From e9e75caad661e616570258219d54e338718cd002 Mon Sep 17 00:00:00 2001
From: Jodie Muramoto <jmuramoto@unicon.net>
Date: Wed, 28 Nov 2018 16:03:37 -0700
Subject: [PATCH 01/11] SHIBUI-1005: Updated metadata provider name label,
 missing time selections, updated validation numbers for refresh delay factor,
 provider enable info text, corrected dynamic attributes, moved enabled
 checkbox outside gray fieldset;

---
 backend/src/main/resources/i18n/messages.properties  |  7 ++++---
 .../src/main/resources/i18n/messages_en.properties   |  7 ++++---
 .../local-dynamic-metadata-provider.schema.json      |  2 +-
 .../src/test/resources/i18n/messages_es.properties   |  7 ++++---
 .../provider/model/local-dynamic.provider.form.ts    | 12 ++++++------
 .../schema/provider/metadata-provider.schema.json    |  6 +++---
 6 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties
index 87aaf7299..8ad97ae2b 100644
--- a/backend/src/main/resources/i18n/messages.properties
+++ b/backend/src/main/resources/i18n/messages.properties
@@ -293,7 +293,7 @@ label.metadata-provider-type=Metadata Provider Type
 label.metadata-provider-name=Metadata Provider Name
 label.select-metadata-type=Select a metadata provider type
 label.metadata-provider-status=Metadata Provider Status
-label.enable-provider-upon-saving=Enable Metadata Provider upon saving?
+label.enable-provider-upon-saving=Enable Metadata Provider?
 label.certificate-type=Type
 
 label.metadata-file=Metadata File
@@ -313,6 +313,7 @@ label.select-metadata-provider-type=Select Metadata Provider Type
 label.filter-list=Filter List
 label.common-attributes=Common Attributes
 label.reloading-attributes=Reloading Attributes
+label.dynamic-attributes=Dynamic Attributes
 label.metadata-filter-plugins=Metadata Filter Plugins
 label.advanced-settings=Advanced Settings
 label.edit-metadata-provider=Edit Metadata Provider
@@ -432,7 +433,7 @@ tooltip.http-caching-directory=If httpCaching='file', this attribute specifies w
 tooltip.http-max-cache-entries=The maximum number of responses written to cache. This attribute is incompatible with httpClientRef.
 tooltip.max-cache-entry-size=The maximum response body size that may be cached, in bytes. This attribute is incompatible with httpClientRef.
 
-tooltip.metadata-provider-name=Metadata Provider Name
+tooltip.metadata-provider-name=Metadata Provider Name (for display on the Dashboard only)
 tooltip.metadata-provider-type=Metadata Provider Type
 tooltip.xml-id=Identifier for logging, identification for command line reload, etc.
 tooltip.metadata-url=Identifier for logging, identification for command line reload, etc.
@@ -443,7 +444,7 @@ tooltip.require-valid-metadata=Whether candidate metadata found by the resolver
 tooltip.fail-fast-init=Whether to fail initialization of the underlying MetadataResolverService (and possibly the IdP as a whole) if the initialization of a metadata provider fails. When false, the IdP may start, and will continue to attempt to reload valid metadata if configured to do so, but operations that require valid metadata will fail until it does.
 tooltip.use-default-predicate-reg=Flag which determines whether the default CriterionPredicateRegistry will be used if a custom one is not supplied explicitly.
 tooltip.satisfy-any-predicates=Flag which determines whether predicates used in filtering are connected by a logical 'OR' (true) or by logical 'AND' (false).
-tooltip.enable-provider-upon-saving=Enable Metadata Provider upon saving?
+tooltip.enable-provider-upon-saving=If checkbox is clicked, the metadata provider is enabled for integration with the IdP
 
 tooltip.max-validity-interval=Defines the window within which the metadata is valid.
 tooltip.require-signed-root=If true, this fails to load metadata with no signature on the root XML element.
diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties
index 984f3c21c..e8b3ec6bd 100644
--- a/backend/src/main/resources/i18n/messages_en.properties
+++ b/backend/src/main/resources/i18n/messages_en.properties
@@ -296,7 +296,7 @@ label.metadata-provider-type=Metadata Provider Type
 label.metadata-provider-name=Metadata Provider Name
 label.select-metadata-type=Select a metadata provider type
 label.metadata-provider-status=Metadata Provider Status
-label.enable-provider-upon-saving=Enable Metadata Provider upon saving?
+label.enable-provider-upon-saving=Enable Metadata Provider?
 label.certificate-type=Type
 
 label.metadata-file=Metadata File
@@ -316,6 +316,7 @@ label.select-metadata-provider-type=Select Metadata Provider Type
 label.filter-list=Filter List
 label.common-attributes=Common Attributes
 label.reloading-attributes=Reloading Attributes
+label.dynamic-attributes=Dynamic Attributes
 label.metadata-filter-plugins=Metadata Filter Plugins
 label.advanced-settings=Advanced Settings
 label.edit-metadata-provider=Edit Metadata Provider
@@ -442,7 +443,7 @@ tooltip.http-caching-directory=If httpCaching='file', this attribute specifies w
 tooltip.http-max-cache-entries=The maximum number of responses written to cache. This attribute is incompatible with httpClientRef.
 tooltip.max-cache-entry-size=The maximum response body size that may be cached, in bytes. This attribute is incompatible with httpClientRef.
 
-tooltip.metadata-provider-name=Metadata Provider Name
+tooltip.metadata-provider-name=Metadata Provider Name (for display on the Dashboard only)
 tooltip.metadata-provider-type=Metadata Provider Type
 tooltip.xml-id=Identifier for logging, identification for command line reload, etc.
 tooltip.metadata-url=Identifier for logging, identification for command line reload, etc.
@@ -454,7 +455,7 @@ tooltip.require-valid-metadata=Whether candidate metadata found by the resolver
 tooltip.fail-fast-init=Whether to fail initialization of the underlying MetadataResolverService (and possibly the IdP as a whole) if the initialization of a metadata provider fails. When false, the IdP may start, and will continue to attempt to reload valid metadata if configured to do so, but operations that require valid metadata will fail until it does.
 tooltip.use-default-predicate-reg=Flag which determines whether the default CriterionPredicateRegistry will be used if a custom one is not supplied explicitly.
 tooltip.satisfy-any-predicates=Flag which determines whether predicates used in filtering are connected by a logical 'OR' (true) or by logical 'AND' (false).
-tooltip.enable-provider-upon-saving=Enable Metadata Provider upon saving?
+tooltip.enable-provider-upon-saving=If checkbox is clicked, the metadata provider is enabled for integration with the IdP
 
 tooltip.max-validity-interval=Defines the window within which the metadata is valid.
 tooltip.require-signed-root=If true, this fails to load metadata with no signature on the root XML element.
diff --git a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
index 04aa496f9..bb98b8b67 100644
--- a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
+++ b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
@@ -8,7 +8,7 @@
     ],
     "properties": {
         "name": {
-            "title": "label.metadata-provider-name",
+            "title": "label.metadata-provider-name-display-only",
             "description": "tooltip.metadata-provider-name",
             "type": "string",
             "widget": {
diff --git a/backend/src/test/resources/i18n/messages_es.properties b/backend/src/test/resources/i18n/messages_es.properties
index 241aa5c49..7899789c6 100644
--- a/backend/src/test/resources/i18n/messages_es.properties
+++ b/backend/src/test/resources/i18n/messages_es.properties
@@ -282,7 +282,7 @@ label.metadata-provider-type=(es) Metadata Provider Type
 label.metadata-provider-name=(es) Metadata Provider Name
 label.select-metadata-type=(es) Select a metadata provider type
 label.metadata-provider-status=(es) Metadata Provider Status
-label.enable-provider-upon-saving=(es) Enable Metadata Provider upon saving?
+label.enable-provider-upon-saving=(es) Enable Metadata Provider?
 
 label.enable-filter=(es) Enable Filter?
 label.required-valid-until=(es) Required Valid Until Filter
@@ -299,6 +299,7 @@ label.select-metadata-provider-type=(es) Select Metadata Provider Type
 label.filter-list=(es) Filter List
 label.common-attributes=(es) Common Attributes
 label.reloading-attributes=(es) Reloading Attributes
+label.dynamic-attributes=(es) Dynamic Attributes
 label.metadata-filter-plugins=(es) Metadata Filter Plugins
 label.advanced-settings=(es) Advanced Settings
 label.edit-metadata-provider=(es) Edit Metadata Provider
@@ -417,7 +418,7 @@ tooltip.http-caching-directory=(es) If httpCaching=(es) 'file', this attribute s
 tooltip.http-max-cache-entries=(es) The maximum number of responses written to cache. This attribute is incompatible with httpClientRef.
 tooltip.max-cache-entry-size=(es) The maximum response body size that may be cached, in bytes. This attribute is incompatible with httpClientRef.
 
-tooltip.metadata-provider-name=(es) Metadata Provider Name
+tooltip.metadata-provider-name=(es) Metadata Provider Name (for display on the Dashboard only)
 tooltip.metadata-provider-type=(es) Metadata Provider Type
 tooltip.xml-id=(es) Identifier for logging, identification for command line reload, etc.
 tooltip.metadata-url=(es) Identifier for logging, identification for command line reload, etc.
@@ -428,7 +429,7 @@ tooltip.require-valid-metadata=(es) Whether candidate metadata found by the reso
 tooltip.fail-fast-init=(es) Whether to fail initialization of the underlying MetadataResolverService (and possibly the IdP as a whole) if the initialization of a metadata provider fails. When false, the IdP may start, and will continue to attempt to reload valid metadata if configured to do so, but operations that require valid metadata will fail until it does.
 tooltip.use-default-predicate-reg=(es) Whether to fail initialization of the underlying MetadataResolverService (and possibly the IdP as a whole) if the initialization of a metadata provider fails. When false, the IdP may start, and will continue to attempt to reload valid metadata if configured to do so, but operations that require valid metadata will fail until it does.
 tooltip.satisfy-any-predicates=(es) Flag which determines whether predicates used in filtering are connected by a logical 'OR' (true) or by logical 'AND' (false).
-tooltip.enable-provider-upon-saving=(es) Enable Metadata Provider upon saving?
+tooltip.enable-provider-upon-saving=(es) If checkbox is clicked, the metadata provider is enabled for integration with the IdP
 
 tooltip.max-validity-interval=(es) Defines the window within which the metadata is valid.
 tooltip.require-signed-root=(es) If true, this fails to load metadata with no signature on the root XML element.
diff --git a/ui/src/app/metadata/provider/model/local-dynamic.provider.form.ts b/ui/src/app/metadata/provider/model/local-dynamic.provider.form.ts
index 4485409bc..d2c16cb6b 100644
--- a/ui/src/app/metadata/provider/model/local-dynamic.provider.form.ts
+++ b/ui/src/app/metadata/provider/model/local-dynamic.provider.form.ts
@@ -42,8 +42,8 @@ export const LocalDynamicMetadataProviderWizard: Wizard<LocalDynamicMetadataProv
             ]
         },
         {
-            id: 'reloading',
-            label: 'label.reloading-attributes',
+            id: 'dynamic',
+            label: 'label.dynamic-attributes',
             index: 3,
             initialValues: [],
             schema: '/api/ui/MetadataResolver/LocalDynamicMetadataResolver',
@@ -113,14 +113,14 @@ export const LocalDynamicMetadataProviderEditor: Wizard<LocalDynamicMetadataProv
                     class: ['mb-3'],
                     fields: [
                         'name',
-                        '@type',
-                        'enabled'
+                        '@type'
                     ]
                 },
                 {
                     type: 'group-lg',
                     class: ['col-12'],
                     fields: [
+                        'enabled',
                         'xmlId',
                         'sourceDirectory',
                     ]
@@ -128,8 +128,8 @@ export const LocalDynamicMetadataProviderEditor: Wizard<LocalDynamicMetadataProv
             ]
         },
         {
-            id: 'reloading',
-            label: 'label.reloading-attributes',
+            id: 'dynamic',
+            label: 'label.dynamic-attributes',
             index: 2,
             initialValues: [],
             schema: '/api/ui/MetadataResolver/LocalDynamicMetadataResolver',
diff --git a/ui/src/assets/schema/provider/metadata-provider.schema.json b/ui/src/assets/schema/provider/metadata-provider.schema.json
index 55c03cd10..a0242b633 100644
--- a/ui/src/assets/schema/provider/metadata-provider.schema.json
+++ b/ui/src/assets/schema/provider/metadata-provider.schema.json
@@ -6,8 +6,8 @@
     },
     "properties": {
         "name": {
-            "title": "label.metadata-provider-name",
-            "description": "tooltip.metadata-provider-name",
+            "title": "label.metadata-provider-name-dashboard-display-only",
+            "description": "tooltip.metadata-provider-name-dashboard-display-only",
             "type": "string",
             "widget": {
                 "id": "string",
@@ -29,4 +29,4 @@
         "name",
         "@type"
     ]
-}
\ No newline at end of file
+}

From 70a6ea1ee6971ba6ae2a34e770f7c178160465c9 Mon Sep 17 00:00:00 2001
From: Bill Smith <wsmith@unicon.net>
Date: Fri, 30 Nov 2018 10:30:01 -0700
Subject: [PATCH 02/11] [SHIBUI-925]

Updated exception handling in overrides json schema validation to return
an ErrorResponse object. Also fixed the method name of the handler.

Updated controller to return an ErrorResponse object when a 409 is
encountered.
---
 ...artyOverridesJsonSchemaValidatingControllerAdvice.groovy | 6 +++---
 .../admin/ui/controller/EntityDescriptorController.java     | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/RelyingPartyOverridesJsonSchemaValidatingControllerAdvice.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/RelyingPartyOverridesJsonSchemaValidatingControllerAdvice.groovy
index 934d7b1a7..e77097af6 100644
--- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/RelyingPartyOverridesJsonSchemaValidatingControllerAdvice.groovy
+++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/RelyingPartyOverridesJsonSchemaValidatingControllerAdvice.groovy
@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.jsonschema
 
+import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse
 import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation
 import mjson.Json
 import org.springframework.beans.factory.annotation.Autowired
@@ -10,7 +11,6 @@ import org.springframework.http.ResponseEntity
 import org.springframework.http.converter.HttpMessageConverter
 import org.springframework.web.bind.annotation.ControllerAdvice
 import org.springframework.web.bind.annotation.ExceptionHandler
-import org.springframework.web.context.request.WebRequest
 import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAdapter
 
 import javax.annotation.PostConstruct
@@ -56,8 +56,8 @@ class RelyingPartyOverridesJsonSchemaValidatingControllerAdvice extends RequestB
     }
 
     @ExceptionHandler(JsonSchemaValidationFailedException)
-    final ResponseEntity<?> handleUserNotFoundException(JsonSchemaValidationFailedException ex, WebRequest request) {
-        new ResponseEntity<>([errors: ex.errors], HttpStatus.BAD_REQUEST)
+    final ResponseEntity<?> handleJsonSchemaValidationFailedException(JsonSchemaValidationFailedException ex) {
+        ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ErrorResponse("400", String.join('\n', ex.errors)))
     }
 
     @PostConstruct
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java
index afde9d244..c3e76983e 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java
@@ -160,7 +160,7 @@ private ResponseEntity<?> existingEntityDescriptorCheck(String entityId) {
             return ResponseEntity
                     .status(HttpStatus.CONFLICT)
                     .headers(headers)
-                    .body(String.format("The entity descriptor with entity id [%s] already exists.", entityId));
+                    .body(new ErrorResponse(String.valueOf(HttpStatus.CONFLICT.value()), String.format("The entity descriptor with entity id [%s] already exists.", entityId)));
         }
         //No existing entity descriptor, which is an OK condition indicated by returning a null conflict response
         return null;

From a350d33cae6a01d9984d652774a935dd6b920ceb Mon Sep 17 00:00:00 2001
From: Bill Smith <wsmith@unicon.net>
Date: Mon, 3 Dec 2018 14:29:34 -0700
Subject: [PATCH 03/11] [SHIBUI-1001]

Modified resolver initialization code to move shared code into a method.
PUT and POST now both behave the same way with the same error message
when there is a file not found exception.
---
 .../MetadataResolversController.java          | 34 +++++++++++--------
 .../main/resources/i18n/messages.properties   |  1 +
 .../resources/i18n/messages_en.properties     |  1 +
 3 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
index 4593d8bbf..59fed8e93 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
@@ -119,11 +119,9 @@ public ResponseEntity<?> create(@RequestBody MetadataResolver newResolver) throw
         MetadataResolver persistedResolver = resolverRepository.save(newResolver);
         positionOrderContainerService.appendPositionOrderForNew(persistedResolver);
 
-        //TODO: currently, the update call might explode, but the save works.. in which case, the UI never gets
-        // n valid response. This operation is not atomic. Should we return an error here?
-        if (persistedResolver.getDoInitialization()) {
-            org.opensaml.saml.metadata.resolver.MetadataResolver openSamlRepresentation = metadataResolverConverterService.convertToOpenSamlRepresentation(persistedResolver);
-            OpenSamlChainingMetadataResolverUtil.updateChainingMetadataResolver((OpenSamlChainingMetadataResolver) chainingMetadataResolver, openSamlRepresentation);
+        ResponseEntity initializationError = doResolverInitialization(persistedResolver);
+        if (initializationError != null) {
+            return initializationError;
         }
 
         return ResponseEntity.created(getResourceUriFor(persistedResolver)).body(persistedResolver);
@@ -151,15 +149,9 @@ public ResponseEntity<?> update(@PathVariable String resourceId, @RequestBody Me
 
         MetadataResolver persistedResolver = resolverRepository.save(updatedResolver);
 
-        if (persistedResolver.getDoInitialization()) {
-            org.opensaml.saml.metadata.resolver.MetadataResolver openSamlRepresentation = null;
-            try {
-                openSamlRepresentation = metadataResolverConverterService.convertToOpenSamlRepresentation(persistedResolver);
-            } catch (FileNotFoundException e) {
-                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
-                        .body(new ErrorResponse(HttpStatus.INTERNAL_SERVER_ERROR.toString(), "label.file-doesnt-exist"));
-            }
-            OpenSamlChainingMetadataResolverUtil.updateChainingMetadataResolver((OpenSamlChainingMetadataResolver) chainingMetadataResolver, openSamlRepresentation);
+        ResponseEntity initializationError = doResolverInitialization(persistedResolver);
+        if (initializationError != null) {
+            return initializationError;
         }
 
         return ResponseEntity.ok(persistedResolver);
@@ -181,4 +173,18 @@ private static URI getResourceUriFor(MetadataResolver resolver) {
                 .build()
                 .toUri();
     }
+
+    private ResponseEntity<?> doResolverInitialization(MetadataResolver persistedResolver) throws ComponentInitializationException, ResolverException, IOException {
+        if (persistedResolver.getDoInitialization()) {
+            org.opensaml.saml.metadata.resolver.MetadataResolver openSamlRepresentation = null;
+            try {
+                openSamlRepresentation = metadataResolverConverterService.convertToOpenSamlRepresentation(persistedResolver);
+            } catch (FileNotFoundException e) {
+                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                        .body(new ErrorResponse(HttpStatus.INTERNAL_SERVER_ERROR.toString(), "message.file-doesnt-exist"));
+            }
+            OpenSamlChainingMetadataResolverUtil.updateChainingMetadataResolver((OpenSamlChainingMetadataResolver) chainingMetadataResolver, openSamlRepresentation);
+        }
+        return null;
+    }
 }
diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties
index 31c4de9b8..672ae51f4 100644
--- a/backend/src/main/resources/i18n/messages.properties
+++ b/backend/src/main/resources/i18n/messages.properties
@@ -397,6 +397,7 @@ message.wizard-status=Step { index } of { length }
 message.entity-id-min-unique=You must add at least one entity id target and they must each be unique.
 message.required-for-scripts=Required for Scripts
 message.required-for-regex=Required for Regex
+message.file-doesnt-exist=The requested file to be processed does not exist on the server.
 
 tooltip.entity-id=Entity ID
 tooltip.service-provider-name=Service Provider Name (Dashboard Display Only)
diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties
index 01b5c18e2..c5eabc3ee 100644
--- a/backend/src/main/resources/i18n/messages_en.properties
+++ b/backend/src/main/resources/i18n/messages_en.properties
@@ -403,6 +403,7 @@ message.wizard-status=Step { index } of { length }
 message.entity-id-min-unique=You must add at least one entity id target and they must each be unique.
 message.required-for-scripts=Required for Scripts
 message.required-for-regex=Required for Regex
+message.file-doesnt-exist=The requested file to be processed does not exist on the server.
 
 tooltip.entity-id=Entity ID
 tooltip.service-provider-name=Service Provider Name (Dashboard Display Only)

From 3f14ef499128a49ecd933722b78b43c3680a344c Mon Sep 17 00:00:00 2001
From: Dmitriy Kopylenko <dima767@gmail.com>
Date: Wed, 5 Dec 2018 08:21:33 -0500
Subject: [PATCH 04/11] SHIBUI-926

---
 .../MetadataResolversController.java          | 31 +++++++------------
 .../support/RestControllersSupport.java       |  9 +++++-
 .../MetadataFileNotFoundException.java        | 14 +++++++++
 .../MetadataResolverConverterServiceImpl.java |  2 +-
 4 files changed, 34 insertions(+), 22 deletions(-)
 create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/exceptions/MetadataFileNotFoundException.java

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
index 59fed8e93..b9a7ab3f0 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
@@ -1,6 +1,7 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller;
 
 import com.fasterxml.jackson.databind.exc.InvalidTypeIdException;
+import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolverValidationService;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver;
@@ -105,30 +106,26 @@ public ResponseEntity<?> getOne(@PathVariable String resourceId) {
     }
 
     @PostMapping("/MetadataResolvers")
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     public ResponseEntity<?> create(@RequestBody MetadataResolver newResolver) throws IOException, ResolverException, ComponentInitializationException {
         if (resolverRepository.findByName(newResolver.getName()) != null) {
             return ResponseEntity.status(HttpStatus.CONFLICT).build();
         }
 
         ResponseEntity<?> validationErrorResponse = validate(newResolver);
-        if(validationErrorResponse != null) {
+        if (validationErrorResponse != null) {
             return validationErrorResponse;
         }
 
         MetadataResolver persistedResolver = resolverRepository.save(newResolver);
         positionOrderContainerService.appendPositionOrderForNew(persistedResolver);
-
-        ResponseEntity initializationError = doResolverInitialization(persistedResolver);
-        if (initializationError != null) {
-            return initializationError;
-        }
+        doResolverInitialization(persistedResolver);
 
         return ResponseEntity.created(getResourceUriFor(persistedResolver)).body(persistedResolver);
     }
 
     @PutMapping("/MetadataResolvers/{resourceId}")
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     public ResponseEntity<?> update(@PathVariable String resourceId, @RequestBody MetadataResolver updatedResolver) throws IOException, ResolverException, ComponentInitializationException {
         MetadataResolver existingResolver = resolverRepository.findByResourceId(resourceId);
         if (existingResolver == null) {
@@ -141,18 +138,13 @@ public ResponseEntity<?> update(@PathVariable String resourceId, @RequestBody Me
         }
 
         ResponseEntity<?> validationErrorResponse = validate(updatedResolver);
-        if(validationErrorResponse != null) {
+        if (validationErrorResponse != null) {
             return validationErrorResponse;
         }
 
         updatedResolver.setAudId(existingResolver.getAudId());
-
         MetadataResolver persistedResolver = resolverRepository.save(updatedResolver);
-
-        ResponseEntity initializationError = doResolverInitialization(persistedResolver);
-        if (initializationError != null) {
-            return initializationError;
-        }
+        doResolverInitialization(persistedResolver);
 
         return ResponseEntity.ok(persistedResolver);
     }
@@ -160,7 +152,7 @@ public ResponseEntity<?> update(@PathVariable String resourceId, @RequestBody Me
     @SuppressWarnings("Unchecked")
     private ResponseEntity<?> validate(MetadataResolver metadataResolver) {
         ValidationResult validationResult = metadataResolverValidationService.validateIfNecessary(metadataResolver);
-        if(!validationResult.isValid()) {
+        if (!validationResult.isValid()) {
             return ResponseEntity.badRequest().body(validationResult.getErrorMessage());
         }
         return null;
@@ -174,17 +166,16 @@ private static URI getResourceUriFor(MetadataResolver resolver) {
                 .toUri();
     }
 
-    private ResponseEntity<?> doResolverInitialization(MetadataResolver persistedResolver) throws ComponentInitializationException, ResolverException, IOException {
+    private void doResolverInitialization(MetadataResolver persistedResolver) throws
+            ComponentInitializationException, ResolverException, IOException {
         if (persistedResolver.getDoInitialization()) {
             org.opensaml.saml.metadata.resolver.MetadataResolver openSamlRepresentation = null;
             try {
                 openSamlRepresentation = metadataResolverConverterService.convertToOpenSamlRepresentation(persistedResolver);
             } catch (FileNotFoundException e) {
-                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
-                        .body(new ErrorResponse(HttpStatus.INTERNAL_SERVER_ERROR.toString(), "message.file-doesnt-exist"));
+                throw new MetadataFileNotFoundException("message.file-doesnt-exist");
             }
             OpenSamlChainingMetadataResolverUtil.updateChainingMetadataResolver((OpenSamlChainingMetadataResolver) chainingMetadataResolver, openSamlRepresentation);
         }
-        return null;
     }
 }
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
index 7dc1a9abe..1adb07d6d 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
@@ -1,7 +1,7 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller.support;
 
-import com.google.common.collect.ImmutableMap;
 import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse;
+import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver;
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -11,6 +11,7 @@
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.client.HttpClientErrorException;
 
+import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
 import static org.springframework.http.HttpStatus.NOT_FOUND;
 
 /**
@@ -46,4 +47,10 @@ public final ResponseEntity<ErrorResponse> handleAllOtherExceptions(Exception ex
         ErrorResponse errorResponse = new ErrorResponse("400", ex.getLocalizedMessage());
         return new ResponseEntity<>(errorResponse, HttpStatus.BAD_REQUEST);
     }
+
+    @ExceptionHandler(MetadataFileNotFoundException.class)
+    public final ResponseEntity<ErrorResponse> metadataFileNotFoundHandler(MetadataFileNotFoundException ex) {
+        ErrorResponse errorResponse = new ErrorResponse(INTERNAL_SERVER_ERROR.toString(), ex.getLocalizedMessage());
+        return new ResponseEntity<>(errorResponse, INTERNAL_SERVER_ERROR);
+    }
 }
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/exceptions/MetadataFileNotFoundException.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/exceptions/MetadataFileNotFoundException.java
new file mode 100644
index 000000000..bc3dd1493
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/exceptions/MetadataFileNotFoundException.java
@@ -0,0 +1,14 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.exceptions;
+
+/**
+ * Indicates that provided metadata file is not found. Thrown during opensaml API initialization code path, if there is
+ * such. Throwing such exception is useful in @Transactional context for atomic transaction rollbacks, etc.
+ *
+ * @author Dmitriy Kopylenko
+ */
+public class MetadataFileNotFoundException extends RuntimeException {
+
+    public MetadataFileNotFoundException(String message) {
+        super(message);
+    }
+}
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java
index ccb77164c..8088793a9 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverConverterServiceImpl.java
@@ -64,7 +64,7 @@ private OpenSamlFilesystemMetadataResolver convertToOpenSamlRepresentation(Files
         IndexWriter indexWriter = indexWriterService.getIndexWriter(resolver.getResourceId());
         File metadataFile = new File(resolver.getMetadataFile());
         if (resolver.getDoInitialization() && !metadataFile.exists()) {
-            throw new FileNotFoundException("No file was found on the fileysystem for provided filename: " + resolver.getMetadataFile());
+            throw new FileNotFoundException("No file was found on the file system for provided filename: " + resolver.getMetadataFile());
         }
 
         OpenSamlFilesystemMetadataResolver openSamlResolver = new OpenSamlFilesystemMetadataResolver(openSamlObjects.getParserPool(),

From 21265a41d4b0daf0cdbec3451e92582e83b64a3b Mon Sep 17 00:00:00 2001
From: Ryan Mathis <rmathis@unicon.net>
Date: Thu, 6 Dec 2018 08:52:54 -0700
Subject: [PATCH 05/11] SHIBUI-925 Implemented fix for error messages on upload

---
 .../domain/service/resolver.service.ts        |  8 +++--
 .../resolver/effect/collection.effects.ts     | 33 +++++++++++++++----
 2 files changed, 33 insertions(+), 8 deletions(-)

diff --git a/ui/src/app/metadata/domain/service/resolver.service.ts b/ui/src/app/metadata/domain/service/resolver.service.ts
index f0c9f4b3c..4012f9f23 100644
--- a/ui/src/app/metadata/domain/service/resolver.service.ts
+++ b/ui/src/app/metadata/domain/service/resolver.service.ts
@@ -45,7 +45,9 @@ export class ResolverService {
         return this.http.post<MetadataResolver>(`${this.base}${this.endpoint}`, xml, {
             headers: new HttpHeaders().set('Content-Type', 'application/xml'),
             params: new HttpParams().set('spName', name)
-        });
+        }).pipe(catchError(error => {
+            return throwError({ errorCode: error.status, errorMessage: `Unable to upload file ... ${error.error}` });
+        }));
     }
 
     createFromUrl(name: string, url: string): Observable<MetadataResolver> {
@@ -53,7 +55,9 @@ export class ResolverService {
         return this.http.post<MetadataResolver>(`${this.base}${this.endpoint}`, body, {
             headers: new HttpHeaders().set('Content-Type', 'application/x-www-form-urlencoded'),
             params: new HttpParams().set('spName', name)
-        });
+        }).pipe(catchError(error => {
+            return throwError({ errorCode: error.status, errorMessage: `Unable to upload file ... ${error.error}` });
+        }));
     }
 
     preview(id: string): Observable<string> {
diff --git a/ui/src/app/metadata/resolver/effect/collection.effects.ts b/ui/src/app/metadata/resolver/effect/collection.effects.ts
index d56110a7e..46d2d0712 100644
--- a/ui/src/app/metadata/resolver/effect/collection.effects.ts
+++ b/ui/src/app/metadata/resolver/effect/collection.effects.ts
@@ -1,15 +1,21 @@
 import { Injectable } from '@angular/core';
 import { Effect, Actions, ofType } from '@ngrx/effects';
 import { Router } from '@angular/router';
-
+import { Store } from '@ngrx/store';
 import { of } from 'rxjs';
-import { map, catchError, switchMap, tap } from 'rxjs/operators';
+import { map, catchError, switchMap, tap, withLatestFrom } from 'rxjs/operators';
 
 import * as providerActions from '../action/collection.action';
 import * as draftActions from '../action/draft.action';
 import { ResolverCollectionActionTypes } from '../action/collection.action';
 import { ResolverService } from '../../domain/service/resolver.service';
 import { removeNulls } from '../../../shared/util';
+import { AddNotification } from '../../../notification/action/notification.action';
+import { Notification, NotificationType } from '../../../notification/model/notification';
+import { I18nService } from '../../../i18n/service/i18n.service';
+import * as fromRoot from '../../../app.reducer';
+import * as fromI18n from '../../../i18n/reducer';
+
 
 /* istanbul ignore next */
 @Injectable()
@@ -112,11 +118,24 @@ export class ResolverCollectionEffects {
         ofType<providerActions.AddResolverSuccess>(ResolverCollectionActionTypes.ADD_RESOLVER_SUCCESS),
         map(action => action.payload),
         map(provider => {
-            console.log(provider);
             return new draftActions.RemoveDraftRequest(provider);
         })
     );
 
+    @Effect()
+    addResolverFailNotification$ = this.actions$.pipe(
+        ofType<providerActions.AddResolverFail>(ResolverCollectionActionTypes.ADD_RESOLVER_FAIL),
+        map(action => action.payload),
+        withLatestFrom(this.store.select(fromI18n.getMessages)),
+        map(([error, messages]) => new AddNotification(
+            new Notification(
+                NotificationType.Danger,
+                `${error.errorCode}: ${this.i18nService.translate(error.errorMessage, null, messages)}`,
+                8000
+            )
+        ))
+    );
+
     @Effect()
     uploadResolverRequest$ = this.actions$.pipe(
         ofType<providerActions.UploadResolverRequest>(ResolverCollectionActionTypes.UPLOAD_RESOLVER_REQUEST),
@@ -126,7 +145,7 @@ export class ResolverCollectionEffects {
                 .upload(file.name, file.body)
                 .pipe(
                     map(p => new providerActions.AddResolverSuccess(p)),
-                    catchError(() => of(new providerActions.AddResolverFail(file)))
+                    catchError((error) => of(new providerActions.AddResolverFail(error)))
                 )
         )
     );
@@ -140,7 +159,7 @@ export class ResolverCollectionEffects {
                 .createFromUrl(file.name, file.url)
                 .pipe(
                     map(p => new providerActions.AddResolverSuccess(p)),
-                    catchError(() => of(new providerActions.AddResolverFail(file)))
+                    catchError((error) => of(new providerActions.AddResolverFail(error)))
                 )
         )
     );
@@ -148,6 +167,8 @@ export class ResolverCollectionEffects {
     constructor(
         private descriptorService: ResolverService,
         private actions$: Actions,
-        private router: Router
+        private router: Router,
+        private store: Store<fromRoot.State>,
+        private i18nService: I18nService
     ) { }
 } /* istanbul ignore next */

From 3590d8d0631f6ca26c005bd17a9557af4eeb98c6 Mon Sep 17 00:00:00 2001
From: Bill Smith <wsmith@unicon.net>
Date: Thu, 6 Dec 2018 09:49:36 -0700
Subject: [PATCH 06/11] [SHIBUI-925]

Updated a test to reflect the change in error messaging.
---
 .../admin/ui/controller/EntityDescriptorControllerTests.groovy  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
index 122a349ae..b38941b74 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
@@ -505,7 +505,7 @@ class EntityDescriptorControllerTests extends Specification {
 
         then:
         result.andExpect(status().isConflict())
-                .andExpect(content().string("The entity descriptor with entity id [http://test.scaldingspoon.org/test1] already exists."))
+                .andExpect(content().string("{\"errorCode\":\"409\",\"errorMessage\":\"The entity descriptor with entity id [http://test.scaldingspoon.org/test1] already exists.\"}"))
     }
 
     def "POST /EntityDescriptor handles x-www-form-urlencoded happily"() {

From 0c1304a8d16ed17f21ad5dcad6aa1697d0c8ca68 Mon Sep 17 00:00:00 2001
From: Jodie Muramoto <jmuramoto@unicon.net>
Date: Thu, 6 Dec 2018 10:50:32 -0700
Subject: [PATCH 07/11] SHIBUI-1010: Removed redundant ARIA roles and
 attributes (if button is semantic, does not need the role of button, etc.);

---
 .../resources/local-dynamic-metadata-provider.schema.json  | 2 +-
 ui/src/app/app.component.html                              | 3 +--
 .../domain/component/wizard-summary.component.html         | 6 +++---
 .../metadata/filter/container/edit-filter.component.html   | 2 +-
 .../metadata/filter/container/new-filter.component.html    | 2 +-
 .../app/metadata/manager/container/manager.component.html  | 2 +-
 .../provider/container/provider-wizard.component.html      | 5 +++--
 .../resolver/container/blank-resolver.component.html       | 2 +-
 .../resolver/container/confirm-copy.component.html         | 6 +++---
 .../resolver/container/copy-resolver.component.html        | 3 +--
 .../resolver/container/new-resolver.component.html         | 2 +-
 .../resolver/container/upload-resolver.component.html      | 2 +-
 ui/src/app/shared/autocomplete/autocomplete.component.html | 1 -
 ui/src/app/shared/component/info-icon.component.html       | 2 --
 ui/src/app/wizard/component/wizard.component.html          | 7 ++-----
 15 files changed, 20 insertions(+), 27 deletions(-)

diff --git a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
index bb98b8b67..c76434258 100644
--- a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
+++ b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
@@ -9,7 +9,7 @@
     "properties": {
         "name": {
             "title": "label.metadata-provider-name-display-only",
-            "description": "tooltip.metadata-provider-name",
+            "description": "tooltip.metadata-provider-name-display-only",
             "type": "string",
             "widget": {
                 "id": "string",
diff --git a/ui/src/app/app.component.html b/ui/src/app/app.component.html
index f09ae298a..b7adb997b 100644
--- a/ui/src/app/app.component.html
+++ b/ui/src/app/app.component.html
@@ -14,7 +14,6 @@
                 <button
                     class="btn btn-outline-primary btn-sm"
                     id="addNewDropdown"
-                    role="button"
                     aria-haspopup="true"
                     aria-expanded="false"
                     ngbDropdownToggle>
@@ -57,7 +56,7 @@
         </ul>
     </div>
 </nav>
-<main role="main">
+<main>
     <router-outlet></router-outlet>
     <notification-list></notification-list>
 </main>
diff --git a/ui/src/app/metadata/domain/component/wizard-summary.component.html b/ui/src/app/metadata/domain/component/wizard-summary.component.html
index e1f578180..e7ea5dbf6 100644
--- a/ui/src/app/metadata/domain/component/wizard-summary.component.html
+++ b/ui/src/app/metadata/domain/component/wizard-summary.component.html
@@ -1,12 +1,12 @@
 <div class="row">
     <div class="col-xl-6 col-xs-12" *ngFor="let sections of columns">
-        <section class="px-3" *ngFor="let section of sections; let i = index;" role="list">
-            <button (click)="gotoPage(section.id)" class="tag tag-success tag-sm my-4 text-left" [attr.aria-label]="section.label | translate" role="button">
+        <section class="px-3" *ngFor="let section of sections; let i = index;">
+            <button (click)="gotoPage(section.id)" class="tag tag-success tag-sm my-4 text-left" [attr.aria-label]="section.label | translate">
                 <span class="index">{{ section.pageNumber }}</span>
                 <translate-i18n [key]="section.label">{{ section.label }}</translate-i18n>
             </button>
             <ng-container *ngFor="let prop of section.properties">
-                <summary-property [property]="prop" role="listitem"></summary-property>
+                <summary-property [property]="prop"></summary-property>
             </ng-container>
         </section>
     </div>
diff --git a/ui/src/app/metadata/filter/container/edit-filter.component.html b/ui/src/app/metadata/filter/container/edit-filter.component.html
index e42137ebf..a7771dbef 100644
--- a/ui/src/app/metadata/filter/container/edit-filter.component.html
+++ b/ui/src/app/metadata/filter/container/edit-filter.component.html
@@ -1,4 +1,4 @@
-<div class="container-fluid p-3" role="main">
+<div class="container-fluid p-3" role="section">
     <section class="section">
         <div class="section-header bg-info p-2 text-white">
             <div class="row justify-content-between">
diff --git a/ui/src/app/metadata/filter/container/new-filter.component.html b/ui/src/app/metadata/filter/container/new-filter.component.html
index e56dc4634..08633e938 100644
--- a/ui/src/app/metadata/filter/container/new-filter.component.html
+++ b/ui/src/app/metadata/filter/container/new-filter.component.html
@@ -1,4 +1,4 @@
-<div class="container-fluid p-3" role="main">
+<div class="container-fluid p-3" role="section">
     <section class="section">
         <div class="section-header bg-info p-2 text-white">
             <div class="row justify-content-between">
diff --git a/ui/src/app/metadata/manager/container/manager.component.html b/ui/src/app/metadata/manager/container/manager.component.html
index 2c354d7e3..7803d47e5 100644
--- a/ui/src/app/metadata/manager/container/manager.component.html
+++ b/ui/src/app/metadata/manager/container/manager.component.html
@@ -1,4 +1,4 @@
-<div class="container-fluid p-3" role="main">
+<div class="container-fluid p-3" role="section">
     <ul class="nav nav-tabs">
         <li class="nav-item">
             <a class="nav-link" [routerLink]="['./', 'resolvers']" routerLinkActive="active" translate="label.metadata-sources">Metadata Sources</a>
diff --git a/ui/src/app/metadata/provider/container/provider-wizard.component.html b/ui/src/app/metadata/provider/container/provider-wizard.component.html
index b1027711b..366bb70d5 100644
--- a/ui/src/app/metadata/provider/container/provider-wizard.component.html
+++ b/ui/src/app/metadata/provider/container/provider-wizard.component.html
@@ -7,11 +7,12 @@
         </div>
     </div>
     <div class="section-body p-4 border border-top-0 border-info">
-        <div class="container-fluid p-3" role="main">
+        <div class="container-fluid p-3">
             <wizard
                 (onNext)="next()"
                 (onPrevious)="previous()"
-                (onSave)="save()"></wizard>
+                (onSave)="save()"
+                role="navigation"></wizard>
             <hr />
             <div class="row">
                 <div class="col col-xl-6 col-lg-9 col-xs-12">
diff --git a/ui/src/app/metadata/resolver/container/blank-resolver.component.html b/ui/src/app/metadata/resolver/container/blank-resolver.component.html
index 5229f61f1..70ee5fa19 100644
--- a/ui/src/app/metadata/resolver/container/blank-resolver.component.html
+++ b/ui/src/app/metadata/resolver/container/blank-resolver.component.html
@@ -9,7 +9,7 @@ <h3 class="tag tag-primary">
                     </h3>
                 </li>
                 <li class="nav-item">
-                    <button class="nav-link next btn clearfix" (click)="next()" [disabled]="providerForm.invalid" aria-label="Next: Step 2, Organization information" role="button">
+                    <button class="nav-link next btn clearfix" (click)="next()" [disabled]="providerForm.invalid" aria-label="Next: Step 2, Organization information">
                         <span class="label pull-left">
                             2.
                             <translate-i18n key="label.org-info">Organization Information</translate-i18n>
diff --git a/ui/src/app/metadata/resolver/container/confirm-copy.component.html b/ui/src/app/metadata/resolver/container/confirm-copy.component.html
index 1259dc568..808f4f3a8 100644
--- a/ui/src/app/metadata/resolver/container/confirm-copy.component.html
+++ b/ui/src/app/metadata/resolver/container/confirm-copy.component.html
@@ -1,4 +1,4 @@
-<div class="container-fluid p-3" role="main">
+<div class="container-fluid p-3" role="section">
     <section class="section" aria-label="Add a new metadata source - how are you adding the metadata information?" tabindex="0">
         <div class="section-header bg-info p-2 text-white">
             <div class="row justify-content-between">
@@ -10,7 +10,7 @@
         <div class="section-body p-4 border border-top-0 border-info">
             <ul class="nav nav-wizard m-3">
                 <li class="nav-item">
-                    <button class="nav-link previous btn clearfix" role="button" [routerLink]="['../']">
+                    <button class="nav-link previous btn clearfix" [routerLink]="['../']">
                         <span class="direction pull-left">
                             <i class="fa fa-fw fa-arrow-circle-left d-block fa-2x"></i>
                             <translate-i18n key="action.back">Back</translate-i18n>
@@ -27,7 +27,7 @@ <h3 class="tag tag-primary">
                     </h3>
                 </li>
                 <li class="nav-item">
-                    <button class="nav-link save btn" aria-label="Save" role="button" (click)="onSave(resolver)" [disabled]="saving$ | async">
+                    <button class="nav-link save btn" aria-label="Save" (click)="onSave(resolver)" [disabled]="saving$ | async">
                         <span class="label pull-left" translate="action.save">Save</span>
                         <span class="direction pull-right">
                             <i class="fa fa-fw next d-block fa-2x"
diff --git a/ui/src/app/metadata/resolver/container/copy-resolver.component.html b/ui/src/app/metadata/resolver/container/copy-resolver.component.html
index acbbd1908..58fd5bffe 100644
--- a/ui/src/app/metadata/resolver/container/copy-resolver.component.html
+++ b/ui/src/app/metadata/resolver/container/copy-resolver.component.html
@@ -9,8 +9,7 @@ <h3 class="tag tag-primary">
                     </h3>
                 </li>
                 <li class="nav-item">
-                    <button class="nav-link next btn clearfix" (click)="next()" [disabled]="providerForm.invalid" aria-label="Next: Step 2, Organization information"
-                        role="button">
+                    <button class="nav-link next btn clearfix" (click)="next()" [disabled]="providerForm.invalid" aria-label="Next: Step 2, Organization information">
                         <span class="label pull-left" translate="label.finish-summary-validation">
                             Finished!
                         </span>
diff --git a/ui/src/app/metadata/resolver/container/new-resolver.component.html b/ui/src/app/metadata/resolver/container/new-resolver.component.html
index efaea7239..b20b15c51 100644
--- a/ui/src/app/metadata/resolver/container/new-resolver.component.html
+++ b/ui/src/app/metadata/resolver/container/new-resolver.component.html
@@ -1,4 +1,4 @@
-<div class="container-fluid p-3" role="main">
+<div class="container-fluid p-3" role="section">
     <section class="section" aria-label="Add a new metadata source - how are you adding the metadata information?" tabindex="0">
         <div class="section-header bg-info p-2 text-white">
             <div class="row justify-content-between">
diff --git a/ui/src/app/metadata/resolver/container/upload-resolver.component.html b/ui/src/app/metadata/resolver/container/upload-resolver.component.html
index 8bae4bc0d..dcd14a93e 100644
--- a/ui/src/app/metadata/resolver/container/upload-resolver.component.html
+++ b/ui/src/app/metadata/resolver/container/upload-resolver.component.html
@@ -9,7 +9,7 @@ <h3 class="tag tag-primary">
                     </h3>
                 </li>
                 <li class="nav-item">
-                    <button class="nav-link next btn clearfix" (click)="save()" [disabled]="providerForm.invalid" aria-label="Save metadata resolver" role="button">
+                    <button class="nav-link next btn clearfix" (click)="save()" [disabled]="providerForm.invalid" aria-label="Save metadata resolver">
                         <span class="label pull-left" translate="action.save">
                             Save
                         </span>
diff --git a/ui/src/app/shared/autocomplete/autocomplete.component.html b/ui/src/app/shared/autocomplete/autocomplete.component.html
index 1af9bbe9e..d928a4c88 100644
--- a/ui/src/app/shared/autocomplete/autocomplete.component.html
+++ b/ui/src/app/shared/autocomplete/autocomplete.component.html
@@ -9,7 +9,6 @@
             class="form-control"
             autoComplete="off"
             type="text"
-            role="textbox"
             [attr.aria-activedescendant]="activeDescendant"
             [placeholder]="placeholder"
             attr.aria-owns="{{ id }}__listbox"
diff --git a/ui/src/app/shared/component/info-icon.component.html b/ui/src/app/shared/component/info-icon.component.html
index f73d5e0eb..62ec8195b 100644
--- a/ui/src/app/shared/component/info-icon.component.html
+++ b/ui/src/app/shared/component/info-icon.component.html
@@ -7,8 +7,6 @@
     [ngbPopover]="tooltipContent"
     [triggers]="triggers"
     [placement]="placement"
-    [attr.aria-flowto]="id"
-    role="tooltip"
     container="body">
     <i class="fa fa-fw fa-info-circle text-primary fa-lg"></i>
     <span class="sr-only" translate="tooltip.instruction"></span>
diff --git a/ui/src/app/wizard/component/wizard.component.html b/ui/src/app/wizard/component/wizard.component.html
index c3612bec2..2ab0dee60 100644
--- a/ui/src/app/wizard/component/wizard.component.html
+++ b/ui/src/app/wizard/component/wizard.component.html
@@ -1,8 +1,7 @@
 <nav *ngIf="(current$ | async) && (index$ | async)">
     <ul class="nav nav-wizard">
         <li class="nav-item" *ngIf="(previous$ | async)">
-            <button class="nav-link previous btn clearfix" (click)="onPrevious.emit(previousPage.index)" [disabled]="disabled$ | async"
-                [attr.aria-label]="previousPage.path" role="button">
+            <button class="nav-link previous btn clearfix" (click)="onPrevious.emit(previousPage.index)" [disabled]="disabled$ | async" [attr.aria-label]="previousPage.path">
                 <span class="direction pull-left">
                     <i class="fa fa-fw fa-arrow-circle-left d-block fa-2x"></i>
                     <translate-i18n key="action.back">Back</translate-i18n>
@@ -28,8 +27,7 @@ <h3 class="tag tag-primary">
             </h3>
         </li>
         <li class="nav-item" *ngIf="(next$ | async)">
-            <button class="nav-link next btn clearfix" (click)="onNext.emit(nextPage.index)" [disabled]="disabled$ | async" [attr.aria-label]="nextPage.path"
-                role="button">
+            <button class="nav-link next btn clearfix" (click)="onNext.emit(nextPage.index)" [disabled]="disabled$ | async" [attr.aria-label]="nextPage.path">
                 <span class="label pull-left">
                     <ng-container *ngIf="(next$ | async).index">{{ (next$ | async).index }}. </ng-container>
                     {{ (next$ | async).label | translate }}
@@ -43,7 +41,6 @@ <h3 class="tag tag-primary">
         <li class="nav-item" *ngIf="(last$ | async)">
             <button class="nav-link save btn"
                 aria-label="Save"
-                role="button"
                 [disabled]="disabled$ | async"
                 (click)="onSave.emit()">
                 <span class="label pull-left" translate="action.save">

From 6cbed982edb8b0a76cbfe372287e8bcbd96fccea Mon Sep 17 00:00:00 2001
From: Ryan Mathis <rmathis@unicon.net>
Date: Mon, 10 Dec 2018 09:17:29 -0700
Subject: [PATCH 08/11] SHIBUI-1055 Fixed text

---
 backend/src/main/resources/i18n/messages_en.properties | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties
index 7d20536d0..5c9c78d5a 100644
--- a/backend/src/main/resources/i18n/messages_en.properties
+++ b/backend/src/main/resources/i18n/messages_en.properties
@@ -483,9 +483,9 @@ tooltip.enable-provider-upon-saving=If checkbox is clicked, the metadata provide
 tooltip.max-validity-interval=Defines the window within which the metadata is valid.
 tooltip.require-signed-root=If true, this fails to load metadata with no signature on the root XML element.
 tooltip.certificate-file=A key used to verify the signature. Conflicts with trustEngineRef and both of the child elements.
-tooltip.retained-roles=Controls whether to keep entity descriptors that contain no roles
-tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles.
-tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors.
+tooltip.retained-roles=Note that property replacement cannot be used on this element.
+tooltip.remove-roleless-entity-descriptors=Controls whether to keep entity descriptors that contain no roles. Note: If this attribute is set to false, the resulting output may not be schema-valid since an <md:EntityDescriptor> element must include at least one role descriptor.
+tooltip.remove-empty-entities-descriptors=Controls whether to keep entities descriptors that contain no entity descriptors. Note: If this attribute is set to false, the resulting output may not be schema-valid since an <md:EntitiesDescriptor> element must include at least one child element, either an <md:EntityDescriptor> element or an <md:EntitiesDescriptor> element.
 
 tooltip.min-refresh-delay=Lower bound on the next refresh from the time calculated based on the metadata\u0027s expiration.
 tooltip.max-refresh-delay=Upper bound on the next refresh from the time calculated based on the metadata\u0027s expiration.

From c48572e5ba66a5c3036a20cf8ca011fe9bcc1644 Mon Sep 17 00:00:00 2001
From: Ryan Mathis <rmathis@unicon.net>
Date: Mon, 10 Dec 2018 09:38:53 -0700
Subject: [PATCH 09/11] SHIBUI-1050 Fixed min/max refresh delay factor

---
 .../main/resources/dynamic-http-metadata-provider.schema.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
index f9dec02b8..4b8dc513f 100644
--- a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
+++ b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
@@ -152,8 +152,8 @@
                         "step": 0.01
                     },
                     "placeholder": "label.real-number",
-                    "minimum": 0,
-                    "maximum": 1,
+                    "minimum": 0.01,
+                    "maximum": 0.99,
                     "default": null
                 },
                 "minCacheDuration": {

From 0d8ac043d84485178f11d20543d3764d6e192d3d Mon Sep 17 00:00:00 2001
From: Jodie Muramoto <jmuramoto@unicon.net>
Date: Mon, 10 Dec 2018 10:26:21 -0700
Subject: [PATCH 10/11] SHIBUI-1015: Fixed issues with forms and labels
 (assigned ARIA labels);

---
 .../manager/component/provider-search.component.html        | 3 ++-
 .../resolver/container/copy-resolver.component.html         | 6 ++++--
 ui/src/app/shared/autocomplete/autocomplete.component.html  | 2 --
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/ui/src/app/metadata/manager/component/provider-search.component.html b/ui/src/app/metadata/manager/component/provider-search.component.html
index bedc6ad7d..29479de5d 100644
--- a/ui/src/app/metadata/manager/component/provider-search.component.html
+++ b/ui/src/app/metadata/manager/component/provider-search.component.html
@@ -1,6 +1,6 @@
 <form [formGroup]="searchForm">
-    <label for="search" class="sr-only" translate="action.search">Search</label>
     <div class="input-group input-group-sm">
+        <label [for]="search" class="sr-only" translate="action.search">Search</label>
         <input
             id="search"
             type="text"
@@ -9,6 +9,7 @@
             [placeholder]="'label.search-files' | translate"
             aria-label="To search for a source, enter name then press enter"
             formControlName="search"
+            role="textbox"
             (keyup)="search.emit($event.target.value)">
         <div class="input-group-append">
             <button class="btn btn-light"
diff --git a/ui/src/app/metadata/resolver/container/copy-resolver.component.html b/ui/src/app/metadata/resolver/container/copy-resolver.component.html
index acbbd1908..688deb9a7 100644
--- a/ui/src/app/metadata/resolver/container/copy-resolver.component.html
+++ b/ui/src/app/metadata/resolver/container/copy-resolver.component.html
@@ -23,7 +23,7 @@ <h3 class="tag tag-primary">
             </ul>
             <fieldset class="bg-light border rounded p-4">
                 <div class="form-group">
-                    <label for="serviceProviderName">
+                    <label for="target">
                         <translate-i18n key="label.select-entity-id-to-copy">Select the Entity ID to copy</translate-i18n>
                         <i class="fa fa-fw fa-asterisk text-danger" aria-hidden="true"></i>
                     </label>
@@ -97,7 +97,9 @@ <h3 class="tag tag-primary">
                                     [id]="'section-' + i"
                                     [name]="'section-' + i"
                                     role="checkbox" />
-                                <label class="custom-control-label" for="section-{{ i }}"></label>
+                                <label class="custom-control-label"
+                                    [for]="'section-' + i"
+                                    [attr.aria-label]="item.i18nKey"></label>
                             </div>
                         </fieldset>
                     </td>
diff --git a/ui/src/app/shared/autocomplete/autocomplete.component.html b/ui/src/app/shared/autocomplete/autocomplete.component.html
index 1af9bbe9e..1f59e0ab5 100644
--- a/ui/src/app/shared/autocomplete/autocomplete.component.html
+++ b/ui/src/app/shared/autocomplete/autocomplete.component.html
@@ -1,5 +1,4 @@
 <div id="{{ id }}-container" class="dropdown form-group" (keydown)="handleKeyDown($event)" role='combobox' [attr.aria-expanded]="(menuIsVisible$ | async) ? 'true' : 'false'">
-    <label *ngIf="!fieldId" for="{{ id }}__input" attr.aria-labelledby="{{ id }}__input" class="sr-only"></label>
     <div [ngClass]="{'input-group': dropdown}">
         <input
             #inputField
@@ -9,7 +8,6 @@
             class="form-control"
             autoComplete="off"
             type="text"
-            role="textbox"
             [attr.aria-activedescendant]="activeDescendant"
             [placeholder]="placeholder"
             attr.aria-owns="{{ id }}__listbox"

From e61050b6f997c9b127cc8f5f26df042baaae89ff Mon Sep 17 00:00:00 2001
From: Ryan Mathis <rmathis@unicon.net>
Date: Mon, 10 Dec 2018 11:14:05 -0700
Subject: [PATCH 11/11] SHIBUI-1053 Added element

---
 ...dynamic-http-metadata-provider.schema.json | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
index 4b8dc513f..887508b7f 100644
--- a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
+++ b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
@@ -222,6 +222,29 @@
                     "default": null,
                     "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$"
                 },
+                "removeIdleEntityData": {
+                    "title": "label.remove-idle-entity-data",
+                    "description": "tooltip.remove-idle-entity-data",
+                    "type": "boolean",
+                    "widget": {
+                        "id": "boolean-radio"
+                    },
+                    "oneOf": [
+                        {
+                            "enum": [
+                                true
+                            ],
+                            "description": "value.true"
+                        },
+                        {
+                            "enum": [
+                                false
+                            ],
+                            "description": "value.false"
+                        }
+                    ],
+                    "default": true
+                },
                 "cleanupTaskInterval": {
                     "title": "label.cleanup-task-interval",
                     "description": "tooltip.cleanup-task-interval",