From b3c4b1fd10743e1b6adaebc4df5c132e7ad13e65 Mon Sep 17 00:00:00 2001 From: Dmitriy Kopylenko Date: Fri, 24 May 2019 12:07:11 -0400 Subject: [PATCH] SHIBUI-1262 [1307 WIP] --- .../admin/ui/configuration/DevConfig.groovy | 30 +++++++++++++- .../EntityDescriptors.groovy | 40 +++++++++++++++++++ .../EntityDescriptorController.java | 1 + .../admin/ui/domain/AbstractXMLObject.java | 2 + .../admin/ui/domain/EntityDescriptor.java | 13 ++++++ .../FileBackedHttpMetadataResolver.java | 2 - .../ui/domain/resolvers/MetadataResolver.java | 2 + .../EntityDescriptorVersionService.java | 4 +- 8 files changed, 89 insertions(+), 5 deletions(-) create mode 100644 backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/util/entitydescriptors/EntityDescriptors.groovy diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy index 2ed81b941..4887be48e 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy @@ -1,6 +1,15 @@ package edu.internet2.tier.shibboleth.admin.ui.configuration +import edu.internet2.tier.shibboleth.admin.ui.domain.AffiliateMember +import edu.internet2.tier.shibboleth.admin.ui.domain.AffiliationDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson +import edu.internet2.tier.shibboleth.admin.ui.domain.EncryptionMethod import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.Extensions +import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.Organization +import edu.internet2.tier.shibboleth.admin.ui.domain.OrganizationDisplayName +import edu.internet2.tier.shibboleth.admin.ui.domain.OrganizationName import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver @@ -9,6 +18,8 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.HttpMetadataResol import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes +import edu.internet2.tier.shibboleth.admin.ui.domain.util.entitydescriptors.EntityDescriptors +import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import edu.internet2.tier.shibboleth.admin.ui.security.model.Role @@ -18,8 +29,11 @@ import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorVersionService import edu.internet2.tier.shibboleth.admin.util.ModelRepresentationConversions +import org.springframework.beans.factory.annotation.Autowired +import org.springframework.boot.context.event.ApplicationStartedEvent import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Profile +import org.springframework.context.event.EventListener import org.springframework.stereotype.Component import org.springframework.transaction.annotation.Transactional @@ -34,6 +48,9 @@ class DevConfig { private final MetadataResolverRepository metadataResolverRepository private final EntityDescriptorRepository entityDescriptorRepository + @Autowired + private OpenSamlObjects openSamlObjects + DevConfig(UserRepository adminUserRepository, MetadataResolverRepository metadataResolverRepository, RoleRepository roleRepository, EntityDescriptorRepository entityDescriptorRepository) { this.adminUserRepository = adminUserRepository this.metadataResolverRepository = metadataResolverRepository @@ -161,7 +178,16 @@ class DevConfig { @Profile('dev-ed-versioning') @Bean - EntityDescriptorVersionService stubEntityDescriptorVersionService(EntityDescriptorService entityDescriptorService) { - return EntityDescriptorVersionService.stubImpl(entityDescriptorService) + EntityDescriptorVersionService stubEntityDescriptorVersionService(EntityDescriptorService entityDescriptorService, + EntityDescriptorRepository entityDescriptorRepository) { + return EntityDescriptorVersionService.stubImpl(entityDescriptorService, entityDescriptorRepository) + } + + @Transactional + @EventListener + void edForVersioningDev(ApplicationStartedEvent e) { + if (e.applicationContext.environment.activeProfiles.contains('dev-ed-versioning')) { + this.entityDescriptorRepository.save(EntityDescriptors.prebakedEntityDescriptor(openSamlObjects)) + } } } diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/util/entitydescriptors/EntityDescriptors.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/util/entitydescriptors/EntityDescriptors.groovy new file mode 100644 index 000000000..b7514e2c0 --- /dev/null +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/util/entitydescriptors/EntityDescriptors.groovy @@ -0,0 +1,40 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.util.entitydescriptors + +import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson +import edu.internet2.tier.shibboleth.admin.ui.domain.EmailAddress +import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor +import edu.internet2.tier.shibboleth.admin.ui.domain.GivenName +import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects +import org.opensaml.saml.saml2.metadata.ContactPersonTypeEnumeration + +/** + * Utility class to statically construct a graph of EntityDescriptor objects useful for dev and testing. + */ +final class EntityDescriptors { + + private EntityDescriptors() { + } + + static EntityDescriptor prebakedEntityDescriptor(OpenSamlObjects openSamlObjects) { + openSamlObjects.buildDefaultInstanceOfType(EntityDescriptor.class).with { + it.contactPersons = [openSamlObjects.buildDefaultInstanceOfType(ContactPerson.class).with { + it.type = ContactPersonTypeEnumeration.ADMINISTRATIVE + it.givenName = openSamlObjects.buildDefaultInstanceOfType(GivenName.class).with { + it.name = 'name' + it + } + it.emailAddresses.add(openSamlObjects.buildDefaultInstanceOfType(EmailAddress.class).with { + it.address = 'test@test' + it + }) + it + }] + + + //Main ed + it + } + } + + +} diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java index b3ea0fb62..6690d4520 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java @@ -38,6 +38,7 @@ import java.net.URI; import java.util.List; import java.util.stream.Collectors; +import java.util.stream.Stream; @RestController @RequestMapping("/api") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java index 1e8f4c2a0..5d28825fd 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/AbstractXMLObject.java @@ -3,6 +3,7 @@ import lombok.EqualsAndHashCode; import net.shibboleth.utilities.java.support.collection.LockableClassToInstanceMultiMap; import net.shibboleth.utilities.java.support.xml.QNameSupport; +import org.hibernate.envers.Audited; import org.opensaml.core.config.ConfigurationService; import org.opensaml.core.xml.Namespace; import org.opensaml.core.xml.NamespaceManager; @@ -30,6 +31,7 @@ @Entity @Inheritance(strategy = InheritanceType.TABLE_PER_CLASS) @EqualsAndHashCode(callSuper = true) +@Audited public abstract class AbstractXMLObject extends AbstractAuditable implements XMLObject { private String namespaceURI; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java index 2f53e5cc8..b2b2d885c 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptor.java @@ -4,6 +4,9 @@ import com.google.common.collect.Lists; import lombok.EqualsAndHashCode; +import org.hibernate.envers.AuditOverride; +import org.hibernate.envers.Audited; +import org.hibernate.envers.NotAudited; import org.opensaml.core.config.ConfigurationService; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.config.XMLObjectProviderRegistry; @@ -33,6 +36,8 @@ @Entity @EqualsAndHashCode(callSuper = true) +@Audited +@AuditOverride(forClass = AbstractAuditable.class) public class EntityDescriptor extends AbstractDescriptor implements org.opensaml.saml.saml2.metadata.EntityDescriptor { private String localId; @@ -45,31 +50,39 @@ public class EntityDescriptor extends AbstractDescriptor implements org.opensaml private String resourceId; @OneToOne(cascade = CascadeType.ALL) + @NotAudited private Organization organization; @OneToMany(cascade = CascadeType.ALL) @OrderColumn + @NotAudited private List contactPersons = new ArrayList<>(); @OneToMany(cascade = CascadeType.ALL) @OrderColumn + @NotAudited private List roleDescriptors; @OneToMany(cascade = CascadeType.ALL) @JoinColumn(name = "entitydesc_addlmetdatlocations_id") @OrderColumn + @NotAudited private List additionalMetadataLocations = new ArrayList<>(); @OneToOne(cascade = CascadeType.ALL) + @NotAudited private AuthnAuthorityDescriptor authnAuthorityDescriptor; @OneToOne(cascade = CascadeType.ALL) + @NotAudited private AttributeAuthorityDescriptor attributeAuthorityDescriptor; @OneToOne(cascade = CascadeType.ALL) + @NotAudited private PDPDescriptor pdpDescriptor; @OneToOne(cascade = CascadeType.ALL) + @NotAudited private AffiliationDescriptor affiliationDescriptor; public EntityDescriptor() { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java index 4ffadae52..b80b8190f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java @@ -16,8 +16,6 @@ @Getter @Setter @ToString -@Audited -@AuditOverride(forClass = AbstractAuditable.class) public class FileBackedHttpMetadataResolver extends MetadataResolver { public FileBackedHttpMetadataResolver() { type = "FileBackedHttpMetadataResolver"; diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java index ec639ba38..11300c3b7 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java @@ -11,6 +11,7 @@ import lombok.NoArgsConstructor; import lombok.Setter; import lombok.ToString; +import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; import javax.persistence.CascadeType; @@ -39,6 +40,7 @@ @JsonSubTypes.Type(value = FilesystemMetadataResolver.class, name = "FilesystemMetadataResolver"), @JsonSubTypes.Type(value = ResourceBackedMetadataResolver.class, name = "ResourceBackedMetadataResolver")}) @Audited +@AuditOverride(forClass = AbstractAuditable.class) public class MetadataResolver extends AbstractAuditable { @JsonProperty("@type") diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorVersionService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorVersionService.java index da2910834..e53072f99 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorVersionService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/EntityDescriptorVersionService.java @@ -3,6 +3,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor; import edu.internet2.tier.shibboleth.admin.ui.domain.frontend.EntityDescriptorRepresentation; import edu.internet2.tier.shibboleth.admin.ui.domain.versioning.Version; +import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository; import java.time.LocalDateTime; import java.util.Arrays; @@ -18,7 +19,8 @@ public interface EntityDescriptorVersionService { EntityDescriptorRepresentation findSpecificVersionOfEntityDescriptor(String resourceId, String versionId); /* Factory method to return stub impl for dev and testing purposes */ - static EntityDescriptorVersionService stubImpl(final EntityDescriptorService entityDescriptorService) { + static EntityDescriptorVersionService stubImpl(final EntityDescriptorService entityDescriptorService, + final EntityDescriptorRepository entityDescriptorRepository) { return new EntityDescriptorVersionService() { @Override public List findVersionsForEntityDescriptor(String resourceId) {