Merged in bugfix/shibui-2627 (pull request #667)

SHIBUI-2627

Approved-by: Doug Sonaty

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java

@@ -111,6 +111,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
             .authorizeHttpRequests()
             .requestMatchers(new AntPathRequestMatcher("/unsecured/**/*"),
+                             new AntPathRequestMatcher("/entities*"),
                              new AntPathRequestMatcher("/entities/**/*"),
                              new AntPathRequestMatcher("/actuator/**"),
                              new AntPathRequestMatcher("/api/beacon/send")).permitAll()

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntitiesController.java

@@ -28,14 +28,14 @@
 import java.time.Instant;
 import java.time.ZoneOffset;
 import java.util.Date;
+import java.util.List;
 
 /**
  * EntitiesController is here to meet the requirements for this project being an MDQ. Despite similar logic to the
  * EntitiesDescriptorController, the required endpoints that make this project an MDQ server are served by this controller.
  */
 @RestController
-@RequestMapping(value = { "/entities", // per protocol - https://spaces.at.internet2.edu/display/MDQ/Metadata+Query+Protocol
-                          "/api/entities" }, // existing - included to break no existing code
+@RequestMapping(value = { "/" }, // per protocol - https://spaces.at.internet2.edu/display/MDQ/Metadata+Query+Protocol
                 method = RequestMethod.GET)
 @Slf4j
 @Tags(value = {@Tag(name = "MDQ")})
@@ -49,7 +49,30 @@ public class EntitiesController {
     @Autowired
     private EntityDescriptorRepository entityDescriptorRepository;
 
-    @RequestMapping(value = "/{entityId:.*}")
+    @RequestMapping(value = "/entities", produces = "application/xml")
+    @Operation(description = "Endpoint based on the MDQ spec to return all entity's information. see: https://spaces.at.internet2.edu/display/MDQ/Metadata+Query+Protocol",
+               summary = "Return all the entities from the entity's id", method = "GET")
+    @Transactional(readOnly = true)
+    public ResponseEntity<?> getAllXml() throws MarshallingException, ResolverException, UnsupportedEncodingException {
+        List<edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor> entityDescriptors = entityDescriptorRepository.findAll();
+        if (entityDescriptors == null || entityDescriptors.isEmpty()) {
+            return ResponseEntity.notFound().build();
+        }
+        StringBuilder result = new StringBuilder();
+        entityDescriptors.forEach(entityDescriptor -> {
+            try {
+                final String xml = this.openSamlObjects.marshalToXmlString(entityDescriptor);
+                result.append(xml);
+            }
+            catch (MarshallingException e) {
+                throw new RuntimeException(e);
+            }
+        });
+        String xmlDeclarationClean = result.toString().replace("<?xml version=\"1.0\" encoding=\"UTF-8\"?>","");
+        return new ResponseEntity<>("<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + xmlDeclarationClean, new HttpHeaders(), HttpStatus.OK);
+    }
+
+    @RequestMapping(value = "/entities/{entityId:.*}")
     @Operation(description = "Endpoint based on the MDQ spec to return a single entity's information. see: https://spaces.at.internet2.edu/display/MDQ/Metadata+Query+Protocol",
                summary = "Return a single entity from the entity's id", method = "GET")
     @Transactional(readOnly = true)
@@ -70,7 +93,7 @@ private String formatModifiedDate(EntityDescriptorRepresentation entityDescripto
         return DateUtils.formatDate(date, DateUtils.PATTERN_RFC1123);
     }
 
-    @RequestMapping(value = "/{entityId:.*}", produces = "application/xml")
+    @RequestMapping(value = "/entities/{entityId:.*}", produces = "application/xml")
     @Operation(description = "Endpoint based on the MDQ spec to return a single entity's information. see: https://spaces.at.internet2.edu/display/MDQ/Metadata+Query+Protocol",
                summary = "Return a single entity from the entity's id", method = "GET")
     @Transactional(readOnly = true)

backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java

@@ -207,15 +207,16 @@ public static void setupACSs(EntityDescriptor ed, EntityDescriptorRepresentation
         if (representation.getAssertionConsumerServices() != null && representation.getAssertionConsumerServices().size() > 0) {
             // TODO: review if we need more than a naive implementation
             ed.getOptionalSPSSODescriptor().ifPresent(spssoDescriptor -> spssoDescriptor.getAssertionConsumerServices().clear());
+            int indexPosition = 0;
             for (AssertionConsumerServiceRepresentation acsRepresentation : representation.getAssertionConsumerServices()) {
                 AssertionConsumerService assertionConsumerService = openSamlObjects.buildDefaultInstanceOfType(AssertionConsumerService.class);
                 getSPSSODescriptorFromEntityDescriptor(ed).getAssertionConsumerServices().add(assertionConsumerService);
+                assertionConsumerService.setBinding(acsRepresentation.getBinding());
+                assertionConsumerService.setLocation(acsRepresentation.getLocationUrl());
                 if (acsRepresentation.isMakeDefault()) {
                     assertionConsumerService.setIsDefault(true);
                 }
-                assertionConsumerService.setBinding(acsRepresentation.getBinding());
-                assertionConsumerService.setLocation(acsRepresentation.getLocationUrl());
-                assertionConsumerService.setIndex(acsRepresentation.getIndex());
+                assertionConsumerService.setIndex(acsRepresentation.getIndex() == null ? indexPosition++ : acsRepresentation.getIndex());
             }
         } else {
             ed.getOptionalSPSSODescriptor().ifPresent(spssoDescriptor -> spssoDescriptor.getAssertionConsumerServices().clear());

backend/src/test/resources/metadata/SHIBUI-2380.xml

@@ -67,12 +67,15 @@
         <md:NameIDFormat>urn:mace:shibboleth:metadata:oidc:1.0:nameid-format:pairwise</md:NameIDFormat>
         <md:AssertionConsumerService
                 Binding="https://tools.ietf.org/html/rfc6749#section-3.1.2"
-                Location="https://example.org/cb"/>
+                Location="https://example.org/cb"
+                index="0"/>
         <md:AssertionConsumerService
                 Binding="https://tools.ietf.org/html/rfc6749#section-3.1.2"
-                Location="https://example.org/cb2"/>
+                Location="https://example.org/cb2"
+                index="1"/>
         <md:AssertionConsumerService
                 Binding="http://example.org/not/supported/profile/id"
-                Location="https://example.org/cb3"/>
+                Location="https://example.org/cb3"
+                index="2"/>
     </md:SPSSODescriptor>
 </md:EntityDescriptor>

gradle.properties

@@ -1,6 +1,6 @@
 name=shibui
 group=edu.internet2.tier.shibboleth.admin.ui
-version=2.0.0-SNAPSHOT
+version=2.0.0-BETA
 
 ### library versions ###
 ## As of 2-23-23
@@ -42,7 +42,7 @@ i2.github.owner=TIER
 i2.github.repo=shib-idp-ui
 i2.github.apiEndpoint=https://github.internet2.edu/api/v3
 i2.git.remote=i2
-i2.git.branch=master
+i2.git.branch=2.0.0-BETA
 
 # set app
 use.release.app.yml=false