Merge branch 'develop' into feature/SHIBUI-2268-ui

Former-commit-id: d1ec3a46bf9ae1d71d46ce49c47987114de056d6

.gitignore

@@ -412,3 +412,6 @@ beacon/spring/out
 
 # macOS jenv
 .java-version
+/a.xml
+/application.yml
+/backend/src/test/resources/conf/deletem.xml

Jenkinsfile

@@ -16,32 +16,6 @@ pipeline {
         }
       }
     }
-
-    stage('Build Docker images') {
-      when {
-        expression {
-          return GIT_BRANCH in ['master']
-        }
-      }
-      steps {
-        sh '''./gradlew docker -x test
-        '''
-      }
-    }
-
-    stage('Deploy') {
-      when {
-        expression {
-          return GIT_BRANCH in ['master']
-        }
-      }
-      steps {
-        sh '''
-        docker stop shibui || true && docker rm shibui || true
-        docker run -d --restart always --name shibui -p 8080:8080 -v /etc/shibui:/conf -v /etc/shibui/application.yml:/application.yml -m 2GB --memory-swap=4GB --entrypoint /usr/bin/java unicon/shibui:latest -Xmx1G -jar app.war
-        '''
-      }
-    }
   }
   post {
     failure {
@@ -54,4 +28,4 @@ pipeline {
       cleanWs()
     }
   }
-}
+}

README.md

@@ -2,14 +2,14 @@
 
 ## Requirements_
 
-* Java 8 (note that ONLY Java 8 is supported at this time; other later versions might work)
+* Java 11 (note that ONLY Java 11 is supported at this time; other later versions might work)
 
 ## Running
 
 There are currently 2 ways to run the application:
 
-1. As an executable
-1. deployed in a Java Servlet 3.0 container
+1. As an executable WAR using Java
+1. deployed in a Java Servlet 3.0 container such as Tomcat or Jetty
 
 Note that some features require encoded slashes in the URL. In tomcat (which is embedded in the war), this can be
 allowed with:
@@ -57,6 +57,7 @@ beginning with `#` are commented out.
 # Server Configuration
 #server.port=8080
 
+
 # Logging Configuration
 #logging.config=classpath:log4j2.xml
 #logging.level.org.springframework.web=ERROR
@@ -110,4 +111,10 @@ spring.profiles.active=default
 
 # Password for the default user. If not set, a password will be generated at startup
 #shibui.default-password=
-```
+
+springdoc.use-management-port=true
+springdoc.pathsToMatch=/entities, /api/**
+# This property enables the openapi and swagger-ui endpoints to be exposed beneath the actuator base path.
+management.endpoints.web.exposure.include=openapi, swagger-ui
+management.server.port=9090
+```

backend/build.gradle

@@ -1,11 +1,11 @@
 plugins {
-    id 'groovy'
-    id 'war'
-    id 'org.springframework.boot' version '2.4.2'
-    id 'com.gorylenko.gradle-git-properties' version '1.4.21'
-    id 'io.freefair.lombok' version '5.3.0'
-    id 'com.palantir.docker' version '0.28.0'
-    id 'com.palantir.docker-run' version '0.28.0'
+    id "groovy"
+    id "war"
+    id "org.springframework.boot"
+    id "io.freefair.lombok"
+    id "com.gorylenko.gradle-git-properties" version "1.4.21"
+    id "com.palantir.docker" version "0.28.0"
+    id "com.palantir.docker-run" version "0.28.0"
 }
 
 apply plugin: 'io.spring.dependency-management'
@@ -14,18 +14,26 @@ apply plugin: 'jacoco'
 sourceCompatibility = 11
 targetCompatibility = 11
 
+test {
+    useJUnitPlatform() // Needed by spock to find specification tests
+}
+
 repositories {
     jcenter()
     maven {
         url 'https://build.shibboleth.net/nexus/content/groups/public'
         artifactUrls = ['https://build.shibboleth.net/nexus/content/repositories/thirdparty-snapshots']
     }
+    maven {  // for the springboot plugin
+        url "https://plugins.gradle.org/m2/"
+    }
     mavenLocal()
+    mavenCentral()
 }
 
 configurations.all {
     resolutionStrategy {
-        force 'org.cryptacular:cryptacular:1.1.3'
+        force "org.cryptacular:cryptacular:${project.'cryptacularVersion'}"
 
         eachDependency { details ->
             if (details.requested.group == 'org.seleniumhq.selenium' && details.requested.name != 'htmlunit-driver') {
@@ -105,7 +113,7 @@ bootWar {
 }
 
 springBoot {
-    mainClassName = 'edu.internet2.tier.shibboleth.admin.ui.ShibbolethUiApplication'
+    mainClass = 'edu.internet2.tier.shibboleth.admin.ui.ShibbolethUiApplication'
     buildInfo()
 }
 
@@ -114,75 +122,75 @@ generateLombokConfig.enabled = false
 dependencies {
     // opensaml deps
     ['opensaml-saml-api', 'opensaml-saml-impl', 'opensaml-xmlsec-api', 'opensaml-xmlsec-impl'].each {
-        compile "org.opensaml:${it}:${project.'opensaml.version'}"
+        compile "org.opensaml:${it}:${project.'opensamlVersion'}"
     }
 
-//    Left here to save time later - when pac4j is/was updated, I needed all of these to get the runtime right with the SAML2 client
-//    runtimeOnly "org.bouncycastle:bcprov-jdk15on:1.69"
-//    runtimeOnly "org.bouncycastle:bcprov-ext-jdk15on:1.69"
-//    runtimeOnly "org.bouncycastle:bcutil-jdk15on:1.69"
-//    runtimeOnly "org.bouncycastle:bcpkix-jdk15on:1.69"
-
+    runtimeOnly "org.bouncycastle:bcprov-jdk15on:1.70"
+    runtimeOnly "org.bouncycastle:bcprov-ext-jdk15on:1.70"
+    runtimeOnly "org.bouncycastle:bcutil-jdk15on:1.70"
+    runtimeOnly "org.bouncycastle:bcpkix-jdk15on:1.70"
 
     // shibboleth idp deps
     ['idp-profile-spring', 'idp-profile-api'].each {
-        compile "net.shibboleth.idp:${it}:${project.'shibboleth.version'}"
+        compile "net.shibboleth.idp:${it}:${project.'shibbolethVersion'}"
     }
 
     // hibernate deps
     ['hibernate-core'].each {
-        compile "org.hibernate:${it}:${project.'hibernate.version'}"
+        compile "org.hibernate:${it}:${project.'hibernateVersion'}"
     }
 
     // spring boot auto-config starters
     ['starter-web', 'starter-data-jpa', 'starter-security', 'starter-actuator', 'devtools', 'starter-webflux', 'starter-thymeleaf', 'starter-mail', 'starter-validation'].each {
         compile "org.springframework.boot:spring-boot-${it}"
     }
     // To override older version with security issue - https://www.lunasec.io/docs/blog/log4j-zero-day/
-    implementation 'org.apache.logging.log4j:log4j-to-slf4j:2.15.0'
-    implementation 'org.apache.logging.log4j:log4j-api:2.15.0'
+    implementation "org.apache.logging.log4j:log4j-to-slf4j:${project.'log4JVersion'}"
+    implementation "org.apache.logging.log4j:log4j-api:${project.'log4JVersion'}"
 
     // TODO: figure out what this should really be
-    runtimeOnly 'org.springframework.boot:spring-boot-starter-tomcat'
+    runtimeOnly "org.springframework.boot:spring-boot-starter-tomcat:${project.'springbootVersion'}"
 
     //Spring Configuration Annotation Processor - makes IntelliJ happy about @ConfigurationProperties
-    compileOnly "org.springframework.boot:spring-boot-configuration-processor"
+    compileOnly "org.springframework.boot:spring-boot-configuration-processor:${project.'springbootVersion'}"
 
     // lucene deps
     ['core', 'analyzers-common', 'queryparser'].each {
-        compile "org.apache.lucene:lucene-${it}:${project.'lucene.version'}"
+        compile "org.apache.lucene:lucene-${it}:${project.'luceneVersion'}"
     }
 
     compile "org.liquibase:liquibase-core"
     compile group: 'org.jadira.usertype', name: 'usertype.core', version: '6.0.1.GA'
 
     //For easy data mocking capabilities
-    compile 'net.andreinc.mockneat:mockneat:0.1.4'
-
-    compile 'org.codehaus.groovy:groovy-all:3.0.7'
+    compile 'net.andreinc:mockneat:0.4.7'
 
     //So it works on Java 9 without explicitly requiring to load that module (needed by Hibernate)
     runtimeOnly 'javax.xml.bind:jaxb-api:2.3.0'
     // runtime libraries for later java versions
     runtimeOnly 'org.glassfish.jaxb:jaxb-runtime:2.3.0'
 
     compile "com.h2database:h2"
-    runtimeOnly "org.postgresql:postgresql:42.2.20"
-    runtimeOnly 'org.mariadb.jdbc:mariadb-java-client:2.2.0'
-    runtimeOnly 'mysql:mysql-connector-java:5.1.48'
-
-    //Swagger
-    compile 'io.springfox:springfox-swagger2:2.9.2'
-    compile 'io.springfox:springfox-swagger-ui:2.9.2'
-
-    testCompile "org.springframework.boot:spring-boot-starter-test"
-    testCompile "org.springframework.security:spring-security-test"
-    testCompile "org.spockframework:spock-core:1.3-groovy-2.5"
-    testCompile "org.spockframework:spock-spring:1.3-groovy-2.5"
+    runtimeOnly "org.postgresql:postgresql:${project.'postgresVersion'}"
+    runtimeOnly "org.mariadb.jdbc:mariadb-java-client:${project.'mariadbVersion'}"
+    runtimeOnly "mysql:mysql-connector-java:${project.'mysqlVersion'}"
+    runtimeOnly "com.microsoft.sqlserver:mssql-jdbc:${project.'sqlserverVersion'}"
+
+    //Swagger 3
+    implementation 'org.springdoc:springdoc-openapi-ui:1.6.8'
+
+    compile 'org.codehaus.groovy:groovy-all:3.0.10'
+    testImplementation platform("org.spockframework:spock-bom:2.1-groovy-3.0")
+    testImplementation "org.spockframework:spock-core"
+    testImplementation "org.spockframework:spock-spring"
+
+    testCompile "org.springframework.boot:spring-boot-starter-test:${project.'springbootVersion'}"
+    testCompile "org.springframework.security:spring-security-test:${project.'springSecurityVersion'}"
+    testCompile 'org.skyscreamer:jsonassert:1.5.0'
     testCompile "org.xmlunit:xmlunit-core:2.5.1"
     testRuntime 'cglib:cglib-nodep:3.2.5'
 
-    compile "net.shibboleth.ext:spring-extensions:5.4.0"
+    compile "net.shibboleth.ext:spring-extensions:6.2.0"
 
     //JSON schema generator
     testCompile 'com.kjetland:mbknor-jackson-jsonschema_2.12:1.0.29'
@@ -196,18 +204,21 @@ dependencies {
     integrationTestCompile configurations.compile
     integrationTestCompile 'com.saucelabs:sebuilder-interpreter:1.0.6'
     integrationTestCompile 'jp.vmi:selenese-runner-java:3.20.0'
-    integrationTestCompile "org.springframework.boot:spring-boot-starter-test"
-    integrationTestCompile "org.springframework.security:spring-security-test"
-    integrationTestCompile "org.spockframework:spock-core:1.3-groovy-2.5"
-    integrationTestCompile "org.spockframework:spock-spring:1.3-groovy-2.5"
+    integrationTestCompile "org.springframework.boot:spring-boot-starter-test:${project.'springbootVersion'}"
+    integrationTestCompile "org.springframework.security:spring-security-test:${project.'springSecurityVersion'}"
+    integrationTestCompile platform("org.spockframework:spock-bom:2.1-groovy-3.0")
+    integrationTestCompile "org.spockframework:spock-core"
+    integrationTestCompile "org.spockframework:spock-spring"
 
     // CSV file support
-    compile 'com.opencsv:opencsv:4.4'
+    compile 'com.opencsv:opencsv:4.4', {
+        exclude group: 'commons-collections'
+    }
 
-    testCompile 'org.skyscreamer:jsonassert:1.5.0'
+    compile "org.apache.commons:commons-collections4:${project.'commonsCollections4Version'}"
 
     // Envers for persistent entities versioning
-    compile 'org.hibernate:hibernate-envers'
+    compile "org.hibernate:hibernate-envers:${project.'hibernateVersion'}"
 
     //Pacj4 sub-project
     runtimeOnly project(':pac4j-module')
@@ -219,7 +230,9 @@ dependencies {
     enversTestCompile sourceSets.test.output
     enversTestCompile configurations.compile
     enversTestCompile configurations.testCompile
+    enversTestCompile configurations.testImplementation
 
+    enversTestRuntime configurations.testImplementation
     enversTestRuntime configurations.runtime
     enversTestRuntime configurations.testRuntime
 }
@@ -230,6 +243,7 @@ task copyUI(type: Copy) {
 }
 
 task integrationTest(type: Test) {
+    useJUnitPlatform()
     group = 'verification'
     description = 'Run various integration tests'
     dependsOn 'copyUI'
@@ -241,12 +255,14 @@ task integrationTest(type: Test) {
 }
 
 task enversTest(type: Test) {
+    useJUnitPlatform()
     group = 'verification'
     description = 'Run tests pertaing to envers versioning engine'
     testClassesDirs = sourceSets.enversTest.output.classesDirs
     classpath = sourceSets.enversTest.runtimeClasspath
     systemProperties = System.properties
     systemProperties['user.dir'] = workingDir
+    useJUnitPlatform()
 }
 
 check {

backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataResolverEnversVersioningTests.groovy

@@ -14,7 +14,6 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetad
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ReloadableMetadataResolverAttributes
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme
-import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.autoconfigure.domain.EntityScan
@@ -269,7 +268,7 @@ class MetadataResolverEnversVersioningTests extends Specification {
         when:
         ResourceBackedMetadataResolver resolver = new ResourceBackedMetadataResolver(name: 'rbmr').with {
             it.reloadableMetadataResolverAttributes = new ReloadableMetadataResolverAttributes(taskTimerRef: 'taskTimerRef')
-            it.classpathMetadataResource = new ClasspathMetadataResource(file: 'metadata.xml')
+            it.classpathMetadataResource = new ClasspathMetadataResource(fileResource: 'metadata.xml')
             it
         }
 
@@ -283,15 +282,15 @@ class MetadataResolverEnversVersioningTests extends Specification {
         resolverHistory.size() == 1
         getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr'
         getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef'
-        getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml'
+        getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml'
         getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser'
         getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L
         getModifiedEntityNames(resolverHistory, 0).sort() == expectedModifiedPersistentEntities.sort()
 
         when:
         resolver.name = 'rbmrUPDATED'
         resolver.reloadableMetadataResolverAttributes.taskTimerRef = 'taskTimerRefUPDATED'
-        resolver.classpathMetadataResource.file = 'metadataUPDATED.xml'
+        resolver.classpathMetadataResource.fileResource = 'metadataUPDATED.xml'
 
         resolverHistory = updateAndGetRevisionHistoryOfMetadataResolver(resolver,
                 metadataResolverRepository,
@@ -303,16 +302,16 @@ class MetadataResolverEnversVersioningTests extends Specification {
         resolverHistory.size() == 2
         getTargetEntityForRevisionIndex(resolverHistory, 1).name == 'rbmrUPDATED'
         getTargetEntityForRevisionIndex(resolverHistory, 1).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRefUPDATED'
-        getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.file == 'metadataUPDATED.xml'
+        getTargetEntityForRevisionIndex(resolverHistory, 1).classpathMetadataResource.fileResource == 'metadataUPDATED.xml'
         getRevisionEntityForRevisionIndex(resolverHistory, 1).principalUserName == 'anonymousUser'
         getRevisionEntityForRevisionIndex(resolverHistory, 1).timestamp > 0L
         getModifiedEntityNames(resolverHistory, 1).sort() == expectedModifiedPersistentEntities.sort()
 
         //Check the original revision is intact
         getTargetEntityForRevisionIndex(resolverHistory, 0).name == 'rbmr'
         getTargetEntityForRevisionIndex(resolverHistory, 0).reloadableMetadataResolverAttributes.taskTimerRef == 'taskTimerRef'
-        getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.file == 'metadata.xml'
+        getTargetEntityForRevisionIndex(resolverHistory, 0).classpathMetadataResource.fileResource == 'metadata.xml'
         getRevisionEntityForRevisionIndex(resolverHistory, 0).principalUserName == 'anonymousUser'
         getRevisionEntityForRevisionIndex(resolverHistory, 0).timestamp > 0L
     }
-}
+}