SHIBUI-799 - integrating with front end

TIER · Dec 7, 2018 · a2427e0 · a2427e0
1 parent f90c0f2
commit a2427e0
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 1 deletion.
diff --git a/...rnet2/tier/shibboleth/admin/ui/controller/NameIdFormatFilterUiDefinitionController.groovy b/...rnet2/tier/shibboleth/admin/ui/controller/NameIdFormatFilterUiDefinitionController.groovy
@@ -12,7 +12,6 @@ import org.springframework.web.bind.annotation.RestController
 
 import javax.annotation.PostConstruct
 
-import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.entityAttributesFiltersSchema
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.nameIdFormatFilterSchema
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR
 

diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -103,6 +103,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 if (metadataFilter instanceof NameIdFormatFilter) {
                     NameIdFormatFilter nameIdFormatFilter = NameIdFormatFilter.cast(metadataFilter)
                     NameIDFormatFilter openSamlTargetFilter = new OpenSamlNameIdFormatFilter()
+                    openSamlTargetFilter.removeExistingFormats = nameIdFormatFilter.removeExistingFormats
                     Map<Predicate<EntityDescriptor>, Collection<String>> predicateRules = [:]
                     def type = nameIdFormatFilter.nameIdFormatFilterTarget.nameIdFormatFilterTargetType
                     def values = nameIdFormatFilter.nameIdFormatFilterTarget.value

diff --git a/...nternet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java b/...nternet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java
@@ -1,12 +1,23 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.filters.opensaml;
 
+import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements;
+import net.shibboleth.utilities.java.support.component.ComponentSupport;
 import org.opensaml.core.xml.XMLObject;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.saml.common.SAMLObjectBuilder;
 import org.opensaml.saml.metadata.resolver.filter.FilterException;
 import org.opensaml.saml.metadata.resolver.filter.impl.NameIDFormatFilter;
+import org.opensaml.saml.saml2.metadata.AttributeAuthorityDescriptor;
 import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml.saml2.metadata.PDPDescriptor;
+import org.opensaml.saml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
 
+import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
+import java.util.Collection;
 
 /**
  * Extension to open saml type for workaround forced component initialization check. We need to override <i>filter</i>
@@ -16,6 +27,22 @@
  */
 public class OpenSamlNameIdFormatFilter extends NameIDFormatFilter {
 
+    private boolean removeExistingFormats;
+
+    @Nonnull private final SAMLObjectBuilder<NameIDFormat> formatBuilder;
+
+    public OpenSamlNameIdFormatFilter() {
+        formatBuilder = (SAMLObjectBuilder<NameIDFormat>)
+                XMLObjectProviderRegistrySupport.getBuilderFactory().<NameIDFormat>getBuilderOrThrow(
+                        NameIDFormat.DEFAULT_ELEMENT_NAME);
+    }
+
+    @Override
+    public void setRemoveExistingFormats(final boolean flag) {
+        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
+        removeExistingFormats = flag;
+    }
+
     @Nullable
     @Override
     public XMLObject filter(@Nullable XMLObject metadata) throws FilterException {
@@ -31,4 +58,32 @@ public XMLObject filter(@Nullable XMLObject metadata) throws FilterException {
 
         return metadata;
     }
+
+    /**Overridden to get rid of log statements which result in NPE in the base class with parent being null**/
+    @Override
+    protected void filterRoleDescriptor(@Nonnull final RoleDescriptor role,
+                                        @Nonnull @NonnullElements final Collection<String> formats) {
+
+        final Collection<NameIDFormat> roleFormats;
+
+        if (role instanceof SPSSODescriptor) {
+            roleFormats = ((SPSSODescriptor) role).getNameIDFormats();
+        } else if (role instanceof AttributeAuthorityDescriptor) {
+            roleFormats = ((AttributeAuthorityDescriptor) role).getNameIDFormats();
+        } else if (role instanceof PDPDescriptor) {
+            roleFormats = ((PDPDescriptor) role).getNameIDFormats();
+        } else {
+            return;
+        }
+
+        if (removeExistingFormats && !roleFormats.isEmpty()) {
+            roleFormats.clear();
+        }
+
+        for (final String format : formats) {
+            final NameIDFormat nif = formatBuilder.buildObject();
+            nif.setFormat(format);
+            roleFormats.add(nif);
+        }
+    }
 }