Skip to content

Commit

Permalink
SHIBUI-1602 updated validation for relying party overrides
Browse files Browse the repository at this point in the history
  • Loading branch information
@rmathis
rmathis committed Nov 21, 2019
1 parent edc2a0c commit 7ec9492
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 12 deletions.
2 changes: 1 addition & 1 deletion backend/src/main/resources/i18n/messages.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -485,7 +485,7 @@ message.restoring-this-version-will-copy=Restoring this version will copy the Ve

message.invalid-regex-pattern=Invalid Regular Expression

message.invalid-signing=Warning! If neither the Assertions or the Response are signed the service will not be able to verify a SAML response from the Identity Provider.
message.invalid-signing=Unless the response or the assertions are signed, SAML security is compromised and the service should reject the SAML response. (If it doesn\u0027t, investigate, as that is serious unless the HTTP-Artifact binding is in use.)

tooltip.entity-id=Entity ID
tooltip.service-provider-name=Service Provider Name (Dashboard Display Only)
Expand Down
8 changes: 5 additions & 3 deletions ui/src/app/metadata/domain/model/wizards/metadata-source-base.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,14 @@ describe('Metadata Source Base class', () => {
code: 'INVALID_SIGNING',
path: `#/relyingPartyOverrides`,
message: 'message.invalid-signing',
params: [relyingPartyOverrides]
params: [relyingPartyOverrides],
invalidate: false
};
spyOn(validators, '/relyingPartyOverrides').and.returnValue(error);

const validated = validator(value, null, { getProperty: getPropertySpy });

expect(validated).toEqual([error]);
expect(validated).toBeUndefined();
});
});

Expand All @@ -76,7 +77,8 @@ describe('Metadata Source Base class', () => {
code: 'INVALID_SIGNING',
path: `#/relyingPartyOverrides`,
message: 'message.invalid-signing',
params: [relyingPartyOverrides]
params: [relyingPartyOverrides],
invalidate: false
};

const validated = validator(relyingPartyOverrides, {path: '/relyingPartyOverrides'});
Expand Down
11 changes: 7 additions & 4 deletions ui/src/app/metadata/domain/model/wizards/metadata-source-base.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ export class MetadataSourceBase implements Wizard<MetadataResolver> {
const validatorKey = `/${key}`;
const validator = validators.hasOwnProperty(validatorKey) ? validators[validatorKey] : null;
const error = validator ? validator(item, form_current.getProperty(key), form_current) : null;
if (error) {
if (error && error.invalidate) {
errors = errors || [];
errors.push(error);
}
Expand All @@ -91,7 +91,8 @@ export class MetadataSourceBase implements Wizard<MetadataResolver> {
code: 'INVALID_ID',
path: `#${property.path}`,
message: 'message.id-unique',
params: [value]
params: [value],
invalidate: true
} : null;
return err;
},
Expand All @@ -101,7 +102,8 @@ export class MetadataSourceBase implements Wizard<MetadataResolver> {
code: 'INVALID_SIGNING',
path: `#${property.path}`,
message: 'message.invalid-signing',
params: [value]
params: [value],
invalidate: false
};
}
return null;
Expand All @@ -112,7 +114,8 @@ export class MetadataSourceBase implements Wizard<MetadataResolver> {
code: 'PROTOCOL_SUPPORT_ENUM_REQUIRED',
path: `#${property.path}`,
message: 'message.protocol-support-required',
params: [value]
params: [value],
invalidate: true
};
}
return null;
Expand Down
1 change: 1 addition & 0 deletions ui/src/app/metadata/filter/model/entity-attributes.filter.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ describe('Entity Attributes filter form', () => {
expect(Object.keys(EntityAttributesFilter.getValidators())).toEqual([
'/',
'/name',
'/relyingPartyOverrides',
'/entityAttributesFilterTarget'
]);
});
Expand Down
22 changes: 18 additions & 4 deletions ui/src/app/metadata/filter/model/entity-attributes.filter.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ export const EntityAttributesFilter: FormDefinition<MetadataFilter> = {
const validatorKey = `/${key}`;
const validator = validators.hasOwnProperty(validatorKey) ? validators[validatorKey] : null;
const error = validator ? validator(item, { path: `/${key}` }, form_current) : null;
if (error) {
if (error && error.invalidate) {
errors = errors || [];
errors.push(error);
}
Expand All @@ -38,10 +38,23 @@ export const EntityAttributesFilter: FormDefinition<MetadataFilter> = {
code: 'INVALID_NAME',
path: `#${property.path}`,
message: 'message.name-must-be-unique',
params: [value]
params: [value],
invalidate: true
} : null;
return err;
},
'/relyingPartyOverrides': (value, property, form) => {
if (!value.signAssertion && value.dontSignResponse) {
return {
code: 'INVALID_SIGNING',
path: `#${property.path}`,
message: 'message.invalid-signing',
params: [value],
invalidate: false
};
}
return null;
},
'/entityAttributesFilterTarget': (value, property, form) => {
if (!form || !form.value || !form.value.entityAttributesFilterTarget ||
form.value.entityAttributesFilterTarget.entityAttributesFilterTargetType !== 'REGEX') {
Expand All @@ -51,9 +64,10 @@ export const EntityAttributesFilter: FormDefinition<MetadataFilter> = {
code: 'INVALID_REGEX',
path: `#${property.path}`,
message: 'message.invalid-regex-pattern',
params: [value.value[0]]
params: [value.value[0]],
invalidate: true
};
}
},
};
return validators;
},
Expand Down

0 comments on commit 7ec9492

Please sign in to comment.