Merge remote-tracking branch 'origin/master' into feature/shibui-1742

# Conflicts: # backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
TIER · Aug 10, 2021 · b3ee1e6 · b3ee1e6
2 parents afbe10e + 37bdabc
commit b3ee1e6
Show file tree

Hide file tree

Showing 26 changed files with 147 additions and 59 deletions.
diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -207,12 +207,12 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     void constructXmlNodeForResolver(DynamicHttpMetadataResolver resolver, def markupBuilderDelegate, Closure childNodes) {
         markupBuilderDelegate.MetadataProvider(id: resolver.xmlId,
                 'xsi:type': 'DynamicHTTPMetadataProvider',
-                requireValidMetadata: !resolver.requireValidMetadata ?: null,
-                failFastInitialization: !resolver.failFastInitialization ?: null,
+                requireValidMetadata: resolver.requireValidMetadata,
+                failFastInitialization: resolver.failFastInitialization,
                 sortKey: resolver.sortKey,
                 criterionPredicateRegistryRef: resolver.criterionPredicateRegistryRef,
-                useDefaultPredicateRegistry: !resolver.useDefaultPredicateRegistry ?: null,
-                satisfyAnyPredicates: resolver.satisfyAnyPredicates ?: null,
+                useDefaultPredicateRegistry: resolver.useDefaultPredicateRegistry,
+                satisfyAnyPredicates: resolver.satisfyAnyPredicates,
                 parserPoolRef: resolver.dynamicMetadataResolverAttributes?.parserPoolRef,
                 taskTimerRef: resolver.dynamicMetadataResolverAttributes?.taskTimerRef,
                 refreshDelayFactor: resolver.dynamicMetadataResolverAttributes?.refreshDelayFactor,
@@ -286,14 +286,14 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 'xsi:type': 'FileBackedHTTPMetadataProvider',
                 backingFile: resolver.backingFile,
                 metadataURL: resolver.metadataURL,
-                initializeFromBackupFile: !resolver.initializeFromBackupFile ?: null,
+                initializeFromBackupFile: resolver.initializeFromBackupFile,
                 backupFileInitNextRefreshDelay: resolver.backupFileInitNextRefreshDelay,
-                requireValidMetadata: !resolver.requireValidMetadata ?: null,
-                failFastInitialization: !resolver.failFastInitialization ?: null,
+                requireValidMetadata: resolver.requireValidMetadata,
+                failFastInitialization: resolver.failFastInitialization,
                 sortKey: resolver.sortKey,
                 criterionPredicateRegistryRef: resolver.criterionPredicateRegistryRef,
-                useDefaultPredicateRegistry: !resolver.useDefaultPredicateRegistry ?: null,
-                satisfyAnyPredicates: resolver.satisfyAnyPredicates ?: null,
+                useDefaultPredicateRegistry: resolver.useDefaultPredicateRegistry,
+                satisfyAnyPredicates: resolver.satisfyAnyPredicates,
 
                 parserPoolRef: resolver.reloadableMetadataResolverAttributes?.parserPoolRef,
                 minRefreshDelay: resolver.reloadableMetadataResolverAttributes?.minRefreshDelay,
@@ -327,12 +327,12 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 'xsi:type': 'FilesystemMetadataProvider',
                 metadataFile: resolver.metadataFile,
 
-                requireValidMetadata: !resolver.requireValidMetadata ?: null,
-                failFastInitialization: !resolver.failFastInitialization ?: null,
+                requireValidMetadata: resolver.requireValidMetadata,
+                failFastInitialization: resolver.failFastInitialization,
                 sortKey: resolver.sortKey,
                 criterionPredicateRegistryRef: resolver.criterionPredicateRegistryRef,
-                useDefaultPredicateRegistry: !resolver.useDefaultPredicateRegistry ?: null,
-                satisfyAnyPredicates: resolver.satisfyAnyPredicates ?: null,
+                useDefaultPredicateRegistry: resolver.useDefaultPredicateRegistry,
+                satisfyAnyPredicates: resolver.satisfyAnyPredicates,
 
                 parserPoolRef: resolver.reloadableMetadataResolverAttributes?.parserPoolRef,
                 minRefreshDelay: resolver.reloadableMetadataResolverAttributes?.minRefreshDelay,
@@ -353,12 +353,12 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
 
                 id: resolver.xmlId,
                 'xsi:type': 'LocalDynamicMetadataProvider',
-                requireValidMetadata: !resolver.requireValidMetadata ?: null,
-                failFastInitialization: !resolver.failFastInitialization ?: null,
+                requireValidMetadata: resolver.requireValidMetadata,
+                failFastInitialization: resolver.failFastInitialization,
                 sortKey: resolver.sortKey,
                 criterionPredicateRegistryRef: resolver.criterionPredicateRegistryRef,
-                useDefaultPredicateRegistry: !resolver.useDefaultPredicateRegistry ?: null,
-                satisfyAnyPredicates: resolver.satisfyAnyPredicates ?: null,
+                useDefaultPredicateRegistry: resolver.useDefaultPredicateRegistry,
+                satisfyAnyPredicates: resolver.satisfyAnyPredicates,
                 parserPoolRef: resolver.dynamicMetadataResolverAttributes?.parserPoolRef,
                 taskTimerRef: resolver.dynamicMetadataResolverAttributes?.taskTimerRef,
                 refreshDelayFactor: resolver.dynamicMetadataResolverAttributes?.refreshDelayFactor,

diff --git a/...n/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java b/...n/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java
@@ -202,7 +202,7 @@ private static URI getResourceUriFor(MetadataResolver resolver) {
 
     private void doResolverInitialization(MetadataResolver persistedResolver) throws
             ComponentInitializationException, ResolverException, IOException {
-        if (persistedResolver.getDoInitialization()) {
+        if (persistedResolver.getDoInitialization() != null && persistedResolver.getDoInitialization()) {
             org.opensaml.saml.metadata.resolver.MetadataResolver openSamlRepresentation = null;
             try {
                 openSamlRepresentation = metadataResolverConverterService.convertToOpenSamlRepresentation(persistedResolver);

diff --git a/...c/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilter.java b/...c/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/NameIdFormatFilter.java
@@ -27,7 +27,7 @@ public NameIdFormatFilter() {
         type = "NameIDFormat";
     }
 
-    private Boolean removeExistingFormats = false;
+    private Boolean removeExistingFormats;
 
     @ElementCollection
     @OrderColumn

diff --git a/.../edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java b/.../edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java
@@ -46,9 +46,6 @@ public class DynamicHttpMetadataResolver extends MetadataResolver {
     public DynamicHttpMetadataResolver() {
         type = "DynamicHttpMetadataResolver";
         this.httpMetadataResolverAttributes = new HttpMetadataResolverAttributes();
-        this.httpMetadataResolverAttributes.setConnectionRequestTimeout(DEFAULT_TIMEOUT);
-        this.httpMetadataResolverAttributes.setConnectionTimeout(DEFAULT_TIMEOUT);
-        this.httpMetadataResolverAttributes.setSocketTimeout(DEFAULT_TIMEOUT);
         this.dynamicMetadataResolverAttributes = new DynamicMetadataResolverAttributes();
     }
 }
diff --git a/...u/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java b/...u/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java
@@ -25,7 +25,7 @@ public FileBackedHttpMetadataResolver() {
 
     private String backingFile;
 
-    private Boolean initializeFromBackupFile = true;
+    private Boolean initializeFromBackupFile;
 
     private String backupFileInitNextRefreshDelay;
 

diff --git a/...a/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FilesystemMetadataResolver.java b/...a/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/FilesystemMetadataResolver.java
@@ -21,7 +21,6 @@
 public class FilesystemMetadataResolver extends MetadataResolver {
     public FilesystemMetadataResolver() {
         type = "FilesystemMetadataResolver";
-        this.setDoInitialization(false);
     }
 
     private String metadataFile;

diff --git a/...u/internet2/tier/shibboleth/admin/ui/domain/resolvers/HttpMetadataResolverAttributes.java b/...u/internet2/tier/shibboleth/admin/ui/domain/resolvers/HttpMetadataResolverAttributes.java
@@ -28,7 +28,7 @@ public class HttpMetadataResolverAttributes {
 
     private String socketTimeout;
 
-    private Boolean disregardTLSCertificate = false;
+    private Boolean disregardTLSCertificate;
 
     private String tlsTrustEngineRef;
 

diff --git a/...c/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java b/...c/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java
@@ -58,21 +58,21 @@ public class MetadataResolver extends AbstractAuditable {
     @Column(unique = true)
     private String xmlId;
 
-    private Boolean enabled = true;
+    private Boolean enabled;
 
-    private Boolean requireValidMetadata = true;
+    private Boolean requireValidMetadata;
 
-    private Boolean failFastInitialization = true;
+    private Boolean failFastInitialization;
 
     private Integer sortKey;
 
     private String criterionPredicateRegistryRef;
 
-    private Boolean useDefaultPredicateRegistry = true;
+    private Boolean useDefaultPredicateRegistry;
 
-    private Boolean satisfyAnyPredicates = false;
+    private Boolean satisfyAnyPredicates;
 
-    private Boolean doInitialization = true;
+    private Boolean doInitialization;
 
     @JsonIgnore
     private Long versionModifiedTimestamp;

diff --git a/...shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java b/...shibboleth/admin/ui/domain/resolvers/opensaml/OpenSamlFileBackedHTTPMetadataResolver.java
@@ -35,29 +35,29 @@ public class OpenSamlFileBackedHTTPMetadataResolver extends FileBackedHTTPMetada
 
     public OpenSamlFileBackedHTTPMetadataResolver(ParserPool parserPool,
                                                   IndexWriter indexWriter,
-                                                  FileBackedHttpMetadataResolver sourceResolver) throws ResolverException {
+                    FileBackedHttpMetadataResolver sourceResolver) throws ResolverException {
         super(HttpClients.createMinimal(), sourceResolver.getMetadataURL(), sourceResolver.getBackingFile());
         this.indexWriter = indexWriter;
         this.sourceResolver = sourceResolver;
         this.delegate = new OpenSamlMetadataResolverDelegate();
 
         this.setId(sourceResolver.getResourceId());
 
-        OpenSamlMetadataResolverConstructorHelper.updateOpenSamlMetadataResolverFromHttpMetadataResolverAttributes(
-                this, sourceResolver.getHttpMetadataResolverAttributes());
-        OpenSamlMetadataResolverConstructorHelper.updateOpenSamlMetadataResolverFromReloadableMetadataResolverAttributes(
-                this, sourceResolver.getReloadableMetadataResolverAttributes(), parserPool);
+        OpenSamlMetadataResolverConstructorHelper.updateOpenSamlMetadataResolverFromHttpMetadataResolverAttributes(this,
+                        sourceResolver.getHttpMetadataResolverAttributes());
+        OpenSamlMetadataResolverConstructorHelper.updateOpenSamlMetadataResolverFromReloadableMetadataResolverAttributes(this,
+                        sourceResolver.getReloadableMetadataResolverAttributes(), parserPool);
 
-        this.setBackupFile(placeholderResolverService()
-                .resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackingFile()));
+        this.setBackupFile(placeholderResolverService().resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackingFile()));
         this.setBackupFileInitNextRefreshDelay(toMillis(placeholderResolverService()
-                .resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackupFileInitNextRefreshDelay())));
-
-        this.setInitializeFromBackupFile(sourceResolver.getInitializeFromBackupFile());
+                        .resolveValueFromPossibleTokenPlaceholder(sourceResolver.getBackupFileInitNextRefreshDelay())));
+        if (sourceResolver.getInitializeFromBackupFile() != null) {
+            this.setInitializeFromBackupFile(sourceResolver.getInitializeFromBackupFile());
+        }
 
         this.setMetadataFilter(new MetadataFilterChain());
 
-        //TODO: Where does this get set in OpenSAML land?
+        // TODO: Where does this get set in OpenSAML land?
         // sourceResolver.getMetadataURL();
     }
 

diff --git a/...net2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerIntegrationTests.groovy b/...net2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerIntegrationTests.groovy
@@ -92,7 +92,7 @@ class MetadataFiltersControllerIntegrationTests extends Specification {
                 createRequestHttpEntityFor { JsonOutput.toJson(existingFilterMap) }, String)
 
         then:
-        updatedResultFromPUT.statusCode.value() == 200
+         updatedResultFromPUT.statusCode.value() == 200
     }
 
     def "PUT EntityAttributesFilter and update it"() {

diff --git a/...t2/tier/shibboleth/admin/ui/controller/MetadataResolversControllerIntegrationTests.groovy b/...t2/tier/shibboleth/admin/ui/controller/MetadataResolversControllerIntegrationTests.groovy
@@ -206,6 +206,25 @@ class MetadataResolversControllerIntegrationTests extends Specification {
             'ResourceBacked' | _
             'Filesystem'     | _
     }
+
+    @DirtiesContext
+    def "SHIBUI-1992 - error creating FileBackedHTTPMetadata"() {
+        def resolver = new FileBackedHttpMetadataResolver().with {
+            it.name = 'FBHMR'
+            it.xmlId = '1'
+            it.backingFile = 'tmp/foo'
+            it.metadataURL = 'https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml'
+            it.backupFileInitNextRefreshDelay = 'PT4H'
+            it.enabled = Boolean.FALSE
+            it
+        }
+
+        when:
+        def result = this.restTemplate.postForEntity(BASE_URI, createRequestHttpEntityFor { mapper.writeValueAsString(resolver) }, String)
+
+        then:
+        result.statusCodeValue == 201
+    }
 
     @Unroll
     def "PUT concrete MetadataResolver of type #resolverType with updated changes -> /api/MetadataResolvers/{resourceId}"(String resolverType) {

diff --git a/...src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorTest.groovy b/...src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/EntityDescriptorTest.groovy
@@ -68,7 +68,8 @@ class EntityDescriptorTest extends Specification {
                                 metadataURL: 'https://idp.unicon.net/idp/shibboleth',
                                 backingFile: "%{idp.home}/metadata/test.xml",
                                 reloadableMetadataResolverAttributes: new ReloadableMetadataResolverAttributes(),
-                                httpMetadataResolverAttributes: new HttpMetadataResolverAttributes()
+                                httpMetadataResolverAttributes: new HttpMetadataResolverAttributes(),
+                                initializeFromBackupFile: Boolean.TRUE
                         )
                 ).with {
                     it.initialize()

diff --git a/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
@@ -37,9 +37,11 @@ import org.springframework.boot.autoconfigure.domain.EntityScan
 import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest
 import org.springframework.boot.test.context.TestConfiguration
 import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Profile
 import org.springframework.core.io.ClassPathResource
 import org.springframework.data.jpa.repository.config.EnableJpaRepositories
 import org.springframework.test.annotation.DirtiesContext
+import org.springframework.test.context.ActiveProfiles
 import org.springframework.test.context.ContextConfiguration
 import org.xmlunit.builder.DiffBuilder
 import org.xmlunit.builder.Input
@@ -50,10 +52,11 @@ import spock.lang.Unroll
 import static edu.internet2.tier.shibboleth.admin.ui.util.TestHelpers.generatedXmlIsTheSameAsExpectedXml
 
 @DataJpaTest
-@ContextConfiguration(classes=[CoreShibUiConfiguration, SearchConfiguration, InternationalizationConfiguration, PlaceholderResolverComponentsConfiguration, edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration ,Config])
+@ContextConfiguration(classes=[CoreShibUiConfiguration, SearchConfiguration, InternationalizationConfiguration, PlaceholderResolverComponentsConfiguration, edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration , LocalConfig])
 @EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
 @EntityScan("edu.internet2.tier.shibboleth.admin.ui")
 @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
+@ActiveProfiles(["local"])
 class JPAMetadataResolverServiceImplTests extends Specification {
     @Autowired
     MetadataResolverRepository metadataResolverRepository
@@ -396,6 +399,7 @@ class JPAMetadataResolverServiceImplTests extends Specification {
                 it.content = 'http://mdq-beta.incommon.org/global'
                 it
             }
+            it.enabled = Boolean.TRUE
             it
         }
         metadataResolverRepository.save(resolver)
@@ -410,20 +414,38 @@ class JPAMetadataResolverServiceImplTests extends Specification {
     }
 
     @DirtiesContext(methodMode = DirtiesContext.MethodMode.AFTER_METHOD)
-    def 'test namespace protection in nonURL resolver'() {
+    def 'test namespace protection in nonURL resolver with resolver setting enabled=true'() {
         setup:
         shibUIConfiguration.protectedAttributeNamespaces = ['http://shibboleth.net/ns/profiles']
         def resolver = new LocalDynamicMetadataResolver().with {
             it.xmlId = 'LocalDynamic'
             it.sourceDirectory = '/tmp'
+            it.enabled = Boolean.TRUE
             it
         }
 
         when:
         metadataResolverRepository.save(resolver)
 
         then:
-        generatedXmlIsTheSameAsExpectedXml('/conf/1059.xml', metadataResolverService.generateConfiguration())
+        generatedXmlIsTheSameAsExpectedXml('/conf/1059-enabled.xml', metadataResolverService.generateConfiguration())
+    }
+
+    @DirtiesContext(methodMode = DirtiesContext.MethodMode.AFTER_METHOD)
+    def 'test namespace protection in nonURL resolver with resolver setting enabled not set'() {
+        setup:
+        shibUIConfiguration.protectedAttributeNamespaces = ['http://shibboleth.net/ns/profiles']
+        def resolver = new LocalDynamicMetadataResolver().with {
+            it.xmlId = 'LocalDynamic'
+            it.sourceDirectory = '/tmp'
+            it
+        }
+
+        when:
+        metadataResolverRepository.save(resolver)
+
+        then:
+        generatedXmlIsTheSameAsExpectedXml('/conf/1059-disabled.xml', metadataResolverService.generateConfiguration())
     }
 
     @Ignore('there is a bug in org.opensaml.saml.metadata.resolver.filter.impl.EntityAttributesFilter.applyFilter')
@@ -459,7 +481,8 @@ class JPAMetadataResolverServiceImplTests extends Specification {
     }
 
     @TestConfiguration
-    static class Config {
+    @Profile("local")
+    static class LocalConfig {
         @Autowired
         OpenSamlObjects openSamlObjects
 

diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy
@@ -2,11 +2,20 @@ package edu.internet2.tier.shibboleth.admin.ui.util
 
 import edu.internet2.tier.shibboleth.admin.ui.security.model.User
 import groovy.xml.XmlUtil
+import junit.framework.Assert
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer
+import javax.xml.transform.TransformerException
+import javax.xml.transform.TransformerFactory
+import javax.xml.transform.dom.DOMSource
+import javax.xml.transform.stream.StreamResult
+
 import org.apache.commons.lang.StringUtils
 import org.springframework.security.core.context.SecurityContextHolder
 import org.w3c.dom.Document
 import org.xmlunit.builder.DiffBuilder
 import org.xmlunit.builder.Input
+import org.xmlunit.builder.Input.Builder
 
 /**
  * @author Bill Smith (wsmith@unicon.net)
@@ -29,15 +38,27 @@ class TestHelpers {
     }
 
     static void generatedXmlIsTheSameAsExpectedXml(String expectedXmlResource, Document generatedXml) {
-        assert !DiffBuilder.compare(Input.fromStream(TestHelpers.getResourceAsStream(expectedXmlResource)))
-                .withTest(Input.fromDocument(generatedXml))
+        def Builder builder = Input.fromDocument(generatedXml)
+        def Source source = builder.build()
+        def myDiff = DiffBuilder.compare(Input.fromStream(TestHelpers.getResourceAsStream(expectedXmlResource)))
+                .withTest(builder)
                 .withAttributeFilter({attribute -> !attribute.name.equals("sourceDirectory")})
                 .ignoreComments()
                 .ignoreWhitespace()
                 .build()
-                .hasDifferences()
+        System.out.println("@@@ \n" + getString(source) + "\n")
+        Assert.assertFalse(myDiff.toString(), myDiff.hasDifferences());
     }
 
+    public static String getString(DOMSource domSource) throws TransformerException {
+        StringWriter writer = new StringWriter();
+        StreamResult result = new StreamResult(writer);
+        TransformerFactory tf = TransformerFactory.newInstance();
+        Transformer transformer = tf.newTransformer();
+        transformer.transform(domSource, result);
+        return writer.toString();
+    }
+
     static String XmlDocumentToString(Document document) {
         return XmlUtil.serialize(document.documentElement)
     }