Merged in feature/SHIBUI-704 (pull request #239)

SHIBUI-704 Implementation of DynamicHttpMetadataProvider

Approved-by: Ryan Mathis <rmathis@unicon.net>

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy

@@ -1,8 +1,19 @@
 package edu.internet2.tier.shibboleth.admin.ui.configuration
 
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.HttpMetadataResolverAttributes
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes
+import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository
 import edu.internet2.tier.shibboleth.admin.ui.security.model.Role
 import edu.internet2.tier.shibboleth.admin.ui.security.model.User
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository
+import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions
+import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Profile
 import org.springframework.stereotype.Component
 import org.springframework.transaction.annotation.Transactional
@@ -14,8 +25,11 @@ import javax.annotation.PostConstruct
 class DevConfig {
     private final UserRepository adminUserRepository
 
-    DevConfig(UserRepository adminUserRepository) {
+    private final MetadataResolverRepository metadataResolverRepository
+
+    DevConfig(UserRepository adminUserRepository, MetadataResolverRepository metadataResolverRepository) {
         this.adminUserRepository = adminUserRepository
+        this.metadataResolverRepository = metadataResolverRepository
     }
 
     @Transactional
@@ -32,4 +46,57 @@ class DevConfig {
             adminUserRepository.save(user)
         }
     }
+
+    @Transactional
+    @Profile('fbhmr')
+    @Bean
+    MetadataResolver fbhmr(ModelRepresentationConversions modelRepresentationConversions) {
+        return this.metadataResolverRepository.save(new FileBackedHttpMetadataResolver().with {
+            enabled = true
+            xmlId = 'test-fbhmr'
+            name = 'test-fbhmr'
+            metadataURL = 'http://md.incommon.org/InCommon/InCommon-metadata.xml'
+            backingFile = '%{idp.home}/test-fbhmr.xml'
+            reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes()
+            httpMetadataResolverAttributes = new HttpMetadataResolverAttributes()
+            it.metadataFilters.add(new EntityAttributesFilter().with {
+                it.name = 'test'
+                it.filterEnabled = true
+                it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with {
+                    it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY
+                    it.value = ["https://carmenwiki.osu.edu/shibboleth"]
+                    return it
+                }
+                it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail']
+                it.relyingPartyOverrides = null
+                return it
+            })
+            return it
+        })
+    }
+
+    @Profile('dhmr')
+    @Transactional
+    @Bean
+    MetadataResolver dhmr(ModelRepresentationConversions modelRepresentationConversions) {
+        return this.metadataResolverRepository.save(new DynamicHttpMetadataResolver().with {
+            it.enabled = true
+            it.xmlId = 'test-dhmr'
+            it.name = 'test-dhmr'
+            it.metadataRequestURLConstructionScheme = new MetadataQueryProtocolScheme(content: 'http://mdq-beta.incommon.org/global')
+            it.metadataFilters.add(new EntityAttributesFilter().with {
+                it.name = 'test'
+                it.filterEnabled = true
+                it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with {
+                    it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY
+                    it.value = ["https://issues.shibboleth.net/shibboleth"]
+                    return it
+                }
+                it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail']
+                it.relyingPartyOverrides = null
+                return it
+            })
+            return it
+        })
+    }
 }

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolverUiDefinitionController.groovy

@@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.RestController
 
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.filesystemMetadataProviderSchema
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.localDynamicMetadataProviderSchema
-//import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.dynamicHttpMetadataProviderSchema
+import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.dynamicHttpMetadataProviderSchema
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType
 
@@ -44,9 +44,9 @@ class MetadataResolverUiDefinitionController {
             case SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER:
                 jsonSchemaLocation = localDynamicMetadataProviderSchema(this.jsonSchemaResourceLocationRegistry)
                 break
-/*            case SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER:
+            case SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER:
                 jsonSchemaLocation = dynamicHttpMetadataProviderSchema(this.jsonSchemaResourceLocationRegistry)
-                break*/
+                break
             default:
                 throw new UnsupportedOperationException("Json schema for an unsupported metadata resolver (" + resolverType + ") was requested")
         }

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy

@@ -10,7 +10,11 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetada
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataRequestURLConstructionScheme
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.RegexScheme
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.Refilterable
 import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
@@ -287,6 +291,36 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 httpMaxCacheEntries: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntries,
                 httpMaxCacheEntrySize: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntrySize) {
 
+            switch (MetadataRequestURLConstructionScheme.SchemeType.get(resolver.metadataRequestURLConstructionScheme.type)) {
+                case MetadataRequestURLConstructionScheme.SchemeType.METADATA_QUERY_PROTOCOL:
+                    MetadataQueryProtocolScheme scheme = (MetadataQueryProtocolScheme) resolver.metadataRequestURLConstructionScheme
+                    MetadataQueryProtocol(transformRef: scheme.transformRef) {
+                        if (scheme.content != null) {
+                            mkp.yield(scheme.content)
+                        }
+                    }
+                    break
+                case MetadataRequestURLConstructionScheme.SchemeType.TEMPLATE:
+                    TemplateScheme scheme = (TemplateScheme) resolver.metadataRequestURLConstructionScheme
+                    Template(encodingStyle: scheme.encodingStyle,
+                            transformRef: scheme.transformRef,
+                            velocityEngine: scheme.velocityEngine) {
+                        if (scheme.content != null) {
+                            mkp.yield(scheme.content)
+                        }
+                    }
+                    break
+                case MetadataRequestURLConstructionScheme.SchemeType.REGEX:
+                    RegexScheme scheme = (RegexScheme) resolver.metadataRequestURLConstructionScheme
+                    Regex(match: scheme.match) {
+                        if (scheme.content != null) {
+                            mkp.yield(scheme.content)
+                        }
+                    }
+                    break
+                default:
+                    break
+            }
             childNodes()
         }
     }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java

@@ -1,6 +1,9 @@
 package edu.internet2.tier.shibboleth.admin.ui;
 
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository;
+import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -16,6 +19,7 @@
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
 
 @SpringBootApplication
 @ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "edu.internet2.tier.shibboleth.admin.ui.configuration.auto.*"))
@@ -25,6 +29,8 @@
 @EnableWebSecurity
 public class ShibbolethUiApplication extends SpringBootServletInitializer {
 
+    private static final Logger logger = LoggerFactory.getLogger(ShibbolethUiApplication.class);
+
     @Override
     protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) {
         return builder.sources(ShibbolethUiApplication.class);
@@ -42,9 +48,29 @@ public static class MetadataResolversResourceIdEmitter {
         MetadataResolverRepository metadataResolverRepository;
 
         @EventListener
-        void showMetadataResolversResourceIds(ApplicationStartedEvent e) {
+        public void showMetadataResolversResourceIds(ApplicationStartedEvent e) {
+            metadataResolverRepository.findAll()
+                    .forEach(it -> logger.info(String.format("MetadataResolver [%s: %s]", it.getName(), it.getResourceId())));
+        }
+    }
+
+    @Component
+    public static class MetadataResolverInitializingApplicationStartupListener {
+
+        @Autowired
+        MetadataResolverService metadataResolverService;
+
+        @Autowired
+        MetadataResolverRepository metadataResolverRepository;
+
+        @Transactional
+        @EventListener
+        public void initializeResolvers(ApplicationStartedEvent e) {
             metadataResolverRepository.findAll()
-                    .forEach(it -> System.out.println(String.format("MetadataResolver [%s: %s]", it.getName(), it.getResourceId())));
+                    .forEach(it -> {
+                        logger.info(String.format("Reloading filters for resolver [%s: %s]", it.getName(), it.getResourceId()));
+                        metadataResolverService.reloadFilters(it.getResourceId());
+                    });
         }
     }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java

@@ -14,7 +14,7 @@
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES;
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER;
 import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER;
-//import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER;
+import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER;
 
 /**
  * @author Dmitriy Kopylenko
@@ -43,10 +43,10 @@ public class JsonSchemaComponentsConfiguration {
     @Setter
     private String localDynamicMetadataResolverUiSchemaLocation = "classpath:local-dynamic-metadata-provider.schema.json";
 
-/* TODO: Will be added as part of SHIBUI-704
+    //Configured via @ConfigurationProperties (using setter method) with 'shibui.dynamic-http-metadata-provider-ui-schema-location' property and
+    // default value set here if that property is not explicitly set in application.properties
     @Setter
     private String dynamicHttpMetadataResolverUiSchemaLocation = "classpath:dynamic-http-metadata-provider.schema.json";
-*/
 
     @Bean
     public JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) {
@@ -74,13 +74,13 @@ public JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(Res
                         .resourceLoader(resourceLoader)
                         .jacksonMapper(jacksonMapper)
                         .detectMalformedJson(true)
-                        .build());
-                /*.register(DYNAMIC_HTTP_METADATA_RESOLVER, JsonSchemaLocationBuilder.with()
+                        .build())
+                .register(DYNAMIC_HTTP_METADATA_RESOLVER, JsonSchemaLocationBuilder.with()
                         .jsonSchemaLocation(dynamicHttpMetadataResolverUiSchemaLocation)
                         .resourceLoader(resourceLoader)
                         .jacksonMapper(jacksonMapper)
                         .detectMalformedJson(true)
-                        .build())*/
+                        .build());
     }
 
     @Bean

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java

@@ -5,7 +5,6 @@
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository;
 import edu.internet2.tier.shibboleth.admin.ui.service.IndexWriterService;
 import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverConverterService;
-import edu.internet2.tier.shibboleth.admin.ui.service.TokenPlaceholderValueResolvingService;
 import edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.resolver.ResolverException;
@@ -16,10 +15,13 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.transaction.annotation.Transactional;
 
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Optional;
+import java.util.Set;
 
 /**
  * this is a temporary class until a better way of doing this is found.
@@ -41,9 +43,10 @@ public class MetadataResolverConfiguration {
     MetadataResolverConverterService metadataResolverConverterService;
 
     @Bean
+    @Transactional
     //This injected dependency makes sure that this bean has been created and the wrapped placeholder resolver service
     //is available via static facade accessor method to all the downstream non-Spring managed consumers
-    public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers) throws ResolverException, ComponentInitializationException {
+    public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers, Optional<Set<edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver>> metadataResolvers) throws ResolverException, ComponentInitializationException {
         ChainingMetadataResolver metadataResolver = new OpenSamlChainingMetadataResolver();
         metadataResolver.setId("chain");
 

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java

@@ -219,9 +219,11 @@ public void setNil(@Nullable XSBooleanValue xsBooleanValue) {
 
     }
 
+    private transient final LockableClassToInstanceMultiMap<Object> objectMetadata = new LockableClassToInstanceMultiMap<>(true);
+
     @Nonnull
     public LockableClassToInstanceMultiMap<Object> getObjectMetadata() {
-        return null;
+        return objectMetadata;
     }
 
     public String getSchemaTypeNamespaceURI() {

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java

@@ -5,9 +5,11 @@
 import lombok.Setter;
 import lombok.ToString;
 
+import javax.persistence.CascadeType;
 import javax.persistence.ElementCollection;
 import javax.persistence.Embedded;
 import javax.persistence.Entity;
+import javax.persistence.OneToOne;
 import javax.persistence.OrderColumn;
 import java.util.List;
 
@@ -36,6 +38,9 @@ public class DynamicHttpMetadataResolver extends MetadataResolver {
     @OrderColumn
     private List<String> supportedContentTypes;
 
+    @OneToOne(cascade = CascadeType.ALL)
+    private MetadataRequestURLConstructionScheme metadataRequestURLConstructionScheme;
+
     public DynamicHttpMetadataResolver() {
         type = "DynamicHttpMetadataResolver";
         this.httpMetadataResolverAttributes = new HttpMetadataResolverAttributes();

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataQueryProtocolScheme.java

@@ -0,0 +1,23 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
+
+import javax.persistence.Entity;
+
+/**
+ * @author Bill Smith (wsmith@unicon.net)
+ */
+@Entity
+@Getter
+@Setter
+@EqualsAndHashCode(callSuper = true)
+public class MetadataQueryProtocolScheme extends MetadataRequestURLConstructionScheme {
+
+    public MetadataQueryProtocolScheme() {
+        type = "MetadataQueryProtocol";
+    }
+
+    private String transformRef;
+}