[SHIBUI-1772]

WIP
update schema
write test

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/DigestMethod.java

@@ -19,11 +19,11 @@ public DigestMethod(String algorithm) {
     @Nullable
     @Override
     public String getAlgorithm() {
-        return null;
+        return this.algorithm;
     }
 
     @Override
     public void setAlgorithm(@Nullable String value) {
-
+        this.algorithm = value;
     }
 }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/EntityDescriptorRepresentation.java

@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
 
 import javax.validation.constraints.NotNull;
@@ -38,10 +39,12 @@ public EntityDescriptorRepresentation(String id,
     @NotNull
     private String entityId;
 
-    private OrganizationRepresentation organization;
+    //TODO: review requirement
+    private OrganizationRepresentation organization = new OrganizationRepresentation();
 
     private List<ContactRepresentation> contacts;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private MduiRepresentation mdui;
 
     private ServiceProviderSsoDescriptorRepresentation serviceProviderSsoDescriptor;
@@ -58,8 +61,10 @@ public EntityDescriptorRepresentation(String id,
 
     private LocalDateTime modifiedDate;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private Map<String, Object> relyingPartyOverrides;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private List<String> attributeRelease;
 
     private int version;

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/frontend/OrganizationRepresentation.java

@@ -1,15 +1,20 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.frontend;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
+
 import java.io.Serializable;
 
 public class OrganizationRepresentation implements Serializable {
 
     private static final long serialVersionUID = 802722455433573538L;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String name;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String displayName;
 
+    @JsonInclude(JsonInclude.Include.NON_EMPTY)
     private String url;
 
     public String getName() {

backend/src/main/resources/metadata-sources-ui-schema.json

@@ -446,6 +446,12 @@
                                 "urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
                             ],
                             "description": "urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+                        },
+                        {
+                            "enum": [
+                                "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+                            ],
+                            "description": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
                         }
                     ]
                 }

backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/AuxiliaryIntegrationTests.groovy

@@ -0,0 +1,59 @@
+package edu.internet2.tier.shibboleth.admin.ui.service
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import edu.internet2.tier.shibboleth.admin.ui.configuration.JsonSchemaComponentsConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor
+import edu.internet2.tier.shibboleth.admin.ui.jsonschema.LowLevelJsonSchemaValidator
+import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
+import org.springframework.core.io.DefaultResourceLoader
+import org.springframework.core.io.ResourceLoader
+import org.springframework.mock.http.MockHttpInputMessage
+import spock.lang.Shared
+import spock.lang.Specification
+
+import java.time.LocalDateTime
+
+class AuxiliaryIntegrationTests extends Specification {
+    @Shared
+    OpenSamlObjects openSamlObjects = new OpenSamlObjects().with {
+        it.init()
+        it
+    }
+
+    @Shared
+    EntityDescriptorService entityDescriptorService
+
+    @Shared
+    ObjectMapper objectMapper
+
+    @Shared
+    ResourceLoader resourceLoader
+
+    void setup() {
+        this.entityDescriptorService = new JPAEntityDescriptorServiceImpl(openSamlObjects, null, null)
+        this.objectMapper = new ObjectMapper()
+        this.resourceLoader = new DefaultResourceLoader()
+    }
+
+    def "SHIBUI-1723: after enabling saved entity descriptor, it should still have valid xml"() {
+        given:
+        def entityDescriptor = openSamlObjects.unmarshalFromXml(this.class.getResource('/metadata/SHIBUI-1723-1.xml').bytes) as EntityDescriptor
+        def entityDescriptorRepresentation = this.entityDescriptorService.createRepresentationFromDescriptor(entityDescriptor).with {
+            it.serviceProviderName = 'testme'
+            it.contacts = []
+            it.securityInfo.x509Certificates[0].name = 'testcert'
+            it.createdBy = 'root'
+            it.setCreatedDate(LocalDateTime.now())
+            it.setModifiedDate(LocalDateTime.now())
+            it
+        }
+        def json = this.objectMapper.writeValueAsString(entityDescriptorRepresentation)
+        def schemaUri = edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocationLookup.metadataSourcesSchema(new JsonSchemaComponentsConfiguration().jsonSchemaResourceLocationRegistry(this.resourceLoader, this.objectMapper)).uri
+
+        when:
+        LowLevelJsonSchemaValidator.validatePayloadAgainstSchema(new MockHttpInputMessage(json.bytes), schemaUri)
+
+        then:
+        noExceptionThrown()
+    }
+}

backend/src/test/resources/metadata/SHIBUI-1723-1.xml

@@ -0,0 +1,81 @@
+<!--
+This is example metadata only. Do *NOT* supply it as is without review,
+and do *NOT* provide it in real time to your partners.
+ -->
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_bf63813d70b5f63a1d2a3504dca89b5e268be651" entityID="https://sp.idptestbed/shibboleth">
+
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Login" index="1"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>67af3237368e</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=67af3237368e</ds:X509SubjectName>
+          <ds:X509Certificate>MIID6zCCAlOgAwIBAgIJALaLIs8AvRgDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
+BAMTDDY3YWYzMjM3MzY4ZTAeFw0xODAxMDkyMDUxMzlaFw0yODAxMDcyMDUxMzla
+MBcxFTATBgNVBAMTDDY3YWYzMjM3MzY4ZTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ADCCAYoCggGBAKes3NT2GqXPDrl8OwrDRARLoBxKJ8ALZ0Ipj1sbYcUEv8aZ4ElR
++G4xf/KL/nF77ctc9WzE/fUlFG55lVKF7l2heKenweXsmeInmOj0MqXpIIofF1G2
+Sh4xUGACQp0OT7ndNlk2+mHK9zuCNA5o3VrAhJuWAruL3nRk14+DE7UkqF+oBZaF
+k5/U7W2sa6R1+UHXvSI823O5jAjhSSIfY/N2mME7QogU3P6ETa7BSRS3IvZ8oJvU
+T2Ss2ai1qZoiR/0Exeyj5nc026XEAQ675WAcxpAfxu+uDVQ274nPrvOdqUtUeaiU
+nc3kIdorXx/m8+WjYT4rGAXx2NbRRC/wRc7ilptLtL/5iHGJkIieFbzHWJXRRMzT
+/wWuYM8lr6lqEiOW/2B6z6kQpuGZoinQYBrNU+xYelkfK+jc1IZgR5wOP2aVJ2Gj
+DAarnNHkkd36sxOUKw+4f2R2K5obwzHqJl7jySW2p0KldjobQLt0M1DswK0U478R
+qqItwPfsTxju0wIDAQABozowODAXBgNVHREEEDAOggw2N2FmMzIzNzM2OGUwHQYD
+VR0OBBYEFAvZyUZ8LY3YacgpZSzgQMYSFmptMA0GCSqGSIb3DQEBCwUAA4IBgQCM
+IBtz+5mfFtRwmcScYdUzIujCbGfnY6+YsjGMa0jDDfyS1kFfNrj9VRl6uuPO8gWu
+BOxR9asm96FOC/tZOQ9SZgQN6ltQsfAMhl+cnI80Qwx8pUXt+iUtM+IgTUFqiv51
+Oy2GyFJGr1QIq4/iF8Q6k27ar73qVGFAYtGgOO5va4hKk6wPgiTHtIqgut6nbWD3
+ErCB28sMnNVYUVhQUxVf9c/9sXC8UIj9Ze0xrclhOeHwrwr9G5EZzyxK8VPFkv0Q
+Xrz01BXy/DcbIkcuFFvXE+BMeaziT4FofvvPXWpM1i+FX0wlkCXLj4GNsTuVspfi
+T5uUQUubf52kpO5tkPmF9JdM25qmVu5IgpqCMbm1mqrq7qAEFjzOtIp4f0EmHUSy
+/BNdo6DT14p56KA0DyrkBCR1UUgzBJcFNJLBLbyEHnHL8fXDcIhjjKJETYoKdsHT
+NEi6AB6UOCbYz//CwA96sW154Lu4CpMKrm5fZHLPQ+7UeE9UOQidzHLJ3Vb54BY=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://testsp.idaccessmanage.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+  </md:SPSSODescriptor>
+
+</md:EntityDescriptor>