SHIBUI-2380

Incremental commit:
- Removed X509Certificates from the security representation (functionally handled by key descriptors

- Updated parsing representation into EntityDescriptor entity to handle new oidc values

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/RoleDescriptor.java

@@ -77,10 +77,6 @@ public void setID(String id) {
 
     @Override
     public List<String> getSupportedProtocols() {
-        // This protocol must be included if this is OIDC data
-        if (isOidcType() && !supportedProtocols.contains("http://openid.net/specs/openid-connect-core-1_0.html")) {
-            supportedProtocols.add("http://openid.net/specs/openid-connect-core-1_0.html");
-        }
         return supportedProtocols;
     }
 
@@ -203,7 +199,10 @@ public List<XMLObject> getOrderedChildren() {
 
     @Transient
     public boolean isOidcType() {
-        if (getExtensions().getOrderedChildren().size() > 0) {
+        if (getExtensions() == null || getExtensions().getOrderedChildren() == null || getExtensions().getOrderedChildren().isEmpty()){
+            return false;
+        }
+        else {
             for (XMLObject e : getExtensions().getOrderedChildren()) {
                 if (e.getElementQName().getLocalPart().equals(OAuthRPExtensions.TYPE_LOCAL_NAME)) {
                     return true;

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/SecurityInfoRepresentation.java

@@ -14,22 +14,10 @@ public class SecurityInfoRepresentation implements Serializable {
 
     private boolean authenticationRequestsSigned;
     private boolean wantAssertionsSigned;
-    private List<X509CertificateRepresentation> x509Certificates = new ArrayList<>();
     private List<KeyDescriptorRepresentation> keyDescriptors = new ArrayList<>();
 
     public void addKeyDescriptor(KeyDescriptorRepresentation keyDescriptorRep) {
         keyDescriptors.add(keyDescriptorRep);
     }
 
-    @Getter
-    @Setter
-    @Deprecated
-    public static class X509CertificateRepresentation implements Serializable {
-        private static final long serialVersionUID = -4893206348572998788L;
-
-        private String name;
-        private String value;
-        //TODO refactor into Enum?
-        private String type;
-    }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/DefaultAcrValue.java

@@ -1,12 +1,17 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
 
 import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
 import org.hibernate.envers.Audited;
 
 import javax.persistence.Entity;
 
 @Entity
 @EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
 @Audited
 public class DefaultAcrValue extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.DefaultAcrValue {
+    public DefaultAcrValue(String value) {
+        this.setValue(value);
+    }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java

@@ -4,6 +4,7 @@
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
+import net.shibboleth.oidc.saml.xmlobject.MetadataValueSAMLObject;
 import org.hibernate.envers.Audited;
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.util.AttributeMap;
@@ -22,7 +23,6 @@
 @Entity
 @Data
 @EqualsAndHashCode(callSuper=false)
-@NoArgsConstructor
 @Audited
 public class OAuthRPExtensions extends AbstractXMLObject implements net.shibboleth.oidc.saml.xmlobject.OAuthRPExtensions {
     public static final String DEFAULT_ELEMENT_LOCAL_NAME = TYPE_LOCAL_NAME;
@@ -88,6 +88,12 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole
 
     private String userInfoEncryptedResponseEnc;
 
+    public OAuthRPExtensions() {
+        setNamespacePrefix(MetadataValueSAMLObject.SAML20MDOIDCMD_PREFIX);
+        setNamespaceURI(MetadataValueSAMLObject.SAML20MDOIDCMD_NS);
+        setElementLocalName(TYPE_LOCAL_NAME);
+    }
+
     @Override
     public List<XMLObject> getOrderedChildren() {
         List<XMLObject> result = new ArrayList<>();

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/PostLogoutRedirectUri.java

@@ -1,12 +1,17 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
 
 import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
 import org.hibernate.envers.Audited;
 
 import javax.persistence.Entity;
 
 @Entity
 @EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
 @Audited
 public class PostLogoutRedirectUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.PostLogoutRedirectUri {
+    public PostLogoutRedirectUri(String value) {
+        this.setValue(value);
+    }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/RequestUri.java

@@ -1,12 +1,17 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
 
 import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
 import org.hibernate.envers.Audited;
 
 import javax.persistence.Entity;
 
 @Entity
 @EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
 @Audited
 public class RequestUri extends AbstractValueXMLObject implements net.shibboleth.oidc.saml.xmlobject.RequestUri {
+    public RequestUri(String value) {
+        this.setValue(value);
+    }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java

@@ -98,6 +98,9 @@ private EntityDescriptor buildDescriptorFromRepresentation(final EntityDescripto
         setupLogout(ed, representation);
         setupRelyingPartyOverrides(ed, representation);
 
+        if (ed.getProtocol() == EntityDescriptorProtocol.OIDC) {
+            ed.getSPSSODescriptor("").addSupportedProtocol("http://openid.net/specs/openid-connect-core-1_0.html");
+        }
         //Let envers recognize update revision type for EntityDescriptor type
         //when modifying Attributes and SPSSODescriptor inside RoleDescriptors collection
         ed.setVersionModifiedTimestamp(System.currentTimeMillis());
@@ -311,7 +314,6 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope
             }
         }
 
-        // set up security - this block assumes too much like there will be a cert. With OIDC could not be some...
         setupSecurityRepresentationFromEntityDescriptor(ed, representation);
 
         // set up ACSs
@@ -513,15 +515,6 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed
                     keyDescriptorRep.setValue(((ValueXMLObject) obj).getValue());
                     securityInfoRepresentation.addKeyDescriptor(keyDescriptorRep);
                 }
-
-                // TODO remove this when done.
-                if (keyInfoType == KeyDescriptorRepresentation.ElementType.X509Data) {
-                    SecurityInfoRepresentation.X509CertificateRepresentation x509CertificateRepresentation = new SecurityInfoRepresentation.X509CertificateRepresentation();
-                    x509CertificateRepresentation.setName(name);
-                    x509CertificateRepresentation.setType(useType);
-                    x509CertificateRepresentation.setValue(keyDescriptorRep.getValue());
-                    securityInfoRepresentation.getX509Certificates().add(x509CertificateRepresentation);
-                }
             }
         }
     }