From df9d4e79e1ca731f0b373ed0eb40aec3c5f436fc Mon Sep 17 00:00:00 2001 From: Dmitriy Kopylenko Date: Tue, 16 Oct 2018 08:29:05 -0400 Subject: [PATCH 1/3] Fix SHIBUI-935 --- .../ui/configuration/MetadataResolverConfiguration.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java index 0222ba46e..ad407cfb5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java @@ -5,6 +5,8 @@ import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.IndexWriterService; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverConverterService; +import edu.internet2.tier.shibboleth.admin.ui.service.TokenPlaceholderValueResolvingService; +import edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.resolver.ResolverException; import org.opensaml.saml.metadata.resolver.ChainingMetadataResolver; @@ -39,7 +41,9 @@ public class MetadataResolverConfiguration { MetadataResolverConverterService metadataResolverConverterService; @Bean - public MetadataResolver metadataResolver() throws ResolverException, ComponentInitializationException { + //This injected dependency makes sure that this bean has been created and the wrapped placeholder resolver service + //is available via static facade accessor method to all the downstream non-Spring managed consumers + public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers) throws ResolverException, ComponentInitializationException { ChainingMetadataResolver metadataResolver = new OpenSamlChainingMetadataResolver(); metadataResolver.setId("chain"); From fca2c7bd3202bfe14069c69c9fe258d66c026148 Mon Sep 17 00:00:00 2001 From: Jj! Date: Tue, 16 Oct 2018 09:13:33 -0500 Subject: [PATCH 2/3] [nojira] temp for for whitelist filter --- .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index ec11c9e43..bda84739e 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -205,7 +205,8 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { 'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata' ) { filter.retainedRoles.each { - markupBuilderDelegate.RetainedRole(it) + // TODO: fix + markupBuilderDelegate.RetainedRole(it.startsWith('md:') ?: "md:${it}") } } } From 18ee7678b5090f217259ecdb19611caf88839405 Mon Sep 17 00:00:00 2001 From: Jj! Date: Tue, 16 Oct 2018 10:05:43 -0500 Subject: [PATCH 3/3] [nojira] temp for for whitelist filter --- .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy | 2 +- backend/src/test/resources/conf/533.xml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index bda84739e..4e6879d0f 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -206,7 +206,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { ) { filter.retainedRoles.each { // TODO: fix - markupBuilderDelegate.RetainedRole(it.startsWith('md:') ?: "md:${it}") + markupBuilderDelegate.RetainedRole(it.startsWith('md:') ? it : "md:${it}") } } } diff --git a/backend/src/test/resources/conf/533.xml b/backend/src/test/resources/conf/533.xml index 2120be543..66cc376ef 100644 --- a/backend/src/test/resources/conf/533.xml +++ b/backend/src/test/resources/conf/533.xml @@ -6,7 +6,7 @@ xsi:type="ChainingMetadataProvider" xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"> - role1 - role2 + md:role1 + md:role2