From d533107addf4ba652da38f739ff3174dc6b38564 Mon Sep 17 00:00:00 2001 From: Dmitriy Kopylenko Date: Thu, 6 Dec 2018 12:04:29 -0500 Subject: [PATCH] SHIBUI-799: fix nameid filter init error during effective reload --- .../JPAMetadataResolverServiceImpl.groovy | 3 +- .../opensaml/OpenSamlNameIdFormatFilter.java | 34 +++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 923c88417..64c5c9098 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -7,6 +7,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityRoleWhiteList import edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.SignatureValidationFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.opensaml.OpenSamlNameIdFormatFilter import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver @@ -99,7 +100,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { } if(metadataFilter instanceof NameIdFormatFilter) { NameIdFormatFilter nameIdFormatFilter = NameIdFormatFilter.cast(metadataFilter) - NameIDFormatFilter openSamlTargetFilter = new NameIDFormatFilter() + NameIDFormatFilter openSamlTargetFilter = new OpenSamlNameIdFormatFilter() Map, Collection> predicateRules = [:] nameIdFormatFilter.formats.each { switch (it.type) { diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java new file mode 100644 index 000000000..1fb1ccc38 --- /dev/null +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/opensaml/OpenSamlNameIdFormatFilter.java @@ -0,0 +1,34 @@ +package edu.internet2.tier.shibboleth.admin.ui.domain.filters.opensaml; + +import org.opensaml.core.xml.XMLObject; +import org.opensaml.saml.metadata.resolver.filter.FilterException; +import org.opensaml.saml.metadata.resolver.filter.impl.NameIDFormatFilter; +import org.opensaml.saml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml.saml2.metadata.EntityDescriptor; + +import javax.annotation.Nullable; + +/** + * Extension to open saml type for workaround forced component initialization check. We need to override filter + * method to skip this check as we use re-filtering in Shib UI context just to reload effective metadata. + * + * @author Dmitriy Kopylenko + */ +public class OpenSamlNameIdFormatFilter extends NameIDFormatFilter { + + @Nullable + @Override + public XMLObject filter(@Nullable XMLObject metadata) throws FilterException { + if (metadata == null) { + return null; + } + + if (metadata instanceof EntitiesDescriptor) { + filterEntitiesDescriptor((EntitiesDescriptor) metadata); + } else { + filterEntityDescriptor((EntityDescriptor) metadata); + } + + return metadata; + } +}