Merged develop into bug/shibui-1936

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy

@@ -246,6 +246,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 httpMaxCacheEntries: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntries,
                 httpMaxCacheEntrySize: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntrySize) {
 
+            childNodes()
             switch (MetadataRequestURLConstructionScheme.SchemeType.get(resolver.metadataRequestURLConstructionScheme.type)) {
                 case MetadataRequestURLConstructionScheme.SchemeType.METADATA_QUERY_PROTOCOL:
                     MetadataQueryProtocolScheme scheme = (MetadataQueryProtocolScheme) resolver.metadataRequestURLConstructionScheme
@@ -276,7 +277,6 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 default:
                     break
             }
-            childNodes()
         }
     }
 

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JsonSchemaBuilderService.groovy

@@ -64,17 +64,17 @@ class JsonSchemaBuilderService {
             def definition = [title      : it['displayName'],
                               description: it['helpText'],
                               type       : 'array']
-            if (it['displayType'] == 'set' || it['displayType'] == 'selection_list') {
-                definition['uniqueItems'] = true
-            } else if (it['displayType'] == 'list') {
-                definition['uniqueItems'] = false
-            }
             def items = [type     : 'string',
                          minLength: 1, // TODO: should this be configurable?
                          maxLength: 255] //TODO: or this?
-            items.examples = it['examples']
+            if (it['displayType'] == 'set' || it['displayType'] == 'list') {
+                definition['uniqueItems'] = true
+                items.examples = it['examples']
+            } else if (it['displayType'] == 'selection_list') {
+                definition['uniqueItems'] = false
+                items.enum = it['examples']
+            }
             items['default'] = it['defaultValue']
-
 
             definition['items'] = items
             json[(String) it['name']] = definition

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java

@@ -21,47 +21,49 @@ public static void updateOpenSamlMetadataResolverFromDynamicMetadataResolverAttr
                                                                                            ParserPool parserPool) {
         AbstractDynamicMetadataResolver dynamicMetadataResolver = (AbstractDynamicMetadataResolver) metadataResolver;
 
-        if (attributes.getBackgroundInitializationFromCacheDelay() != null) {
-            dynamicMetadataResolver
-                    .setBackgroundInitializationFromCacheDelay(toMillis(placeholderResolverService()
-                            .resolveValueFromPossibleTokenPlaceholder(attributes.getBackgroundInitializationFromCacheDelay())));
-        }
+        if (attributes != null) {
+            if (attributes.getBackgroundInitializationFromCacheDelay() != null) {
+                dynamicMetadataResolver
+                        .setBackgroundInitializationFromCacheDelay(toMillis(placeholderResolverService()
+                                .resolveValueFromPossibleTokenPlaceholder(attributes.getBackgroundInitializationFromCacheDelay())));
+            }
 
-        if (attributes.getCleanupTaskInterval() != null) {
-            dynamicMetadataResolver.setCleanupTaskInterval(toMillis(placeholderResolverService()
-                    .resolveValueFromPossibleTokenPlaceholder(attributes.getCleanupTaskInterval())));
-        }
+            if (attributes.getCleanupTaskInterval() != null) {
+                dynamicMetadataResolver.setCleanupTaskInterval(toMillis(placeholderResolverService()
+                        .resolveValueFromPossibleTokenPlaceholder(attributes.getCleanupTaskInterval())));
+            }
 
-        if (attributes.getInitializeFromPersistentCacheInBackground()) {
-            dynamicMetadataResolver.setInitializeFromPersistentCacheInBackground(attributes.getInitializeFromPersistentCacheInBackground());
-        }
+            if (attributes.getInitializeFromPersistentCacheInBackground()) {
+                dynamicMetadataResolver.setInitializeFromPersistentCacheInBackground(attributes.getInitializeFromPersistentCacheInBackground());
+            }
 
-        if (attributes.getMaxCacheDuration() != null) {
-            dynamicMetadataResolver.setMaxCacheDuration(toMillis(placeholderResolverService()
-                    .resolveValueFromPossibleTokenPlaceholder(attributes.getMaxCacheDuration())));
-        }
+            if (attributes.getMaxCacheDuration() != null) {
+                dynamicMetadataResolver.setMaxCacheDuration(toMillis(placeholderResolverService()
+                        .resolveValueFromPossibleTokenPlaceholder(attributes.getMaxCacheDuration())));
+            }
 
-        if (attributes.getMaxIdleEntityData() != null) {
-            dynamicMetadataResolver.setMaxIdleEntityData(toMillis(placeholderResolverService()
-                    .resolveValueFromPossibleTokenPlaceholder(attributes.getMaxIdleEntityData())));
-        }
+            if (attributes.getMaxIdleEntityData() != null) {
+                dynamicMetadataResolver.setMaxIdleEntityData(toMillis(placeholderResolverService()
+                        .resolveValueFromPossibleTokenPlaceholder(attributes.getMaxIdleEntityData())));
+            }
 
-        if (attributes.getMinCacheDuration() != null) {
-            dynamicMetadataResolver.setMinCacheDuration(toMillis(placeholderResolverService()
-                    .resolveValueFromPossibleTokenPlaceholder(attributes.getMinCacheDuration())));
-        }
+            if (attributes.getMinCacheDuration() != null) {
+                dynamicMetadataResolver.setMinCacheDuration(toMillis(placeholderResolverService()
+                        .resolveValueFromPossibleTokenPlaceholder(attributes.getMinCacheDuration())));
+            }
 
-        if (attributes.getBackgroundInitializationFromCacheDelay() != null) {
-            dynamicMetadataResolver.setBackgroundInitializationFromCacheDelay(toMillis(placeholderResolverService()
-                    .resolveValueFromPossibleTokenPlaceholder(attributes.getBackgroundInitializationFromCacheDelay())));
-        }
+            if (attributes.getBackgroundInitializationFromCacheDelay() != null) {
+                dynamicMetadataResolver.setBackgroundInitializationFromCacheDelay(toMillis(placeholderResolverService()
+                        .resolveValueFromPossibleTokenPlaceholder(attributes.getBackgroundInitializationFromCacheDelay())));
+            }
 
-        if (attributes.getRefreshDelayFactor() != null) {
-            dynamicMetadataResolver.setRefreshDelayFactor(attributes.getRefreshDelayFactor());
-        }
+            if (attributes.getRefreshDelayFactor() != null) {
+                dynamicMetadataResolver.setRefreshDelayFactor(attributes.getRefreshDelayFactor());
+            }
 
-        if (attributes.getRemoveIdleEntityData() != null) {
-            dynamicMetadataResolver.setRemoveIdleEntityData(attributes.getRemoveIdleEntityData());
+            if (attributes.getRemoveIdleEntityData() != null) {
+                dynamicMetadataResolver.setRemoveIdleEntityData(attributes.getRemoveIdleEntityData());
+            }
         }
 
         //TODO: This takes a XMLObjectLoadSaveManager. Do we have what we need to create one?

backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelperSpec.groovy

@@ -0,0 +1,22 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml
+
+import org.opensaml.saml.metadata.resolver.impl.AbstractDynamicMetadataResolver
+import spock.lang.Specification
+
+//TODO: we need to fill this out
+class OpenSamlMetadataResolverConstructorHelperSpec extends Specification {
+    def "SHIBUI-2163: make sure that we don't get a NPE if attributes are null"() {
+        given:
+        def x = Mock(AbstractDynamicMetadataResolver)
+
+        when:
+        OpenSamlMetadataResolverConstructorHelper.updateOpenSamlMetadataResolverFromDynamicMetadataResolverAttributes(
+                x,
+                null,
+                null
+        )
+
+        then:
+        noExceptionThrown()
+    }
+}

backend/src/test/resources/conf/278.2.xml

@@ -1,6 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
     <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]'>
-        <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
         <MetadataFilter xsi:type='SignatureValidation' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' certificateFile='%{idp.home}/credentials/inc-md-cert.pem' />
         <MetadataFilter xsi:type='RequiredValidUntil' maxValidityInterval='P14D' />
         <MetadataFilter xsi:type='EntityAttributes'><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="here" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
@@ -12,10 +11,11 @@
         <MetadataFilter xsi:type='EntityRoleWhiteList' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata'>
             <RetainedRole>md:SPSSODescriptor</RetainedRole>
         </MetadataFilter>
+        <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
     </MetadataProvider>
     <MetadataProvider id='HTTPMetadata' xsi:type='FileBackedHTTPMetadataProvider' backingFile='%{idp.home}/metadata/metadata.xml' metadataURL='https://idp.unicon.net/idp/shibboleth' minRefreshDelay='PT0M' maxRefreshDelay='P1D' />
     <MetadataProvider sourceDirectory='/tmp' id='LocalDynamic' xsi:type='LocalDynamicMetadataProvider' removeIdleEntityData='true' />
     <MetadataProvider id='ClasspathResourceMetadata' xsi:type='ResourceBackedMetadataProvider' refreshDelayFactor='0.3'>
         <MetadataResource xmlns:resource='urn:mace:shibboleth:2.0:resource' xsi:type='resource:ClasspathResource' file='metadata/metadata.xml' />
     </MetadataProvider>
-</MetadataProvider>
+</MetadataProvider>

backend/src/test/resources/conf/278.xml

@@ -1,15 +1,15 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
     <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]'>
-        <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
         <MetadataFilter xsi:type='SignatureValidation' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' certificateFile='%{idp.home}/credentials/inc-md-cert.pem' />
         <MetadataFilter xsi:type='RequiredValidUntil' maxValidityInterval='P14D' />
         <MetadataFilter xsi:type='EntityRoleWhiteList' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata'>
             <RetainedRole>md:SPSSODescriptor</RetainedRole>
         </MetadataFilter>
+        <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
     </MetadataProvider>
     <MetadataProvider id='HTTPMetadata' xsi:type='FileBackedHTTPMetadataProvider' backingFile='%{idp.home}/metadata/metadata.xml' metadataURL='https://idp.unicon.net/idp/shibboleth' minRefreshDelay='PT0M' maxRefreshDelay='P1D' />
     <MetadataProvider sourceDirectory='/tmp' id='LocalDynamic' xsi:type='LocalDynamicMetadataProvider' removeIdleEntityData='true' />
     <MetadataProvider id='ClasspathResourceMetadata' xsi:type='ResourceBackedMetadataProvider' refreshDelayFactor='0.3'>
         <MetadataResource xmlns:resource='urn:mace:shibboleth:2.0:resource' xsi:type='resource:ClasspathResource' file='metadata/metadata.xml' />
     </MetadataProvider>
-</MetadataProvider>
+</MetadataProvider>

backend/src/test/resources/conf/984-2.xml

@@ -1,6 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
     <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100'>
-        <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
         <MetadataFilter xsi:type='EntityAttributes'>
             <AttributeFilterScript>
                 <Script>
@@ -21,5 +20,6 @@
                 </Script>
             </AttributeFilterScript>
         </MetadataFilter>
+        <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
     </MetadataProvider>
-</MetadataProvider>
+</MetadataProvider>

backend/src/test/resources/conf/984.xml

@@ -1,6 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
     <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100'>
-        <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
         <MetadataFilter xsi:type='EntityAttributes'>
             <AttributeFilterScript>
                 <Script>
@@ -21,5 +20,6 @@
                 </Script>
             </AttributeFilterScript>
         </MetadataFilter>
+        <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
     </MetadataProvider>
-</MetadataProvider>
+</MetadataProvider>