src/app/metadata/copy/CopySource.js index 2a7a6b183..8854bdd5f 100644 --- a/ui/src/app/metadata/copy/CopySource.js +++ b/ui/src/app/metadata/copy/CopySource.js @@ -10,9 +10,13 @@ import { EntityTypeahead } from './EntityTypeahead'; import kebabCase from 'lodash/kebabCase'; import { useMetadataSources } from '../hooks/api'; import { useMetadataSourceSections } from '../domain/source/definition/sections'; +import { useMetadataSchemaLoader, useMetadataSchemaType } from '../hoc/MetadataSchema'; export function CopySource({ copy, onNext }) { + const schemaLoader = useMetadataSchemaLoader(); + const kind = useMetadataSchemaType(); + const { data = [] } = useMetadataSources({ cachePolicy: 'no-cache' }, []); const [selected, setSelected] = React.useState(copy.properties); @@ -57,6 +61,12 @@ export function CopySource({ copy, onNext }) { const sections = useMetadataSourceSections(); + React.useEffect(() => { + if (target && target.protocol !== kind) { + schemaLoader(target.protocol); + } + }, [target, schemaLoader, kind]); + return ( <>

diff --git a/ui/src/app/metadata/hoc/MetadataSchema.js b/ui/src/app/metadata/hoc/MetadataSchema.js index 61010936e..5de2e3fc5 100644 --- a/ui/src/app/metadata/hoc/MetadataSchema.js +++ b/ui/src/app/metadata/hoc/MetadataSchema.js @@ -6,40 +6,50 @@ import { useTranslator } from '../../i18n/hooks'; export const MetadataSchemaContext = React.createContext(); export const MetadataDefinitionContext = React.createContext(); export const MetadataSchemaLoading = React.createContext(); +export const MetadataSchemaLoader = React.createContext(); +export const MetadataSchemaType = React.createContext(); export function MetadataSchema({ type, children, wizard = false }) { - const definition = React.useMemo(() => wizard ? getWizard(type) : getDefinition(type), [type, wizard]); + const [kind, setKind] = React.useState(type); const [loading, setLoading] = React.useState(false); + const [definition, setDefinition] = React.useState(wizard ? getWizard(kind) : getDefinition(kind)); + const { get, response } = useFetch(``, { cachePolicy: 'no-cache' }); const [schema, setSchema] = React.useState(); - async function loadSchema(d) { - const source = await get(`/${d.schema}`) + async function loadSchema(type) { + const definition = wizard ? getWizard(type) : getDefinition(type); + setDefinition(definition); + setKind(type); + setLoading(true); + + const source = await get(`/${definition.schema}`) if (response.ok) { setSchema(source); } setLoading(false); } - /*eslint-disable react-hooks/exhaustive-deps*/ - React.useEffect(() => { - setSchema(null); - loadSchema(definition); - setLoading(true); - }, [definition]); + React.useState(() => { + loadSchema(type); + }, [type]); return ( {type && definition && schema && - {children} + + + {children} + + } @@ -55,10 +65,18 @@ export function useMetadataSchemaLoading () { return React.useContext(MetadataSchemaLoading); } +export function useMetadataSchemaLoader () { + return React.useContext(MetadataSchemaLoader); +} + export function useMetadataDefinitionContext() { return React.useContext(MetadataDefinitionContext); } +export function useMetadataSchemaType() { + return React.useContext(MetadataSchemaType); +} + export function useMetadataDefinitionValidator(data, current, group) { const definition = useMetadataDefinitionContext(); const translator = useTranslator(); From e32e865194b67c327552abca07b0c7bc79c9c181 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Mon, 31 Oct 2022 10:51:24 -0700 Subject: [PATCH 77/77] Fixed issue with preview --- ui/src/app/metadata/hoc/FilterTargetPreview.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/src/app/metadata/hoc/FilterTargetPreview.js b/ui/src/app/metadata/hoc/FilterTargetPreview.js index 0e3fe1aab..9982910d5 100644 --- a/ui/src/app/metadata/hoc/FilterTargetPreview.js +++ b/ui/src/app/metadata/hoc/FilterTargetPreview.js @@ -35,7 +35,7 @@ export function FilterTargetPreview ({ entityId, children }) { return ( - {data && children(preview, loading, data)} + {children(data ? preview : null, loading, data)} Preview XML