Merged master

TIER · Feb 4, 2021 · b973c84 · b973c84
2 parents b37a027 + a41fc8a
commit b973c84
Show file tree

Hide file tree

Showing 476 changed files with 39,660 additions and 15,937 deletions.
diff --git a/.gitignore b/.gitignore
@@ -385,3 +385,13 @@ gradle-app.setting
 
 # pac4j
 pac4j-module/out/
+
+#Local run shell script wrapper
+r
+
+#Local integration test run shell script wrapper
+rinteg
+
+#Local run with durable H2 shell script wrapper
+**/application-h2durable.properties
+rdurable
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -38,7 +38,7 @@ pipeline {
       steps {
         sh '''
         docker stop shibui || true && docker rm shibui || true
-        docker run -d --restart always --name shibui -p 8080:8080 -v /etc/shibui:/conf -v /etc/shibui/application.yml:/application.yml -m 4GB --memory-swap=4GB unicon/shibui-pac4j:latest /usr/bin/java -Xmx3G -jar app.jar
+        docker run -d --restart always --name shibui -p 8080:8080 -v /etc/shibui:/conf -v /etc/shibui/application.yml:/application.yml -m 2GB --memory-swap=4GB --entrypoint /usr/bin/java unicon/shibui:latest -Xmx1G -jar app.war
         '''
       }
     }

diff --git a/Jenkinsfile-Selenium b/Jenkinsfile-Selenium
@@ -0,0 +1,32 @@
+pipeline {
+  agent any
+  options {
+    disableConcurrentBuilds()
+    buildDiscarder(logRotator(numToKeepStr: '10', artifactNumToKeepStr: '10'))
+  }
+  stages {
+    stage('Run Selenium tests') {      
+      steps {
+        sh '''
+          ./gradlew integrationTest -Dselenium.host=jenkins
+        '''
+      }
+      post {
+        always {
+          junit 'backend/build/test-results/integrationTest/**/*.xml'
+        }
+      }
+    }
+  }
+  post {
+    failure {
+      step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: emailextrecipients([[$class: 'CulpritsRecipientProvider'], [$class: 'RequesterRecipientProvider']])])
+    }
+    success {
+      emailext body: '''${SCRIPT, template="groovy-text.template"}''', recipientProviders: [[$class: 'DevelopersRecipientProvider'], [$class: 'RequesterRecipientProvider']], subject: '[SHIBUI] Build Success'
+    }
+    always {
+      cleanWs()
+    }
+  }
+}
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,14 @@
+Licensed to the University Corporation for Advanced Internet Development,
+Inc. (UCAID) under one or more contributor license agreements.  See the
+NOTICE file distributed with this work for additional information regarding
+copyright ownership. The UCAID licenses this file to You under the Apache
+License, Version 2.0 (the "License"); you may not use this file except in
+compliance with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/README.md b/README.md
@@ -1,8 +1,6 @@
 # shibui
 
-For more information, see `docs`
-
-## Requirements
+## Requirements_
 
 * Java 8 (note that ONLY Java 8 is supported at this time; other later versions might work)
 
@@ -39,7 +37,7 @@ For complete information on overriding default configuration, see [https://docs.
 
 ### Deploying as a WAR
 
-The application can be deployed as a WAR file in a Java Servlet 3.0 container. Currently, the application must be run in the root context.
+The application can be deployed as a WAR file in a Java Servlet 3.0 container.
 
 To override default configuration, see [https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html].
 The easiest way to do this in a servlet container is through the use of system properties

diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -2,9 +2,9 @@ FROM gcr.io/distroless/java
 
 ARG JAR_FILE
 
-COPY ${JAR_FILE} app.jar
 COPY loader.properties loader.properties
+COPY ${JAR_FILE} app.war
 
 EXPOSE 8080
 
-ENTRYPOINT ["/usr/bin/java", "-jar", "app.jar"]
+ENTRYPOINT ["/usr/bin/java", "-jar", "app.war"]
diff --git a/backend/build.gradle b/backend/build.gradle
@@ -26,7 +26,7 @@ repositories {
 configurations.all {
     resolutionStrategy {
         force 'org.cryptacular:cryptacular:1.1.3'
-        
+
         eachDependency { details ->
             if (details.requested.group == 'org.seleniumhq.selenium' && details.requested.name != 'htmlunit-driver') {
                 details.useVersion '3.141.59'
@@ -38,7 +38,7 @@ configurations.all {
 configurations {
     integrationTestCompile {
         extendsFrom compile
-        
+
     }
     integrationTestRuntime {
         extendsFrom runtime
@@ -96,29 +96,14 @@ bootWar {
         )
     }
     from(tasks.findByPath(':ui:npm_run_buildProd').outputs) {
-        // into '/'
-        into '/public'
+        //Copying into this particular classpath location due too
+        //deployment to external Tomcat would not work with /public location
+        //This way, it works with both embedded and external Tomcat
+        into 'WEB-INF/classes/resources'
     }
     archiveName = "${baseName}-${version}.war"
 }
 
-bootJar.dependsOn ':ui:npm_run_buildProd'
-bootJar.baseName = 'shibui'
-bootJar {
-    manifest {
-        attributes(
-                "Manifest-Version" : "1.0",
-                "Implementation-Version" : "${project.version}",
-                'Main-Class': 'org.springframework.boot.loader.PropertiesLauncher'
-        )
-    }
-    from(tasks.findByPath(':ui:npm_run_buildProd').outputs) {
-        // into '/'
-        into '/public'
-    }
-    archiveName = "${baseName}-${version}.jar"
-}
-
 springBoot {
     mainClassName = 'edu.internet2.tier.shibboleth.admin.ui.ShibbolethUiApplication'
     buildInfo()
@@ -174,10 +159,10 @@ dependencies {
     // runtime libraries for later java versions
     runtimeOnly 'org.glassfish.jaxb:jaxb-runtime:2.3.0'
 
-    // TODO: these will likely only be runtimeOnly or test scope, unless we want to ship the libraries with the final product
     compile "com.h2database:h2"
     runtimeOnly "org.postgresql:postgresql"
     runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:2.2.0'
+    runtimeOnly 'mysql:mysql-connector-java:5.1.48'
 
     //Swagger
     compile 'io.springfox:springfox-swagger2:2.9.2'
@@ -195,7 +180,7 @@ dependencies {
     //JSON schema generator
     testCompile 'com.kjetland:mbknor-jackson-jsonschema_2.12:1.0.29'
     testCompile 'javax.validation:validation-api:2.0.1.Final'
-    
+
     //JSON schema validator
     compile 'org.sharegov:mjson:1.4.1'
 
@@ -208,7 +193,7 @@ dependencies {
     integrationTestCompile "org.springframework.security:spring-security-test"
     integrationTestCompile "org.spockframework:spock-core:1.1-groovy-2.4"
     integrationTestCompile "org.spockframework:spock-spring:1.1-groovy-2.4"
-    
+
     // CSV file support
     compile 'com.opencsv:opencsv:4.4'
 
@@ -217,6 +202,12 @@ dependencies {
     // Envers for persistent entities versioning
     compile 'org.hibernate:hibernate-envers'
 
+    //Pacj4 sub-project
+    runtimeOnly project(':pac4j-module')
+
+    //Beacon
+    runtimeOnly project(':beacon:spring')
+
     enversTestCompile sourceSets.main.output
     enversTestCompile sourceSets.test.output
     enversTestCompile configurations.compile
@@ -342,15 +333,15 @@ jacocoTestReport {
     }
 }
 
-tasks.docker.dependsOn tasks.bootJar
+tasks.docker.dependsOn tasks.bootWar
 docker {
     name 'unicon/shibui'
     tags 'latest'
     pull true
     noCache true
-    files tasks.bootJar.outputs
+    files tasks.bootWar.outputs
     files 'src/main/docker-files/loader.properties'
-    buildArgs(['JAR_FILE': "shibui-${version}.jar"])
+    buildArgs(['JAR_FILE': "shibui-${version}.war"])
 }
 
 tasks.dockerRun.dependsOn tasks.docker

diff --git a/...eth/admin/ui/controller/MetadataResolverControllerVersionEndpointsIntegrationTests.groovy b/...eth/admin/ui/controller/MetadataResolverControllerVersionEndpointsIntegrationTests.groovy
@@ -1,19 +1,41 @@
 package edu.internet2.tier.shibboleth.admin.ui.controller
 
+import com.fasterxml.jackson.databind.ObjectMapper
+import com.fasterxml.jackson.databind.SerializationFeature
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule
+import edu.internet2.tier.shibboleth.admin.ui.configuration.CustomPropertiesConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityRoleWhiteListFilter
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilter
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilterTarget
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.SignatureValidationFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.RegexScheme
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository
+
+import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverVersionService
+import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator
+import edu.internet2.tier.shibboleth.admin.util.AttributeUtility
+
+import org.apache.commons.lang3.RandomStringUtils
+
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.test.context.SpringBootTest
 import org.springframework.boot.test.web.client.TestRestTemplate
 import org.springframework.test.context.ActiveProfiles
+import org.springframework.transaction.PlatformTransactionManager
 import spock.lang.Specification
+import spock.lang.Unroll
+
+import static edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilterTarget.NameIdFormatFilterTargetType.ENTITY
+import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic
 
 /**
  * @author Dmitriy Kopylenko
@@ -28,12 +50,34 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
     @Autowired
     MetadataResolverRepository repository
 
+    @Autowired
+    AttributeUtility attributeUtility
+
+    @Autowired
+    CustomPropertiesConfiguration customPropertiesConfiguration
+
+    ObjectMapper mapper
+    TestObjectGenerator generator
+
+    @Autowired
+    PlatformTransactionManager txMgr
+
+    @Autowired
+    MetadataResolverVersionService metadataResolverVersionService
+
     static BASE_URI = '/api/MetadataResolvers'
 
     static ALL_VERSIONS_URI = "$BASE_URI/%s/Versions"
 
     static SPECIFIC_VERSION_URI = "$BASE_URI/%s/Versions/%s"
 
+    def setup() {
+        generator = new TestObjectGenerator(attributeUtility, customPropertiesConfiguration)
+        mapper = new ObjectMapper()
+        mapper.enable(SerializationFeature.INDENT_OUTPUT)
+        mapper.registerModule(new JavaTimeModule())
+    }
+
     def "GET /api/MetadataResolvers/{resourceId}/Versions with non-existent resolver"() {
         when:
         def result = getAllMetadataResolverVersions('non-existent-resolver-id', String)
@@ -107,6 +151,7 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
     }
 
     def "SHIBUI-1386"() {
+        given:
         MetadataResolver mr = new FileBackedHttpMetadataResolver(name: 'testme')
         mr = repository.save(mr)
 
@@ -138,6 +183,7 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
     }
 
     def "SHIBUI-1500"() {
+        given:
         MetadataResolver mr = new FileBackedHttpMetadataResolver(name: 'shibui-1500')
         mr = repository.save(mr)
 
@@ -154,6 +200,73 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
         (mrv1.getBody() as MetadataResolver).modifiedDate < (mrv2.getBody() as MetadataResolver).modifiedDate
     }
 
+    def "SHIBUI-1499"() {
+        given:
+        MetadataResolver mr = new FileBackedHttpMetadataResolver(name: 'shibui-1499')
+        mr = repository.save(mr)
+
+        when: 'add a name id filter'
+        def filter = new NameIdFormatFilter(name: 'nameIDFilter').with {
+            it.nameIdFormatFilterTarget = new NameIdFormatFilterTarget().with {
+                it.nameIdFormatFilterTargetType = ENTITY
+                it.value = ['https://testme/sp']
+                it
+            }
+            it
+        }
+        mr.addFilter(filter)
+        mr = repository.save(mr)
+
+        def allVersions = getAllMetadataResolverVersions(mr.resourceId, List)
+        def mrv1 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[0].id, MetadataResolver)
+        def mrv2 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[1].id, MetadataResolver)
+
+        then:
+        noExceptionThrown()
+    }
+
+    def "SHIBUI-1501"() {
+        given:
+        def mr = new FileBackedHttpMetadataResolver(name: 'shibui-1501')
+        mr = repository.save(mr)
+
+        when: 'add a filter'
+        EntityAttributesFilter filter = this.generator.entityAttributesFilter()
+        mr.addFilter(filter)
+        def resolver = (repository.save(mr) as MetadataResolver).withTraits AttributeReleaseAndOverrides
+        resolver.entityAttributesFilterIntoTransientRepresentation()
+
+        def allVersions = getAllMetadataResolverVersions(mr.resourceId, List)
+        def mrv2 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[1].id, MetadataResolver)
+                .body.withTraits AttributeReleaseAndOverrides
+
+        then:
+        mrv2.metadataFilters.size() == 1
+        mrv2.attributesRelease(0).size() == resolver.attributesRelease(0).size()
+        mrv2.overrides(0).size() == resolver.overrides(0).size()
+        mrv2.attributesRelease(0) == resolver.attributesRelease(0)
+        mrv2.overrides(0) == resolver.overrides(0)
+    }
+
+    @Unroll
+    def "SHIBUI-1509 with #urlConstructionScheme"() {
+        MetadataResolver mr = new DynamicHttpMetadataResolver(name: randomAlphabetic(8)).with {
+            it.metadataRequestURLConstructionScheme = urlConstructionScheme
+            it
+        }
+        mr = repository.save(mr)
+
+        when:
+        def allVersions = getAllMetadataResolverVersions(mr.resourceId, List)
+        def mrv1 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[0].id, MetadataResolver)
+
+        then:
+        noExceptionThrown()
+
+        where:
+        urlConstructionScheme << [new RegexScheme(match: ".*"), new MetadataQueryProtocolScheme(), new TemplateScheme()]
+    }
+
     private getAllMetadataResolverVersions(String resourceId, responseType) {
         this.restTemplate.getForEntity(resourceUriFor(ALL_VERSIONS_URI, resourceId), responseType)
     }
@@ -170,3 +283,13 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
         String.format(uriTemplate, resourceId)
     }
 }
+
+trait AttributeReleaseAndOverrides {
+    List<String> attributesRelease(int filterIndex) {
+        (this.metadataFilters[filterIndex] as EntityAttributesFilter).attributeRelease
+    }
+
+    Map<String, Object> overrides(int filterIndex) {
+        (this.metadataFilters[filterIndex] as EntityAttributesFilter).relyingPartyOverrides
+    }
+}