From 900da38824242d420453b2917408e7adbba80239 Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Fri, 29 Jul 2022 14:01:19 -0400 Subject: [PATCH 01/23] init setup Former-commit-id: 5181702e57e39598f5f75839d9d262045b220e30 --- testbed/smoke-test/cheat.html | 110 ++++++++++++++++++++++ testbed/smoke-test/docker-compose.yml | 105 +++++++++++++++++++++ testbed/smoke-test/shibui/application.yml | 40 ++++++++ 3 files changed, 255 insertions(+) create mode 100644 testbed/smoke-test/cheat.html create mode 100644 testbed/smoke-test/docker-compose.yml create mode 100644 testbed/smoke-test/shibui/application.yml diff --git a/testbed/smoke-test/cheat.html b/testbed/smoke-test/cheat.html new file mode 100644 index 000000000..74682f912 --- /dev/null +++ b/testbed/smoke-test/cheat.html @@ -0,0 +1,110 @@ + + +

Reload Service

+
+ + + +
+

Attribute Resolution

+
+ + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + + +
+ + +
+
+

Metadata Query

+ + + + + +
+ + + +
+ +
+
+

Reload Metadata

+ + + + + +
+ + + +
+ +
+
+

Unsolicited SSO

+ + + + + +
+ + + +
+ +
+metrics + + diff --git a/testbed/smoke-test/docker-compose.yml b/testbed/smoke-test/docker-compose.yml new file mode 100644 index 000000000..ec2f2c854 --- /dev/null +++ b/testbed/smoke-test/docker-compose.yml @@ -0,0 +1,105 @@ +version: "3.8" + +services: + reverse-proxy: + image: library/traefik:v2.5.2 + command: + - "--api.insecure=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web-secure.address=:443" + - "--providers.file.directory=/configuration/" + - "--providers.file.watch=true" + # - "--log.level=DEBUG" + networks: + reverse-proxy: + aliases: + - idp.unicon.local + ports: + - "80:80" + - "8080:8080" + - "443:443" + - "8443:8443" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ../reverse-proxy/:/configuration/ + - ../reverse-proxy/certs/:/certs/ + directory: + build: ../directory + networks: + - idp + volumes: + - directory_data:/var/lib/ldap + - directory_config:/etc/ldap/slapd.d + - ../directory/certs:/container/service/slapd/assets/certs + environment: + LDAP_BASE_DN: "dc=unicon,dc=local" + LDAP_DOMAIN: "unicon.local" + HOSTNAME: "directory" + LDAP_TLS_VERIFY_CLIENT: "try" + idp: + build: ../integration/shibboleth-idp + labels: + - "traefik.http.routers.idp.rule=Host(`idp.unicon.local`)" + - "traefik.http.services.idp.loadbalancer.server.port=8080" + - "traefik.http.routers.idp.tls=true" + - "traefik.docker.network=integration_reverse-proxy" + - "traefik.enable=true" + depends_on: + - directory + - reverse-proxy + networks: + - reverse-proxy + - idp + volumes: + - ../directory/certs/ca.crt:/opt/shibboleth-idp/credentials/ldap-server.crt + - dynamic_metadata:/opt/shibboleth-idp/metadata/dynamic + - dynamic_config:/opt/shibboleth-idp/conf/dynamic + - ../integration/shibboleth-idp/metadata/dynamic:/opt/shibboleth-idp/metadata/dynamic + - ../authentication/shibboleth-idp/config/shib-idp/conf/attribute-filter.xml:/opt/shibboleth-idp/conf/attribute-filter.xml + healthcheck: + disable: true + shib-idp-ui: + image: unicon/shibui:latest + labels: + - "traefik.http.routers.shibui.rule=Host(`shibui.unicon.local`)" + - "traefik.http.services.shibui.loadbalancer.server.port=8080" + - "traefik.http.routers.shibui.tls=true" + - "traefik.docker.network=integration_reverse-proxy" + - "traefik.enable=true" + networks: + - reverse-proxy + - backend + volumes: + - ../authentication/shibui:/conf + - ./shibui/application.yml:/application.yml + - dynamic_metadata:/var/shibboleth/dynamic_metadata + - dynamic_config:/var/shibboleth/dynamic_config + - ../integration/shibboleth-idp/credentials/shib-idp/inc-md-cert-mdq.pem:/opt/shibboleth-idp/credentials/inc-md-cert-mdq.pem + environment: + - "IDP_HOME=/opt/shibboleth-idp" + database: + image: postgres:14-alpine + environment: + POSTGRES_PASSWORD: shibui + POSTGRES_USER: shibui + POSTGRES_DB: shibui + networks: + - backend + volumes: + - database_data:/var/lib/postgresql/data +networks: + reverse-proxy: + idp: + backend: +volumes: + directory_data: + driver: local + directory_config: + driver: local + dynamic_metadata: + driver: local + dynamic_config: + driver: local + database_data: + driver: local diff --git a/testbed/smoke-test/shibui/application.yml b/testbed/smoke-test/shibui/application.yml new file mode 100644 index 000000000..126256f0d --- /dev/null +++ b/testbed/smoke-test/shibui/application.yml @@ -0,0 +1,40 @@ +server: + forward-headers-strategy: NATIVE +spring: + profiles: + include: + datasource: + platform: postgres + driver-class-name: org.postgresql.Driver + url: jdbc:postgresql://database:5432/shibui + username: shibui + password: shibui + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQLDialect +shibui: + default-password: "{noop}letmein7" + metadata-dir: /var/shibboleth/dynamic_metadata + metadataProviders: + target: file:/var/shibboleth/dynamic_config/metadata-providers.xml + user-bootstrap-resource: file:/conf/users.csv + roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_ENABLE,ROLE_PONY + pac4j-enabled: true + pac4j: + keystorePath: "/conf/samlKeystore.jks" + keystorePassword: "changeit" + privateKeyPassword: "changeit" + serviceProviderEntityId: "https://unicon.net/test/shibui" + serviceProviderMetadataPath: "/conf/sp-metadata.xml" + identityProviderMetadataPath: "/conf/idp-metadata.xml" + forceServiceProviderMetadataGeneration: true + callbackUrl: "https://shibui.unicon.local/callback" + maximumAuthenticationLifetime: 3600000 + simpleProfileMapping: + username: urn:oid:0.9.2342.19200300.100.1.1 + firstName: urn:oid:2.5.4.42 + lastName: urn:oid:2.5.4.4 + email: urn:oid:0.9.2342.19200300.100.1.3 + groups: urn:oid:2.5.4.15 # businessCategory + roles: urn:oid:1.3.6.1.4.1.5923.1.1.1.7 # eduPersonEntitlement From 90d05708210edb769d2540f8c95c53040d8bb26c Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Fri, 5 Aug 2022 14:45:00 -0400 Subject: [PATCH 02/23] auth and integration testbeds combined Former-commit-id: 09cf8130a77974ecff8968d079945b9cb8d4017b --- testbed/smoke-test/docker-compose.yml | 17 +-- .../shibboleth-idp/conf/access-control.xml | 68 ++++++++++++ .../conf/metadata-providers.xml | 101 ++++++++++++++++++ .../metadata/test-provider-config.xml | 38 +++++++ 4 files changed, 217 insertions(+), 7 deletions(-) create mode 100644 testbed/smoke-test/shibboleth-idp/conf/access-control.xml create mode 100644 testbed/smoke-test/shibboleth-idp/conf/metadata-providers.xml create mode 100644 testbed/smoke-test/shibboleth-idp/metadata/test-provider-config.xml diff --git a/testbed/smoke-test/docker-compose.yml b/testbed/smoke-test/docker-compose.yml index ec2f2c854..0c92cad01 100644 --- a/testbed/smoke-test/docker-compose.yml +++ b/testbed/smoke-test/docker-compose.yml @@ -10,7 +10,7 @@ services: - "--entrypoints.web-secure.address=:443" - "--providers.file.directory=/configuration/" - "--providers.file.watch=true" - # - "--log.level=DEBUG" + #- "--log.level=DEBUG" networks: reverse-proxy: aliases: @@ -43,7 +43,7 @@ services: - "traefik.http.routers.idp.rule=Host(`idp.unicon.local`)" - "traefik.http.services.idp.loadbalancer.server.port=8080" - "traefik.http.routers.idp.tls=true" - - "traefik.docker.network=integration_reverse-proxy" + - "traefik.docker.network=smoke-test_reverse-proxy" - "traefik.enable=true" depends_on: - directory @@ -52,11 +52,14 @@ services: - reverse-proxy - idp volumes: - - ../directory/certs/ca.crt:/opt/shibboleth-idp/credentials/ldap-server.crt - dynamic_metadata:/opt/shibboleth-idp/metadata/dynamic - dynamic_config:/opt/shibboleth-idp/conf/dynamic - - ../integration/shibboleth-idp/metadata/dynamic:/opt/shibboleth-idp/metadata/dynamic + - ../directory/certs/ca.crt:/opt/shibboleth-idp/credentials/ldap-server.crt - ../authentication/shibboleth-idp/config/shib-idp/conf/attribute-filter.xml:/opt/shibboleth-idp/conf/attribute-filter.xml + - ./shibboleth-idp/conf/metadata-providers.xml:/opt/shibboleth-idp/conf/metadata-providers.xml + - ./shibboleth-idp/conf/access-control.xml:/opt/shibboleth-idp/conf/access-control.xml + - ./shibboleth-idp/metadata/test-provider-config.xml:/opt/shibboleth-idp/metadata/test-provider-config.xml + - ../integration/shibboleth-idp/metadata/dynamic/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml:/opt/shibboleth-idp/metadata/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml healthcheck: disable: true shib-idp-ui: @@ -65,16 +68,16 @@ services: - "traefik.http.routers.shibui.rule=Host(`shibui.unicon.local`)" - "traefik.http.services.shibui.loadbalancer.server.port=8080" - "traefik.http.routers.shibui.tls=true" - - "traefik.docker.network=integration_reverse-proxy" + - "traefik.docker.network=smoke-test_reverse-proxy" - "traefik.enable=true" networks: - reverse-proxy - backend volumes: - - ../authentication/shibui:/conf - - ./shibui/application.yml:/application.yml - dynamic_metadata:/var/shibboleth/dynamic_metadata - dynamic_config:/var/shibboleth/dynamic_config + - ../authentication/shibui:/conf + - ./shibui/application.yml:/application.yml - ../integration/shibboleth-idp/credentials/shib-idp/inc-md-cert-mdq.pem:/opt/shibboleth-idp/credentials/inc-md-cert-mdq.pem environment: - "IDP_HOME=/opt/shibboleth-idp" diff --git a/testbed/smoke-test/shibboleth-idp/conf/access-control.xml b/testbed/smoke-test/shibboleth-idp/conf/access-control.xml new file mode 100644 index 000000000..053bc22c7 --- /dev/null +++ b/testbed/smoke-test/shibboleth-idp/conf/access-control.xml @@ -0,0 +1,68 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/testbed/smoke-test/shibboleth-idp/conf/metadata-providers.xml b/testbed/smoke-test/shibboleth-idp/conf/metadata-providers.xml new file mode 100644 index 000000000..bd90a4751 --- /dev/null +++ b/testbed/smoke-test/shibboleth-idp/conf/metadata-providers.xml @@ -0,0 +1,101 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + https://mdq.incommon.org/ + + + diff --git a/testbed/smoke-test/shibboleth-idp/metadata/test-provider-config.xml b/testbed/smoke-test/shibboleth-idp/metadata/test-provider-config.xml new file mode 100644 index 000000000..caec9caf4 --- /dev/null +++ b/testbed/smoke-test/shibboleth-idp/metadata/test-provider-config.xml @@ -0,0 +1,38 @@ + + + + + + +MIIECDCCAnCgAwIBAgIUXOD+38b0Cpaynm5Wrclnzigz9rcwDQYJKoZIhvcNAQEL +BQAwHTEbMBkGA1UEAxMSdW5pY29uLXNwb3J0aC0yNjU4MB4XDTIyMDgwNTE3MDE1 +NloXDTMyMDgwMjE3MDE1NlowHTEbMBkGA1UEAxMSdW5pY29uLXNwb3J0aC0yNjU4 +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAynP0dUXXr0yb4oAYT5OG +/ik+24jor0W0Z/0T0g3C4IXqDMHMdHlfPSrp6rf+PDlS+0L+GCZQC2IpntmGNEdf +miCs9UcssZ3aBHoch0R0Og4rxu74Vk488NVXHsX75RTom5B0atPGxdmHRNIPUPNp +F4AqAMMV18y35+ElJj5UuPZe9QEgJVzGqdH0dGvaNFPZfB7HCD7lGJiO0Remhufn +umwrRqfQETmefCD4Wrv60I4LgUrUSqlZTpD4TaR3o1N6uSKaJPy7iANqQXoEqc3p +jbiM+Tkv6t+q6FbEIF3zKwODzHcycaVYzqOxzVMGWtyPADBm3P/8wvDZnHWEqAcy +9cHY7THHq8s6bdR8aIO+T0uvIqXJAO0orGVJ4b1X2OBRRneUVtxFbzbAXWN+wwKW +Xn8M1sP9hteV9CAkp4nbyPnfwWlZYaN48QytMZhu3oQywlcc/VuDEst04IeAt/1f +YTWmSliJwAduFXpRtQjgB/ejfLUkJHugNJe2N23dNb8ZAgMBAAGjQDA+MB0GA1Ud +EQQWMBSCEnVuaWNvbi1zcG9ydGgtMjY1ODAdBgNVHQ4EFgQUuAUQzGLs2Psbx5aw +ec5sz66h4TIwDQYJKoZIhvcNAQELBQADggGBAEqDt2lXrAEJ80yWLYZKM2qdif5j +DbFI4oGMJ+6Wicfjh9iSm6CG2pSdZllypNLd7KmUJbGFS5wmP7qPAiPLOiHn6hBC +L5ke3y8bJsaEazOmZt0IgKv2w6naEAfvR5dKbEbXsipf/k+WHyk6uLFoz9iGxZ0g +f8MA+nWa1tJcPcGVOReN3wNNeBaRZ5y0r6oWSpwYtoBJH+wp2EoLPYhOXFjUoAZ0 +d4b+G2x9FyHU4yfnN9sTLocl/BVDiVdazMQqSvZDSWbccRsD8sz4BaLnXkLOtulv +0qOYuVTdCivgU0lBMhvXjiEpn0ZwU+UlSgtfEgaVP8pZVgHxKrMhoOxAe85dNHun +RyYCrByqg4lyFGzRKSTAUlx0YittvEyYOEqbSsXExViSIl+elg4PtghsYAaUphm4 ++FHJo8B1rNNQp4vqikGF2WOr3D2usIS9ZbiGvTC0M8TSG39jGCqgQZaclV2yshEC +cXQllPfIyCtMzlaGVjpXPEqahwkug4ywml9yAw== + + + + + + + + + + From fb95938505137c4f2d16a8a9cfae26a365dd7b21 Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Mon, 8 Aug 2022 15:59:20 -0400 Subject: [PATCH 03/23] added ability to switch database backends Former-commit-id: d5595768a00fe18cb7df74399cafb0ee307a9eaf --- .../mariadb.docker-compose.override.yml | 19 +++++++++++++ testbed/smoke-test/db_configs/mariadb.yml | 13 +++++++++ .../mysql.docker-compose.override.yml | 19 +++++++++++++ testbed/smoke-test/db_configs/mysql.yml | 13 +++++++++ testbed/smoke-test/db_configs/postgres.yml | 13 +++++++++ .../sqlServer.docker-compose.override.yml | 17 ++++++++++++ testbed/smoke-test/db_configs/sqlServer.yml | 13 +++++++++ testbed/smoke-test/docker-compose.yml | 22 ++++++++------- testbed/smoke-test/setdb.sh | 22 +++++++++++++++ testbed/smoke-test/shibui/application.yml | 26 +++++++++--------- .../smoke-test/shibui/application.yml.nodb | 27 +++++++++++++++++++ 11 files changed, 181 insertions(+), 23 deletions(-) create mode 100644 testbed/smoke-test/db_configs/mariadb.docker-compose.override.yml create mode 100644 testbed/smoke-test/db_configs/mariadb.yml create mode 100644 testbed/smoke-test/db_configs/mysql.docker-compose.override.yml create mode 100644 testbed/smoke-test/db_configs/mysql.yml create mode 100644 testbed/smoke-test/db_configs/postgres.yml create mode 100644 testbed/smoke-test/db_configs/sqlServer.docker-compose.override.yml create mode 100644 testbed/smoke-test/db_configs/sqlServer.yml create mode 100755 testbed/smoke-test/setdb.sh create mode 100644 testbed/smoke-test/shibui/application.yml.nodb diff --git a/testbed/smoke-test/db_configs/mariadb.docker-compose.override.yml b/testbed/smoke-test/db_configs/mariadb.docker-compose.override.yml new file mode 100644 index 000000000..ad9f8ae09 --- /dev/null +++ b/testbed/smoke-test/db_configs/mariadb.docker-compose.override.yml @@ -0,0 +1,19 @@ +services: + database: + image: mariadb + environment: + MYSQL_DATABASE: shibui + MYSQL_USER: shibui + MYSQL_PASSWORD: shibui + MYSQL_ROOT_PASSWORD: root + healthcheck: + test: mysql -u shibui --password=shibui shibui -e "select 1" + interval: 5s + retries: 5 + start_period: 5s + timeout: 10s + shib-idp-ui: + depends_on: + database: + condition: service_healthy + \ No newline at end of file diff --git a/testbed/smoke-test/db_configs/mariadb.yml b/testbed/smoke-test/db_configs/mariadb.yml new file mode 100644 index 000000000..9b64f680f --- /dev/null +++ b/testbed/smoke-test/db_configs/mariadb.yml @@ -0,0 +1,13 @@ +spring: + profiles: + include: + datasource: + platform: mysql + driver-class-name: com.mariadb.jdbc.Driver + url: jdbc:mariadb://database:3306/shibui + username: shibui + password: shibui + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.MariaDB103Dialect diff --git a/testbed/smoke-test/db_configs/mysql.docker-compose.override.yml b/testbed/smoke-test/db_configs/mysql.docker-compose.override.yml new file mode 100644 index 000000000..6d511c7e6 --- /dev/null +++ b/testbed/smoke-test/db_configs/mysql.docker-compose.override.yml @@ -0,0 +1,19 @@ +services: + database: + image: mysql + environment: + MYSQL_DATABASE: shibui + MYSQL_USER: shibui + MYSQL_PASSWORD: shibui + MYSQL_ROOT_PASSWORD: root + healthcheck: + test: mysql -u shibui --password=shibui shibui -e "select 1" + interval: 5s + retries: 5 + start_period: 5s + timeout: 10s + shib-idp-ui: + depends_on: + database: + condition: service_healthy + \ No newline at end of file diff --git a/testbed/smoke-test/db_configs/mysql.yml b/testbed/smoke-test/db_configs/mysql.yml new file mode 100644 index 000000000..b3d434d8a --- /dev/null +++ b/testbed/smoke-test/db_configs/mysql.yml @@ -0,0 +1,13 @@ +spring: + profiles: + include: + datasource: + platform: mysql + driver-class-name: com.mysql.cj.jdbc.Driver + url: jdbc:mysql://database:3306/shibui + username: shibui + password: shibui + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.MySQL8Dialect diff --git a/testbed/smoke-test/db_configs/postgres.yml b/testbed/smoke-test/db_configs/postgres.yml new file mode 100644 index 000000000..c9117f2e5 --- /dev/null +++ b/testbed/smoke-test/db_configs/postgres.yml @@ -0,0 +1,13 @@ +spring: + profiles: + include: + datasource: + platform: postgres + driver-class-name: org.postgresql.Driver + url: jdbc:postgresql://database:5432/shibui + username: shibui + password: shibui + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQLDialect \ No newline at end of file diff --git a/testbed/smoke-test/db_configs/sqlServer.docker-compose.override.yml b/testbed/smoke-test/db_configs/sqlServer.docker-compose.override.yml new file mode 100644 index 000000000..13d5a0670 --- /dev/null +++ b/testbed/smoke-test/db_configs/sqlServer.docker-compose.override.yml @@ -0,0 +1,17 @@ +services: + database: + build: + context: ../sqlServer + dockerfile: ../sqlServer/docker/Dockerfile + image: smoke-test_database +# healthcheck: +# test: mysql -u shibui --password=shibui shibui -e "select 1" +# interval: 5s +# retries: 5 +# start_period: 5s +# timeout: 10s +# shib-idp-ui: +# depends_on: +# database: +# condition: service_healthy + \ No newline at end of file diff --git a/testbed/smoke-test/db_configs/sqlServer.yml b/testbed/smoke-test/db_configs/sqlServer.yml new file mode 100644 index 000000000..d6e7a3e68 --- /dev/null +++ b/testbed/smoke-test/db_configs/sqlServer.yml @@ -0,0 +1,13 @@ +spring: + profiles: + include: + datasource: + platform: sqlserver + driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver + url: jdbc:sqlserver://database:1433 + username: sa + password: Password1 + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.SQLServerDialect \ No newline at end of file diff --git a/testbed/smoke-test/docker-compose.yml b/testbed/smoke-test/docker-compose.yml index 0c92cad01..9e2ac5340 100644 --- a/testbed/smoke-test/docker-compose.yml +++ b/testbed/smoke-test/docker-compose.yml @@ -37,6 +37,14 @@ services: LDAP_DOMAIN: "unicon.local" HOSTNAME: "directory" LDAP_TLS_VERIFY_CLIENT: "try" + database: + image: postgres:14-alpine + networks: + - backend + environment: + POSTGRES_PASSWORD: shibui + POSTGRES_USER: shibui + POSTGRES_DB: shibui idp: build: ../integration/shibboleth-idp labels: @@ -70,6 +78,9 @@ services: - "traefik.http.routers.shibui.tls=true" - "traefik.docker.network=smoke-test_reverse-proxy" - "traefik.enable=true" + depends_on: + database: + condition: service_started networks: - reverse-proxy - backend @@ -81,16 +92,7 @@ services: - ../integration/shibboleth-idp/credentials/shib-idp/inc-md-cert-mdq.pem:/opt/shibboleth-idp/credentials/inc-md-cert-mdq.pem environment: - "IDP_HOME=/opt/shibboleth-idp" - database: - image: postgres:14-alpine - environment: - POSTGRES_PASSWORD: shibui - POSTGRES_USER: shibui - POSTGRES_DB: shibui - networks: - - backend - volumes: - - database_data:/var/lib/postgresql/data + networks: reverse-proxy: idp: diff --git a/testbed/smoke-test/setdb.sh b/testbed/smoke-test/setdb.sh new file mode 100755 index 000000000..e4347a298 --- /dev/null +++ b/testbed/smoke-test/setdb.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +DB=$1 + +if [[ ! "$DB" =~ ^(postgres|mariadb|mysql|sqlServer)$ ]]; +then + echo "argument mst be one of: postgres mariadb mysql sqlServer" + exit 0; +fi + +if [[ $DB == "postgres" ]]; +then +rm -f docker-compose.override.yml +else +rm -f docker-compose.override.yml +ln -s db_configs/$DB.docker-compose.override.yml docker-compose.override.yml +fi + +rm -f shibui/application.yml +cat shibui/application.yml.nodb db_configs/$DB.yml >> shibui/application.yml + +echo "shibui will now use the $DB container" diff --git a/testbed/smoke-test/shibui/application.yml b/testbed/smoke-test/shibui/application.yml index 126256f0d..df9137c0b 100644 --- a/testbed/smoke-test/shibui/application.yml +++ b/testbed/smoke-test/shibui/application.yml @@ -1,18 +1,5 @@ server: forward-headers-strategy: NATIVE -spring: - profiles: - include: - datasource: - platform: postgres - driver-class-name: org.postgresql.Driver - url: jdbc:postgresql://database:5432/shibui - username: shibui - password: shibui - jpa: - properties: - hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect shibui: default-password: "{noop}letmein7" metadata-dir: /var/shibboleth/dynamic_metadata @@ -38,3 +25,16 @@ shibui: email: urn:oid:0.9.2342.19200300.100.1.3 groups: urn:oid:2.5.4.15 # businessCategory roles: urn:oid:1.3.6.1.4.1.5923.1.1.1.7 # eduPersonEntitlement +spring: + profiles: + include: + datasource: + platform: postgres + driver-class-name: org.postgresql.Driver + url: jdbc:postgresql://database:5432/shibui + username: shibui + password: shibui + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQLDialect \ No newline at end of file diff --git a/testbed/smoke-test/shibui/application.yml.nodb b/testbed/smoke-test/shibui/application.yml.nodb new file mode 100644 index 000000000..b4a070c2c --- /dev/null +++ b/testbed/smoke-test/shibui/application.yml.nodb @@ -0,0 +1,27 @@ +server: + forward-headers-strategy: NATIVE +shibui: + default-password: "{noop}letmein7" + metadata-dir: /var/shibboleth/dynamic_metadata + metadataProviders: + target: file:/var/shibboleth/dynamic_config/metadata-providers.xml + user-bootstrap-resource: file:/conf/users.csv + roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_ENABLE,ROLE_PONY + pac4j-enabled: true + pac4j: + keystorePath: "/conf/samlKeystore.jks" + keystorePassword: "changeit" + privateKeyPassword: "changeit" + serviceProviderEntityId: "https://unicon.net/test/shibui" + serviceProviderMetadataPath: "/conf/sp-metadata.xml" + identityProviderMetadataPath: "/conf/idp-metadata.xml" + forceServiceProviderMetadataGeneration: true + callbackUrl: "https://shibui.unicon.local/callback" + maximumAuthenticationLifetime: 3600000 + simpleProfileMapping: + username: urn:oid:0.9.2342.19200300.100.1.1 + firstName: urn:oid:2.5.4.42 + lastName: urn:oid:2.5.4.4 + email: urn:oid:0.9.2342.19200300.100.1.3 + groups: urn:oid:2.5.4.15 # businessCategory + roles: urn:oid:1.3.6.1.4.1.5923.1.1.1.7 # eduPersonEntitlement From 713038872d24e4e280cae2419eed9d6f8c5c8032 Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Tue, 9 Aug 2022 09:47:23 -0400 Subject: [PATCH 04/23] cleanup, fix mariadb driver name Former-commit-id: d005502b82ee636664925b5b2ac9f596031ee602 --- .../db_configs/{mariadb.yml => mariadb.application.yml} | 2 +- .../smoke-test/db_configs/{mysql.yml => mysql.application.yml} | 0 .../db_configs/{postgres.yml => postgres.application.yml} | 0 .../db_configs/{sqlServer.yml => sqlServer.application.yml} | 0 testbed/smoke-test/setdb.sh | 2 +- 5 files changed, 2 insertions(+), 2 deletions(-) rename testbed/smoke-test/db_configs/{mariadb.yml => mariadb.application.yml} (84%) rename testbed/smoke-test/db_configs/{mysql.yml => mysql.application.yml} (100%) rename testbed/smoke-test/db_configs/{postgres.yml => postgres.application.yml} (100%) rename testbed/smoke-test/db_configs/{sqlServer.yml => sqlServer.application.yml} (100%) diff --git a/testbed/smoke-test/db_configs/mariadb.yml b/testbed/smoke-test/db_configs/mariadb.application.yml similarity index 84% rename from testbed/smoke-test/db_configs/mariadb.yml rename to testbed/smoke-test/db_configs/mariadb.application.yml index 9b64f680f..a42a5c8bc 100644 --- a/testbed/smoke-test/db_configs/mariadb.yml +++ b/testbed/smoke-test/db_configs/mariadb.application.yml @@ -3,7 +3,7 @@ spring: include: datasource: platform: mysql - driver-class-name: com.mariadb.jdbc.Driver + driver-class-name: org.mariadb.jdbc.Driver url: jdbc:mariadb://database:3306/shibui username: shibui password: shibui diff --git a/testbed/smoke-test/db_configs/mysql.yml b/testbed/smoke-test/db_configs/mysql.application.yml similarity index 100% rename from testbed/smoke-test/db_configs/mysql.yml rename to testbed/smoke-test/db_configs/mysql.application.yml diff --git a/testbed/smoke-test/db_configs/postgres.yml b/testbed/smoke-test/db_configs/postgres.application.yml similarity index 100% rename from testbed/smoke-test/db_configs/postgres.yml rename to testbed/smoke-test/db_configs/postgres.application.yml diff --git a/testbed/smoke-test/db_configs/sqlServer.yml b/testbed/smoke-test/db_configs/sqlServer.application.yml similarity index 100% rename from testbed/smoke-test/db_configs/sqlServer.yml rename to testbed/smoke-test/db_configs/sqlServer.application.yml diff --git a/testbed/smoke-test/setdb.sh b/testbed/smoke-test/setdb.sh index e4347a298..06821b37c 100755 --- a/testbed/smoke-test/setdb.sh +++ b/testbed/smoke-test/setdb.sh @@ -17,6 +17,6 @@ ln -s db_configs/$DB.docker-compose.override.yml docker-compose.override.yml fi rm -f shibui/application.yml -cat shibui/application.yml.nodb db_configs/$DB.yml >> shibui/application.yml +cat shibui/application.yml.nodb db_configs/$DB.application.yml >> shibui/application.yml echo "shibui will now use the $DB container" From 1d75bc1661a10d963eab6742a572a94b26d157d0 Mon Sep 17 00:00:00 2001 From: Sean Porth Date: Tue, 9 Aug 2022 12:48:05 -0400 Subject: [PATCH 05/23] typo Former-commit-id: 7c03bb88d7ee526c0868ff8d0dd8f16e3fbd9b42 --- testbed/smoke-test/setdb.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testbed/smoke-test/setdb.sh b/testbed/smoke-test/setdb.sh index 06821b37c..4795526a2 100755 --- a/testbed/smoke-test/setdb.sh +++ b/testbed/smoke-test/setdb.sh @@ -4,7 +4,7 @@ DB=$1 if [[ ! "$DB" =~ ^(postgres|mariadb|mysql|sqlServer)$ ]]; then - echo "argument mst be one of: postgres mariadb mysql sqlServer" + echo "argument must be one of: postgres mariadb mysql sqlServer" exit 0; fi From da992f3e24b21b86f860efc0fee205c4a0fec07d Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 10 Aug 2022 08:48:18 -0700 Subject: [PATCH 06/23] Updated algorithm filter --- .../main/resources/i18n/messages.properties | 13 ++++++++++- .../schema/filter/algorithm.schema.json | 23 +++++++++++++++++++ .../definition/AlgorithmFilterDefinition.js | 4 +++- 3 files changed, 38 insertions(+), 2 deletions(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 3b3e67e83..9dcdc22b3 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -727,4 +727,15 @@ tooltip.group-description=Group Description tooltip.role-name=Role Name tooltip.role-description=Role Description -tooltip.contact-information=Contact Information \ No newline at end of file +tooltip.contact-information=Contact Information + +label.algorithm=Algorithm +tooltip.algorithm=Block encryption algorithms are designed for encrypting and decrypting data in fixed size, multiple octet blocks. + +value.algorithm-gcm-256=GCM (256) - http://www.w3.org/2009/xmlenc11#aes256-gcm +value.algorithm-gcm-192=GCM (192) - http://www.w3.org/2009/xmlenc11#aes192-gcm +value.algorithm-gcm-128=GCM (128) - http://www.w3.org/2009/xmlenc11#aes128-gcm +value.algorithm-cbc-256=CBC (256) - http://www.w3.org/2001/04/xmlenc#aes256-cbc +value.algorithm-cbc-192=CBC (192) - http://www.w3.org/2001/04/xmlenc#aes192-cbc +value.algorithm-cbc-128=CBC (128) - http://www.w3.org/2001/04/xmlenc#aes128-cbc +value.algorithm-cbc-tripledes=CBC (TRIPLEDES) - http://www.w3.org/2001/04/xmlenc#tripledes-cbc diff --git a/ui/public/assets/schema/filter/algorithm.schema.json b/ui/public/assets/schema/filter/algorithm.schema.json index 0c0c74444..879bb4ddc 100644 --- a/ui/public/assets/schema/filter/algorithm.schema.json +++ b/ui/public/assets/schema/filter/algorithm.schema.json @@ -47,6 +47,29 @@ }, "version": { "type": "integer" + }, + "algorithm": { + "title": "label.algorithm", + "description": "tooltip.algorithm", + "type": "string", + "enum": [ + "http://www.w3.org/2009/xmlenc11#aes256-gcm", + "http://www.w3.org/2009/xmlenc11#aes192-gcm", + "http://www.w3.org/2009/xmlenc11#aes128-gcm", + "http://www.w3.org/2001/04/xmlenc#aes256-cbc", + "http://www.w3.org/2001/04/xmlenc#aes192-cbc", + "http://www.w3.org/2001/04/xmlenc#aes128-cbc", + "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" + ], + "enumNames": [ + "value.algorithm-gcm-256", + "value.algorithm-gcm-192", + "value.algorithm-gcm-128", + "value.algorithm-cbc-256", + "value.algorithm-cbc-192", + "value.algorithm-cbc-128", + "value.algorithm-cbc-tripledes" + ] } }, "definitions": {} diff --git a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js index e0c15bf80..4841b5c89 100644 --- a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js +++ b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js @@ -53,7 +53,9 @@ export const AlgorithmFilterEditor = { label: 'label.options', index: 2, initialValues: [], - fields: [] + fields: [ + 'algorithm' + ] } ] }; \ No newline at end of file From 52b500835373082e2046ba0ebae7cf72071591b8 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 10 Aug 2022 13:31:31 -0700 Subject: [PATCH 07/23] Integrating with backend --- .../resources/algorithm-filter.schema.json | 137 ++++++++++-------- .../main/resources/i18n/messages.properties | 1 + .../schema/filter/algorithm.schema.json | 60 ++++---- ui/src/app/core/components/ProtectRoute.js | 7 +- .../component/fields/FilterTargetField.js | 24 ++- ui/src/app/metadata/Filter.js | 2 + .../definition/AlgorithmFilterDefinition.js | 14 +- .../filter/definition/BaseFilterDefinition.js | 7 + 8 files changed, 154 insertions(+), 98 deletions(-) diff --git a/backend/src/main/resources/algorithm-filter.schema.json b/backend/src/main/resources/algorithm-filter.schema.json index f570dacb7..552d92ec2 100644 --- a/backend/src/main/resources/algorithm-filter.schema.json +++ b/backend/src/main/resources/algorithm-filter.schema.json @@ -1,65 +1,82 @@ { - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "title": "label.filter-name", - "description": "tooltip.filter-name", - "type": "string" - }, - "filterEnabled": { - "title": "label.enable-filter", - "description": "tooltip.enable-filter", - "type": "boolean", - "default": false - }, - "AlgorithmFilterTarget": { - "title": "label.search-criteria", - "description": "tooltip.search-criteria", - "type": "object", - "properties": { - "nameIdFormatFilterTargetType": { - "title": "label.filter-target-type", - "type": "string", - "default": "ENTITY", - "enum": [ - "ENTITY", - "CONDITION_REF", - "CONDITION_SCRIPT" - ], - "enumNames": [ - "value.entity-id", - "value.reference", - "value.script" - ] - }, - "value": { - "title": "label.filter-target-value", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "string" - } - } - }, - "required": [ - "value", - "algorithmFilterTargetType" - ] - }, - "@type": { - "type": "string", - "default": "Algorithm" - }, - "version": { - "type": "integer" + "type": "object", + "required": ["name"], + "properties": { + "name": { + "title": "label.filter-name", + "description": "tooltip.filter-name", + "type": "string" + }, + "filterEnabled": { + "title": "label.enable-filter", + "description": "tooltip.enable-filter", + "type": "boolean", + "default": false + }, + "algorithmFilterTarget": { + "title": "label.search-criteria", + "description": "tooltip.search-criteria", + "type": "object", + "properties": { + "algorithmFilterTargetType": { + "title": "label.filter-target-type", + "type": "string", + "default": "ENTITY", + "enum": ["ENTITY", "CONDITION_REF", "CONDITION_SCRIPT"], + "enumNames": ["value.entity-id", "value.reference", "value.script"] }, - "resourceId": { + "value": { + "title": "label.filter-target-value", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { "type": "string" + } } + }, + "required": ["value", "algorithmFilterTargetType"] + }, + "@type": { + "type": "string", + "default": "Algorithm" + }, + "version": { + "type": "integer" + }, + "resourceId": { + "type": "string" }, - "definitions": {} -} \ No newline at end of file + "algorithms": { + "$ref": "#/definitions/AlgorithmList" + } + }, + "definitions": { + "AlgorithmList": { + "title": "label.algorithm", + "description": "tooltip.algorithm", + "type": "array", + "items": { + "type": "string", + "enum": [ + "http://www.w3.org/2009/xmlenc11#aes256-gcm", + "http://www.w3.org/2009/xmlenc11#aes192-gcm", + "http://www.w3.org/2009/xmlenc11#aes128-gcm", + "http://www.w3.org/2001/04/xmlenc#aes256-cbc", + "http://www.w3.org/2001/04/xmlenc#aes192-cbc", + "http://www.w3.org/2001/04/xmlenc#aes128-cbc", + "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" + ], + "enumNames": [ + "value.algorithm-gcm-256", + "value.algorithm-gcm-192", + "value.algorithm-gcm-128", + "value.algorithm-cbc-256", + "value.algorithm-cbc-192", + "value.algorithm-cbc-128", + "value.algorithm-cbc-tripledes" + ] + } + } + } +} diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 8cc2c8dd3..3f23fc105 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -589,6 +589,7 @@ message.wizard-status=Step { index } of { length } message.entity-id-min-unique=You must add at least one entity id target and they must each be unique. message.required-for-scripts=Required for Scripts message.required-for-regex=Required for Regex +message.required-for-condition-ref=Required for Condition Ref message.file-doesnt-exist=The requested file to be processed does not exist on the server. message.database-constraint=There was a database constraint problem processing the request. Check the request to ensure that fields that must be unique are truly unique. diff --git a/ui/public/assets/schema/filter/algorithm.schema.json b/ui/public/assets/schema/filter/algorithm.schema.json index 879bb4ddc..a7abba111 100644 --- a/ui/public/assets/schema/filter/algorithm.schema.json +++ b/ui/public/assets/schema/filter/algorithm.schema.json @@ -22,10 +22,10 @@ "title": "label.filter-target-type", "type": "string", "default": "ENTITY", - "enum": ["ENTITY", "REGEX", "CONDITION_SCRIPT"], + "enum": ["ENTITY", "CONDITION_REF", "CONDITION_SCRIPT"], "enumNames": [ "value.entity-id", - "value.regex", + "value.reference", "value.script" ] }, @@ -43,34 +43,44 @@ }, "@type": { "type": "string", - "default": "NameIDFormat" + "default": "Algorithm" }, "version": { "type": "integer" }, - "algorithm": { + "resourceId": { + "type": "string" + }, + "algorithms": { + "$ref": "#/definitions/AlgorithmList" + } + }, + "definitions": { + "AlgorithmList": { "title": "label.algorithm", "description": "tooltip.algorithm", - "type": "string", - "enum": [ - "http://www.w3.org/2009/xmlenc11#aes256-gcm", - "http://www.w3.org/2009/xmlenc11#aes192-gcm", - "http://www.w3.org/2009/xmlenc11#aes128-gcm", - "http://www.w3.org/2001/04/xmlenc#aes256-cbc", - "http://www.w3.org/2001/04/xmlenc#aes192-cbc", - "http://www.w3.org/2001/04/xmlenc#aes128-cbc", - "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" - ], - "enumNames": [ - "value.algorithm-gcm-256", - "value.algorithm-gcm-192", - "value.algorithm-gcm-128", - "value.algorithm-cbc-256", - "value.algorithm-cbc-192", - "value.algorithm-cbc-128", - "value.algorithm-cbc-tripledes" - ] + "type": "array", + "items": { + "type": "string", + "enum": [ + "http://www.w3.org/2009/xmlenc11#aes256-gcm", + "http://www.w3.org/2009/xmlenc11#aes192-gcm", + "http://www.w3.org/2009/xmlenc11#aes128-gcm", + "http://www.w3.org/2001/04/xmlenc#aes256-cbc", + "http://www.w3.org/2001/04/xmlenc#aes192-cbc", + "http://www.w3.org/2001/04/xmlenc#aes128-cbc", + "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" + ], + "enumNames": [ + "value.algorithm-gcm-256", + "value.algorithm-gcm-192", + "value.algorithm-gcm-128", + "value.algorithm-cbc-256", + "value.algorithm-cbc-192", + "value.algorithm-cbc-128", + "value.algorithm-cbc-tripledes" + ] + } } - }, - "definitions": {} + } } diff --git a/ui/src/app/core/components/ProtectRoute.js b/ui/src/app/core/components/ProtectRoute.js index c01706920..68420b3b9 100644 --- a/ui/src/app/core/components/ProtectRoute.js +++ b/ui/src/app/core/components/ProtectRoute.js @@ -1,9 +1,14 @@ +import { isUndefined } from 'lodash'; import React from 'react'; import { Redirect } from 'react-router-dom'; -import { useIsAdmin } from '../user/UserContext'; +import { useCurrentUser, useIsAdmin } from '../user/UserContext'; export function ProtectRoute({ children, redirectTo, ...rest }) { + const user = useCurrentUser(); const isAdmin = useIsAdmin(); + if (isUndefined(user.role)) { + return <> + } return isAdmin ? children : ; } \ No newline at end of file diff --git a/ui/src/app/form/component/fields/FilterTargetField.js b/ui/src/app/form/component/fields/FilterTargetField.js index 0866ab2bf..6bcb94218 100644 --- a/ui/src/app/form/component/fields/FilterTargetField.js +++ b/ui/src/app/form/component/fields/FilterTargetField.js @@ -128,7 +128,8 @@ const FilterTargetField = ({ }; const selectType = (option) => { - setSelectedTarget([]); + const t = option.value === 'REGEX' || option.value === 'CONDITION_REF' ? [''] : []; + setSelectedTarget(t); setSelectedType(option); }; @@ -240,7 +241,6 @@ const FilterTargetField = ({ {errorSchema?.value?.__errors ? {errors} - : Required for Regex @@ -249,7 +249,25 @@ const FilterTargetField = ({ } } - + {targetType === 'CONDITION_REF' && + <> + handleTextChange(value) } /> + {errorSchema?.value?.__errors ? + + {errors} + : + + Required for Condition Ref +   + + } + + } {targetType === 'ENTITY' &&
diff --git a/ui/src/app/metadata/Filter.js b/ui/src/app/metadata/Filter.js index 4c1bc707c..58b867040 100644 --- a/ui/src/app/metadata/Filter.js +++ b/ui/src/app/metadata/Filter.js @@ -11,6 +11,8 @@ export function Filter() { const { path, url } = useRouteMatch(); + console.log(path, url) + return ( diff --git a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js index 4841b5c89..51e3fa846 100644 --- a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js +++ b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js @@ -1,6 +1,5 @@ import defaultsDeep from "lodash/defaultsDeep"; -// import API_BASE_PATH from "../../../../App.constant"; -import { BASE_PATH } from '../../../../App.constant'; +import API_BASE_PATH from "../../../../App.constant"; import { BaseFilterDefinition } from "./BaseFilterDefinition"; export const AlgorithmFilterWizard = { @@ -10,19 +9,16 @@ export const AlgorithmFilterWizard = { 'ui:field': 'FilterTargetField', api: '' }, - formats: { + algorithms: { "ui:options": { orderable: false - }, - items: { - 'ui:widget': 'OptionWidget' } } }, BaseFilterDefinition.uiSchema), label: 'Algorithm', type: 'Algorithm', - // schema: `${API_BASE_PATH}/ui/AlgorithmFilter`, - schema: `${BASE_PATH}assets/schema/filter/algorithm.schema.json`, + schema: `${API_BASE_PATH}/ui/AlgorithmFilter`, + // schema: `${BASE_PATH}assets/schema/filter/algorithm.schema.json`, steps: [], validator: (data = [], current = { resourceId: null }, group) => { return BaseFilterDefinition.validator(data, current, group, 'algorithmFilterTarget', 'algorithmFilterTargetType') @@ -54,7 +50,7 @@ export const AlgorithmFilterEditor = { index: 2, initialValues: [], fields: [ - 'algorithm' + 'algorithms' ] } ] diff --git a/ui/src/app/metadata/domain/filter/definition/BaseFilterDefinition.js b/ui/src/app/metadata/domain/filter/definition/BaseFilterDefinition.js index daed4cadc..1f8191cdc 100644 --- a/ui/src/app/metadata/domain/filter/definition/BaseFilterDefinition.js +++ b/ui/src/app/metadata/domain/filter/definition/BaseFilterDefinition.js @@ -29,6 +29,13 @@ export const BaseFilterDefinition = { errors[targetProp].value.addError('message.required-for-scripts'); } } + + if (formData[targetProp][typeProp] === 'CONDITION_REF') { + const { [targetProp]: { value } } = formData; + if (!value[0]) { + errors[targetProp].value.addError('message.required-for-condition-ref'); + } + } } return errors; From aa95c1c96e576a6b94006f19a9230088d51d9cbe Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 11 Aug 2022 14:05:09 -0700 Subject: [PATCH 08/23] SHIBUI-2268 added missing subtype to list --- .../shibboleth/admin/ui/domain/filters/MetadataFilter.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java index c566576df..29612b15d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/MetadataFilter.java @@ -36,7 +36,8 @@ @JsonSubTypes.Type(value=EntityAttributesFilter.class, name="EntityAttributes"), @JsonSubTypes.Type(value=SignatureValidationFilter.class, name="SignatureValidation"), @JsonSubTypes.Type(value=RequiredValidUntilFilter.class, name="RequiredValidUntil"), - @JsonSubTypes.Type(value=NameIdFormatFilter.class, name="NameIDFormat")}) + @JsonSubTypes.Type(value=NameIdFormatFilter.class, name="NameIDFormat"), + @JsonSubTypes.Type(value=AlgorithmFilter.class, name="Algorithm")}) @Audited @AuditOverride(forClass = AbstractAuditable.class) public abstract class MetadataFilter extends AbstractAuditable implements IConcreteMetadataFilterType, IActivatable { From 57d5f6f37e4a8b7aa5338115359d82fd90f2ff0a Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 11 Aug 2022 15:15:01 -0700 Subject: [PATCH 09/23] Added validation for algorithm filter --- .../main/resources/i18n/messages.properties | 1 + ui/src/app/core/components/ProtectRoute.js | 2 +- .../app/core/components/ProtectRoute.test.js | 3 ++- .../form/component/widgets/SelectWidget.js | 4 ++++ .../definition/AlgorithmFilterDefinition.js | 24 +++++++++++++++++-- 5 files changed, 30 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 3f23fc105..2cb49fb3d 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -741,3 +741,4 @@ value.algorithm-cbc-256=CBC (256) - http://www.w3.org/2001/04/xmlenc#aes256-cbc value.algorithm-cbc-192=CBC (192) - http://www.w3.org/2001/04/xmlenc#aes192-cbc value.algorithm-cbc-128=CBC (128) - http://www.w3.org/2001/04/xmlenc#aes128-cbc value.algorithm-cbc-tripledes=CBC (TRIPLEDES) - http://www.w3.org/2001/04/xmlenc#tripledes-cbc +message.algorithms-unique=Each algorithm may only be used once. \ No newline at end of file diff --git a/ui/src/app/core/components/ProtectRoute.js b/ui/src/app/core/components/ProtectRoute.js index 68420b3b9..77133d9e7 100644 --- a/ui/src/app/core/components/ProtectRoute.js +++ b/ui/src/app/core/components/ProtectRoute.js @@ -7,7 +7,7 @@ import { useCurrentUser, useIsAdmin } from '../user/UserContext'; export function ProtectRoute({ children, redirectTo, ...rest }) { const user = useCurrentUser(); const isAdmin = useIsAdmin(); - if (isUndefined(user.role)) { + if (isUndefined(user?.role)) { return <> } return isAdmin ? children : ; diff --git a/ui/src/app/core/components/ProtectRoute.test.js b/ui/src/app/core/components/ProtectRoute.test.js index 0edd7662e..477707774 100644 --- a/ui/src/app/core/components/ProtectRoute.test.js +++ b/ui/src/app/core/components/ProtectRoute.test.js @@ -6,7 +6,8 @@ import { ProtectRoute } from './ProtectRoute'; const mockIsAdmin = jest.fn(); jest.mock('../user/UserContext', () => ({ - useIsAdmin: () => mockIsAdmin() + useIsAdmin: () => mockIsAdmin(), + useCurrentUser: () => ({role: 'ROLE_ADMIN'}), })); const renderWithRouter = (ui, { route = '/' } = {}) => { diff --git a/ui/src/app/form/component/widgets/SelectWidget.js b/ui/src/app/form/component/widgets/SelectWidget.js index 2bf62bb2d..57f18b532 100644 --- a/ui/src/app/form/component/widgets/SelectWidget.js +++ b/ui/src/app/form/component/widgets/SelectWidget.js @@ -61,6 +61,7 @@ const SelectWidget = ({ onFocus, placeholder, rawErrors = [], + uiSchema, }) => { const { enumOptions, enumDisabled } = options; @@ -120,6 +121,9 @@ const SelectWidget = ({ onChange={(event) => { const newValue = getValue(event, multiple); onChange(processValue(schema, newValue)); + if (uiSchema.checkOnChange) { + setTouched(true); + } }}> {!multiple && schema.default === undefined && ( diff --git a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js index 51e3fa846..5d19288fb 100644 --- a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js +++ b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js @@ -11,7 +11,10 @@ export const AlgorithmFilterWizard = { }, algorithms: { "ui:options": { - orderable: false + orderable: false, + }, + items: { + checkOnChange: true } } }, BaseFilterDefinition.uiSchema), @@ -21,7 +24,24 @@ export const AlgorithmFilterWizard = { // schema: `${BASE_PATH}assets/schema/filter/algorithm.schema.json`, steps: [], validator: (data = [], current = { resourceId: null }, group) => { - return BaseFilterDefinition.validator(data, current, group, 'algorithmFilterTarget', 'algorithmFilterTargetType') + const base = BaseFilterDefinition.validator(data, current, group, 'algorithmFilterTarget', 'algorithmFilterTargetType'); + + return (formData, errors) => { + const errorList = base(formData, errors); + const { algorithms } = formData; + + const dupes = algorithms.filter((item, index) => index !== algorithms.indexOf(item)); + + if (dupes.length) { + algorithms.forEach((value, index) => { + if (dupes.indexOf(value) > -1) { + errors.algorithms[index].addError('message.algorithms-unique'); + } + }); + } + + return errorList; + } }, formatter: (changes) => ({ ...changes, From 136f35b3de5aad50c91ca08bd788314c0bc5321e Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 15 Aug 2022 14:59:04 -0700 Subject: [PATCH 10/23] SHIBUI-2333 Added logic to correctly support IDP logout Former-commit-id: dc92857b78f0f8ca91de34ae16fbf2f5e7584c71 --- .../shibui/pac4j/Pac4jConfiguration.java | 34 ++++++++++++------- .../pac4j/Pac4jConfigurationProperties.java | 1 + .../net/unicon/shibui/pac4j/WebSecurity.java | 18 ++++++++-- testbed/authentication/shibui/application.yml | 1 + 4 files changed, 38 insertions(+), 16 deletions(-) diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java index fd018d4b6..5853da065 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java @@ -8,6 +8,7 @@ import net.unicon.shibui.pac4j.authenticator.ShibuiSAML2Authenticator; import org.pac4j.core.client.Clients; import org.pac4j.core.config.Config; +import org.pac4j.core.engine.LogoutLogic; import org.pac4j.core.matching.matcher.PathMatcher; import org.pac4j.core.profile.definition.CommonProfileDefinition; import org.pac4j.http.client.direct.HeaderClient; @@ -69,32 +70,39 @@ public Config config(final Pac4jConfigurationProperties pac4jConfigProps, case "SAML2": default: log.info("**** Configuring PAC4J SAML2"); - final SAML2Configuration saml2Config = new SAML2Configuration(); - saml2Config.setKeystorePath(pac4jConfigProps.getKeystorePath()); - saml2Config.setKeystorePassword(pac4jConfigProps.getKeystorePassword()); - saml2Config.setPrivateKeyPassword(pac4jConfigProps.getPrivateKeyPassword()); - saml2Config.setIdentityProviderMetadataPath(pac4jConfigProps.getIdentityProviderMetadataPath()); - saml2Config.setMaximumAuthenticationLifetime(pac4jConfigProps.getMaximumAuthenticationLifetime()); - saml2Config.setServiceProviderEntityId(pac4jConfigProps.getServiceProviderEntityId()); - saml2Config.setServiceProviderMetadataPath(pac4jConfigProps.getServiceProviderMetadataPath()); - saml2Config.setForceServiceProviderMetadataGeneration(pac4jConfigProps.isForceServiceProviderMetadataGeneration()); - saml2Config.setWantsAssertionsSigned(pac4jConfigProps.isWantAssertionsSigned()); - saml2Config.setAttributeAsId(pac4jConfigProps.getSimpleProfileMapping().getUsername()); + final SAML2Configuration saml2Config = buildSaml2ConfigFromPac4JConfiguration(pac4jConfigProps); + final SAML2Client saml2Client = new SAML2Client(saml2Config); + saml2Client.setName(PAC4J_CLIENT_NAME); saml2Client.addAuthorizationGenerator(saml2ModelAuthorizationGenerator); SAML2Authenticator saml2Authenticator = new ShibuiSAML2Authenticator(saml2Config.getAttributeAsId(), saml2Config.getMappedAttributes(), userService); saml2Authenticator.setProfileDefinition(new CommonProfileDefinition(p -> new BetterSAML2Profile(pac4jConfigProps.getSimpleProfileMapping()))); saml2Client.setAuthenticator(saml2Authenticator); - saml2Client.setName(PAC4J_CLIENT_NAME); clients.setClients(saml2Client); break; } config.setClients(clients); return config; } - + + private SAML2Configuration buildSaml2ConfigFromPac4JConfiguration(Pac4jConfigurationProperties pac4jConfigProps) { + SAML2Configuration saml2Config = new SAML2Configuration(); + saml2Config.setKeystorePath(pac4jConfigProps.getKeystorePath()); + saml2Config.setKeystorePassword(pac4jConfigProps.getKeystorePassword()); + saml2Config.setPrivateKeyPassword(pac4jConfigProps.getPrivateKeyPassword()); + saml2Config.setIdentityProviderMetadataPath(pac4jConfigProps.getIdentityProviderMetadataPath()); + saml2Config.setMaximumAuthenticationLifetime(pac4jConfigProps.getMaximumAuthenticationLifetime()); + saml2Config.setServiceProviderEntityId(pac4jConfigProps.getServiceProviderEntityId()); + saml2Config.setServiceProviderMetadataPath(pac4jConfigProps.getServiceProviderMetadataPath()); + saml2Config.setForceServiceProviderMetadataGeneration(pac4jConfigProps.isForceServiceProviderMetadataGeneration()); + saml2Config.setWantsAssertionsSigned(pac4jConfigProps.isWantAssertionsSigned()); + saml2Config.setAttributeAsId(pac4jConfigProps.getSimpleProfileMapping().getUsername()); + saml2Config.setPostLogoutURL(pac4jConfigProps.getPostLogoutURL()); + return saml2Config; + } + @Bean public ErrorPageRegistrar errorPageRegistrar() { return this::registerErrorPages; diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java index 30311ba84..19507d1c0 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java @@ -29,6 +29,7 @@ public class Pac4jConfigurationProperties { private String serviceProviderEntityId = "https://unicon.net/shibui"; private String serviceProviderMetadataPath = "/tmp/sp-metadata.xml"; private String typeOfAuth = "SAML2"; + private String postLogoutURL; private boolean wantAssertionsSigned = true; diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java index 884569ac7..00383f770 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java @@ -5,10 +5,12 @@ import edu.internet2.tier.shibboleth.admin.ui.security.service.IRolesService; import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import edu.internet2.tier.shibboleth.admin.ui.service.EmailService; +import org.jadira.usertype.spi.utils.lang.StringUtils; import org.pac4j.core.authorization.authorizer.DefaultAuthorizers; import org.pac4j.core.config.Config; import org.pac4j.core.matching.matcher.Matcher; import org.pac4j.springframework.security.web.CallbackFilter; +import org.pac4j.springframework.security.web.LogoutFilter; import org.pac4j.springframework.security.web.SecurityFilter; import org.springframework.boot.autoconfigure.AutoConfigureAfter; import org.springframework.boot.autoconfigure.AutoConfigureOrder; @@ -67,9 +69,19 @@ protected void configure(HttpSecurity http) throws Exception { // adding the authorizor bypasses the default behavior of checking CSRF in Pac4J's default securitylogic+defaultauthorizationchecker final SecurityFilter securityFilter = new SecurityFilter(this.config, PAC4J_CLIENT_NAME, DefaultAuthorizers.IS_AUTHENTICATED); - // add filter based on auth type - http.antMatcher("/**").addFilterBefore(getFilter(config, pac4jConfigurationProperties.getTypeOfAuth()), BasicAuthenticationFilter.class); + final LogoutFilter logoutFilter = new LogoutFilter(config); + logoutFilter.setLocalLogout(Boolean.TRUE); + if (StringUtils.isNotEmpty(pac4jConfigurationProperties.getPostLogoutURL())){ + logoutFilter.setSuffix("login"); // "logout" is redirected before we ever hit the filters - sent to /login?logout + logoutFilter.setCentralLogout(Boolean.TRUE); + logoutFilter.setDefaultUrl(pac4jConfigurationProperties.getPostLogoutURL()); + } + + // add filters + http.antMatcher("/**").addFilterBefore(logoutFilter, BasicAuthenticationFilter.class); + http.antMatcher("/**").addFilterBefore(getFilter(pac4jConfigurationProperties.getTypeOfAuth()), BasicAuthenticationFilter.class); http.antMatcher("/**").addFilterBefore(securityFilter, BasicAuthenticationFilter.class); + // add the new user filter http.addFilterAfter(new AddNewUserFilter(pac4jConfigurationProperties, userService, rolesService, getPathMatcher("exclude-paths-matcher"), groupService, emailService), SecurityFilter.class); @@ -84,7 +96,7 @@ private Matcher getPathMatcher(String name) { return config.getMatchers().get(name); } - private Filter getFilter(Config config2, String typeOfAuth) { + private Filter getFilter(String typeOfAuth) { switch (typeOfAuth) { case "SAML2": return new CallbackFilter(this.config); diff --git a/testbed/authentication/shibui/application.yml b/testbed/authentication/shibui/application.yml index 14085a9b7..cb789f06c 100644 --- a/testbed/authentication/shibui/application.yml +++ b/testbed/authentication/shibui/application.yml @@ -18,6 +18,7 @@ shibui: forceServiceProviderMetadataGeneration: true callbackUrl: "https://shibui.unicon.local/callback" maximumAuthenticationLifetime: 3600000 + postLogoutURL: "https://idp.unicon.local/idp/profile/Logout" simpleProfileMapping: username: urn:oid:0.9.2342.19200300.100.1.1 firstName: urn:oid:2.5.4.42 From 6fd4e8dfa0e1bd0650758ca6d6205b3221929cfc Mon Sep 17 00:00:00 2001 From: chasegawa Date: Mon, 15 Aug 2022 15:15:03 -0700 Subject: [PATCH 11/23] SHIBUI-2333 Added logic to correctly support IDP logout Former-commit-id: 3c212397b7c31755739ef36aaaa9b7cce65cebce --- backend/src/main/resources/application.yml | 1 + .../main/java/net/unicon/shibui/pac4j/WebSecurity.java | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index ffeab970c..0d2308307 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -22,6 +22,7 @@ # identityProviderMetadataPath: "/etc/shibui/idp-metadata.xml" # forceServiceProviderMetadataGeneration: false # callbackUrl: "https://localhost:8443/callback" +# postLogoutURL: "https://idp.example.com/idp/profile/Logout" # Must set this to get IDP logout # maximumAuthenticationLifetime: 3600000 # requireAssertedRoleForNewUsers: false # saml2ProfileMapping: diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java index 00383f770..cc5ce8e25 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java @@ -66,19 +66,20 @@ public Pac4jWebSecurityConfigurerAdapter(final Config config, UserService userSe protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/unsecured/**/*").permitAll(); - // adding the authorizor bypasses the default behavior of checking CSRF in Pac4J's default securitylogic+defaultauthorizationchecker + // adding the authorizer bypasses the default behavior of checking CSRF in Pac4J's default securitylogic+defaultauthorizationchecker final SecurityFilter securityFilter = new SecurityFilter(this.config, PAC4J_CLIENT_NAME, DefaultAuthorizers.IS_AUTHENTICATED); - final LogoutFilter logoutFilter = new LogoutFilter(config); - logoutFilter.setLocalLogout(Boolean.TRUE); + // If the post logout URL is configured, setup the logout filter if (StringUtils.isNotEmpty(pac4jConfigurationProperties.getPostLogoutURL())){ + final LogoutFilter logoutFilter = new LogoutFilter(config); + logoutFilter.setLocalLogout(Boolean.TRUE); logoutFilter.setSuffix("login"); // "logout" is redirected before we ever hit the filters - sent to /login?logout logoutFilter.setCentralLogout(Boolean.TRUE); logoutFilter.setDefaultUrl(pac4jConfigurationProperties.getPostLogoutURL()); + http.antMatcher("/**").addFilterBefore(logoutFilter, BasicAuthenticationFilter.class); } // add filters - http.antMatcher("/**").addFilterBefore(logoutFilter, BasicAuthenticationFilter.class); http.antMatcher("/**").addFilterBefore(getFilter(pac4jConfigurationProperties.getTypeOfAuth()), BasicAuthenticationFilter.class); http.antMatcher("/**").addFilterBefore(securityFilter, BasicAuthenticationFilter.class); From c810e209539ab12824daac6b3475c14ea31ffac3 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 16 Aug 2022 09:26:51 -0700 Subject: [PATCH 12/23] SHIBUI-1699 Correcting date format output for versions to match the date format supplied to the UI in the rest of the application Former-commit-id: b407e5bf3268323f302092f92f19e8b828953181 --- .../tier/shibboleth/admin/ui/domain/versioning/Version.java | 4 ++-- .../versioning/VersionJsonSerializationBasicTests.groovy | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/Version.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/Version.java index 100b0fdbd..55fc0566d 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/Version.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/Version.java @@ -26,9 +26,9 @@ public class Version implements Serializable { private String creator; - @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'") + @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSSSS") private ZonedDateTime date; private static final long serialVersionUID = 3429591830989243421L; -} +} \ No newline at end of file diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/VersionJsonSerializationBasicTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/VersionJsonSerializationBasicTests.groovy index b7fecdf4d..2ceb78df6 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/VersionJsonSerializationBasicTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/domain/versioning/VersionJsonSerializationBasicTests.groovy @@ -27,7 +27,7 @@ class VersionJsonSerializationBasicTests extends Specification { { "id": "2", "creator": "kramer", - "date": "2019-05-20T15:00:00.574Z" + "date": "2019-05-20T15:00:00.574000" } """ def expectedJsonMap = jsonSlurper.parseText(expectedJson) @@ -40,4 +40,4 @@ class VersionJsonSerializationBasicTests extends Specification { deSerializedJsonMap.id == expectedJsonMap.id deSerializedJsonMap.creator == expectedJsonMap.creator } -} +} \ No newline at end of file From ec9814f06503988ae4a6498ad42cb37a76b00a1e Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 16 Aug 2022 15:51:45 -0700 Subject: [PATCH 13/23] Fixed bug --- backend/src/main/resources/i18n/messages.properties | 3 ++- ui/src/app/form/component/fields/FilterTargetField.js | 2 +- .../domain/filter/definition/AlgorithmFilterDefinition.js | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 0a03daf3f..92f1edb6f 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -293,7 +293,7 @@ label.or=or label.name-and-upload-url=Name and Upload Url label.service-resolver-file=Select Provider Metadata File label.service-resolver-metadata-url=Service Provider Metadata URL -label.search-criteria-by=The value used to search against, such as a regex pattern or entityID to match against. +label.search-criteria-by=Search Criteria by { displayType } label.entity-ids-added=Entity Ids Added label.ui-mdui-info=User Interface / MDUI Information label.sp-sso-descriptor-info=SP SSO Descriptor Information @@ -753,6 +753,7 @@ tooltip.external-description=A brief description of the purpose of this filter. label.algorithm=Algorithm tooltip.algorithm=Block encryption algorithms are designed for encrypting and decrypting data in fixed size, multiple octet blocks. +tooltip.search-criteria-by=The value used to search against, such as a regex pattern or entityID to match against. value.algorithm-gcm-256=GCM (256) - http://www.w3.org/2009/xmlenc11#aes256-gcm value.algorithm-gcm-192=GCM (192) - http://www.w3.org/2009/xmlenc11#aes192-gcm diff --git a/ui/src/app/form/component/fields/FilterTargetField.js b/ui/src/app/form/component/fields/FilterTargetField.js index 59c6ab178..f78c522dd 100644 --- a/ui/src/app/form/component/fields/FilterTargetField.js +++ b/ui/src/app/form/component/fields/FilterTargetField.js @@ -171,7 +171,7 @@ const FilterTargetField = ({ - +
diff --git a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js index 5d19288fb..8b206b1c4 100644 --- a/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js +++ b/ui/src/app/metadata/domain/filter/definition/AlgorithmFilterDefinition.js @@ -28,7 +28,7 @@ export const AlgorithmFilterWizard = { return (formData, errors) => { const errorList = base(formData, errors); - const { algorithms } = formData; + const { algorithms = [] } = formData; const dupes = algorithms.filter((item, index) => index !== algorithms.indexOf(item)); From 96c90b0dafb2697419cdb34157384146726a6ed6 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 17 Aug 2022 11:13:17 -0700 Subject: [PATCH 14/23] SHIBUI-2268 Resolving XML issue seeing a single resolver in XML --- .../JPAMetadataResolverServiceImpl.groovy | 39 +++++++++++++++++++ .../MetadataResolversController.java | 17 ++++++++ .../ui/service/MetadataResolverService.java | 2 + 3 files changed, 58 insertions(+) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 2ac4ecafe..cc7bc869e 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -550,6 +550,45 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { } } + @Override + Document generateSingleMetadataConfiguration(edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver mr) { + new StringWriter().withCloseable { writer -> + def xml = new MarkupBuilder(writer) + xml.omitEmptyAttributes = true + xml.omitNullAttributes = true + + xml.MetadataProvider(id: 'ShibbolethIdPUIGeneratedMetadata', + xmlns: 'urn:mace:shibboleth:2.0:metadata', + 'xmlns:xsi': 'http://www.w3.org/2001/XMLSchema-instance', + 'xsi:type': 'ChainingMetadataProvider', + 'xsi:schemaLocation': 'urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd' + ) { + // We do not currently marshall the internal incommon chaining resolver (with BaseMetadataResolver type) + // We do not want to include the custom type: ExternalMetadataResolver + if ((mr.type != 'BaseMetadataResolver') && (mr.type != 'ExternalMetadataResolver') && (mr.enabled)) { + constructXmlNodeForResolver(mr, delegate) { + //TODO: enhance + def didNamespaceProtectionFilter = !(shibUIConfiguration.protectedAttributeNamespaces && shibUIConfiguration.protectedAttributeNamespaces.size() > 0) + def doNamespaceProtectionFilter = { def filter -> + if (mr.type in ['FileBackedMetadataResolver', 'DynamicHttpMetadataResolver'] && (filter == null || filter instanceof EntityAttributesFilter) && !didNamespaceProtectionFilter) { + constructXmlNodeForEntityAttributeNamespaceProtection(delegate) + didNamespaceProtectionFilter = true + } + } + mr.metadataFilters.each { edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter filter -> + if (filter.isFilterEnabled()) { + doNamespaceProtectionFilter() + constructXmlNodeForFilter(filter, delegate) + } + } + doNamespaceProtectionFilter() + } + } + } + return DOMBuilder.newInstance().parseText(writer.toString()) + } + } + @Override Document generateExternalMetadataFilterConfiguration() { // TODO: this can probably be a better writer diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java index 6a11f07a2..1b030ad74 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataResolversController.java @@ -35,6 +35,7 @@ import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; @@ -102,6 +103,22 @@ public ResponseEntity getXml() throws IOException, TransformerException { } } + @GetMapping(value = "/MetadataResolvers/{resourceId}", produces = "application/xml") + @Transactional(readOnly = true) + public ResponseEntity getOneXml(@PathVariable String resourceId) throws TransformerException { + MetadataResolver resolver = resolverRepository.findByResourceId(resourceId); + if (resolver == null) { + return ResponseEntity.notFound().build(); + } + StringWriter writer = new StringWriter(); + Transformer transformer = TransformerFactory.newInstance().newTransformer(); + transformer.setOutputProperty(OutputKeys.INDENT, "yes"); + transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2"); + + transformer.transform(new DOMSource(metadataResolverService.generateSingleMetadataConfiguration(resolver)), new StreamResult(writer)); + return ResponseEntity.ok(writer.toString()); + } + @GetMapping(value = "/MetadataResolvers/External", produces = "application/xml") @Transactional(readOnly = true) public ResponseEntity getExternalXml() throws IOException, TransformerException { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java index d851cd021..6c921509e 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/MetadataResolverService.java @@ -14,6 +14,8 @@ public interface MetadataResolverService { public Document generateConfiguration(); + public Document generateSingleMetadataConfiguration(MetadataResolver mr); + public void reloadFilters(String metadataResolverName); public MetadataResolver updateMetadataResolverEnabledStatus(MetadataResolver existingResolver) throws ForbiddenException, MetadataFileNotFoundException, InitializationException; From c108bfd87456993d1794f2077adb936a62d88718 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Wed, 17 Aug 2022 11:30:02 -0700 Subject: [PATCH 15/23] SHIBUI-2268 fixed test issue --- .../ui/controller/MetadataFiltersControllerTests.groovy | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy index 82bee21b2..2820533e9 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersControllerTests.groovy @@ -90,6 +90,11 @@ class MetadataFiltersControllerTests extends AbstractBaseDataJpaTest { return null } + @Override + Document generateSingleMetadataConfiguration(MetadataResolver mr) { + return null + } + @Override MetadataResolver updateMetadataResolverEnabledStatus(MetadataResolver existingResolver) throws ForbiddenException, MetadataFileNotFoundException, InitializationException { // This won't get called From 3421484d35aa705d5d888b794f104b82bce212b3 Mon Sep 17 00:00:00 2001 From: chasegawa Date: Tue, 23 Aug 2022 14:02:35 -0700 Subject: [PATCH 16/23] SHIBUI-2270 SHIBUI-2354 fixing display issue for filter target type --- .../service/JPAMetadataResolverServiceImpl.groovy | 2 +- .../ui/domain/filters/AlgorithmFilterTarget.java | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index cc7bc869e..ddd925e7c 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -114,7 +114,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { method.setAlgorithm(algValue) mkp.yieldUnescaped(openSamlObjects.marshalToXmlString(method, false)) } - switch (filter.algorithmFilterTarget.targetType) { + switch (filter.algorithmFilterTarget.algorithmFilterTargetType) { case AlgorithmFilterTarget.AlgorithmFilterTargetType.ENTITY: filter.algorithmFilterTarget.value.each { Entity(it) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java index 0b881a987..8a80dba6a 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/AlgorithmFilterTarget.java @@ -1,9 +1,12 @@ package edu.internet2.tier.shibboleth.admin.ui.domain.filters; +import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable; import edu.internet2.tier.shibboleth.admin.ui.domain.filters.AbstractFilterTarget; import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; import lombok.ToString; import org.hibernate.envers.AuditOverride; import org.hibernate.envers.Audited; @@ -17,15 +20,14 @@ @AuditOverride(forClass = AbstractAuditable.class) @JsonIgnoreProperties({"handler", "hibernateLazyInitializer"}) public class AlgorithmFilterTarget extends AbstractFilterTarget { - private AlgorithmFilterTargetType targetType; + @Getter + @Setter + private AlgorithmFilterTargetType algorithmFilterTargetType; @Override + @JsonIgnore public String getTargetTypeValue() { - return targetType == null ? "NONE" : targetType.name(); - } - - public void setAlgorithmFilterTargetType(AlgorithmFilterTargetType type) { - this.targetType = type; + return algorithmFilterTargetType == null ? "NONE" : algorithmFilterTargetType.name(); } public enum AlgorithmFilterTargetType { From c6c28d495b7c7649765af3a5afee70cd786a9dc7 Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 23 Aug 2022 21:55:42 -0400 Subject: [PATCH 17/23] SHIBUI-2268 Added CRUD test for algorithm filter. --- .../internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy index 363f1a06f..beb593a70 100644 --- a/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy +++ b/backend/src/integration/groovy/edu/internet2/tier/shibboleth/admin/ui/SeleniumSIDETest.groovy @@ -157,6 +157,7 @@ class SeleniumSIDETest extends Specification { 'SHIBUI-1674: Verify metadata source tooltips' | '/SHIBUI-1674-1.side' 'SHIBUI-1674: Verify metadata provider tooltips' | '/SHIBUI-1674-2.side' 'SHIBUI-1674: Verify advanced menu tooltips' | '/SHIBUI-1674-3.side' + 'SHIBUI-2268: Verify Algorithm Filter' | '/SHIBUI-2268.side' 'SHIBUI-2269: Verify XML generation of external filters' | '/SHIBUI-2269.side' } } From ca300d7ad54c1cf85d1d3f23e38c3042e24e71d6 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Wed, 24 Aug 2022 07:14:41 -0700 Subject: [PATCH 18/23] Fixed label issue --- ui/src/app/metadata/component/properties/PropertyValue.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/src/app/metadata/component/properties/PropertyValue.js b/ui/src/app/metadata/component/properties/PropertyValue.js index 8e5beb226..ef2e89e59 100644 --- a/ui/src/app/metadata/component/properties/PropertyValue.js +++ b/ui/src/app/metadata/component/properties/PropertyValue.js @@ -14,7 +14,7 @@ export function PropertyValue ({ name, value, columns, className }) { { name && value !== null && value !== undefined ? - {value.toString()} + {value.toString()} )}> Date: Wed, 24 Aug 2022 17:38:24 -0400 Subject: [PATCH 19/23] SHIBUI-2268 Added the selenium test SIDE file that I forgot to include in my previous commit. --- .../integration/resources/SHIBUI-2268.side | 995 ++++++++++++++++++ 1 file changed, 995 insertions(+) create mode 100644 backend/src/integration/resources/SHIBUI-2268.side diff --git a/backend/src/integration/resources/SHIBUI-2268.side b/backend/src/integration/resources/SHIBUI-2268.side new file mode 100644 index 000000000..a9533b8c8 --- /dev/null +++ b/backend/src/integration/resources/SHIBUI-2268.side @@ -0,0 +1,995 @@ +{ + "id": "1b31a551-eb09-4bd4-8db9-694bf1539a46", + "version": "2.0", + "name": "SHIBUI-2268", + "url": "http://localhost:10101", + "tests": [{ + "id": "841ade0e-83bd-4a4b-94f2-de6bd5c536b2", + "name": "SHIBUI-2268", + "commands": [{ + "id": "d6b23986-6d14-4b10-be7b-a7e6f576e3b2", + "comment": "", + "command": "open", + "target": "/login", + "targets": [], + "value": "" + }, { + "id": "f77ecd77-01c2-4463-944e-1a69600f5297", + "comment": "", + "command": "type", + "target": "name=username", + "targets": [ + ["name=username", "name"], + ["css=tr:nth-child(1) input", "css:finder"], + ["xpath=//input[@name='username']", "xpath:attributes"], + ["xpath=//input", "xpath:position"] + ], + "value": "admin" + }, { + "id": "c9bf0a22-faa9-494c-b2ed-6c9653248551", + "comment": "", + "command": "type", + "target": "name=password", + "targets": [ + ["name=password", "name"], + ["css=tr:nth-child(2) input", "css:finder"], + ["xpath=//input[@name='password']", "xpath:attributes"], + ["xpath=//tr[2]/td[2]/input", "xpath:position"] + ], + "value": "adminpass" + }, { + "id": "7ab1d854-3582-4101-bd19-f94b8f438090", + "comment": "", + "command": "sendKeys", + "target": "name=password", + "targets": [ + ["name=password", "name"], + ["css=tr:nth-child(2) input", "css:finder"], + ["xpath=//input[@name='password']", "xpath:attributes"], + ["xpath=//tr[2]/td[2]/input", "xpath:position"] + ], + "value": "${KEY_ENTER}" + }, { + "id": "4059cae7-b9f9-49d0-a213-343bcaba66d1", + "comment": "", + "command": "waitForElementVisible", + "target": "id=metadata-nav-dropdown-toggle", + "targets": [], + "value": "30000" + }, { + "id": "f03af8d5-5875-4a2c-b93a-c3ddcbd4b16a", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "081f495b-4d84-4758-824c-1e85b6311e7f", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }, { + "id": "9e912dd5-6ace-45be-bafd-2d1655906575", + "comment": "", + "command": "open", + "target": "/", + "targets": [], + "value": "" + }, { + "id": "ad3811ad-f95b-4cca-a5d9-63a10063a652", + "comment": "", + "command": "click", + "target": "id=metadata-nav-dropdown-toggle", + "targets": [ + ["id=metadata-nav-dropdown-toggle", "id"], + ["css=#metadata-nav-dropdown-toggle", "css:finder"], + ["xpath=//button[@id='metadata-nav-dropdown-toggle']", "xpath:attributes"], + ["xpath=//div[@id='metadata-nav-dropdown']/button", "xpath:idRelative"], + ["xpath=//div[2]/button", "xpath:position"], + ["xpath=//button[contains(.,'Add New')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "c47bd884-187f-4702-9a9d-0155cf2c61a0", + "comment": "", + "command": "click", + "target": "id=metadata-nav-dropdown-provider", + "targets": [ + ["id=metadata-nav-dropdown-provider", "id"], + ["linkText=Add a new metadata provider", "linkText"], + ["css=#metadata-nav-dropdown-provider", "css:finder"], + ["xpath=//a[contains(text(),'Add a new metadata provider')]", "xpath:link"], + ["xpath=//a[@id='metadata-nav-dropdown-provider']", "xpath:attributes"], + ["xpath=//div[@id='metadata-nav-dropdown']/div/a[2]", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/provider/new')]", "xpath:href"], + ["xpath=//a[2]", "xpath:position"], + ["xpath=//a[contains(.,'Add a new metadata provider')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "14908519-6a02-48db-b35c-c31895bbc693", + "comment": "", + "command": "type", + "target": "name=name", + "targets": [ + ["name=name", "name"], + ["css=.form-control", "css:finder"], + ["xpath=//input[@name='name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/div/form/div/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] + ], + "value": "FBHMR" + }, { + "id": "60f88cda-2d8a-4921-b712-9bfde45ae64d", + "comment": "", + "command": "select", + "target": "name=type", + "targets": [], + "value": "label=FileBackedHttpMetadataResolver" + }, { + "id": "8f939d91-fb81-4cb6-a37e-3d6bbca9c2e7", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/nav/ul/li[2]/button/span", "xpath:idRelative"], + ["xpath=//li[2]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'2. Common Attributes')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "a17b7150-4228-4301-a996-18eb930b553d", + "comment": "", + "command": "type", + "target": "id=root_xmlId", + "targets": [ + ["id=root_xmlId", "id"], + ["css=#root_xmlId", "css:finder"], + ["xpath=//input[@id='root_xmlId']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[2]/div/div/div/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] + ], + "value": "1" + }, { + "id": "8fd7f246-f96f-40eb-b899-7dfda17b3113", + "comment": "", + "command": "type", + "target": "id=root_metadataURL", + "targets": [ + ["id=root_metadataURL", "id"], + ["css=#root_metadataURL", "css:finder"], + ["xpath=//input[@id='root_metadataURL']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[2]/div[2]/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/input", "xpath:position"] + ], + "value": "https://idp.unicon.net/idp/shibboleth" + }, { + "id": "a056da7c-811f-47b5-894f-fd110aac9ec5", + "comment": "", + "command": "type", + "target": "id=root_backingFile", + "targets": [ + ["id=root_backingFile", "id"], + ["css=#root_backingFile", "css:finder"], + ["xpath=//input[@id='root_backingFile']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[2]/div[4]/div/div/input", "xpath:idRelative"], + ["xpath=//div[4]/div/div/input", "xpath:position"] + ], + "value": "%{idp.home}/foo" + }, { + "id": "57bf7cfe-5677-4a44-ae97-afa123b56d17", + "comment": "", + "command": "click", + "target": "id=option-selector-root_backupFileInitNextRefreshDelay", + "targets": [ + ["id=option-selector-root_backupFileInitNextRefreshDelay", "id"], + ["css=#option-selector-root_backupFileInitNextRefreshDelay", "css:finder"], + ["xpath=//input[@id='option-selector-root_backupFileInitNextRefreshDelay']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div/form/div/div/div/div/div[2]/div[5]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/input", "xpath:position"] + ], + "value": "" + }, { + "id": "2941c513-6f49-4681-af06-4e8cdb9916d2", + "comment": "", + "command": "click", + "target": "id=option-selector-items-root_backupFileInitNextRefreshDelay-item-2", + "targets": [ + ["id=option-selector-items-root_backupFileInitNextRefreshDelay-item-2", "id"], + ["linkText=PT30S", "linkText"], + ["css=#option-selector-items-root_backupFileInitNextRefreshDelay-item-2", "css:finder"], + ["xpath=//a[@id='option-selector-items-root_backupFileInitNextRefreshDelay-item-2']", "xpath:attributes"], + ["xpath=//div[@id='option-selector-items-root_backupFileInitNextRefreshDelay']/a[3]", "xpath:idRelative"], + ["xpath=(//a[contains(@href, '#')])[3]", "xpath:href"], + ["xpath=//a[3]", "xpath:position"], + ["xpath=//a[contains(.,'PT30S')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "bef48138-60ec-44e5-b9f9-72ad9280edfb", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'3. Reloading Attributes')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "2c6543c6-b4c6-42a8-8960-92955125635f", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'4. Metadata Filter Plugins')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "f309e7b3-5379-45c3-9dc2-93c9a98f4d48", + "comment": "", + "command": "click", + "target": "css=.next", + "targets": [ + ["css=.label:nth-child(1)", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div/nav/ul/li[3]/button/span", "xpath:idRelative"], + ["xpath=//li[3]/button/span", "xpath:position"], + ["xpath=//span[contains(.,'5. Finished!')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "a844a1e3-61c3-4b09-9923-0dd29b1ae090", + "comment": "", + "command": "click", + "target": "css=.save", + "targets": [], + "value": "" + }, { + "id": "f49a10af-88be-447f-84a5-a47126158a72", + "comment": "", + "command": "click", + "target": "linkText=FBHMR", + "targets": [ + ["linkText=FBHMR", "linkText"], + ["css=.align-middle > a", "css:finder"], + ["xpath=//a[contains(text(),'FBHMR')]", "xpath:link"], + ["xpath=//div[@id='root']/div/main/div/section/div/div[2]/div/div/div/table/tbody/tr/td[2]/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/provider/b5adf5e8-a494-49c8-ae1b-5e9cb2e4acc4/configuration/options')]", "xpath:href"], + ["xpath=//td[2]/a", "xpath:position"], + ["xpath=//a[contains(.,'FBHMR')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "1cb419ae-3b96-486e-bb7d-326d6116b7f7", + "comment": "", + "command": "click", + "target": "css=.btn-link:nth-child(2)", + "targets": [ + ["css=.btn-link:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='navigation']/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Filters')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "88556432-8cdb-4cd3-a933-28db3b7b1c8f", + "comment": "", + "command": "click", + "target": "linkText=Add Filter", + "targets": [ + ["linkText=Add Filter", "linkText"], + ["css=#filters .btn", "css:finder"], + ["xpath=//div[@id='filters']/div/div/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/provider/b5adf5e8-a494-49c8-ae1b-5e9cb2e4acc4/filter/new')]", "xpath:href"], + ["xpath=//div[3]/div/div/a", "xpath:position"], + ["xpath=//a[contains(.,' Add Filter')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "60f8b3ce-19af-4369-9246-a81cf6b3728d", + "comment": "", + "command": "select", + "target": "name=type", + "targets": [], + "value": "label=Algorithm" + }, { + "id": "54495332-08c2-4e37-8898-99346632de5b", + "comment": "", + "command": "waitForElementEditable", + "target": "id=root_name", + "targets": [], + "value": "30000" + }, { + "id": "dbf26501-319b-4a0e-9b94-a2b47a8a863c", + "comment": "", + "command": "type", + "target": "id=root_name", + "targets": [ + ["id=root_name", "id"], + ["css=#root_name", "css:finder"], + ["xpath=//input[@id='root_name']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//input", "xpath:position"] + ], + "value": "Algorithm Test" + }, { + "id": "b89fdf2c-c5cc-468d-a88f-56fd752235df", + "comment": "", + "command": "type", + "target": "css=.rbt-input-main", + "targets": [ + ["css=.rbt-input-main", "css:finder"], + ["xpath=//input[@value='foo']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[3]/div/div/div/fieldset/div/div/div[2]/div/div/div/div/input", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/input", "xpath:position"] + ], + "value": "foo" + }, { + "id": "450646dd-2c5f-4b55-ae70-0971f75cf1da", + "comment": "", + "command": "click", + "target": "css=.btn-success", + "targets": [ + ["css=.btn-success", "css:finder"], + ["xpath=(//button[@type='button'])[19]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[3]/div/div/div/fieldset/div/div/div[2]/div/div[2]/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div[2]/button", "xpath:position"], + ["xpath=//button[contains(.,'Add Entity ID  ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "3d3041ca-b6e4-45fd-8394-1f129e3ec160", + "comment": "", + "command": "click", + "target": "css=.nav-link:nth-child(2)", + "targets": [ + ["css=.nav-link:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[10]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div/nav/button[2]", "xpath:idRelative"], + ["xpath=//nav/button[2]", "xpath:position"], + ["xpath=//button[contains(.,'Options')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "f69c47c5-cea9-4a01-9388-6e03279db488", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "0e591beb-3feb-4a0f-9746-0d77487ab083", + "comment": "", + "command": "click", + "target": "id=root_algorithms_0", + "targets": [ + ["id=root_algorithms_0", "id"], + ["css=#root_algorithms_0", "css:finder"], + ["xpath=//select[@id='root_algorithms_0']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "cf2b807b-4c0a-4a23-aeda-3b7865de2b96", + "comment": "", + "command": "select", + "target": "id=root_algorithms_0", + "targets": [], + "value": "label=GCM (256) - http://www.w3.org/2009/xmlenc11#aes256-gcm" + }, { + "id": "fe50f455-a2c5-492a-900c-41b2c4a4373b", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "e5789dd9-8e03-4eda-be7d-32d495b8d4a5", + "comment": "", + "command": "click", + "target": "id=root_algorithms_1", + "targets": [ + ["id=root_algorithms_1", "id"], + ["css=#root_algorithms_1", "css:finder"], + ["xpath=//select[@id='root_algorithms_1']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[2]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[2]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "0fb47623-654b-4dd1-8b03-d273cba16502", + "comment": "", + "command": "select", + "target": "id=root_algorithms_1", + "targets": [], + "value": "label=GCM (192) - http://www.w3.org/2009/xmlenc11#aes192-gcm" + }, { + "id": "579e8683-e6a9-4630-92ae-8d61885d355f", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "27c7a598-679e-450a-a71a-ecdc258ad45c", + "comment": "", + "command": "click", + "target": "id=root_algorithms_2", + "targets": [ + ["id=root_algorithms_2", "id"], + ["css=#root_algorithms_2", "css:finder"], + ["xpath=//select[@id='root_algorithms_2']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[3]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[3]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "7498fe45-5fda-49c1-bca7-2f4954346fae", + "comment": "", + "command": "select", + "target": "id=root_algorithms_2", + "targets": [], + "value": "label=GCM (128) - http://www.w3.org/2009/xmlenc11#aes128-gcm" + }, { + "id": "d777d547-3614-4a3c-99c6-dcffffea4400", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "e1145572-f207-415e-8908-500bf348e750", + "comment": "", + "command": "click", + "target": "id=root_algorithms_3", + "targets": [ + ["id=root_algorithms_3", "id"], + ["css=#root_algorithms_3", "css:finder"], + ["xpath=//select[@id='root_algorithms_3']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[4]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[4]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "d4bb89e3-f855-4ca3-9ea3-941e93219a29", + "comment": "", + "command": "select", + "target": "id=root_algorithms_3", + "targets": [], + "value": "label=CBC (256) - http://www.w3.org/2001/04/xmlenc#aes256-cbc" + }, { + "id": "b8b5241d-0712-469c-aaec-bbaf0db9ec39", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "f4b10a72-9ef4-465f-9c3c-39a8e555a748", + "comment": "", + "command": "click", + "target": "id=root_algorithms_4", + "targets": [ + ["id=root_algorithms_4", "id"], + ["css=#root_algorithms_4", "css:finder"], + ["xpath=//select[@id='root_algorithms_4']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[5]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[5]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "03ed33bd-f797-4608-83bd-ff328054cd94", + "comment": "", + "command": "select", + "target": "id=root_algorithms_4", + "targets": [], + "value": "label=CBC (192) - http://www.w3.org/2001/04/xmlenc#aes192-cbc" + }, { + "id": "209015c5-5aef-448b-b297-6c1269f3c6e3", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "2085d727-c9fc-42cd-a233-4fad48a20e78", + "comment": "", + "command": "click", + "target": "id=root_algorithms_5", + "targets": [ + ["id=root_algorithms_5", "id"], + ["css=#root_algorithms_5", "css:finder"], + ["xpath=//select[@id='root_algorithms_5']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[6]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[6]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "537feda7-72d7-4fd6-b680-c733f3577a54", + "comment": "", + "command": "select", + "target": "id=root_algorithms_5", + "targets": [], + "value": "label=CBC (128) - http://www.w3.org/2001/04/xmlenc#aes128-cbc" + }, { + "id": "ad4084f8-cb8c-46e1-b949-c55ae8d6498c", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "cfbf52c7-4303-40d1-bf43-4bd4abb23785", + "comment": "", + "command": "click", + "target": "id=root_algorithms_6", + "targets": [ + ["id=root_algorithms_6", "id"], + ["css=#root_algorithms_6", "css:finder"], + ["xpath=//select[@id='root_algorithms_6']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[7]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "8053bff4-b13f-48c6-9c50-ce94a2c12789", + "comment": "", + "command": "select", + "target": "id=root_algorithms_6", + "targets": [], + "value": "label=CBC (TRIPLEDES) - http://www.w3.org/2001/04/xmlenc#tripledes-cbc" + }, { + "id": "6ba09b16-4bc5-4609-87fe-4f481e9dbe60", + "comment": "", + "command": "click", + "target": "css=.array-add-button", + "targets": [ + ["css=.array-add-button", "css:finder"], + ["xpath=(//button[@type='button'])[11]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div/button", "xpath:idRelative"], + ["xpath=//div[7]/div/div/div/div/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Add ')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "1aab279c-5db0-4cee-8049-1d3dd7705210", + "comment": "", + "command": "click", + "target": "id=root_algorithms_7", + "targets": [ + ["id=root_algorithms_7", "id"], + ["css=#root_algorithms_7", "css:finder"], + ["xpath=//select[@id='root_algorithms_7']", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[8]/div/div/div/div/div/select", "xpath:idRelative"], + ["xpath=//div[8]/div/div/div/div/div/select", "xpath:position"] + ], + "value": "" + }, { + "id": "6041d01a-8271-4768-8df7-7503de2e4999", + "comment": "", + "command": "select", + "target": "id=root_algorithms_7", + "targets": [], + "value": "label=CBC (192) - http://www.w3.org/2001/04/xmlenc#aes192-cbc" + }, { + "id": "ccc82782-8d9c-4a5c-bde3-180bce9e0267", + "comment": "", + "command": "assertText", + "target": "css=.border-0 > .m-0", + "targets": [ + ["css=.border-0 > .m-0", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div[2]/div[2]/div/form/div/div/div/div[7]/div/div/div/div/div/div[2]/div[8]/div/div/div/div/div/ul/li/small", "xpath:idRelative"], + ["xpath=//small", "xpath:position"], + ["xpath=//small[contains(.,'Each algorithm may only be used once.')]", "xpath:innerText"] + ], + "value": "Each algorithm may only be used once." + }, { + "id": "dffd83ae-108a-4cf1-87bf-3de8e4ecb2a1", + "comment": "", + "command": "click", + "target": "css=.mt-2:nth-child(8) path", + "targets": [ + ["css=.mt-2:nth-child(8) path", "css:finder"] + ], + "value": "" + }, { + "id": "0d6e43e3-88b7-4e90-b4bf-88bc662cc43f", + "comment": "", + "command": "click", + "target": "css=.btn-info", + "targets": [ + ["css=.btn-info", "css:finder"], + ["xpath=(//button[@type='button'])[7]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div/div[2]/div/div[2]/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Save')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "089770b5-dcc0-4857-966b-a9b855e8a3da", + "comment": "", + "command": "waitForElementVisible", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div/span[2]", "xpath:position"] + ], + "value": "30000" + }, { + "id": "fe9a428a-7940-46b2-8433-1630e62bf4c5", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [], + "value": "FBHMR" + }, { + "id": "0bba7bb6-ced5-482b-bd5a-5cd23f498c0d", + "comment": "", + "command": "click", + "target": "css=div:nth-child(1) > .btn:nth-child(2)", + "targets": [ + ["css=div:nth-child(1) > .btn:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='navigation']/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Filters')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "2bd19215-f9e2-4acc-a224-575998285a28", + "comment": "", + "command": "waitForElementVisible", + "target": "css=.mx-4", + "targets": [], + "value": "30000" + }, { + "id": "96fc373a-b871-4307-adeb-fdab78d464a0", + "comment": "", + "command": "click", + "target": "css=.mx-4", + "targets": [ + ["css=.mx-4", "css:finder"], + ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], + ["xpath=//div[@id='filters']/ul/li/div/button", "xpath:idRelative"], + ["xpath=//li/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Algorithm Test')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "fced2579-7ff3-40f6-893f-8208370e8b2c", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(2) > .mb-4 .p-2 > div > div:nth-child(1) .d-block:nth-child(2)", + "targets": [ + ["css=div:nth-child(2) > .mb-4 .p-2 > div > div:nth-child(1) .d-block:nth-child(2)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/section/div/div[2]/div[2]/div/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'Algorithm Test')]", "xpath:innerText"] + ], + "value": "Algorithm Test" + }, { + "id": "900af1be-bb32-4052-9290-b8b4a73f0717", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(1) > .list-unstyled > .d-flex:nth-child(1) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(1) > .list-unstyled > .d-flex:nth-child(1) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li/span", "xpath:idRelative"], + ["xpath=//div[2]/div/ul/li/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2009/xmlenc11#aes256-gcm')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2009/xmlenc11#aes256-gcm" + }, { + "id": "3d622935-40af-4807-8843-1d71605ef480", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(2) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(2) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[2]/span", "xpath:idRelative"], + ["xpath=//ul/li[2]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2009/xmlenc11#aes192-gcm')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2009/xmlenc11#aes192-gcm" + }, { + "id": "12dfe6bb-acb1-4f9f-acb0-00e244ca3ac3", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(3) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(3) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[3]/span", "xpath:idRelative"], + ["xpath=//li[3]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2009/xmlenc11#aes128-gcm')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2009/xmlenc11#aes128-gcm" + }, { + "id": "47bf69fa-e126-4c06-b9ae-504d09a0d37b", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(4) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(4) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[4]/span", "xpath:idRelative"], + ["xpath=//li[4]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2001/04/xmlenc#aes256-cbc')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2001/04/xmlenc#aes256-cbc" + }, { + "id": "223043f1-e31c-4019-b68f-d654f3fea9b0", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(5) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(5) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[5]/span", "xpath:idRelative"], + ["xpath=//li[5]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2001/04/xmlenc#aes192-cbc')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2001/04/xmlenc#aes192-cbc" + }, { + "id": "2ecdc8fe-d63d-48e8-bcdf-eb675cd8912f", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(6) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(6) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[6]/span", "xpath:idRelative"], + ["xpath=//li[6]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2001/04/xmlenc#aes128-cbc')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2001/04/xmlenc#aes128-cbc" + }, { + "id": "8c87d87e-6b09-456e-806b-1d69dc9b2cc8", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(7) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(7) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[7]/span", "xpath:idRelative"], + ["xpath=//li[7]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2001/04/xmlenc#tripledes-cbc')]", "xpath:innerText"] + ], + "value": "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" + }, { + "id": "79f7ca40-090b-485f-a220-9e43728f4bc1", + "comment": "", + "command": "assertText", + "target": "css=.d-flex:nth-child(1) > .p-2", + "targets": [ + ["css=.d-flex:nth-child(1) > .p-2", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/span", "xpath:idRelative"], + ["xpath=//section[2]/div/div[2]/div[2]/div/span", "xpath:position"] + ], + "value": "Algorithm" + }, { + "id": "8e4fb6e0-618b-46f2-934b-8bf474615815", + "comment": "", + "command": "assertText", + "target": "css=div:nth-child(4) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(4) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section/div/div[2]/div[2]/div[3]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div[2]/div[3]/div/div/span[2]", "xpath:position"], + ["xpath=//span[contains(.,'Entity ID')]", "xpath:innerText"] + ], + "value": "Entity ID" + }, { + "id": "3d1b105b-9dec-40f4-802e-b5a3ddcbc2fc", + "comment": "", + "command": "click", + "target": "linkText=Edit", + "targets": [ + ["linkText=Edit", "linkText"], + ["css=.d-flex:nth-child(1) > .btn:nth-child(1)", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/div/div/a", "xpath:idRelative"], + ["xpath=//a[contains(@href, '/metadata/provider/66d0dbbb-4049-4584-8a6f-17707dc2a8d1/filter/62ffb91c-9af1-466b-83ac-307f21c0cebd/edit/common')]", "xpath:href"], + ["xpath=//div[2]/div/div/a", "xpath:position"], + ["xpath=//a[contains(.,' Edit')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "bfd501c9-e06c-4dd5-ad25-60b21fca1eb1", + "comment": "", + "command": "click", + "target": "css=.nav-link:nth-child(2)", + "targets": [ + ["css=.nav-link:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[9]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div[2]/div/nav/button[2]", "xpath:idRelative"], + ["xpath=//nav/button[2]", "xpath:position"], + ["xpath=//button[contains(.,'Options')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "493533af-c18e-46f6-b7df-82f7c3aa548e", + "comment": "", + "command": "click", + "target": "css=.mt-2:nth-child(7) path", + "targets": [ + ["css=.mt-2:nth-child(7) path", "css:finder"] + ], + "value": "" + }, { + "id": "cfc916c7-80a6-4cdc-b2c0-2425b168bcc4", + "comment": "", + "command": "click", + "target": "css=.btn-info", + "targets": [ + ["css=.btn-info", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='root']/div/main/div/section/div[2]/div[2]/div/div[2]/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Save')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "269c4acd-2e59-4f76-816c-9a7f06b4ce87", + "comment": "", + "command": "waitForElementVisible", + "target": "css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", + "targets": [ + ["css=div:nth-child(2) > div:nth-child(1) > .d-flex > .text-truncate", "css:finder"], + ["xpath=//div[@id='root']/div/main/div/section/div/div/section/div/div[2]/div[2]/div/div/span[2]", "xpath:idRelative"], + ["xpath=//div/span[2]", "xpath:position"] + ], + "value": "30000" + }, { + "id": "40fb10d5-231f-4d1a-8891-c4f48ea2c1b6", + "comment": "", + "command": "click", + "target": "css=div:nth-child(1) > .btn:nth-child(2)", + "targets": [ + ["css=div:nth-child(1) > .btn:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[6]", "xpath:attributes"], + ["xpath=//div[@id='navigation']/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Filters')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "e26e03eb-f01c-433c-aa19-683f1887c472", + "comment": "", + "command": "click", + "target": "css=.mx-4", + "targets": [ + ["css=.mx-4", "css:finder"], + ["xpath=(//button[@type='button'])[13]", "xpath:attributes"], + ["xpath=//div[@id='filters']/ul/li/div/button", "xpath:idRelative"], + ["xpath=//li/div/button", "xpath:position"], + ["xpath=//button[contains(.,'Algorithm Test')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "10fbd6c4-804a-4bcc-866b-7bf221ffa266", + "comment": "", + "command": "assertElementNotPresent", + "target": "css=.d-flex:nth-child(7) > .d-block", + "targets": [ + ["css=.d-flex:nth-child(7) > .d-block", "css:finder"], + ["xpath=//div[@id='filters']/ul/li/div[2]/section[2]/div/div[2]/div[2]/div/ul/li[7]/span", "xpath:idRelative"], + ["xpath=//li[7]/span", "xpath:position"], + ["xpath=//span[contains(.,'http://www.w3.org/2001/04/xmlenc#tripledes-cbc')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "6af1cc94-05df-47db-8672-d078928260ed", + "comment": "", + "command": "click", + "target": "css=.justify-content-end .btn:nth-child(2)", + "targets": [ + ["css=.justify-content-end .btn:nth-child(2)", "css:finder"], + ["xpath=(//button[@type='button'])[14]", "xpath:attributes"], + ["xpath=//div[@id='filters']/ul/li/div[2]/div/div/button", "xpath:idRelative"], + ["xpath=//div[2]/div/div/button", "xpath:position"], + ["xpath=//button[contains(.,' Delete')]", "xpath:innerText"] + ], + "value": "" + }, { + "id": "b44418d1-ed8c-4199-92a6-4b130bfe2cb2", + "comment": "", + "command": "click", + "target": "css=.btn-danger", + "targets": [ + ["css=.btn-danger", "css:finder"], + ["xpath=(//button[@type='button'])[18]", "xpath:attributes"], + ["xpath=//div[4]/div/div/div[3]/button", "xpath:position"] + ], + "value": "" + }, { + "id": "6cd2789b-4ec1-4153-8d4e-fb896a1b0e5e", + "comment": "", + "command": "click", + "target": "css=.align-items-end", + "targets": [ + ["css=.align-items-end", "css:finder"], + ["xpath=//div[@id='root']/div/footer/div/div[2]/div", "xpath:idRelative"], + ["xpath=//footer/div/div[2]/div", "xpath:position"] + ], + "value": "" + }, { + "id": "b9432398-233d-4872-8b56-9aa8fd48ca85", + "comment": "", + "command": "assertText", + "target": "css=.alert", + "targets": [], + "value": "No FiltersNo filters have been added to this Metadata Provider" + }, { + "id": "3543733a-3e14-4f07-9aaa-e29a26fe36b1", + "comment": "", + "command": "open", + "target": "/api/heheheheheheheWipeout", + "targets": [], + "value": "" + }, { + "id": "da1edae7-e865-404e-971c-37bdb13c2845", + "comment": "", + "command": "assertText", + "target": "css=body", + "targets": [], + "value": "yes, you did it" + }] + }], + "suites": [{ + "id": "d2caeac4-7520-4e3c-96b1-840610b6983c", + "name": "Default Suite", + "persistSession": false, + "parallel": false, + "timeout": 300, + "tests": ["841ade0e-83bd-4a4b-94f2-de6bd5c536b2"] + }], + "urls": ["http://localhost:10101/"], + "plugins": [] +} \ No newline at end of file From 0a0965009e3f898a9f85ab9a7b075c0148c6809d Mon Sep 17 00:00:00 2001 From: chasegawa Date: Thu, 25 Aug 2022 08:52:34 -0700 Subject: [PATCH 20/23] NOJIRA fixing display issue for external metadata filter --- .../admin/ui/service/JPAMetadataResolverServiceImpl.groovy | 3 +++ 1 file changed, 3 insertions(+) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index ddd925e7c..bb86a1915 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -552,6 +552,9 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { @Override Document generateSingleMetadataConfiguration(edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver mr) { + if (mr instanceof ExternalMetadataResolver) { + return generateExternalMetadataFilterConfiguration(); + } new StringWriter().withCloseable { writer -> def xml = new MarkupBuilder(writer) xml.omitEmptyAttributes = true From 1dc1b7a899206e8cd5abb8e547b81bec9975fe80 Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 25 Aug 2022 14:00:12 -0700 Subject: [PATCH 21/23] Fixed issue with changing filter type Former-commit-id: 3939df3761d61522aff021e35f278af2848b2c03 --- ui/src/app/metadata/Filter.js | 2 -- ui/src/app/metadata/editor/MetadataFilterEditor.js | 8 ++++++++ ui/src/app/metadata/hooks/schema.js | 6 +++++- ui/src/app/metadata/wizard/MetadataFilterTypeSelector.js | 4 ++-- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/ui/src/app/metadata/Filter.js b/ui/src/app/metadata/Filter.js index 58b867040..4c1bc707c 100644 --- a/ui/src/app/metadata/Filter.js +++ b/ui/src/app/metadata/Filter.js @@ -11,8 +11,6 @@ export function Filter() { const { path, url } = useRouteMatch(); - console.log(path, url) - return ( diff --git a/ui/src/app/metadata/editor/MetadataFilterEditor.js b/ui/src/app/metadata/editor/MetadataFilterEditor.js index 538c85d0e..972905e0a 100644 --- a/ui/src/app/metadata/editor/MetadataFilterEditor.js +++ b/ui/src/app/metadata/editor/MetadataFilterEditor.js @@ -25,6 +25,13 @@ export function MetadataFilterEditor({children, onNavigate, block}) { const schema = React.useContext(MetadataSchemaContext); const current = React.useContext(MetadataFilterContext); + React.useEffect(() => { + const step = definition.steps.find(step => step.id === section); + if (!step) { + onNavigate(definition.steps[0].id); + } + }, [section, current, onNavigate, definition]); + const { state, dispatch } = React.useContext(MetadataFormContext); const { metadata, errors } = state; @@ -38,6 +45,7 @@ export function MetadataFilterEditor({children, onNavigate, block}) { const warnings = definition.warnings && definition.warnings(metadata); + return (
diff --git a/ui/src/app/metadata/hooks/schema.js b/ui/src/app/metadata/hooks/schema.js index 5083559b1..b8bfcf7ca 100644 --- a/ui/src/app/metadata/hooks/schema.js +++ b/ui/src/app/metadata/hooks/schema.js @@ -11,7 +11,11 @@ export function useUiSchema(definition, schema, current, locked = true) { const ui = React.useMemo(() => definition ? { ...definition.uiSchema } : {}, [definition]); const schemaKeys = React.useMemo(() => schema ? Object.keys(schema.properties) : [], [schema]); - const step = React.useMemo(() => definition ? definition.steps.find(step => step.id === current) : {fields: []}, [definition, current]); + let step = React.useMemo(() => definition ? definition.steps.find(step => step.id === current) : {fields: []}, [definition, current]); + + if (!step) { + step = definition.steps[0]; + } const filled = React.useMemo(() => fillInRootProperties(schemaKeys, ui), [schemaKeys, ui]); const mapped = React.useMemo(() => Object.keys(filled).reduce((sch, key) => { diff --git a/ui/src/app/metadata/wizard/MetadataFilterTypeSelector.js b/ui/src/app/metadata/wizard/MetadataFilterTypeSelector.js index ff16b61a4..d46e79999 100644 --- a/ui/src/app/metadata/wizard/MetadataFilterTypeSelector.js +++ b/ui/src/app/metadata/wizard/MetadataFilterTypeSelector.js @@ -5,7 +5,7 @@ import Translate from '../../i18n/components/translate'; import { InfoIcon } from '../../form/component/InfoIcon'; import { useTranslator } from '../../i18n/hooks'; -export function MetadataFilterTypeSelector({ types = [], children, actions}) { +export function MetadataFilterTypeSelector({ types = [], children}) { const translator = useTranslator(); @@ -29,7 +29,7 @@ export function MetadataFilterTypeSelector({ types = [], children, actions}) { React.useEffect(() => { setBase({ '@type': type - }) + }); }, [type]) return ( From fbca08abb1caf11964fd1f36bfb1e88ff6c6041d Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Thu, 25 Aug 2022 14:03:02 -0700 Subject: [PATCH 22/23] Fixed message Former-commit-id: dc238e818afa99c340c591484c913d3b28cd1616 --- backend/src/main/resources/i18n/messages.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 92f1edb6f..29aaf5de9 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -534,7 +534,7 @@ label.role=Role message.delete-role-title=Delete Role? message.delete-role-body=You are requesting to delete a role. If you complete this process the role will be removed. This cannot be undone. Do you wish to continue? -message.duration=Requires a valid ISO 8601 duration (ex. PT2D) +message.duration=Requires a valid ISO 8601 duration (ex. PT4H) message.delete-user-title=Delete User? message.delete-user-body=You are requesting to delete a user. If you complete this process the user will be removed. This cannot be undone. Do you wish to continue? From 909102722e3d9014db6f76b9bfc665698549a34c Mon Sep 17 00:00:00 2001 From: Ryan Mathis Date: Tue, 30 Aug 2022 13:01:25 -0700 Subject: [PATCH 23/23] Fixed invalid duration setting --- backend/src/main/resources/i18n/messages.properties | 1 + .../provider/definition/BaseProviderDefinition.js | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties index 92f1edb6f..9e1392ecd 100644 --- a/backend/src/main/resources/i18n/messages.properties +++ b/backend/src/main/resources/i18n/messages.properties @@ -535,6 +535,7 @@ message.delete-role-title=Delete Role? message.delete-role-body=You are requesting to delete a role. If you complete this process the role will be removed. This cannot be undone. Do you wish to continue? message.duration=Requires a valid ISO 8601 duration (ex. PT2D) +message.invalid-duration=Invalid duration for this field. message.delete-user-title=Delete User? message.delete-user-body=You are requesting to delete a user. If you complete this process the user will be removed. This cannot be undone. Do you wish to continue? diff --git a/ui/src/app/metadata/domain/provider/definition/BaseProviderDefinition.js b/ui/src/app/metadata/domain/provider/definition/BaseProviderDefinition.js index 12e61ae0f..b94258159 100644 --- a/ui/src/app/metadata/domain/provider/definition/BaseProviderDefinition.js +++ b/ui/src/app/metadata/domain/provider/definition/BaseProviderDefinition.js @@ -1,5 +1,6 @@ import { metadataFilterProcessor } from '../utility/providerFilterProcessor'; import { MetadataFilterTypes } from '../../filter'; +import { has } from 'lodash'; export const BaseProviderDefinition = { schemaPreprocessor: metadataFilterProcessor, @@ -18,6 +19,18 @@ export const BaseProviderDefinition = { errors.xmlId.addError('message.id-unique'); } + if (has(formData, 'reloadableMetadataResolverAttributes.minRefreshDelay')) { + if (formData.reloadableMetadataResolverAttributes.minRefreshDelay === 'PT0S') { + errors.reloadableMetadataResolverAttributes.minRefreshDelay.addError('message.invalid-duration'); + } + } + + if (has(formData, 'reloadableMetadataResolverAttributes.maxRefreshDelay')) { + if (formData.reloadableMetadataResolverAttributes.maxRefreshDelay === 'PT0S') { + errors.reloadableMetadataResolverAttributes.maxRefreshDelay.addError('message.invalid-duration'); + } + } + return errors; } },