From f5c20ad493c4a6dd25b3c022282658359461f153 Mon Sep 17 00:00:00 2001
From: Shad Vider <svider@unicon.net>
Date: Wed, 17 Mar 2021 12:08:55 -0700
Subject: [PATCH 1/9] added test for added test for 1772, and enabled
 previously ignored test

---
 .../EntityDescriptorControllerTests.groovy    |  3 +-
 .../EntityDescriptorRepositoryTest.groovy     |  9 +++
 .../test/resources/metadata/SHIBUI-1772.xml   | 81 +++++++++++++++++++
 3 files changed, 91 insertions(+), 2 deletions(-)
 create mode 100644 backend/src/test/resources/metadata/SHIBUI-1772.xml

diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
index ed721055a..4bf4fe7b2 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
@@ -707,7 +707,6 @@ class EntityDescriptorControllerTests extends Specification {
         result.andExpect(status().is(403))
     }
 
-    @Ignore("until we handle the workaround for SHIBUI-1237")
     def "POST /EntityDescriptor handles XML happily"() {
         given:
         def username = 'admin'
@@ -785,7 +784,7 @@ class EntityDescriptorControllerTests extends Specification {
 
         then:
         result.andExpect(status().isCreated())
-            .andExpect(content().json(expectedJson, true))
+            .andExpect(content().json(expectedJson, false))
     }
 
     def "POST /EntityDescriptor returns error for duplicate entity id"() {
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy
index 9719ada72..86fe1b74e 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/EntityDescriptorRepositoryTest.groovy
@@ -76,6 +76,15 @@ class EntityDescriptorRepositoryTest extends Specification {
         noExceptionThrown()
     }
 
+    def "SHIBUI-1772"() {
+        when:
+        def input = openSamlObjects.unmarshalFromXml(this.class.getResource('/metadata/SHIBUI-1772.xml').bytes) as EntityDescriptor
+        entityDescriptorRepository.save(input)
+
+        then:
+        noExceptionThrown()
+    }
+
     @TestConfiguration
     static class Config {
         @Bean
diff --git a/backend/src/test/resources/metadata/SHIBUI-1772.xml b/backend/src/test/resources/metadata/SHIBUI-1772.xml
new file mode 100644
index 000000000..e0961dc71
--- /dev/null
+++ b/backend/src/test/resources/metadata/SHIBUI-1772.xml
@@ -0,0 +1,81 @@
+<!--
+This is example metadata only. Do *NOT* supply it as is without review,
+and do *NOT* provide it in real time to your partners.
+ -->
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_bf63813d70b5f63a1d2a3504dca89b5e268be651" entityID="https://sp.idptestbed/shibboleth">
+
+    <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+        <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+        <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    </md:Extensions>
+
+    <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <md:Extensions>
+            <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login"/>
+            <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login" index="1"/>
+        </md:Extensions>
+        <md:KeyDescriptor>
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:KeyName>67af3237368e</ds:KeyName>
+                <ds:X509Data>
+                    <ds:X509SubjectName>CN=67af3237368e</ds:X509SubjectName>
+                    <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJALaLIs8AvRgDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
+                        BAMTDDY3YWYzMjM3MzY4ZTAeFw0xODAxMDkyMDUxMzlaFw0yODAxMDcyMDUxMzla
+                        MBcxFTATBgNVBAMTDDY3YWYzMjM3MzY4ZTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+                        ADCCAYoCggGBAKes3NT2GqXPDrl8OwrDRARLoBxKJ8ALZ0Ipj1sbYcUEv8aZ4ElR
+                        +G4xf/KL/nF77ctc9WzE/fUlFG55lVKF7l2heKenweXsmeInmOj0MqXpIIofF1G2
+                        Sh4xUGACQp0OT7ndNlk2+mHK9zuCNA5o3VrAhJuWAruL3nRk14+DE7UkqF+oBZaF
+                        k5/U7W2sa6R1+UHXvSI823O5jAjhSSIfY/N2mME7QogU3P6ETa7BSRS3IvZ8oJvU
+                        T2Ss2ai1qZoiR/0Exeyj5nc026XEAQ675WAcxpAfxu+uDVQ274nPrvOdqUtUeaiU
+                        nc3kIdorXx/m8+WjYT4rGAXx2NbRRC/wRc7ilptLtL/5iHGJkIieFbzHWJXRRMzT
+                        /wWuYM8lr6lqEiOW/2B6z6kQpuGZoinQYBrNU+xYelkfK+jc1IZgR5wOP2aVJ2Gj
+                        DAarnNHkkd36sxOUKw+4f2R2K5obwzHqJl7jySW2p0KldjobQLt0M1DswK0U478R
+                        qqItwPfsTxju0wIDAQABozowODAXBgNVHREEEDAOggw2N2FmMzIzNzM2OGUwHQYD
+                        VR0OBBYEFAvZyUZ8LY3YacgpZSzgQMYSFmptMA0GCSqGSIb3DQEBCwUAA4IBgQCM
+                        IBtz+5mfFtRwmcScYdUzIujCbGfnY6+YsjGMa0jDDfyS1kFfNrj9VRl6uuPO8gWu
+                        BOxR9asm96FOC/tZOQ9SZgQN6ltQsfAMhl+cnI80Qwx8pUXt+iUtM+IgTUFqiv51
+                        Oy2GyFJGr1QIq4/iF8Q6k27ar73qVGFAYtGgOO5va4hKk6wPgiTHtIqgut6nbWD3
+                        ErCB28sMnNVYUVhQUxVf9c/9sXC8UIj9Ze0xrclhOeHwrwr9G5EZzyxK8VPFkv0Q
+                        Xrz01BXy/DcbIkcuFFvXE+BMeaziT4FofvvPXWpM1i+FX0wlkCXLj4GNsTuVspfi
+                        T5uUQUubf52kpO5tkPmF9JdM25qmVu5IgpqCMbm1mqrq7qAEFjzOtIp4f0EmHUSy
+                        /BNdo6DT14p56KA0DyrkBCR1UUgzBJcFNJLBLbyEHnHL8fXDcIhjjKJETYoKdsHT
+                        NEi6AB6UOCbYz//CwA96sW154Lu4CpMKrm5fZHLPQ+7UeE9UOQidzHLJ3Vb54BY=
+                    </ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+        </md:KeyDescriptor>
+        <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/SOAP"/>
+        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Redirect"/>
+        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/POST"/>
+        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Artifact"/>
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST" index="1"/>
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    </md:SPSSODescriptor>
+
+</md:EntityDescriptor>

From e74d6bf86686e1681887c6c14a1fd31d50138d8b Mon Sep 17 00:00:00 2001
From: Shad Vider <svider@unicon.net>
Date: Wed, 24 Mar 2021 16:31:24 -0700
Subject: [PATCH 2/9] SHIBUI-1791:  fixed error reporting failure when saving
 metadata

---
 .../support/RestControllersSupport.java       | 22 ++++++++++++++++++-
 .../JsonSchemaValidationFailedException.java  |  4 ++--
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
index f4bc81df4..1642fe2c9 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
@@ -1,10 +1,12 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller.support;
 
 import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse;
+import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute;
 import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver;
 import edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaValidationFailedException;
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository;
+import edu.internet2.tier.shibboleth.admin.util.MDDCConstants;
 import org.hibernate.exception.ConstraintViolationException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
@@ -13,6 +15,7 @@
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.client.HttpClientErrorException;
 
+import java.util.*;
 import static org.springframework.http.HttpStatus.BAD_REQUEST;
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
 import static org.springframework.http.HttpStatus.NOT_FOUND;
@@ -60,6 +63,23 @@ public final ResponseEntity<ErrorResponse> metadataFileNotFoundHandler(MetadataF
 
     @ExceptionHandler(JsonSchemaValidationFailedException.class)
     public final ResponseEntity<?> handleJsonSchemaValidationFailedException(JsonSchemaValidationFailedException ex) {
-        return ResponseEntity.status(BAD_REQUEST).body(new ErrorResponse("400", String.join("\n", ex.getErrors())));
+        return ResponseEntity.status(BAD_REQUEST).body(new ErrorResponse("400", String.join("\n", flattenErrorsList(ex.getErrors()))));
+    }
+
+    private List<String> flattenErrorsList(List<Object> errors) {
+        List<String> theseErrors = new ArrayList<>();
+        processErrorsList(theseErrors, errors);
+        return theseErrors;
+    }
+
+    private static void processErrorsList(List<String> outputErrorList, Object errors){
+        if(errors instanceof String){
+            outputErrorList.add((String)errors);
+        }
+        else if(errors instanceof List){
+            for(Object error2:(List)errors){
+                processErrorsList(outputErrorList, error2);
+            }
+        }
     }
 }
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaValidationFailedException.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaValidationFailedException.java
index fac8d91fb..9ebc11713 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaValidationFailedException.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaValidationFailedException.java
@@ -13,9 +13,9 @@
 @Getter
 public class JsonSchemaValidationFailedException extends RuntimeException {
 
-    List<String> errors;
+    List errors;
 
     JsonSchemaValidationFailedException(List<?> errors) {
-        this.errors = (List<String>) errors;
+        this.errors = errors;
     }
 }

From ca9e8b4ebbe1a91b4f453d72c2e566edfb69fd72 Mon Sep 17 00:00:00 2001
From: Jj! <jj@unicon.net>
Date: Fri, 2 Apr 2021 09:44:27 -0500
Subject: [PATCH 3/9] [SHIBUI-1772] WIP update schema write test

---
 .../admin/ui/domain/DigestMethod.java         |  4 +-
 .../EntityDescriptorRepresentation.java       |  7 +-
 .../frontend/OrganizationRepresentation.java  |  5 ++
 .../resources/metadata-sources-ui-schema.json |  6 ++
 .../service/AuxiliaryIntegrationTests.groovy  | 59 ++++++++++++++
 ...on => metadata-sources-ui-schema.json.old} |  0
 .../test/resources/metadata/SHIBUI-1723-1.xml | 81 +++++++++++++++++++
 7 files changed, 159 insertions(+), 3 deletions(-)
 create mode 100644 backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy
 rename backend/src/test/resources/{metadata-sources-ui-schema.json => metadata-sources-ui-schema.json.old} (100%)
 create mode 100644 backend/src/test/resources/metadata/SHIBUI-1723-1.xml

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/DigestMethod.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/DigestMethod.java
index bb0fe5359..199947f88 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/DigestMethod.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/DigestMethod.java
@@ -19,11 +19,11 @@ public DigestMethod(String algorithm) {
     @Nullable
     @Override
     public String getAlgorithm() {
-        return null;
+        return this.algorithm;
     }
 
     @Override
     public void setAlgorithm(@Nullable String value) {
-
+        this.algorithm = value;
     }
 }
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java
index 44f1463c5..2131696c4 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java
@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
 
 import javax.validation.constraints.NotNull;
@@ -38,10 +39,12 @@ public EntityDescriptorRepresentation(String id,
     @NotNull
     private String entityId;
 
-    private OrganizationRepresentation organization;
+    //TODO: review requirement
+    private OrganizationRepresentation organization = new OrganizationRepresentation();
 
     private List<ContactRepresentation> contacts;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private MduiRepresentation mdui;
 
     private ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptor;
@@ -58,8 +61,10 @@ public EntityDescriptorRepresentation(String id,
 
     private LocalDateTime modifiedDate;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private Map<String, Object> relyingPartyOverrides;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private List<String> attributeRelease;
 
     private int version;
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/OrganizationRepresentation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/OrganizationRepresentation.java
index 00d98797c..bbcf20a3b 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/OrganizationRepresentation.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/OrganizationRepresentation.java
@@ -1,15 +1,20 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
+
 import java.io.Serializable;
 
 public class OrganizationRepresentation implements Serializable {
 
     private static final long serialVersionUID = 802722455433573538L;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String name;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String displayName;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String url;
 
     public String getName() {
diff --git a/backend/src/main/resources/metadata-sources-ui-schema.json b/backend/src/main/resources/metadata-sources-ui-schema.json
index 9a0b4fb9e..156dffce2 100644
--- a/backend/src/main/resources/metadata-sources-ui-schema.json
+++ b/backend/src/main/resources/metadata-sources-ui-schema.json
@@ -446,6 +446,12 @@
                                 "urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
                             ],
                             "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                        },
+                        {
+                            "enum": [
+                                "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+                            ],
+                            "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
                         }
                     ]
                 }
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy
new file mode 100644
index 000000000..02fde7269
--- /dev/null
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy
@@ -0,0 +1,59 @@
+package edu.internet2.tier.shibboleth.admin.ui.service
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import edu.internet2.tier.shibboleth.admin.ui.configuration.JsonSchemaComponentsConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor
+import edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator
+import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
+import org.springframework.core.io.DefaultResourceLoader
+import org.springframework.core.io.ResourceLoader
+import org.springframework.mock.http.MockHttpInputMessage
+import spock.lang.Shared
+import spock.lang.Specification
+
+import java.time.LocalDateTime
+
+class AuxiliaryIntegrationTests extends Specification {
+    @Shared
+    OpenSamlObjects openSamlObjects = new OpenSamlObjects().with {
+        it.init()
+        it
+    }
+
+    @Shared
+    EntityDescriptorService entityDescriptorService
+
+    @Shared
+    ObjectMapper objectMapper
+
+    @Shared
+    ResourceLoader resourceLoader
+
+    void setup() {
+        this.entityDescriptorService = new JPAEntityDescriptorServiceImpl(openSamlObjects, null, null)
+        this.objectMapper = new ObjectMapper()
+        this.resourceLoader = new DefaultResourceLoader()
+    }
+
+    def "SHIBUI-1723: after enabling saved entity descriptor, it should still have valid xml"() {
+        given:
+        def entityDescriptor = openSamlObjects.unmarshalFromXml(this.class.getResource('/metadata/SHIBUI-1723-1.xml').bytes) as EntityDescriptor
+        def entityDescriptorRepresentation = this.entityDescriptorService.createRepresentationFromDescriptor(entityDescriptor).with {
+            it.serviceProviderName = 'testme'
+            it.contacts = []
+            it.securityInfo.x509Certificates[0].name = 'testcert'
+            it.createdBy = 'root'
+            it.setCreatedDate(LocalDateTime.now())
+            it.setModifiedDate(LocalDateTime.now())
+            it
+        }
+        def json = this.objectMapper.writeValueAsString(entityDescriptorRepresentation)
+        def schemaUri = edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSchema(new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper)).uri
+
+        when:
+        LowLevelJsonSchemaValidator.validatePayloadAgainstSchema(new MockHttpInputMessage(json.bytes), schemaUri)
+
+        then:
+        noExceptionThrown()
+    }
+}
diff --git a/backend/src/test/resources/metadata-sources-ui-schema.json b/backend/src/test/resources/metadata-sources-ui-schema.json.old
similarity index 100%
rename from backend/src/test/resources/metadata-sources-ui-schema.json
rename to backend/src/test/resources/metadata-sources-ui-schema.json.old
diff --git a/backend/src/test/resources/metadata/SHIBUI-1723-1.xml b/backend/src/test/resources/metadata/SHIBUI-1723-1.xml
new file mode 100644
index 000000000..98c1b5a8a
--- /dev/null
+++ b/backend/src/test/resources/metadata/SHIBUI-1723-1.xml
@@ -0,0 +1,81 @@
+<!--
+This is example metadata only. Do *NOT* supply it as is without review,
+and do *NOT* provide it in real time to your partners.
+ -->
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_bf63813d70b5f63a1d2a3504dca89b5e268be651" entityID="https://sp.idptestbed/shibboleth">
+
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login" index="1"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>67af3237368e</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=67af3237368e</ds:X509SubjectName>
+          <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJALaLIs8AvRgDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
+BAMTDDY3YWYzMjM3MzY4ZTAeFw0xODAxMDkyMDUxMzlaFw0yODAxMDcyMDUxMzla
+MBcxFTATBgNVBAMTDDY3YWYzMjM3MzY4ZTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ADCCAYoCggGBAKes3NT2GqXPDrl8OwrDRARLoBxKJ8ALZ0Ipj1sbYcUEv8aZ4ElR
++G4xf/KL/nF77ctc9WzE/fUlFG55lVKF7l2heKenweXsmeInmOj0MqXpIIofF1G2
+Sh4xUGACQp0OT7ndNlk2+mHK9zuCNA5o3VrAhJuWAruL3nRk14+DE7UkqF+oBZaF
+k5/U7W2sa6R1+UHXvSI823O5jAjhSSIfY/N2mME7QogU3P6ETa7BSRS3IvZ8oJvU
+T2Ss2ai1qZoiR/0Exeyj5nc026XEAQ675WAcxpAfxu+uDVQ274nPrvOdqUtUeaiU
+nc3kIdorXx/m8+WjYT4rGAXx2NbRRC/wRc7ilptLtL/5iHGJkIieFbzHWJXRRMzT
+/wWuYM8lr6lqEiOW/2B6z6kQpuGZoinQYBrNU+xYelkfK+jc1IZgR5wOP2aVJ2Gj
+DAarnNHkkd36sxOUKw+4f2R2K5obwzHqJl7jySW2p0KldjobQLt0M1DswK0U478R
+qqItwPfsTxju0wIDAQABozowODAXBgNVHREEEDAOggw2N2FmMzIzNzM2OGUwHQYD
+VR0OBBYEFAvZyUZ8LY3YacgpZSzgQMYSFmptMA0GCSqGSIb3DQEBCwUAA4IBgQCM
+IBtz+5mfFtRwmcScYdUzIujCbGfnY6+YsjGMa0jDDfyS1kFfNrj9VRl6uuPO8gWu
+BOxR9asm96FOC/tZOQ9SZgQN6ltQsfAMhl+cnI80Qwx8pUXt+iUtM+IgTUFqiv51
+Oy2GyFJGr1QIq4/iF8Q6k27ar73qVGFAYtGgOO5va4hKk6wPgiTHtIqgut6nbWD3
+ErCB28sMnNVYUVhQUxVf9c/9sXC8UIj9Ze0xrclhOeHwrwr9G5EZzyxK8VPFkv0Q
+Xrz01BXy/DcbIkcuFFvXE+BMeaziT4FofvvPXWpM1i+FX0wlkCXLj4GNsTuVspfi
+T5uUQUubf52kpO5tkPmF9JdM25qmVu5IgpqCMbm1mqrq7qAEFjzOtIp4f0EmHUSy
+/BNdo6DT14p56KA0DyrkBCR1UUgzBJcFNJLBLbyEHnHL8fXDcIhjjKJETYoKdsHT
+NEi6AB6UOCbYz//CwA96sW154Lu4CpMKrm5fZHLPQ+7UeE9UOQidzHLJ3Vb54BY=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+  </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
\ No newline at end of file

From 70159e38b1128004b6fa67e33a3e975167e2e921 Mon Sep 17 00:00:00 2001
From: Jj! <jj@unicon.net>
Date: Fri, 2 Apr 2021 14:23:59 -0500
Subject: [PATCH 4/9] [SHIBUI-1772] new test

---
 .../admin/ui/domain/VersioningTests.groovy    | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy

diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy
new file mode 100644
index 000000000..649d8d5a4
--- /dev/null
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy
@@ -0,0 +1,25 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain
+
+import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
+import spock.lang.Shared
+import spock.lang.Specification
+
+class VersioningTests extends Specification{
+    @Shared
+    OpenSamlObjects openSamlObjects
+
+    def setup() {
+        this.openSamlObjects = new OpenSamlObjects()
+        this.openSamlObjects.init()
+    }
+
+    def "test that two loaded entity descriptors gets the same version when load from the same file"() {
+        given:
+        def xmlBytes = this.class.getResource('/metadata/SHIBUI-1723-1.xml').bytes
+        def ed1 = openSamlObjects.unmarshalFromXml(xmlBytes)
+        def ed2 = openSamlObjects.unmarshalFromXml(xmlBytes)
+
+        expect:
+        ed1.hashCode() == ed2.hashCode()
+    }
+}

From 9f8f007878d0d09039899ef7c57c598c266effae Mon Sep 17 00:00:00 2001
From: Jj! <jj@unicon.net>
Date: Mon, 5 Apr 2021 10:16:40 -0500
Subject: [PATCH 5/9] [SHIBUI-1772] update test (missed field) hashcode
 enhancement for request initiator

---
 .../shibboleth/admin/ui/domain/RequestInitiator.java  | 11 ++++++++++-
 .../shibboleth/admin/ui/domain/VersioningTests.groovy |  3 +++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiator.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiator.java
index dbd667ff9..e4d87f302 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiator.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RequestInitiator.java
@@ -12,10 +12,12 @@
 import javax.xml.namespace.QName;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Set;
 
 @Entity
-@EqualsAndHashCode(callSuper = true, exclude = {"storageAttributeMap"})
+@EqualsAndHashCode(callSuper = true, onlyExplicitlyIncluded = true)
 public class RequestInitiator extends AbstractElementExtensibleXMLObject implements org.opensaml.saml.ext.saml2mdreqinit.RequestInitiator {
+    @EqualsAndHashCode.Include
     private String binding;
     @Override
     public String getBinding() {
@@ -27,6 +29,7 @@ public void setBinding(String binding) {
         this.binding = binding;
     }
 
+    @EqualsAndHashCode.Include
     private String location;
 
     @Override
@@ -39,6 +42,7 @@ public void setLocation(String location) {
         this.location = location;
     }
 
+    @EqualsAndHashCode.Include
     private String responseLocation;
 
     @Override
@@ -57,6 +61,11 @@ public void setResponseLocation(String location) {
     @Transient
     private AttributeMap attributeMap = new AttributeMap(this);
 
+    @EqualsAndHashCode.Include
+    private Set<Map.Entry<QName, String>> attributeMapEntrySet() {
+        return this.attributeMap.entrySet();
+    }
+
     @PrePersist
     void prePersist() {
         this.storageAttributeMap = this.attributeMap;
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy
index 649d8d5a4..0e9ecaf10 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/VersioningTests.groovy
@@ -15,9 +15,12 @@ class VersioningTests extends Specification{
 
     def "test that two loaded entity descriptors gets the same version when load from the same file"() {
         given:
+        def resourceId = "testme"
         def xmlBytes = this.class.getResource('/metadata/SHIBUI-1723-1.xml').bytes
         def ed1 = openSamlObjects.unmarshalFromXml(xmlBytes)
+        ed1.resourceId = resourceId
         def ed2 = openSamlObjects.unmarshalFromXml(xmlBytes)
+        ed2.resourceId = resourceId
 
         expect:
         ed1.hashCode() == ed2.hashCode()

From 12fa03787756ed327c4530e1424d0a9027ce355e Mon Sep 17 00:00:00 2001
From: Shad Vider <svider@unicon.net>
Date: Tue, 13 Apr 2021 13:54:33 -0700
Subject: [PATCH 6/9] corrected expected results in failing tests

---
 .../EntitiesControllerIntegrationTests.groovy |  2 +-
 .../controller/EntitiesControllerTests.groovy | 10 +--
 .../EntityDescriptorControllerTests.groovy    | 62 +++++++------------
 3 files changed, 29 insertions(+), 45 deletions(-)

diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerIntegrationTests.groovy
index cbe48c847..01a4ff060 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerIntegrationTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerIntegrationTests.groovy
@@ -41,6 +41,7 @@ class EntitiesControllerIntegrationTests extends Specification {
         this.webClient.webClient.uriBuilderFactory.encodingMode = DefaultUriBuilderFactory.EncodingMode.NONE
     }*/
 
+    //todo review
     def "GET /api/entities returns the proper json"() {
         given:
         def expectedBody = '''
@@ -54,7 +55,6 @@ class EntitiesControllerIntegrationTests extends Specification {
                     {"locationUrl":"https://test.scaldingspoon.org/test1/acs","binding":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","makeDefault":false}
                 ],
                 "serviceEnabled":false,                
-                "relyingPartyOverrides":{},
                 "attributeRelease":["givenName","employeeNumber"]
             }
         '''
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerTests.groovy
index ea265d46d..1eb4e7159 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesControllerTests.groovy
@@ -72,6 +72,7 @@ class EntitiesControllerTests extends Specification {
         result.andExpect(status().isNotFound())
     }
 
+    //todo  review
     def 'GET /api/entities/http%3A%2F%2Ftest.scaldingspoon.org%2Ftest1'() {
         given:
         def expectedBody = '''
@@ -79,9 +80,8 @@ class EntitiesControllerTests extends Specification {
                 "id":null,
                 "serviceProviderName":null,
                 "entityId":"http://test.scaldingspoon.org/test1",
-                "organization":null,
+                "organization": {},
                 "contacts":null,
-                "mdui":null,
                 "serviceProviderSsoDescriptor": {
                     "protocolSupportEnum":"SAML 2",
                     "nameIdFormats":["urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]
@@ -94,8 +94,10 @@ class EntitiesControllerTests extends Specification {
                 "serviceEnabled":false,
                 "createdDate":null,
                 "modifiedDate":null,
-                "relyingPartyOverrides":{},
-                "attributeRelease":["givenName","employeeNumber"]
+                "attributeRelease":["givenName","employeeNumber"],
+                "version":-1891841119,
+                "createdBy":null,
+                "current":false
             }
         '''
         when:
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
index 4bf4fe7b2..75ef8dd3e 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
@@ -117,6 +117,7 @@ class EntityDescriptorControllerTests extends Specification {
 
     }
 
+    //todo  review
     def 'GET /EntityDescriptors with 1 record in repository as admin'() {
         given:
         def username = 'admin'
@@ -137,15 +138,12 @@ class EntityDescriptorControllerTests extends Specification {
 	            "serviceEnabled": true,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
+	            "organization": {},
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-	            "attributeRelease": null,
 	            "version": $version,
                 "createdBy": null,
                 "current": false
@@ -168,6 +166,7 @@ class EntityDescriptorControllerTests extends Specification {
 
     }
 
+    //todo  review
     def 'GET /EntityDescriptors with 2 records in repository as admin'() {
         given:
         def username = 'admin'
@@ -193,15 +192,12 @@ class EntityDescriptorControllerTests extends Specification {
 	            "serviceEnabled": true,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
+	            "organization": {},
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $versionOne,
                 "createdBy": null,
                 "current": false
@@ -213,15 +209,12 @@ class EntityDescriptorControllerTests extends Specification {
 	            "serviceEnabled": false,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
+	            "organization": {},
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $versionTwo,
                 "createdBy": null,
                 "current": false
@@ -244,6 +237,8 @@ class EntityDescriptorControllerTests extends Specification {
 
     }
 
+    
+    //todo  review
     def 'GET /EntityDescriptors with 1 record in repository as user returns only that user\'s records'() {
         given:
         def username = 'someUser'
@@ -266,15 +261,12 @@ class EntityDescriptorControllerTests extends Specification {
                 "serviceEnabled": true,
                 "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-                "organization": null,
+                "organization": {},
                 "contacts": null,
-                "mdui": null,
                 "serviceProviderSsoDescriptor": null,
                 "logoutEndpoints": null,
                 "securityInfo": null,
                 "assertionConsumerServices": null,
-                "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $versionOne,
                 "createdBy": "someUser",
                 "current": false
@@ -296,6 +288,7 @@ class EntityDescriptorControllerTests extends Specification {
                 .andExpect(content().json(expectedOneRecordListResponseBody, true))
     }
 
+    //todo  review
     def 'POST /EntityDescriptor and successfully create new record'() {
         given:
         def username = 'admin'
@@ -317,19 +310,15 @@ class EntityDescriptorControllerTests extends Specification {
               {	            
 	            "serviceProviderName": "$expectedSpName",
 	            "entityId": "$expectedEntityId",
-	            "organization": null,
+	            "organization": {},
 	            "serviceEnabled": true,
 	            "createdDate": null,
                 "modifiedDate": null,
-	            "organization": null,
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "current": false
               }                
         """
@@ -339,19 +328,15 @@ class EntityDescriptorControllerTests extends Specification {
 	            "id": "$expectedUUID",
 	            "serviceProviderName": "$expectedSpName",
 	            "entityId": "$expectedEntityId",
-	            "organization": null,
+	            "organization": {},
 	            "serviceEnabled": true,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $version,
                 "createdBy": null,
                 "current": false
@@ -475,6 +460,8 @@ class EntityDescriptorControllerTests extends Specification {
         result.andExpect(status().isNotFound())
     }
 
+    
+    //todo  review
     def 'GET /EntityDescriptor/{resourceId} existing'() {
         given:
         def username = 'admin'
@@ -496,19 +483,15 @@ class EntityDescriptorControllerTests extends Specification {
 	            "id": "${providedResourceId}",
 	            "serviceProviderName": "$expectedSpName",
 	            "entityId": "$expectedEntityId",
-	            "organization": null,
+	            "organization": {},
 	            "serviceEnabled": true,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $version,
                 "createdBy": null,
                 "current": false
@@ -527,6 +510,8 @@ class EntityDescriptorControllerTests extends Specification {
                 .andExpect(content().json(expectedJsonBody, true))
     }
 
+    
+    //todo  review
     def 'GET /EntityDescriptor/{resourceId} existing, owned by non-admin'() {
         given:
         def username = 'someUser'
@@ -549,19 +534,15 @@ class EntityDescriptorControllerTests extends Specification {
 	            "id": "${providedResourceId}",
 	            "serviceProviderName": "$expectedSpName",
 	            "entityId": "$expectedEntityId",
-	            "organization": null,
+	            "organization": {},
 	            "serviceEnabled": true,
 	            "createdDate": "$expectedCreationDate",
                 "modifiedDate": null,
-	            "organization": null,
 	            "contacts": null,
-	            "mdui": null,
 	            "serviceProviderSsoDescriptor": null,
 	            "logoutEndpoints": null,
 	            "securityInfo": null,
 	            "assertionConsumerServices": null,
-	            "relyingPartyOverrides": null,
-                "attributeRelease": null,
                 "version": $version,
                 "createdBy": "someUser",
                 "current": false
@@ -707,6 +688,8 @@ class EntityDescriptorControllerTests extends Specification {
         result.andExpect(status().is(403))
     }
 
+    
+    //todo  review
     def "POST /EntityDescriptor handles XML happily"() {
         given:
         def username = 'admin'
@@ -745,9 +728,8 @@ class EntityDescriptorControllerTests extends Specification {
 	"id": "${expectedEntityDescriptor.resourceId}",
 	"serviceProviderName": null,
 	"entityId": "http://test.scaldingspoon.org/test1",
-	"organization": null,
+	"organization": {},
 	"contacts": null,
-	"mdui": null,
 	"serviceProviderSsoDescriptor": {
 		"protocolSupportEnum": "SAML 2",
 		"nameIdFormats": [
@@ -766,12 +748,12 @@ class EntityDescriptorControllerTests extends Specification {
 	"serviceEnabled": false,
 	"createdDate": null,
 	"modifiedDate": null,
-	"relyingPartyOverrides": {},
 	"attributeRelease": [
 		"givenName",
 		"employeeNumber"
 	],
-    "createdBy": null
+    "createdBy": null,
+    "current": false
 }
 """
 

From d918b0cf33671de5daf5dd7924316fd741038de1 Mon Sep 17 00:00:00 2001
From: Shad Vider <svider@unicon.net>
Date: Wed, 14 Apr 2021 12:01:10 -0700
Subject: [PATCH 7/9] corrected capitaliation for DynamicHTTPMetadataProvider

---
 .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
index 8558026a6..5dfbf65eb 100644
--- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
+++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -367,7 +367,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
 
     void constructXmlNodeForResolver(DynamicHttpMetadataResolver resolver, def markupBuilderDelegate, Closure childNodes) {
         markupBuilderDelegate.MetadataProvider(id: resolver.xmlId,
-                'xsi:type': 'DynamicHttpMetadataProvider',
+                'xsi:type': 'DynamicHTTPMetadataProvider',
                 requireValidMetadata: !resolver.requireValidMetadata ?: null,
                 failFastInitialization: !resolver.failFastInitialization ?: null,
                 sortKey: resolver.sortKey,
@@ -559,4 +559,4 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
 
     }
 
-}
\ No newline at end of file
+}

From 9c0ab9a6fe850a85e5d9b19274f9aeb8b259ce93 Mon Sep 17 00:00:00 2001
From: Shad Vider <svider@unicon.net>
Date: Wed, 14 Apr 2021 21:52:01 -0700
Subject: [PATCH 8/9] updated expected test results after corrected
 capitalization

---
 backend/src/test/resources/conf/278.2.xml | 2 +-
 backend/src/test/resources/conf/278.xml   | 2 +-
 backend/src/test/resources/conf/704.1.xml | 2 +-
 backend/src/test/resources/conf/704.2.xml | 2 +-
 backend/src/test/resources/conf/704.3.xml | 2 +-
 backend/src/test/resources/conf/984-2.xml | 2 +-
 backend/src/test/resources/conf/984.xml   | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/backend/src/test/resources/conf/278.2.xml b/backend/src/test/resources/conf/278.2.xml
index 66704cbd9..3e4fb9d47 100644
--- a/backend/src/test/resources/conf/278.2.xml
+++ b/backend/src/test/resources/conf/278.2.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
         <MetadataFilter xsi:type='SignatureValidation' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' certificateFile='%{idp.home}/credentials/inc-md-cert.pem' />
         <MetadataFilter xsi:type='RequiredValidUntil' maxValidityInterval='P14D' />
diff --git a/backend/src/test/resources/conf/278.xml b/backend/src/test/resources/conf/278.xml
index e5039cb99..81e7072fc 100644
--- a/backend/src/test/resources/conf/278.xml
+++ b/backend/src/test/resources/conf/278.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHTTP' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' supportedContentTypes='[]' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <MetadataQueryProtocol transformRef='transformRef'>content</MetadataQueryProtocol>
         <MetadataFilter xsi:type='SignatureValidation' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' certificateFile='%{idp.home}/credentials/inc-md-cert.pem' />
         <MetadataFilter xsi:type='RequiredValidUntil' maxValidityInterval='P14D' />
diff --git a/backend/src/test/resources/conf/704.1.xml b/backend/src/test/resources/conf/704.1.xml
index 20d53416f..9d9f4d4b8 100644
--- a/backend/src/test/resources/conf/704.1.xml
+++ b/backend/src/test/resources/conf/704.1.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <MetadataQueryProtocol transformRef='This is a transformRef'>some content</MetadataQueryProtocol>
     </MetadataProvider>
 </MetadataProvider>
diff --git a/backend/src/test/resources/conf/704.2.xml b/backend/src/test/resources/conf/704.2.xml
index 5178d0097..e97ecb41e 100644
--- a/backend/src/test/resources/conf/704.2.xml
+++ b/backend/src/test/resources/conf/704.2.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <Template encodingStyle='FORM' transformRef='This is a transformRef' velocityEngine='This is a velocityEngine'>some content</Template>
     </MetadataProvider>
 </MetadataProvider>
diff --git a/backend/src/test/resources/conf/704.3.xml b/backend/src/test/resources/conf/704.3.xml
index 37ab29fee..d408c59eb 100644
--- a/backend/src/test/resources/conf/704.3.xml
+++ b/backend/src/test/resources/conf/704.3.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <Regex match='This is the match field'>some content</Regex>
     </MetadataProvider>
 </MetadataProvider>
diff --git a/backend/src/test/resources/conf/984-2.xml b/backend/src/test/resources/conf/984-2.xml
index 639411c63..f056d8037 100644
--- a/backend/src/test/resources/conf/984-2.xml
+++ b/backend/src/test/resources/conf/984-2.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
         <MetadataFilter xsi:type='EntityAttributes'>
             <AttributeFilterScript>
diff --git a/backend/src/test/resources/conf/984.xml b/backend/src/test/resources/conf/984.xml
index 764f944a9..09b4778eb 100644
--- a/backend/src/test/resources/conf/984.xml
+++ b/backend/src/test/resources/conf/984.xml
@@ -1,5 +1,5 @@
 <MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
-    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHttpMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
+    <MetadataProvider id='DynamicHttpMetadataResolver' xsi:type='DynamicHTTPMetadataProvider' removeIdleEntityData='true' maxConnectionsTotal='100' maxConnectionsPerRoute='100' connectionRequestTimeout='PT5S' connectionTimeout='PT5S' socketTimeout='PT5S'>
         <MetadataQueryProtocol>http://mdq-beta.incommon.org/global</MetadataQueryProtocol>
         <MetadataFilter xsi:type='EntityAttributes'>
             <AttributeFilterScript>

From 9d607360ebab2c683adb4ad97d7deeadd2c566db Mon Sep 17 00:00:00 2001
From: Shad <shad@Traviss-MacBook-Pro.local>
Date: Fri, 16 Apr 2021 11:58:02 -0700
Subject: [PATCH 9/9] expanded out (and cleaned up) imports

---
 .../admin/ui/controller/support/RestControllersSupport.java  | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
index 1642fe2c9..c908bd862 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/support/RestControllersSupport.java
@@ -1,12 +1,10 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller.support;
 
 import edu.internet2.tier.shibboleth.admin.ui.controller.ErrorResponse;
-import edu.internet2.tier.shibboleth.admin.ui.domain.Attribute;
 import edu.internet2.tier.shibboleth.admin.ui.domain.exceptions.MetadataFileNotFoundException;
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver;
 import edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaValidationFailedException;
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository;
-import edu.internet2.tier.shibboleth.admin.util.MDDCConstants;
 import org.hibernate.exception.ConstraintViolationException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
@@ -15,7 +13,8 @@
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.client.HttpClientErrorException;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.List;
 import static org.springframework.http.HttpStatus.BAD_REQUEST;
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
 import static org.springframework.http.HttpStatus.NOT_FOUND;