SHIBUI-2380

Fixes for name for key descriptors missing
TIER · Sep 29, 2022 · f336210 · f336210
1 parent 942a47f
commit f336210
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 7 deletions.
diff --git a/...in/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/...in/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java
@@ -104,8 +104,7 @@ public Iterable<EntityDescriptorRepresentation> getDisabledAndNotOwnedByAdmin()
     @GetMapping("/EntityDescriptor/{resourceId}")
     @Transactional
     public ResponseEntity<?> getOne(@PathVariable String resourceId) throws PersistentEntityNotFound, ForbiddenException {
-        return ResponseEntity.ok(entityDescriptorService
-                        .createRepresentationFromDescriptor(entityDescriptorService.getEntityDescriptorByResourceId(resourceId)));
+        return ResponseEntity.ok(entityDescriptorService.createRepresentationFromDescriptor(entityDescriptorService.getEntityDescriptorByResourceId(resourceId)));
     }
 
     @GetMapping(value = "/EntityDescriptor/{resourceId}", produces = "application/xml")

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/KeyInfo.java
@@ -45,9 +45,7 @@ public String getID() {
     }
 
     @Override
-    public void setID(@Nullable String newID) {
-
-    }
+    public void setID(@Nullable String newID) {}
 
     @Nonnull
     @Override
@@ -64,7 +62,14 @@ public List<XMLObject> getXMLObjects(@Nonnull QName typeOrName) {
     @Nonnull
     @Override
     public List<KeyName> getKeyNames() {
-        return Collections.emptyList();
+        List<KeyName> result = new ArrayList<>();
+        getXMLObjects().forEach(obj -> {
+            if (obj instanceof KeyName){
+                result.add((KeyName)obj);
+            }
+        });
+        return result;
+
     }
 
     @Nonnull
@@ -144,4 +149,4 @@ public List<XMLObject> getOrderedChildren() {
 
         return children;
     }
-}
+}
diff --git a/...n/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/...n/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
@@ -5,6 +5,7 @@
 import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor;
 import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptorProtocol;
 import edu.internet2.tier.shibboleth.admin.ui.domain.IRelyingPartyOverrideProperty;
+import edu.internet2.tier.shibboleth.admin.ui.domain.KeyDescriptor;
 import edu.internet2.tier.shibboleth.admin.ui.domain.UIInfo;
 import edu.internet2.tier.shibboleth.admin.ui.domain.X509Data;
 import edu.internet2.tier.shibboleth.admin.ui.domain.XSBoolean;
@@ -501,6 +502,7 @@ private void setupSecurityRepresentationFromEntityDescriptor(EntityDescriptor ed
             for (org.opensaml.saml.saml2.metadata.KeyDescriptor keyDescriptor : ed.getSPSSODescriptor("").getKeyDescriptors()) {
                 KeyDescriptorRepresentation keyDescriptorRep = new KeyDescriptorRepresentation();
                 String name = keyDescriptor.getKeyInfo().getKeyNames().size() > 0 ? keyDescriptor.getKeyInfo().getKeyNames().get(0).getValue() : null;
+                name = name == null ? ((KeyDescriptor)keyDescriptor).getName() : name;
                 keyDescriptorRep.setName(name);
 
                 //TODO: check this. assume that if no value is set, it's used for both

diff --git a/.../edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/.../edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy
@@ -722,6 +722,7 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest {
                 .andExpect(jsonPath("\$.serviceEnabled").value(false))
                 .andExpect(jsonPath("\$.idOfOwner").value("admingroup"))
                 .andExpect(jsonPath("\$.serviceProviderSsoDescriptor.protocolSupportEnum").value("http://openid.net/specs/openid-connect-core-1_0.html"))
+                .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier"))
@@ -776,6 +777,7 @@ class EntityDescriptorControllerTests extends AbstractBaseDataJpaTest {
                 .andExpect(jsonPath("\$.protocol").value("OIDC"))
                 .andExpect(jsonPath("\$.serviceEnabled").value(false))
                 .andExpect(jsonPath("\$.idOfOwner").value("admingroup"))
+                .andExpect(jsonPath("\$.securityInfo.keyDescriptors[0].name").value("test1"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.clientUri").value("https://example.org/clientUri"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.responseTypes").value("code id_token"))
                 .andExpect(jsonPath(shortNameToOAuth + "attributes.sectorIdentifierUri").value("https://example.org/sectorIdentifier"))

diff --git a/backend/src/test/resources/json/SHIBUI-2380-1.json b/backend/src/test/resources/json/SHIBUI-2380-1.json
@@ -19,21 +19,25 @@
     "wantAssertionsSigned": false,
     "keyDescriptors": [
       {
+        "name": "test1",
         "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB",
         "type": "signing",
         "elementType": "X509Data"
       },
       {
+        "name": "test2",
         "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w",
         "type": "signing",
         "elementType": "X509Data"
       },
       {
+        "name": "mockJwksData",
         "value": "ewogICJrdHkiOiAiUlNBIiwKICAiZSI6ICJBUUFCIiwKICAia2lkIjogIm1vY2siLAogICJhbGci",
         "type": "signing",
         "elementType": "jwksData"
       },
       {
+        "name": "mockClientSecret",
         "value": "mockClientSecretValue",
         "type": "both",
         "elementType": "clientSecret"

diff --git a/backend/src/test/resources/json/SHIBUI-2380.json b/backend/src/test/resources/json/SHIBUI-2380.json
@@ -23,11 +23,13 @@
     "wantAssertionsSigned": false,
     "keyDescriptors": [
       {
+        "name": "test1",
         "value": "MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB",
         "type": "signing",
         "elementType": "X509Data"
       },
       {
+        "name": "test2",
         "value": "MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w",
         "type": "signing",
         "elementType": "X509Data"

diff --git a/backend/src/test/resources/metadata/SHIBUI-2380.xml b/backend/src/test/resources/metadata/SHIBUI-2380.xml
@@ -33,6 +33,7 @@
         </md:Extensions>
         <md:KeyDescriptor use="signing">
             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:KeyName>test1</ds:KeyName>
                 <ds:X509Data>
                     <ds:X509Certificate>
                         MIIEQDCCAqigAwIBAgIVAIarXvdvyS47KJR7U40FlTufyD8vMA0GCSqGSIb3DQEB
@@ -42,6 +43,7 @@
         </md:KeyDescriptor>
         <md:KeyDescriptor use="signing">
             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                <ds:KeyName>test2</ds:KeyName>
                 <ds:X509Data>
                     <ds:X509Certificate>
                         MIIBKDCBzgIJAOYlspXlaqguMAoGCCqGSM49BAMCMBwxCzAJBgNVBAYTAkZJMQ0w