From d80f0dbee9e690eef2251f25d26a28e449c2c1e8 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 6 Nov 2018 13:59:15 -0700 Subject: [PATCH 01/16] SHIBUI-704 Adding dynamic http provider type --- ui/src/app/metadata/provider/model/index.ts | 7 +++++-- ui/src/app/wizard/model/wizard.ts | 7 ++++++- ui/src/app/wizard/reducer/index.ts | 1 - .../assets/schema/provider/metadata-provider.schema.json | 6 ++++++ 4 files changed, 17 insertions(+), 4 deletions(-) diff --git a/ui/src/app/metadata/provider/model/index.ts b/ui/src/app/metadata/provider/model/index.ts index cfb64a08d..adba253bc 100644 --- a/ui/src/app/metadata/provider/model/index.ts +++ b/ui/src/app/metadata/provider/model/index.ts @@ -1,12 +1,15 @@ import { FileBackedHttpMetadataProviderWizard } from './file-backed-http.provider.form'; import { FileBackedHttpMetadataProviderEditor } from './file-backed-http.provider.form'; +import { DynamicHttpMetadataProviderWizard, DynamicHttpMetadataProviderEditor } from './dynamic-http.provider.form'; export const MetadataProviderWizardTypes = [ - FileBackedHttpMetadataProviderWizard + FileBackedHttpMetadataProviderWizard, + DynamicHttpMetadataProviderWizard ]; export const MetadataProviderEditorTypes = [ - FileBackedHttpMetadataProviderEditor + FileBackedHttpMetadataProviderEditor, + DynamicHttpMetadataProviderEditor ]; export * from './file-backed-http.provider.form'; diff --git a/ui/src/app/wizard/model/wizard.ts b/ui/src/app/wizard/model/wizard.ts index 35ae220c6..33186ddeb 100644 --- a/ui/src/app/wizard/model/wizard.ts +++ b/ui/src/app/wizard/model/wizard.ts @@ -19,10 +19,15 @@ export interface WizardStep { export interface WizardFieldset { type: string; class?: string[]; - fields: string[]; + fields: (string | WizardFieldsubset)[]; } export interface WizardValue { key: string; value: any; } + +export interface WizardFieldsubset { + parent: string; + children: string[]; +} diff --git a/ui/src/app/wizard/reducer/index.ts b/ui/src/app/wizard/reducer/index.ts index 56054616c..30f00b18d 100644 --- a/ui/src/app/wizard/reducer/index.ts +++ b/ui/src/app/wizard/reducer/index.ts @@ -69,7 +69,6 @@ export const getSplitSchema = (schema: any, step: WizardStep) => { if (schema.definitions) { s.definitions = schema.definitions; } - if (required && required.length) { s.required = required; } diff --git a/ui/src/assets/schema/provider/metadata-provider.schema.json b/ui/src/assets/schema/provider/metadata-provider.schema.json index 6cd17323f..cf856b52f 100644 --- a/ui/src/assets/schema/provider/metadata-provider.schema.json +++ b/ui/src/assets/schema/provider/metadata-provider.schema.json @@ -28,6 +28,12 @@ "FileBackedHttpMetadataResolver" ], "description": "value.file-backed-http-metadata-provider" + }, + { + "enum": [ + "DynamicHttpMetadataResolver" + ], + "description": "value.dynamic-http-metadata-provider" } ] } From 20efb3425c726291ecc3352b740fc8cd138aae13 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 7 Nov 2018 10:53:51 -0700 Subject: [PATCH 02/16] SHIBUI-704 Implemented schema definition --- .../resources/i18n/messages_en.properties | 19 + .../dynamic-http-metadata-provider.ts | 51 ++ .../model/dynamic-http.provider.form.ts | 133 ++++ .../schema/provider/dynamic-http.schema.json | 620 ++++++++++++++++++ 4 files changed, 823 insertions(+) create mode 100644 ui/src/app/metadata/domain/model/providers/dynamic-http-metadata-provider.ts create mode 100644 ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts create mode 100644 ui/src/assets/schema/provider/dynamic-http.schema.json diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties index 3d4670252..7df519fff 100644 --- a/backend/src/main/resources/i18n/messages_en.properties +++ b/backend/src/main/resources/i18n/messages_en.properties @@ -74,6 +74,8 @@ value.entity-attributes-filter=EntityAttributes Filter value.spdescriptor=SPSSODescriptor value.attr-auth-descriptor=AttributeAuthorityDescriptor +value.dynamic-http-metadata-provider=DynamicHttpMetadataProvider + brand.header.title=Source Management brand.logo-link-label=Shibboleth brand.logo-link-description=Link to Shibboleth Website @@ -332,6 +334,15 @@ label.attribute-eduPersonUniqueId=eduPersonUniqueId label.attribute-employeeNumber=employeeNumber label.force-authn=Force AuthN +label.dynamic-attributes=Dynamic Attributes +label.min-cache-duration=Min Cache Duration +label.max-cache-duration=Max Cache Duration +label.max-idle-entity-data=Max Idle Entity Data +label.cleanup-task-interval=Cleanup Task Interval +label.persistent-cache-manager-directory=Persistent Cache Manager Directory +label.initialize-from-persistent-cache-in-background=Initialize from Persistent Cache in Background? +label.background-init-from-cache-delay=Background Initialization from Cache Delay + message.must-be-unique=Must be unique. message.name-must-be-unique=Name must be unique. message.uri-valid-format=URI must be valid format. @@ -453,3 +464,11 @@ tooltip.expiration-warning-threshold=For each attempted metadata refresh (whethe tooltip.filter-name=Filter Name tooltip.enable-filter=Enable Filter? tooltip.enable-service=Enable Service? + +tooltip.min-cache-duration=The minimum duration for which metadata will be cached before it is refreshed. +tooltip.max-cache-duration=The maximum duration for which metadata will be cached before it is refreshed. +tooltip.max-idle-entity-data=The maximum duration for which metadata will be allowed to be idle (no requests for it) before it is removed from the cache. +tooltip.cleanup-task-interval=The interval at which the internal cleanup task should run. This task performs background maintenance tasks, such as the removal of expired and idle metadata. +tooltip.persistent-cache-manager-directory=The optional manager for the persistent cache store for resolved metadata. On metadata provider initialization, data present in the persistent cache will be loaded to memory, effectively restoring the state of the provider as closely as possible to that which existed before the previous shutdown. Each individual cache entry will only be loaded if 1) the entry is still valid as determined by the internal provider logic, and 2) the entry passes the (optional) predicate supplied via initializationFromCachePredicateRef. +tooltip.initialize-from-persistent-cache-in-background=Flag indicating whether should initialize from the persistent cache in the background. Initializing from the cache in the background will improve IdP startup times. +tooltip.background-init-from-cache-delay=The delay after which to schedule the background initialization from the persistent cache when initializeFromPersistentCacheInBackground=true. diff --git a/ui/src/app/metadata/domain/model/providers/dynamic-http-metadata-provider.ts b/ui/src/app/metadata/domain/model/providers/dynamic-http-metadata-provider.ts new file mode 100644 index 000000000..5d3201836 --- /dev/null +++ b/ui/src/app/metadata/domain/model/providers/dynamic-http-metadata-provider.ts @@ -0,0 +1,51 @@ +import { BaseMetadataProvider } from './base-metadata-provider'; + +export interface DynamicHttpMetadataProvider extends BaseMetadataProvider { + id: string; + metadataURL: string; + dynamicMetadataResolverAttributes: DynamicMetadataResolverAttributes; + httpMetadataResolverAttributes: HttpMetadataResolverAttributes; + maxConnectionsTotal: number; + maxConnectionsPerRoute: number; + supportedContentTypes: string[]; +} + +export interface DynamicMetadataResolverAttributes { + refreshDelayFactor: number; + minCacheDuration: string; + maxCacheDuration: string; + maxIdleEntityData: string; + removeIdleEntityData: boolean; + cleanupTaskInterval: string; + + persistentCacheManagerRef: string; + persistentCacheManagerDirectory: string; + persistentCacheKeyGeneratorRef: string; + initializeFromPersistentCacheInBackground: boolean; + backgroundInitializationFromCacheDelay: string; + initializationFromCachePredicateRef: string; +} + +export interface HttpMetadataResolverAttributes { + httpClientRef; + connectionRequestTimeout: string; + connectionTimeout: string; + socketTimeout: string; + disregardTLSCertificate: boolean; + tlsTrustEngineRef: string; + httpClientSecurityParametersRef: string; + proxyHost: string; + proxyPort: string; + proxyUser: string; + proxyPassword: string; + httpCaching: HttpCachingType; + httpCacheDirectory: string; + httpMaxCacheEntries: number; + httpMaxCacheEntrySize: number; +} + +export enum HttpCachingType { + NONE = 'none', + FILE = 'file', + MEMORY = 'memory' +} diff --git a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts new file mode 100644 index 000000000..4baf5bfe8 --- /dev/null +++ b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts @@ -0,0 +1,133 @@ +import { Wizard } from '../../../wizard/model'; +import { DynamicHttpMetadataProvider } from '../../domain/model/providers/dynamic-http-metadata-provider'; +import { BaseMetadataProviderEditor } from './base.provider.form'; +import UriValidator from '../../../shared/validation/uri.validator'; + +export const DynamicHttpMetadataProviderWizard: Wizard = { + ...BaseMetadataProviderEditor, + label: 'DynamicHttpMetadataProvider', + type: 'DynamicHttpMetadataResolver', + getValidators(namesList: string[] = [], xmlIdList: string[] = []): any { + const validators = BaseMetadataProviderEditor.getValidators(namesList); + validators['/xmlId'] = (value, property, form) => { + const err = xmlIdList.indexOf(value) > -1 ? { + code: 'INVALID_ID', + path: `#${property.path}`, + message: 'message.id-unique', + params: [value] + } : null; + return err; + }; + validators['/metadataURL'] = (value, property, form) => { + return !UriValidator.isUri(value) ? { + code: 'INVALID_URI', + path: `#${property.path}`, + message: 'message.uri-valid-format', + params: [value] + } : null; + }; + + return validators; + }, + steps: [ + { + id: 'common', + label: 'label.common-attributes', + index: 2, + initialValues: [], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'xmlId', + 'metadataURL', + 'requireValidMetadata', + 'failFastInitialization' + ] + }, + { + id: 'dynamic', + label: 'label.dynamic-attributes', + index: 3, + initialValues: [], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'dynamicMetadataResolverAttributes' + ] + }, + { + id: 'plugins', + label: 'label.metadata-filter-plugins', + index: 4, + initialValues: [ + { key: 'metadataFilters', value: [] } + ], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'metadataFilters' + ] + }, + { + id: 'summary', + label: 'label.finished', + index: 5, + initialValues: [], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'enabled' + ] + } + ] +}; + + +export const DynamicHttpMetadataProviderEditor: Wizard = { + ...DynamicHttpMetadataProviderWizard, + steps: [ + { + id: 'common', + label: 'label.common-attributes', + index: 1, + initialValues: [], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'enabled', + 'xmlId', + 'metadataURL', + 'requireValidMetadata', + 'failFastInitialization' + ] + }, + { + id: 'dynamic', + label: 'label.dynamic-attributes', + index: 3, + initialValues: [], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'dynamicMetadataResolverAttributes' + ] + }, + { + id: 'plugins', + label: 'label.metadata-filter-plugins', + index: 4, + initialValues: [ + { key: 'metadataFilters', value: [] } + ], + schema: 'assets/schema/provider/dynamic-http.schema.json', + fields: [ + 'metadataFilters' + ] + }, + { + id: 'advanced', + label: 'label.advanced-settings', + index: 4, + initialValues: [], + locked: true, + schema: 'assets/schema/provider/filebacked-http-advanced.schema.json', + fields: [ + 'httpMetadataResolverAttributes' + ] + } + ] +}; diff --git a/ui/src/assets/schema/provider/dynamic-http.schema.json b/ui/src/assets/schema/provider/dynamic-http.schema.json new file mode 100644 index 000000000..231078877 --- /dev/null +++ b/ui/src/assets/schema/provider/dynamic-http.schema.json @@ -0,0 +1,620 @@ +{ + "type": "object", + "order": [ + "xmlId", + "metadataURL" + ], + "required": [ + "xmlId", + "metadataURL" + ], + "properties": { + "enabled": { + "title": "label.enable-provider-upon-saving", + "description": "tooltip.enable-provider-upon-saving", + "type": "boolean", + "default": false + }, + "xmlId": { + "title": "label.xml-id", + "description": "tooltip.xml-id", + "type": "string", + "default": "", + "minLength": 1 + }, + "metadataURL": { + "title": "label.metadata-url", + "description": "tooltip.metadata-url", + "type": "string", + "default": "", + "minLength": 1 + }, + "requireValidMetadata": { + "title": "label.require-valid-metadata", + "description": "tooltip.require-valid-metadata", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "failFastInitialization": { + "title": "label.fail-fast-init", + "description": "tooltip.fail-fast-init", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "dynamicMetadataResolverAttributes": { + "type": "object", + "properties": { + "refreshDelayFactor": { + "title": "label.refresh-delay-factor", + "description": "tooltip.refresh-delay-factor", + "type": "number", + "widget": { + "id": "number", + "step": 0.01 + }, + "placeholder": "label.real-number", + "minimum": 0, + "maximum": 1, + "default": null + }, + "minCacheDuration": { + "title": "label.min-cache-duration", + "description": "tooltip.min-cache-duration", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "maxCacheDuration": { + "title": "label.max-cache-duration", + "description": "tooltip.max-cache-duration", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "maxIdleEntityData": { + "title": "label.max-idle-entity-data", + "description": "tooltip.max-idle-entity-data", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "cleanupTaskInterval": { + "title": "label.cleanup-task-interval", + "description": "tooltip.cleanup-task-interval", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "persistentCacheManagerDirectory": { + "title": "label.persistent-cache-manager-directory", + "description": "tooltip.persistent-cache-manager-directory", + "type": "string", + "default": "", + "minLength": 1 + }, + "initializeFromPersistentCacheInBackground": { + "title": "label.initialize-from-persistent-cache-in-background", + "description": "tooltip.initialize-from-persistent-cache-in-background", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "backgroundInitializationFromCacheDelay": { + "title": "label.background-init-from-cache-delay", + "description": "tooltip.background-init-from-cache-delay", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "visibleIf": { + "initializeFromPersistentCacheInBackground": [ + true + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + } + } + }, + "httpMetadataResolverAttributes": { + "order": [], + "type": "object", + "fieldsets": [ + { + "title": "label.http-security-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "disregardTLSCertificate" + ] + }, + { + "title": "label.http-connection-attributes", + "type": "section", + "fields": [ + "connectionRequestTimeout", + "connectionTimeout", + "socketTimeout" + ] + }, + { + "title": "label.http-proxy-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "proxyHost", + "proxyPort", + "proxyUser", + "proxyPassword" + ] + }, + { + "title": "label.http-caching-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "httpCaching", + "httpCacheDirectory", + "httpMaxCacheEntries", + "httpMaxCacheEntrySize" + ] + }, + { + "title": "", + "type": "hidden", + "class": "col-12", + "fields": [ + "tlsTrustEngineRef", + "httpClientSecurityParametersRef", + "httpClientRef" + ] + } + ], + "properties": { + "disregardTLSCertificate": { + "type": "boolean", + "title": "label.disregard-tls-cert", + "description": "tooltip.disregard-tls-cert", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "True" + }, + { + "enum": [ + false + ], + "description": "False" + } + ], + "default": false + }, + "httpClientRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "connectionRequestTimeout": { + "type": "string", + "title": "label.connection-request-timeout", + "description": "tooltip.connection-request-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "connectionTimeout": { + "type": "string", + "title": "label.connection-timeout", + "description": "tooltip.connection-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "socketTimeout": { + "type": "string", + "title": "label.socket-timeout", + "description": "tooltip.socket-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "tlsTrustEngineRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "httpClientSecurityParametersRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "proxyHost": { + "type": "string", + "title": "label.proxy-host", + "description": "tooltip.proxy-host", + "placeholder": "", + "default": "" + }, + "proxyPort": { + "type": "string", + "title": "label.proxy-port", + "description": "tooltip.proxy-port", + "placeholder": "", + "default": "" + }, + "proxyUser": { + "type": "string", + "title": "label.proxy-user", + "description": "tooltip.proxy-user", + "placeholder": "", + "default": "" + }, + "proxyPassword": { + "type": "string", + "title": "label.proxy-password", + "description": "tooltip.proxy-password", + "placeholder": "", + "default": "" + }, + "httpCaching": { + "type": "string", + "title": "label.http-caching", + "description": "tooltip.http-caching", + "placeholder": "label.select-caching-type", + "widget": { + "id": "select" + }, + "oneOf": [ + { + "enum": [ + "none" + ], + "description": "value.none" + }, + { + "enum": [ + "file" + ], + "description": "value.file" + }, + { + "enum": [ + "memory" + ], + "description": "value.memory" + } + ] + }, + "httpCacheDirectory": { + "type": "string", + "title": "label.http-caching-directory", + "description": "tooltip.http-caching-directory", + "placeholder": "" + }, + "httpMaxCacheEntries": { + "type": "integer", + "title": "label.http-max-cache-entries", + "description": "tooltip.http-max-cache-entries", + "placeholder": "", + "default": 0, + "minimum": 0 + }, + "httpMaxCacheEntrySize": { + "type": "integer", + "title": "label.max-cache-entry-size", + "description": "tooltip.max-cache-entry-size", + "placeholder": "", + "default": 0, + "minimum": 0 + } + } + }, + "metadataFilters": { + "title": "", + "description": "", + "type": "object", + "properties": { + "RequiredValidUntil": { + "title": "label.required-valid-until", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "maxValidityInterval": { + "title": "label.max-validity-interval", + "description": "tooltip.max-validity-interval", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + } + } + }, + "SignatureValidation": { + "title": "label.signature-validation-filter", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "requireSignedRoot": { + "title": "label.require-signed-root", + "description": "tooltip.require-signed-root", + "type": "boolean", + "default": true + }, + "certificateFile": { + "title": "label.certificate-file", + "description": "tooltip.certificate-file", + "type": "string", + "widget": "textarea", + "default": "" + } + }, + "anyOf": [ + { + "properties": { + "requireSignedRoot": { + "enum": [ + true + ] + } + }, + "required": [ + "certificateFile" + ] + }, + { + "properties": { + "requireSignedRoot": { + "enum": [ + false + ] + } + } + } + ] + }, + "EntityRoleWhiteList": { + "title": "label.entity-role-whitelist", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "retainedRoles": { + "title": "label.retained-roles", + "description": "tooltip.retained-roles", + "type": "array", + "items": { + "widget": { + "id": "select" + }, + "type": "string", + "oneOf": [ + { + "enum": [ + "SPSSODescriptor" + ], + "description": "value.spdescriptor" + }, + { + "enum": [ + "AttributeAuthorityDescriptor" + ], + "description": "value.attr-auth-descriptor" + } + ] + } + }, + "removeRolelessEntityDescriptors": { + "title": "label.remove-roleless-entity-descriptors", + "description": "tooltip.remove-roleless-entity-descriptors", + "type": "boolean", + "default": true + }, + "removeEmptyEntitiesDescriptors": { + "title": "label.remove-empty-entities-descriptors", + "description": "tooltip.remove-empty-entities-descriptors", + "type": "boolean", + "default": true + } + } + } + } + } + } +} \ No newline at end of file From 566db338e59bf2c2c3a4bb6a435e42ddebe70ac8 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 7 Nov 2018 11:52:47 -0700 Subject: [PATCH 03/16] SHIBUI-704 copied file to backend directory --- .../dynamic-http-provider.schema.json | 620 ++++++++++++++++++ 1 file changed, 620 insertions(+) create mode 100644 backend/src/main/resources/dynamic-http-provider.schema.json diff --git a/backend/src/main/resources/dynamic-http-provider.schema.json b/backend/src/main/resources/dynamic-http-provider.schema.json new file mode 100644 index 000000000..231078877 --- /dev/null +++ b/backend/src/main/resources/dynamic-http-provider.schema.json @@ -0,0 +1,620 @@ +{ + "type": "object", + "order": [ + "xmlId", + "metadataURL" + ], + "required": [ + "xmlId", + "metadataURL" + ], + "properties": { + "enabled": { + "title": "label.enable-provider-upon-saving", + "description": "tooltip.enable-provider-upon-saving", + "type": "boolean", + "default": false + }, + "xmlId": { + "title": "label.xml-id", + "description": "tooltip.xml-id", + "type": "string", + "default": "", + "minLength": 1 + }, + "metadataURL": { + "title": "label.metadata-url", + "description": "tooltip.metadata-url", + "type": "string", + "default": "", + "minLength": 1 + }, + "requireValidMetadata": { + "title": "label.require-valid-metadata", + "description": "tooltip.require-valid-metadata", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "failFastInitialization": { + "title": "label.fail-fast-init", + "description": "tooltip.fail-fast-init", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "dynamicMetadataResolverAttributes": { + "type": "object", + "properties": { + "refreshDelayFactor": { + "title": "label.refresh-delay-factor", + "description": "tooltip.refresh-delay-factor", + "type": "number", + "widget": { + "id": "number", + "step": 0.01 + }, + "placeholder": "label.real-number", + "minimum": 0, + "maximum": 1, + "default": null + }, + "minCacheDuration": { + "title": "label.min-cache-duration", + "description": "tooltip.min-cache-duration", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "maxCacheDuration": { + "title": "label.max-cache-duration", + "description": "tooltip.max-cache-duration", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "maxIdleEntityData": { + "title": "label.max-idle-entity-data", + "description": "tooltip.max-idle-entity-data", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "cleanupTaskInterval": { + "title": "label.cleanup-task-interval", + "description": "tooltip.cleanup-task-interval", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "persistentCacheManagerDirectory": { + "title": "label.persistent-cache-manager-directory", + "description": "tooltip.persistent-cache-manager-directory", + "type": "string", + "default": "", + "minLength": 1 + }, + "initializeFromPersistentCacheInBackground": { + "title": "label.initialize-from-persistent-cache-in-background", + "description": "tooltip.initialize-from-persistent-cache-in-background", + "type": "boolean", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "value.true" + }, + { + "enum": [ + false + ], + "description": "value.false" + } + ], + "default": true + }, + "backgroundInitializationFromCacheDelay": { + "title": "label.background-init-from-cache-delay", + "description": "tooltip.background-init-from-cache-delay", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "visibleIf": { + "initializeFromPersistentCacheInBackground": [ + true + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + } + } + }, + "httpMetadataResolverAttributes": { + "order": [], + "type": "object", + "fieldsets": [ + { + "title": "label.http-security-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "disregardTLSCertificate" + ] + }, + { + "title": "label.http-connection-attributes", + "type": "section", + "fields": [ + "connectionRequestTimeout", + "connectionTimeout", + "socketTimeout" + ] + }, + { + "title": "label.http-proxy-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "proxyHost", + "proxyPort", + "proxyUser", + "proxyPassword" + ] + }, + { + "title": "label.http-caching-attributes", + "type": "section", + "class": "col-12", + "fields": [ + "httpCaching", + "httpCacheDirectory", + "httpMaxCacheEntries", + "httpMaxCacheEntrySize" + ] + }, + { + "title": "", + "type": "hidden", + "class": "col-12", + "fields": [ + "tlsTrustEngineRef", + "httpClientSecurityParametersRef", + "httpClientRef" + ] + } + ], + "properties": { + "disregardTLSCertificate": { + "type": "boolean", + "title": "label.disregard-tls-cert", + "description": "tooltip.disregard-tls-cert", + "widget": { + "id": "boolean-radio" + }, + "oneOf": [ + { + "enum": [ + true + ], + "description": "True" + }, + { + "enum": [ + false + ], + "description": "False" + } + ], + "default": false + }, + "httpClientRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "connectionRequestTimeout": { + "type": "string", + "title": "label.connection-request-timeout", + "description": "tooltip.connection-request-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "connectionTimeout": { + "type": "string", + "title": "label.connection-timeout", + "description": "tooltip.connection-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "socketTimeout": { + "type": "string", + "title": "label.socket-timeout", + "description": "tooltip.socket-timeout", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + }, + "tlsTrustEngineRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "httpClientSecurityParametersRef": { + "type": "string", + "title": "", + "description": "", + "placeholder": "", + "widget": "hidden", + "default": "" + }, + "proxyHost": { + "type": "string", + "title": "label.proxy-host", + "description": "tooltip.proxy-host", + "placeholder": "", + "default": "" + }, + "proxyPort": { + "type": "string", + "title": "label.proxy-port", + "description": "tooltip.proxy-port", + "placeholder": "", + "default": "" + }, + "proxyUser": { + "type": "string", + "title": "label.proxy-user", + "description": "tooltip.proxy-user", + "placeholder": "", + "default": "" + }, + "proxyPassword": { + "type": "string", + "title": "label.proxy-password", + "description": "tooltip.proxy-password", + "placeholder": "", + "default": "" + }, + "httpCaching": { + "type": "string", + "title": "label.http-caching", + "description": "tooltip.http-caching", + "placeholder": "label.select-caching-type", + "widget": { + "id": "select" + }, + "oneOf": [ + { + "enum": [ + "none" + ], + "description": "value.none" + }, + { + "enum": [ + "file" + ], + "description": "value.file" + }, + { + "enum": [ + "memory" + ], + "description": "value.memory" + } + ] + }, + "httpCacheDirectory": { + "type": "string", + "title": "label.http-caching-directory", + "description": "tooltip.http-caching-directory", + "placeholder": "" + }, + "httpMaxCacheEntries": { + "type": "integer", + "title": "label.http-max-cache-entries", + "description": "tooltip.http-max-cache-entries", + "placeholder": "", + "default": 0, + "minimum": 0 + }, + "httpMaxCacheEntrySize": { + "type": "integer", + "title": "label.max-cache-entry-size", + "description": "tooltip.max-cache-entry-size", + "placeholder": "", + "default": 0, + "minimum": 0 + } + } + }, + "metadataFilters": { + "title": "", + "description": "", + "type": "object", + "properties": { + "RequiredValidUntil": { + "title": "label.required-valid-until", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "maxValidityInterval": { + "title": "label.max-validity-interval", + "description": "tooltip.max-validity-interval", + "type": "string", + "placeholder": "label.duration", + "widget": { + "id": "datalist", + "data": [ + "PT0S", + "PT30S", + "PT1M", + "PT10M", + "PT30M", + "PT1H", + "PT4H", + "PT12H", + "PT24H" + ] + }, + "default": null, + "pattern": "^(R\\d*\\/)?P(?:\\d+(?:\\.\\d+)?Y)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?W)?(?:\\d+(?:\\.\\d+)?D)?(?:T(?:\\d+(?:\\.\\d+)?H)?(?:\\d+(?:\\.\\d+)?M)?(?:\\d+(?:\\.\\d+)?S)?)?$" + } + } + }, + "SignatureValidation": { + "title": "label.signature-validation-filter", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "requireSignedRoot": { + "title": "label.require-signed-root", + "description": "tooltip.require-signed-root", + "type": "boolean", + "default": true + }, + "certificateFile": { + "title": "label.certificate-file", + "description": "tooltip.certificate-file", + "type": "string", + "widget": "textarea", + "default": "" + } + }, + "anyOf": [ + { + "properties": { + "requireSignedRoot": { + "enum": [ + true + ] + } + }, + "required": [ + "certificateFile" + ] + }, + { + "properties": { + "requireSignedRoot": { + "enum": [ + false + ] + } + } + } + ] + }, + "EntityRoleWhiteList": { + "title": "label.entity-role-whitelist", + "type": "object", + "widget": { + "id": "fieldset" + }, + "properties": { + "retainedRoles": { + "title": "label.retained-roles", + "description": "tooltip.retained-roles", + "type": "array", + "items": { + "widget": { + "id": "select" + }, + "type": "string", + "oneOf": [ + { + "enum": [ + "SPSSODescriptor" + ], + "description": "value.spdescriptor" + }, + { + "enum": [ + "AttributeAuthorityDescriptor" + ], + "description": "value.attr-auth-descriptor" + } + ] + } + }, + "removeRolelessEntityDescriptors": { + "title": "label.remove-roleless-entity-descriptors", + "description": "tooltip.remove-roleless-entity-descriptors", + "type": "boolean", + "default": true + }, + "removeEmptyEntitiesDescriptors": { + "title": "label.remove-empty-entities-descriptors", + "description": "tooltip.remove-empty-entities-descriptors", + "type": "boolean", + "default": true + } + } + } + } + } + } +} \ No newline at end of file From d05b334cac7dcab0be3c1611e40b930008e5ab07 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Mon, 12 Nov 2018 15:14:20 -0700 Subject: [PATCH 04/16] [SHIBUI-704] Uncommented support for DynamicHttp resolvers. Added a doInitialization check. --- .../MetadataResolverUiDefinitionController.groovy | 6 +++--- .../JsonSchemaComponentsConfiguration.java | 12 ++++++------ ...mlFunctionDrivenDynamicHTTPMetadataResolver.java | 10 ++++++---- .../ui/jsonschema/JsonSchemaLocationLookup.java | 13 ++++++++++--- .../ui/jsonschema/JsonSchemaResourceLocation.java | 4 ++-- ...n => dynamic-http-metadata-provider.schema.json} | 0 ...cesUiDefinitionControllerIntegrationTests.groovy | 7 +++++++ 7 files changed, 34 insertions(+), 18 deletions(-) rename backend/src/main/resources/{dynamic-http-provider.schema.json => dynamic-http-metadata-provider.schema.json} (100%) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolverUiDefinitionController.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolverUiDefinitionController.groovy index 8232c687d..e6c878b0b 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolverUiDefinitionController.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolverUiDefinitionController.groovy @@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.RestController import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.filesystemMetadataProviderSchema import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.localDynamicMetadataProviderSchema -//import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.dynamicHttpMetadataProviderSchema +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.dynamicHttpMetadataProviderSchema import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType @@ -44,9 +44,9 @@ class MetadataResolverUiDefinitionController { case SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER: jsonSchemaLocation = localDynamicMetadataProviderSchema(this.jsonSchemaResourceLocationRegistry) break -/* case SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER: + case SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER: jsonSchemaLocation = dynamicHttpMetadataProviderSchema(this.jsonSchemaResourceLocationRegistry) - break*/ + break default: throw new UnsupportedOperationException("Json schema for an unsupported metadata resolver (" + resolverType + ") was requested") } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java index 1f58fb3cc..f179c7880 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/JsonSchemaComponentsConfiguration.java @@ -14,7 +14,7 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER; -//import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER; /** * @author Dmitriy Kopylenko @@ -43,10 +43,10 @@ public class JsonSchemaComponentsConfiguration { @Setter private String localDynamicMetadataResolverUiSchemaLocation = "classpath:local-dynamic-metadata-provider.schema.json"; -/* TODO: Will be added as part of SHIBUI-704 + //Configured via @ConfigurationProperties (using setter method) with 'shibui.dynamic-http-metadata-provider-ui-schema-location' property and + // default value set here if that property is not explicitly set in application.properties @Setter private String dynamicHttpMetadataResolverUiSchemaLocation = "classpath:dynamic-http-metadata-provider.schema.json"; -*/ @Bean public JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) { @@ -74,13 +74,13 @@ public JsonSchemaResourceLocationRegistry jsonSchemaResourceLocationRegistry(Res .resourceLoader(resourceLoader) .jacksonMapper(jacksonMapper) .detectMalformedJson(true) - .build()); - /*.register(DYNAMIC_HTTP_METADATA_RESOLVER, JsonSchemaLocationBuilder.with() + .build()) + .register(DYNAMIC_HTTP_METADATA_RESOLVER, JsonSchemaLocationBuilder.with() .jsonSchemaLocation(dynamicHttpMetadataResolverUiSchemaLocation) .resourceLoader(resourceLoader) .jacksonMapper(jacksonMapper) .detectMalformedJson(true) - .build())*/ + .build()); } @Bean diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java index 1235660d8..705f4bb84 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java @@ -41,11 +41,13 @@ public OpenSamlFunctionDrivenDynamicHTTPMetadataResolver(ParserPool parserPool, @Override protected void initMetadataResolver() throws ComponentInitializationException { - super.initMetadataResolver(); + if (sourceResolver.getDoInitialization()) { + super.initMetadataResolver(); - delegate.addIndexedDescriptorsFromBackingStore(this.getBackingStore(), - this.sourceResolver.getResourceId(), - indexWriter); + delegate.addIndexedDescriptorsFromBackingStore(this.getBackingStore(), + this.sourceResolver.getResourceId(), + indexWriter); + } } public void refresh() throws ComponentInitializationException { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java index 344a6efcf..12c5ae67d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaLocationLookup.java @@ -4,7 +4,7 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.METADATA_SOURCES; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER; import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER; -//import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER; +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER; /** * Utility methods for common JSON schema types lookups. @@ -65,9 +65,16 @@ public static JsonSchemaResourceLocation localDynamicMetadataProviderSchema(Json .orElseThrow(() -> new IllegalStateException("JSON schema resource location for local dynamic metadata resolver is not registered.")); } -/* public static JsonSchemaResourceLocation dynamicHttpMetadataProviderSchema(JsonSchemaResourceLocationRegistry resourceLocationRegistry) { + /** + * Searches dynamic http metadata resolver JSON schema resource location object in the given location registry. + * + * @param resourceLocationRegistry + * @return dynamic http metadata resolver JSON schema resource location object + * @throws IllegalStateException if schema is not found in the given registry + */ + public static JsonSchemaResourceLocation dynamicHttpMetadataProviderSchema(JsonSchemaResourceLocationRegistry resourceLocationRegistry) { return resourceLocationRegistry .lookup(DYNAMIC_HTTP_METADATA_RESOLVER) .orElseThrow(() -> new IllegalStateException("JSON schema resource location for dynamic http metadata resolver is not registered.")); - }*/ + } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java index 11c03006a..ad0f4cd84 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/jsonschema/JsonSchemaResourceLocation.java @@ -103,8 +103,8 @@ public enum SchemaType { // resolver types FILE_BACKED_HTTP_METADATA_RESOLVER("FileBackedHttpMetadataResolver"), FILESYSTEM_METADATA_RESOLVER("FilesystemMetadataResolver"), - LOCAL_DYNAMIC_METADATA_RESOLVER("LocalDynamicMetadataResolver"); -// DYNAMIC_HTTP_METADATA_RESOLVER; + LOCAL_DYNAMIC_METADATA_RESOLVER("LocalDynamicMetadataResolver"), + DYNAMIC_HTTP_METADATA_RESOLVER("DynamicHttpMetadataResolver"); String jsonType; diff --git a/backend/src/main/resources/dynamic-http-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json similarity index 100% rename from backend/src/main/resources/dynamic-http-provider.schema.json rename to backend/src/main/resources/dynamic-http-metadata-provider.schema.json diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy index 3624f6ce3..671961e8b 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy @@ -12,6 +12,7 @@ import org.springframework.test.context.ActiveProfiles import spock.lang.Specification import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.* +import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.DYNAMIC_HTTP_METADATA_RESOLVER import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.ENTITY_ATTRIBUTES_FILTERS import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.FILESYSTEM_METADATA_RESOLVER import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaResourceLocation.SchemaType.LOCAL_DYNAMIC_METADATA_RESOLVER @@ -71,6 +72,12 @@ class BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests extends Speci .jacksonMapper(jacksonMapper) .detectMalformedJson(false) .build()) + .register(DYNAMIC_HTTP_METADATA_RESOLVER, JsonSchemaLocationBuilder.with() + .jsonSchemaLocation('classpath:dynamic-http-metadata-provider.schema.json') + .resourceLoader(resourceLoader) + .jacksonMapper(jacksonMapper) + .detectMalformedJson(false) + .build()) } } } \ No newline at end of file From a9ce4d15d499ef231937c1e33dc3a176b9e7c631 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 13 Nov 2018 09:09:10 -0700 Subject: [PATCH 05/16] SHIBUI-704 Fixed text --- .../main/resources/i18n/messages_en.properties | 1 + .../model/dynamic-http.provider.form.ts | 18 +++++++++--------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties index c9eb910bb..ed8313f38 100644 --- a/backend/src/main/resources/i18n/messages_en.properties +++ b/backend/src/main/resources/i18n/messages_en.properties @@ -319,6 +319,7 @@ label.reloading-attributes=Reloading Attributes label.metadata-filter-plugins=Metadata Filter Plugins label.advanced-settings=Advanced Settings label.edit-metadata-provider=Edit Metadata Provider +label.http-settings-advanced=Http Settings (Advanced) label.metadata-ui=User Interface / MDUI Information label.descriptor-info=SP SSO Descriptor Information diff --git a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts index 4baf5bfe8..b3fffdcc3 100644 --- a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts +++ b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts @@ -35,7 +35,7 @@ export const DynamicHttpMetadataProviderWizard: Wizard Date: Tue, 13 Nov 2018 11:36:58 -0700 Subject: [PATCH 06/16] SHIBUI-704 updates to schema for request url --- .../model/dynamic-http.provider.form.ts | 5 +- .../schema/provider/dynamic-http.schema.json | 122 +++++++++++++++++- 2 files changed, 119 insertions(+), 8 deletions(-) diff --git a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts index b3fffdcc3..1cfcb7073 100644 --- a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts +++ b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts @@ -35,12 +35,13 @@ export const DynamicHttpMetadataProviderWizard: Wizard Date: Wed, 14 Nov 2018 16:30:12 -0700 Subject: [PATCH 07/16] [SHIBUI-704] Added functionality for missing child elements of DynamicHTTP resolver. This is still a WIP, XML generation is not complete. --- .../DynamicHttpMetadataResolver.java | 5 +++ .../MetadataQueryProtocolScheme.java | 23 +++++++++++++ .../MetadataRequestURLConstructionScheme.java | 32 +++++++++++++++++++ .../ui/domain/resolvers/RegexScheme.java | 25 +++++++++++++++ .../ui/domain/resolvers/TemplateScheme.java | 31 ++++++++++++++++++ 5 files changed, 116 insertions(+) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataQueryProtocolScheme.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/RegexScheme.java create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/TemplateScheme.java diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java index d1b3692d2..b98d4188b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java @@ -5,9 +5,11 @@ import lombok.Setter; import lombok.ToString; +import javax.persistence.CascadeType; import javax.persistence.ElementCollection; import javax.persistence.Embedded; import javax.persistence.Entity; +import javax.persistence.OneToOne; import javax.persistence.OrderColumn; import java.util.List; @@ -36,6 +38,9 @@ public class DynamicHttpMetadataResolver extends MetadataResolver { @OrderColumn private List supportedContentTypes; + @OneToOne(cascade = CascadeType.ALL) + private MetadataRequestURLConstructionScheme metadataRequestURLConstructionScheme; + public DynamicHttpMetadataResolver() { type = "DynamicHttpMetadataResolver"; this.httpMetadataResolverAttributes = new HttpMetadataResolverAttributes(); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataQueryProtocolScheme.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataQueryProtocolScheme.java new file mode 100644 index 000000000..cc6dffb98 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataQueryProtocolScheme.java @@ -0,0 +1,23 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers; + +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; + +import javax.persistence.Entity; + +/** + * @author Bill Smith (wsmith@unicon.net) + */ +@Entity +@Getter +@Setter +@EqualsAndHashCode(callSuper = true) +public class MetadataQueryProtocolScheme extends MetadataRequestURLConstructionScheme { + + public MetadataQueryProtocolScheme() { + type = "MetadataQueryProtocol"; + } + + private String transformRef; +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java new file mode 100644 index 000000000..c6e8f9be1 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java @@ -0,0 +1,32 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonSubTypes; +import com.fasterxml.jackson.annotation.JsonTypeInfo; +import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; + +import javax.persistence.Entity; +import javax.persistence.Transient; + +/** + * @author Bill Smith (wsmith@unicon.net) + */ +@Entity +@Getter +@Setter +@EqualsAndHashCode(callSuper = true) +@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.EXISTING_PROPERTY, property = "@type", visible = true) +@JsonSubTypes({@JsonSubTypes.Type(value=MetadataQueryProtocolScheme.class, name="MetadataQueryProtocol"), + @JsonSubTypes.Type(value=TemplateScheme.class, name="Template"), + @JsonSubTypes.Type(value=RegexScheme.class, name="Regex")}) +public abstract class MetadataRequestURLConstructionScheme extends AbstractAuditable { + + @JsonProperty("@type") + @Transient + String type; + + String content; +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/RegexScheme.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/RegexScheme.java new file mode 100644 index 000000000..bb175432c --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/RegexScheme.java @@ -0,0 +1,25 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers; + +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; + +import javax.persistence.Entity; +import javax.validation.constraints.NotNull; + +/** + * @author Bill Smith (wsmith@unicon.net) + */ +@Entity +@Getter +@Setter +@EqualsAndHashCode(callSuper = true) +public class RegexScheme extends MetadataRequestURLConstructionScheme { + + public RegexScheme() { + type = "Regex"; + } + + @NotNull + private String match; +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/TemplateScheme.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/TemplateScheme.java new file mode 100644 index 000000000..6cb0c8d90 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/TemplateScheme.java @@ -0,0 +1,31 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers; + +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; + +import javax.persistence.Entity; + +/** + * @author Bill Smith (wsmith@unicon.net) + */ +@Entity +@Getter +@Setter +@EqualsAndHashCode(callSuper = true) +public class TemplateScheme extends MetadataRequestURLConstructionScheme { + + public TemplateScheme () { + type = "Template"; + } + + public enum EncodingStyle { + NONE, FORM, PATH, FRAGMENT + } + + private EncodingStyle encodingStyle = EncodingStyle.FORM; + + private String transformRef; + + private String velocityEngine = "shibboleth.VelocityEngine"; +} From 531c813d05c1f8c8737dea1d1047ddd11219a93f Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Thu, 15 Nov 2018 10:21:28 -0700 Subject: [PATCH 08/16] [SHIBUI-704] Fancied up the Scheme enum. Added XML generation for scheme nodes. Added simple tests for xml snippet generation. --- .../JPAMetadataResolverServiceImpl.groovy | 28 ++++++++ .../MetadataRequestURLConstructionScheme.java | 29 ++++++++ ...JPAMetadataResolverServiceImplTests.groovy | 69 +++++++++++++++++++ backend/src/test/resources/conf/704.1.xml | 5 ++ backend/src/test/resources/conf/704.2.xml | 5 ++ backend/src/test/resources/conf/704.3.xml | 5 ++ 6 files changed, 141 insertions(+) create mode 100644 backend/src/test/resources/conf/704.1.xml create mode 100644 backend/src/test/resources/conf/704.2.xml create mode 100644 backend/src/test/resources/conf/704.3.xml diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 4a95484e8..35e3a6343 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -10,7 +10,11 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetada import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataRequestURLConstructionScheme +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.RegexScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.Refilterable import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects @@ -287,6 +291,30 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { httpMaxCacheEntries: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntries, httpMaxCacheEntrySize: resolver.httpMetadataResolverAttributes?.httpMaxCacheEntrySize) { + switch (MetadataRequestURLConstructionScheme.SchemeType.get(resolver.metadataRequestURLConstructionScheme.type)) { + case MetadataRequestURLConstructionScheme.SchemeType.METADATA_QUERY_PROTOCOL: + MetadataQueryProtocolScheme scheme = (MetadataQueryProtocolScheme) resolver.metadataRequestURLConstructionScheme + MetadataQueryProtocol(transformRef: scheme.transformRef) { + mkp.yield(scheme.content) + } + break + case MetadataRequestURLConstructionScheme.SchemeType.TEMPLATE: + TemplateScheme scheme = (TemplateScheme) resolver.metadataRequestURLConstructionScheme + Template(encodingStyle: scheme.encodingStyle, + transformRef: scheme.transformRef, + velocityEngine: scheme.velocityEngine) { + mkp.yield(scheme.content) + } + break + case MetadataRequestURLConstructionScheme.SchemeType.REGEX: + RegexScheme scheme = (RegexScheme) resolver.metadataRequestURLConstructionScheme + Regex(match: scheme.match) { + mkp.yield(scheme.content) + } + break + default: + break + } childNodes() } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java index c6e8f9be1..adddcc5aa 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java @@ -10,6 +10,8 @@ import javax.persistence.Entity; import javax.persistence.Transient; +import java.util.HashMap; +import java.util.Map; /** * @author Bill Smith (wsmith@unicon.net) @@ -23,6 +25,33 @@ @JsonSubTypes.Type(value=TemplateScheme.class, name="Template"), @JsonSubTypes.Type(value=RegexScheme.class, name="Regex")}) public abstract class MetadataRequestURLConstructionScheme extends AbstractAuditable { + public enum SchemeType { + METADATA_QUERY_PROTOCOL("MetadataQueryProtocol"), + TEMPLATE("Template"), + REGEX("Regex"); + + private String schemeType; + private static final Map lookup = new HashMap<>(); + + static { + for (SchemeType schemeType : SchemeType.values()) { + lookup.put(schemeType.toString(), schemeType); + } + } + + SchemeType(String schemeType) { + this.schemeType = schemeType; + } + + public static SchemeType get(String schemeType) { + return lookup.get(schemeType); + } + + @Override + public String toString() { + return schemeType; + } + } @JsonProperty("@type") @Transient diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy index 8bb9bc7d4..1e2e61b3c 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy @@ -9,7 +9,11 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFil import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ClasspathMetadataResource +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.RegexScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.SvnMetadataResource +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository @@ -280,6 +284,71 @@ class JPAMetadataResolverServiceImplTests extends Specification { generatedXmlIsTheSameAsExpectedXml('/conf/670.xml', generatedXmlDocument) } + def 'test generating DynamicHttpMetadataResolver xml snippet with MetadataQueryProtocolScheme'() { + given: + def resolver = new DynamicHttpMetadataResolver().with { + it.xmlId = 'DynamicHttpMetadataResolver' + it.metadataRequestURLConstructionScheme = new MetadataQueryProtocolScheme().with { + it.transformRef = 'This is a transformRef' + it.content = 'some content' + it + } + it + } + + when: + genXmlSnippet(markupBuilder) { + JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForResolver(resolver, it) {} + } + + then: + generatedXmlIsTheSameAsExpectedXml('/conf/704.1.xml', domBuilder.parseText(writer.toString())) + } + + def 'test generating DynamicHttpMetadataResolver xml snippet with TemplateScheme'() { + given: + def resolver = new DynamicHttpMetadataResolver().with { + it.xmlId = 'DynamicHttpMetadataResolver' + it.metadataRequestURLConstructionScheme = new TemplateScheme().with { + it.encodingStyle = TemplateScheme.EncodingStyle.FORM + it.transformRef = 'This is a transformRef' + it.velocityEngine = 'This is a velocityEngine' + it.content = 'some content' + it + } + it + } + + when: + genXmlSnippet(markupBuilder) { + JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForResolver(resolver, it) {} + } + + then: + generatedXmlIsTheSameAsExpectedXml('/conf/704.2.xml', domBuilder.parseText(writer.toString())) + } + + def 'test generating DynamicHttpMetadataResolver xml snippet with RegexScheme'() { + given: + def resolver = new DynamicHttpMetadataResolver().with { + it.xmlId = 'DynamicHttpMetadataResolver' + it.metadataRequestURLConstructionScheme = new RegexScheme().with { + it.match = 'This is the match field' + it.content = 'some content' + it + } + it + } + + when: + genXmlSnippet(markupBuilder) { + JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForResolver(resolver, it) {} + } + + then: + generatedXmlIsTheSameAsExpectedXml('/conf/704.3.xml', domBuilder.parseText(writer.toString())) + } + static genXmlSnippet(MarkupBuilder xml, Closure xmlNodeGenerator) { xml.MetadataProvider('id': 'ShibbolethMetadata', 'xmlns': 'urn:mace:shibboleth:2.0:metadata', diff --git a/backend/src/test/resources/conf/704.1.xml b/backend/src/test/resources/conf/704.1.xml new file mode 100644 index 000000000..a7e5d63a0 --- /dev/null +++ b/backend/src/test/resources/conf/704.1.xml @@ -0,0 +1,5 @@ + + + some content + + \ No newline at end of file diff --git a/backend/src/test/resources/conf/704.2.xml b/backend/src/test/resources/conf/704.2.xml new file mode 100644 index 000000000..823b89de4 --- /dev/null +++ b/backend/src/test/resources/conf/704.2.xml @@ -0,0 +1,5 @@ + + + + + \ No newline at end of file diff --git a/backend/src/test/resources/conf/704.3.xml b/backend/src/test/resources/conf/704.3.xml new file mode 100644 index 000000000..d7ce637d3 --- /dev/null +++ b/backend/src/test/resources/conf/704.3.xml @@ -0,0 +1,5 @@ + + + some content + + \ No newline at end of file From 50043c3d03bf4c7816012fa0711adc94fdb3e8cb Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Thu, 15 Nov 2018 10:59:22 -0700 Subject: [PATCH 09/16] [SHIBUI-704] Added null check for scheme.content. Attempted test fixes. --- .../ui/service/JPAMetadataResolverServiceImpl.groovy | 12 +++++++++--- ...ncommonJPAMetadataResolverServiceImplTests.groovy | 2 -- .../admin/ui/util/TestObjectGenerator.groovy | 5 +++++ backend/src/test/resources/conf/278.2.xml | 1 + backend/src/test/resources/conf/278.xml | 1 + 5 files changed, 16 insertions(+), 5 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 35e3a6343..c444bd214 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -295,7 +295,9 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { case MetadataRequestURLConstructionScheme.SchemeType.METADATA_QUERY_PROTOCOL: MetadataQueryProtocolScheme scheme = (MetadataQueryProtocolScheme) resolver.metadataRequestURLConstructionScheme MetadataQueryProtocol(transformRef: scheme.transformRef) { - mkp.yield(scheme.content) + if (scheme.content != null) { + mkp.yield(scheme.content) + } } break case MetadataRequestURLConstructionScheme.SchemeType.TEMPLATE: @@ -303,13 +305,17 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { Template(encodingStyle: scheme.encodingStyle, transformRef: scheme.transformRef, velocityEngine: scheme.velocityEngine) { - mkp.yield(scheme.content) + if (scheme.content != null) { + mkp.yield(scheme.content) + } } break case MetadataRequestURLConstructionScheme.SchemeType.REGEX: RegexScheme scheme = (RegexScheme) resolver.metadataRequestURLConstructionScheme Regex(match: scheme.match) { - mkp.yield(scheme.content) + if (scheme.content != null) { + mkp.yield(scheme.content) + } } break default: diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy index cae0c8afc..19c0fb5e3 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy @@ -57,8 +57,6 @@ class IncommonJPAMetadataResolverServiceImplTests extends Specification { metadataResolverRepository.save(mr) def output = metadataResolverService.generateConfiguration() - println(output.documentElement) - then: generatedXmlIsTheSameAsExpectedXml('/conf/278.xml', output) } diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy index eaf031c3e..071516cc2 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy @@ -512,6 +512,11 @@ class TestObjectGenerator { it.dynamicMetadataResolverAttributes = new DynamicMetadataResolverAttributes().with { it } + it.metadataRequestURLConstructionScheme = new MetadataQueryProtocolScheme().with { + it.transformRef = 'transformRef' + it.content = 'content' + it + } it } } diff --git a/backend/src/test/resources/conf/278.2.xml b/backend/src/test/resources/conf/278.2.xml index 269a2f3ec..b6c1d0d89 100644 --- a/backend/src/test/resources/conf/278.2.xml +++ b/backend/src/test/resources/conf/278.2.xml @@ -23,6 +23,7 @@ socketTimeout="PT5S" supportedContentTypes="[]" xsi:type="DynamicHttpMetadataProvider"> + content diff --git a/backend/src/test/resources/conf/278.xml b/backend/src/test/resources/conf/278.xml index 3bebc347b..6db6e5cfa 100644 --- a/backend/src/test/resources/conf/278.xml +++ b/backend/src/test/resources/conf/278.xml @@ -23,6 +23,7 @@ socketTimeout="PT5S" supportedContentTypes="[]" xsi:type="DynamicHttpMetadataProvider"> + content From 8a0c2e8f1fda1a8a075ba979c94b3fc23839d026 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Fri, 16 Nov 2018 10:14:49 -0700 Subject: [PATCH 10/16] SHIBUI-704 Implemented url request construction schema --- .../dynamic-http-metadata-provider.schema.json | 4 ---- .../container/provider-edit-step.component.html | 1 + .../provider/container/provider-edit-step.component.ts | 2 ++ .../provider/model/dynamic-http.provider.form.ts | 10 +++++----- ui/src/app/wizard/model/wizard.ts | 1 + ui/src/app/wizard/reducer/index.ts | 5 +++++ 6 files changed, 14 insertions(+), 9 deletions(-) diff --git a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json index 4e7a52786..7362b40d7 100644 --- a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json +++ b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json @@ -1,9 +1,5 @@ { "type": "object", - "order": [ - "xmlId", - "metadataURL" - ], "required": [ "xmlId", "metadataURL" diff --git a/ui/src/app/metadata/provider/container/provider-edit-step.component.html b/ui/src/app/metadata/provider/container/provider-edit-step.component.html index bab3e5b90..ad969fd9e 100644 --- a/ui/src/app/metadata/provider/container/provider-edit-step.component.html +++ b/ui/src/app/metadata/provider/container/provider-edit-step.component.html @@ -10,6 +10,7 @@ [schema]="schema$ | async" [model]="model$ | async" [validators]="validators$ | async" + [bindings]="bindings$ | async" (onChange)="valueChangeSubject.next($event)" (onErrorChange)="statusChangeSubject.next($event)"> \ No newline at end of file diff --git a/ui/src/app/metadata/provider/container/provider-edit-step.component.ts b/ui/src/app/metadata/provider/container/provider-edit-step.component.ts index 2a32d925d..fd6e61a2c 100644 --- a/ui/src/app/metadata/provider/container/provider-edit-step.component.ts +++ b/ui/src/app/metadata/provider/container/provider-edit-step.component.ts @@ -37,6 +37,7 @@ export class ProviderEditStepComponent implements OnDestroy { definition$: Observable>; changes$: Observable; step$: Observable; + bindings$: Observable; validators$: Observable<{ [key: string]: any }>; @@ -50,6 +51,7 @@ export class ProviderEditStepComponent implements OnDestroy { this.provider$ = this.store.select(fromProvider.getSelectedProvider); this.step$ = this.store.select(fromWizard.getCurrent); this.schema$ = this.store.select(fromWizard.getSchema); + this.bindings$ = this.definition$.pipe(map(d => d.bindings)); this.step$.subscribe(s => { if (s && s.locked) { diff --git a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts index 9499d19c0..1692d8f36 100644 --- a/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts +++ b/ui/src/app/metadata/provider/model/dynamic-http.provider.form.ts @@ -109,13 +109,13 @@ export const DynamicHttpMetadataProviderEditor: Wizard { }); } + if (step.order) { + s.order = step.order; + } + if (schema.definitions) { s.definitions = schema.definitions; } From fe6f10c42c322b1b04a14384f475c416e7c921df Mon Sep 17 00:00:00 2001 From: Jj! Date: Mon, 26 Nov 2018 07:59:40 -0600 Subject: [PATCH 11/16] [SHIBUI-704] WIP --- .../admin/ui/configuration/DevConfig.groovy | 67 ++- .../MetadataResolverConfiguration.java | 6 +- .../admin/ui/domain/AbstractXMLObject.java | 4 +- ...tionDrivenDynamicHTTPMetadataResolver.java | 11 + ui/package-lock.json | 543 ------------------ 5 files changed, 84 insertions(+), 547 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy index 2106b52a2..8c574b90e 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy @@ -1,8 +1,19 @@ package edu.internet2.tier.shibboleth.admin.ui.configuration +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.HttpMetadataResolverAttributes +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes +import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import edu.internet2.tier.shibboleth.admin.ui.security.model.Role import edu.internet2.tier.shibboleth.admin.ui.security.model.User import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository +import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions +import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Profile import org.springframework.stereotype.Component import org.springframework.transaction.annotation.Transactional @@ -14,8 +25,11 @@ import javax.annotation.PostConstruct class DevConfig { private final UserRepository adminUserRepository - DevConfig(UserRepository adminUserRepository) { + private final MetadataResolverRepository metadataResolverRepository + + DevConfig(UserRepository adminUserRepository, MetadataResolverRepository metadataResolverRepository) { this.adminUserRepository = adminUserRepository + this.metadataResolverRepository = metadataResolverRepository } @Transactional @@ -32,4 +46,55 @@ class DevConfig { adminUserRepository.save(user) } } + + @Transactional + @Profile('fbhmr') + @Bean + MetadataResolver fbhmr(ModelRepresentationConversions modelRepresentationConversions) { + return this.metadataResolverRepository.save(new FileBackedHttpMetadataResolver().with { + enabled = true + xmlId = 'test-fbhmr' + name = 'test-fbhmr' + metadataURL = 'http://md.incommon.org/InCommon/InCommon-metadata.xml' + backingFile = '%{idp.home}/test-fbhmr.xml' + reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes() + httpMetadataResolverAttributes = new HttpMetadataResolverAttributes() + it.metadataFilters.add(new EntityAttributesFilter().with { + it.name = 'test' + it.filterEnabled = true + it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with { + it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY + it.value = ["https://carmenwiki.osu.edu/shibboleth"] + return it + } + it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail'] + return it + }) + return it + }) + } + + @Profile('dhmr') + @Transactional + @Bean + MetadataResolver dhmr(ModelRepresentationConversions modelRepresentationConversions) { + return this.metadataResolverRepository.save(new DynamicHttpMetadataResolver().with { + it.enabled = true + it.xmlId = 'test-dhmr' + it.name = 'test-dhmr' + it.metadataRequestURLConstructionScheme = new MetadataQueryProtocolScheme(content: 'http://mdq-beta.incommon.org/global') + it.metadataFilters.add(new EntityAttributesFilter().with { + it.name = 'test' + it.filterEnabled = true + it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with { + it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY + it.value = ["https://carmenwiki.osu.edu/shibboleth"] + return it + } + it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail'] + return it + }) + return it + }) + } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java index ad407cfb5..d54217619 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java @@ -5,7 +5,6 @@ import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.IndexWriterService; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverConverterService; -import edu.internet2.tier.shibboleth.admin.ui.service.TokenPlaceholderValueResolvingService; import edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.resolver.ResolverException; @@ -16,10 +15,12 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.transaction.annotation.Transactional; import java.io.IOException; import java.util.ArrayList; import java.util.List; +import java.util.Set; /** * this is a temporary class until a better way of doing this is found. @@ -41,9 +42,10 @@ public class MetadataResolverConfiguration { MetadataResolverConverterService metadataResolverConverterService; @Bean + @Transactional //This injected dependency makes sure that this bean has been created and the wrapped placeholder resolver service //is available via static facade accessor method to all the downstream non-Spring managed consumers - public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers) throws ResolverException, ComponentInitializationException { + public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers, Set metadataResolvers) throws ResolverException, ComponentInitializationException { ChainingMetadataResolver metadataResolver = new OpenSamlChainingMetadataResolver(); metadataResolver.setId("chain"); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java index 2250a0b18..63c1ffa36 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java @@ -219,9 +219,11 @@ public void setNil(@Nullable XSBooleanValue xsBooleanValue) { } + private transient final LockableClassToInstanceMultiMap objectMetadata = new LockableClassToInstanceMultiMap<>(true); + @Nonnull public LockableClassToInstanceMultiMap getObjectMetadata() { - return null; + return objectMetadata; } public String getSchemaTypeNamespaceURI() { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java index 705f4bb84..e7a76c174 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java @@ -1,11 +1,13 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver; +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataRequestURLConstructionScheme; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.xml.ParserPool; import org.apache.http.impl.client.HttpClients; import org.apache.lucene.index.IndexWriter; import org.opensaml.saml.metadata.resolver.impl.FunctionDrivenDynamicHTTPMetadataResolver; +import org.opensaml.saml.metadata.resolver.impl.MetadataQueryProtocolRequestURLBuilder; /** * @author Bill Smith (wsmith@unicon.net) @@ -37,6 +39,15 @@ public OpenSamlFunctionDrivenDynamicHTTPMetadataResolver(ParserPool parserPool, // In the parser, if not null, a warning is logged .. but nothing else happens with them. // sourceResolver.getMaxConnectionsPerRoute(); // sourceResolver.getMaxConnectionsTotal(); + + switch (MetadataRequestURLConstructionScheme.SchemeType.get(sourceResolver.getMetadataRequestURLConstructionScheme().getType())) { + case METADATA_QUERY_PROTOCOL: + this.setRequestURLBuilder(new MetadataQueryProtocolRequestURLBuilder(sourceResolver.getMetadataRequestURLConstructionScheme().getContent())); + break; + // TODO: write other cases + default: + break; + } } @Override diff --git a/ui/package-lock.json b/ui/package-lock.json index f2aba6f0c..bb8441756 100644 --- a/ui/package-lock.json +++ b/ui/package-lock.json @@ -183,7 +183,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -526,7 +525,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -924,7 +922,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -1475,7 +1472,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -2811,7 +2807,6 @@ "requires": { "anymatch": "1.3.2", "async-each": "1.0.1", - "fsevents": "1.2.4", "glob-parent": "2.0.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -4641,535 +4636,6 @@ "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", "dev": true }, - "fsevents": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.4.tgz", - "integrity": "sha512-z8H8/diyk76B7q5wg+Ud0+CqzcAF3mBBI/bA5ne5zrRUUIvNkJY//D3BqyH571KuAC4Nr7Rw7CjWX4r0y9DvNg==", - "dev": true, - "optional": true, - "requires": { - "nan": "2.11.1", - "node-pre-gyp": "0.10.0" - }, - "dependencies": { - "abbrev": { - "version": "1.1.1", - "bundled": true, - "dev": true, - "optional": true - }, - "ansi-regex": { - "version": "2.1.1", - "bundled": true, - "dev": true - }, - "aproba": { - "version": "1.2.0", - "bundled": true, - "dev": true, - "optional": true - }, - "are-we-there-yet": { - "version": "1.1.4", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "delegates": "1.0.0", - "readable-stream": "2.3.6" - } - }, - "balanced-match": { - "version": "1.0.0", - "bundled": true, - "dev": true - }, - "brace-expansion": { - "version": "1.1.11", - "bundled": true, - "dev": true, - "requires": { - "balanced-match": "1.0.0", - "concat-map": "0.0.1" - } - }, - "chownr": { - "version": "1.0.1", - "bundled": true, - "dev": true, - "optional": true - }, - "code-point-at": { - "version": "1.1.0", - "bundled": true, - "dev": true - }, - "concat-map": { - "version": "0.0.1", - "bundled": true, - "dev": true - }, - "console-control-strings": { - "version": "1.1.0", - "bundled": true, - "dev": true - }, - "core-util-is": { - "version": "1.0.2", - "bundled": true, - "dev": true, - "optional": true - }, - "debug": { - "version": "2.6.9", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "ms": "2.0.0" - } - }, - "deep-extend": { - "version": "0.5.1", - "bundled": true, - "dev": true, - "optional": true - }, - "delegates": { - "version": "1.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "detect-libc": { - "version": "1.0.3", - "bundled": true, - "dev": true, - "optional": true - }, - "fs-minipass": { - "version": "1.2.5", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "minipass": "2.2.4" - } - }, - "fs.realpath": { - "version": "1.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "gauge": { - "version": "2.7.4", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "aproba": "1.2.0", - "console-control-strings": "1.1.0", - "has-unicode": "2.0.1", - "object-assign": "4.1.1", - "signal-exit": "3.0.2", - "string-width": "1.0.2", - "strip-ansi": "3.0.1", - "wide-align": "1.1.2" - } - }, - "glob": { - "version": "7.1.2", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "fs.realpath": "1.0.0", - "inflight": "1.0.6", - "inherits": "2.0.3", - "minimatch": "3.0.4", - "once": "1.4.0", - "path-is-absolute": "1.0.1" - } - }, - "has-unicode": { - "version": "2.0.1", - "bundled": true, - "dev": true, - "optional": true - }, - "iconv-lite": { - "version": "0.4.21", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "safer-buffer": "2.1.2" - } - }, - "ignore-walk": { - "version": "3.0.1", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "minimatch": "3.0.4" - } - }, - "inflight": { - "version": "1.0.6", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "once": "1.4.0", - "wrappy": "1.0.2" - } - }, - "inherits": { - "version": "2.0.3", - "bundled": true, - "dev": true - }, - "ini": { - "version": "1.3.5", - "bundled": true, - "dev": true, - "optional": true - }, - "is-fullwidth-code-point": { - "version": "1.0.0", - "bundled": true, - "dev": true, - "requires": { - "number-is-nan": "1.0.1" - } - }, - "isarray": { - "version": "1.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "minimatch": { - "version": "3.0.4", - "bundled": true, - "dev": true, - "requires": { - "brace-expansion": "1.1.11" - } - }, - "minimist": { - "version": "0.0.8", - "bundled": true, - "dev": true - }, - "minipass": { - "version": "2.2.4", - "bundled": true, - "dev": true, - "requires": { - "safe-buffer": "5.1.1", - "yallist": "3.0.2" - } - }, - "minizlib": { - "version": "1.1.0", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "minipass": "2.2.4" - } - }, - "mkdirp": { - "version": "0.5.1", - "bundled": true, - "dev": true, - "requires": { - "minimist": "0.0.8" - } - }, - "ms": { - "version": "2.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "needle": { - "version": "2.2.0", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "debug": "2.6.9", - "iconv-lite": "0.4.21", - "sax": "1.2.4" - } - }, - "node-pre-gyp": { - "version": "0.10.0", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "detect-libc": "1.0.3", - "mkdirp": "0.5.1", - "needle": "2.2.0", - "nopt": "4.0.1", - "npm-packlist": "1.1.10", - "npmlog": "4.1.2", - "rc": "1.2.7", - "rimraf": "2.6.2", - "semver": "5.5.0", - "tar": "4.4.1" - } - }, - "nopt": { - "version": "4.0.1", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "abbrev": "1.1.1", - "osenv": "0.1.5" - } - }, - "npm-bundled": { - "version": "1.0.3", - "bundled": true, - "dev": true, - "optional": true - }, - "npm-packlist": { - "version": "1.1.10", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "ignore-walk": "3.0.1", - "npm-bundled": "1.0.3" - } - }, - "npmlog": { - "version": "4.1.2", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "are-we-there-yet": "1.1.4", - "console-control-strings": "1.1.0", - "gauge": "2.7.4", - "set-blocking": "2.0.0" - } - }, - "number-is-nan": { - "version": "1.0.1", - "bundled": true, - "dev": true - }, - "object-assign": { - "version": "4.1.1", - "bundled": true, - "dev": true, - "optional": true - }, - "once": { - "version": "1.4.0", - "bundled": true, - "dev": true, - "requires": { - "wrappy": "1.0.2" - } - }, - "os-homedir": { - "version": "1.0.2", - "bundled": true, - "dev": true, - "optional": true - }, - "os-tmpdir": { - "version": "1.0.2", - "bundled": true, - "dev": true, - "optional": true - }, - "osenv": { - "version": "0.1.5", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "os-homedir": "1.0.2", - "os-tmpdir": "1.0.2" - } - }, - "path-is-absolute": { - "version": "1.0.1", - "bundled": true, - "dev": true, - "optional": true - }, - "process-nextick-args": { - "version": "2.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "rc": { - "version": "1.2.7", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "deep-extend": "0.5.1", - "ini": "1.3.5", - "minimist": "1.2.0", - "strip-json-comments": "2.0.1" - }, - "dependencies": { - "minimist": { - "version": "1.2.0", - "bundled": true, - "dev": true, - "optional": true - } - } - }, - "readable-stream": { - "version": "2.3.6", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "core-util-is": "1.0.2", - "inherits": "2.0.3", - "isarray": "1.0.0", - "process-nextick-args": "2.0.0", - "safe-buffer": "5.1.1", - "string_decoder": "1.1.1", - "util-deprecate": "1.0.2" - } - }, - "rimraf": { - "version": "2.6.2", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "glob": "7.1.2" - } - }, - "safe-buffer": { - "version": "5.1.1", - "bundled": true, - "dev": true - }, - "safer-buffer": { - "version": "2.1.2", - "bundled": true, - "dev": true, - "optional": true - }, - "sax": { - "version": "1.2.4", - "bundled": true, - "dev": true, - "optional": true - }, - "semver": { - "version": "5.5.0", - "bundled": true, - "dev": true, - "optional": true - }, - "set-blocking": { - "version": "2.0.0", - "bundled": true, - "dev": true, - "optional": true - }, - "signal-exit": { - "version": "3.0.2", - "bundled": true, - "dev": true, - "optional": true - }, - "string-width": { - "version": "1.0.2", - "bundled": true, - "dev": true, - "requires": { - "code-point-at": "1.1.0", - "is-fullwidth-code-point": "1.0.0", - "strip-ansi": "3.0.1" - } - }, - "string_decoder": { - "version": "1.1.1", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "safe-buffer": "5.1.1" - } - }, - "strip-ansi": { - "version": "3.0.1", - "bundled": true, - "dev": true, - "requires": { - "ansi-regex": "2.1.1" - } - }, - "strip-json-comments": { - "version": "2.0.1", - "bundled": true, - "dev": true, - "optional": true - }, - "tar": { - "version": "4.4.1", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "chownr": "1.0.1", - "fs-minipass": "1.2.5", - "minipass": "2.2.4", - "minizlib": "1.1.0", - "mkdirp": "0.5.1", - "safe-buffer": "5.1.1", - "yallist": "3.0.2" - } - }, - "util-deprecate": { - "version": "1.0.2", - "bundled": true, - "dev": true, - "optional": true - }, - "wide-align": { - "version": "1.1.2", - "bundled": true, - "dev": true, - "optional": true, - "requires": { - "string-width": "1.0.2" - } - }, - "wrappy": { - "version": "1.0.2", - "bundled": true, - "dev": true - }, - "yallist": { - "version": "3.0.2", - "bundled": true, - "dev": true - } - } - }, "fstream": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/fstream/-/fstream-1.0.11.tgz", @@ -7895,13 +7361,6 @@ "integrity": "sha1-iZ8R2WhuXgXLkbNdXw5jt3PPyQE=", "dev": true }, - "nan": { - "version": "2.11.1", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.11.1.tgz", - "integrity": "sha512-iji6k87OSXa0CcrLl9z+ZiYSuR2o+c0bGuNmXdrhTQTakxytAFsC56SArGYoiHlJlFoHSnvmhpceZJaXkVuOtA==", - "dev": true, - "optional": true - }, "nanomatch": { "version": "1.2.9", "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.9.tgz", @@ -11612,7 +11071,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", @@ -12460,7 +11918,6 @@ "anymatch": "2.0.0", "async-each": "1.0.1", "braces": "2.3.2", - "fsevents": "1.2.4", "glob-parent": "3.1.0", "inherits": "2.0.3", "is-binary-path": "1.0.1", From 43090c99f6388fc6a90859594ba0d534ca1fcb69 Mon Sep 17 00:00:00 2001 From: Jj! Date: Mon, 26 Nov 2018 08:23:04 -0600 Subject: [PATCH 12/16] [SHIBUI-704] WIP --- .../admin/ui/configuration/MetadataResolverConfiguration.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java index d54217619..6378990a5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java @@ -20,6 +20,7 @@ import java.io.IOException; import java.util.ArrayList; import java.util.List; +import java.util.Optional; import java.util.Set; /** @@ -45,7 +46,7 @@ public class MetadataResolverConfiguration { @Transactional //This injected dependency makes sure that this bean has been created and the wrapped placeholder resolver service //is available via static facade accessor method to all the downstream non-Spring managed consumers - public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers, Set metadataResolvers) throws ResolverException, ComponentInitializationException { + public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers, Optional> metadataResolvers) throws ResolverException, ComponentInitializationException { ChainingMetadataResolver metadataResolver = new OpenSamlChainingMetadataResolver(); metadataResolver.setId("chain"); From ac54b804ff2d2bb48452298a17bf581357960e1b Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 27 Nov 2018 10:40:26 -0700 Subject: [PATCH 13/16] [SHIBUI-704] Added RequestURLBuilder support for Template and Regex scheme types. --- ...ctionDrivenDynamicHTTPMetadataResolver.java | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java index e7a76c174..b53d7486b 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java @@ -2,12 +2,17 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataRequestURLConstructionScheme; +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.RegexScheme; +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.xml.ParserPool; import org.apache.http.impl.client.HttpClients; import org.apache.lucene.index.IndexWriter; +import org.apache.velocity.app.VelocityEngine; import org.opensaml.saml.metadata.resolver.impl.FunctionDrivenDynamicHTTPMetadataResolver; import org.opensaml.saml.metadata.resolver.impl.MetadataQueryProtocolRequestURLBuilder; +import org.opensaml.saml.metadata.resolver.impl.RegexRequestURLBuilder; +import org.opensaml.saml.metadata.resolver.impl.TemplateRequestURLBuilder; /** * @author Bill Smith (wsmith@unicon.net) @@ -44,7 +49,18 @@ public OpenSamlFunctionDrivenDynamicHTTPMetadataResolver(ParserPool parserPool, case METADATA_QUERY_PROTOCOL: this.setRequestURLBuilder(new MetadataQueryProtocolRequestURLBuilder(sourceResolver.getMetadataRequestURLConstructionScheme().getContent())); break; - // TODO: write other cases + case TEMPLATE: + TemplateScheme templateScheme = (TemplateScheme) sourceResolver.getMetadataRequestURLConstructionScheme(); + this.setRequestURLBuilder(new TemplateRequestURLBuilder( + new VelocityEngine(), // we may want to do something with this here: templateScheme.getVelocityEngine() + templateScheme.getContent(), + TemplateRequestURLBuilder.EncodingStyle.valueOf(templateScheme.getEncodingStyle().toString().toLowerCase()), + null)); // this may need to be an actual Function, but all we have is a ref + break; + case REGEX: + RegexScheme regexScheme = (RegexScheme) sourceResolver.getMetadataRequestURLConstructionScheme(); + this.setRequestURLBuilder(new RegexRequestURLBuilder(regexScheme.getMatch(), regexScheme.getContent())); + break; default: break; } From 1c70e777b053b60240f899bec1cad79f97e0e6d6 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 27 Nov 2018 17:25:39 -0700 Subject: [PATCH 14/16] [SHIBUI-704] Added an event listener to attempt to reload filters at app startup. WIP. --- .../admin/ui/ShibbolethUiApplication.java | 29 ++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java index b548b98d4..e2c133532 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java @@ -1,6 +1,8 @@ package edu.internet2.tier.shibboleth.admin.ui; +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; +import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @@ -16,6 +18,9 @@ import org.springframework.scheduling.annotation.EnableScheduling; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.stereotype.Component; +import org.springframework.transaction.annotation.Transactional; + +import java.util.List; @SpringBootApplication @ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "edu.internet2.tier.shibboleth.admin.ui.configuration.auto.*")) @@ -42,9 +47,31 @@ public static class MetadataResolversResourceIdEmitter { MetadataResolverRepository metadataResolverRepository; @EventListener - void showMetadataResolversResourceIds(ApplicationStartedEvent e) { + public void showMetadataResolversResourceIds(ApplicationStartedEvent e) { metadataResolverRepository.findAll() .forEach(it -> System.out.println(String.format("MetadataResolver [%s: %s]", it.getName(), it.getResourceId()))); } } + + @Component + public static class MetadataResolverInitializingApplicationStartupListener { + + @Autowired + MetadataResolverService metadataResolverService; + + @Autowired + MetadataResolverRepository metadataResolverRepository; + + @Transactional + @EventListener + public void initializeResolvers(ApplicationStartedEvent e) { + metadataResolverRepository.findAll() + .forEach(it -> { + System.out.println(String.format("Reloading filters for resolver [%s: %s]", it.getName(), it.getResourceId())); +// List filters = it.getMetadataFilters(); +// filters.forEach(System.out::println); + metadataResolverService.reloadFilters(it.getResourceId()); + }); + } + } } From 972fdc190d98b5132b6a6329bf1086201c63063c Mon Sep 17 00:00:00 2001 From: Jj! Date: Wed, 28 Nov 2018 09:55:20 -0600 Subject: [PATCH 15/16] [SHIBUI-704] updated dev config set metadata filter for dhmr --- .../tier/shibboleth/admin/ui/configuration/DevConfig.groovy | 4 +++- .../OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy index 8c574b90e..e9e530d64 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy @@ -68,6 +68,7 @@ class DevConfig { return it } it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail'] + it.relyingPartyOverrides = null return it }) return it @@ -88,10 +89,11 @@ class DevConfig { it.filterEnabled = true it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with { it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY - it.value = ["https://carmenwiki.osu.edu/shibboleth"] + it.value = ["https://issues.shibboleth.net/shibboleth"] return it } it.attributeRelease = ['eduPersonPrincipalName', 'givenName', 'surname', 'mail'] + it.relyingPartyOverrides = null return it }) return it diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java index b53d7486b..0bb50c0c0 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java @@ -9,6 +9,7 @@ import org.apache.http.impl.client.HttpClients; import org.apache.lucene.index.IndexWriter; import org.apache.velocity.app.VelocityEngine; +import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain; import org.opensaml.saml.metadata.resolver.impl.FunctionDrivenDynamicHTTPMetadataResolver; import org.opensaml.saml.metadata.resolver.impl.MetadataQueryProtocolRequestURLBuilder; import org.opensaml.saml.metadata.resolver.impl.RegexRequestURLBuilder; @@ -40,6 +41,8 @@ public OpenSamlFunctionDrivenDynamicHTTPMetadataResolver(ParserPool parserPool, this.setSupportedContentTypes(sourceResolver.getSupportedContentTypes()); + this.setMetadataFilter(new MetadataFilterChain()); + //TODO: These don't seem to be used anywhere. // In the parser, if not null, a warning is logged .. but nothing else happens with them. // sourceResolver.getMaxConnectionsPerRoute(); From 83d5198ebaaec2ae57f5066a7d11aa6e1e6483bb Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Wed, 28 Nov 2018 10:03:56 -0700 Subject: [PATCH 16/16] [SHIBUI-704] Cleaned up comments/TODOs. Swapped a println for a logger. --- .../admin/ui/ShibbolethUiApplication.java | 13 ++++++------- ...mlFunctionDrivenDynamicHTTPMetadataResolver.java | 5 +++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java index e2c133532..2bd90bcc3 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/ShibbolethUiApplication.java @@ -1,8 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui; -import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter; import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @@ -20,8 +21,6 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import java.util.List; - @SpringBootApplication @ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "edu.internet2.tier.shibboleth.admin.ui.configuration.auto.*")) @EntityScan(basePackages = {"edu.internet2.tier.shibboleth.admin.ui.domain", "edu.internet2.tier.shibboleth.admin.ui.security.model"}) @@ -30,6 +29,8 @@ @EnableWebSecurity public class ShibbolethUiApplication extends SpringBootServletInitializer { + private static final Logger logger = LoggerFactory.getLogger(ShibbolethUiApplication.class); + @Override protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) { return builder.sources(ShibbolethUiApplication.class); @@ -49,7 +50,7 @@ public static class MetadataResolversResourceIdEmitter { @EventListener public void showMetadataResolversResourceIds(ApplicationStartedEvent e) { metadataResolverRepository.findAll() - .forEach(it -> System.out.println(String.format("MetadataResolver [%s: %s]", it.getName(), it.getResourceId()))); + .forEach(it -> logger.info(String.format("MetadataResolver [%s: %s]", it.getName(), it.getResourceId()))); } } @@ -67,9 +68,7 @@ public static class MetadataResolverInitializingApplicationStartupListener { public void initializeResolvers(ApplicationStartedEvent e) { metadataResolverRepository.findAll() .forEach(it -> { - System.out.println(String.format("Reloading filters for resolver [%s: %s]", it.getName(), it.getResourceId())); -// List filters = it.getMetadataFilters(); -// filters.forEach(System.out::println); + logger.info(String.format("Reloading filters for resolver [%s: %s]", it.getName(), it.getResourceId())); metadataResolverService.reloadFilters(it.getResourceId()); }); } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java index 0bb50c0c0..cd952a777 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFunctionDrivenDynamicHTTPMetadataResolver.java @@ -53,12 +53,13 @@ public OpenSamlFunctionDrivenDynamicHTTPMetadataResolver(ParserPool parserPool, this.setRequestURLBuilder(new MetadataQueryProtocolRequestURLBuilder(sourceResolver.getMetadataRequestURLConstructionScheme().getContent())); break; case TEMPLATE: + //TODO: address this later with a prebuilt configuration TemplateScheme templateScheme = (TemplateScheme) sourceResolver.getMetadataRequestURLConstructionScheme(); this.setRequestURLBuilder(new TemplateRequestURLBuilder( - new VelocityEngine(), // we may want to do something with this here: templateScheme.getVelocityEngine() + new VelocityEngine(), //TODO: we may want to do something with this here: templateScheme.getVelocityEngine() templateScheme.getContent(), TemplateRequestURLBuilder.EncodingStyle.valueOf(templateScheme.getEncodingStyle().toString().toLowerCase()), - null)); // this may need to be an actual Function, but all we have is a ref + null)); //TODO: this may need to be an actual Function, but all we have is a ref break; case REGEX: RegexScheme regexScheme = (RegexScheme) sourceResolver.getMetadataRequestURLConstructionScheme();