SHIBUI-2380

Incremental commit:
- Added missing Audience list to the OAuthRPExtensions

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/Audience.java

@@ -0,0 +1,23 @@
+package edu.internet2.tier.shibboleth.admin.ui.domain;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hibernate.envers.Audited;
+
+import javax.persistence.Entity;
+
+@Entity
+@EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
+@Audited
+public class Audience extends AbstractXMLObject implements org.opensaml.saml.saml2.core.Audience {
+    @Getter
+    @Setter
+    private String URI;
+
+    public Audience(String value) {
+        this.setURI(value);
+    }
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensions.java

@@ -1,6 +1,7 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
 
 import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractXMLObject;
+import edu.internet2.tier.shibboleth.admin.ui.domain.Audience;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
@@ -33,6 +34,9 @@ public class OAuthRPExtensions extends AbstractXMLObject implements net.shibbole
 
     private String applicationType;
 
+    @OneToMany(cascade = CascadeType.ALL)
+    private List<Audience> audiences = new ArrayList<>();
+
     private String clientUri;
 
     @OneToMany(cascade = CascadeType.ALL)
@@ -100,6 +104,7 @@ public List<XMLObject> getOrderedChildren() {
         result.addAll(defaultAcrValues);
         result.addAll(requestUris);
         result.addAll(postLogoutRedirectUris);
+        result.addAll(audiences);
         result.addAll(unknownXMLObjects);
         return result;
     }
@@ -136,6 +141,10 @@ public List<net.shibboleth.oidc.saml.xmlobject.RequestUri> getRequestUris() {
         return result;
     }
 
+    public void addAudience(Audience aud) {
+        this.audiences.add(aud);
+    }
+
     public void addDefaultAcrValue(DefaultAcrValue childSAMLObject) {
         defaultAcrValues.add(childSAMLObject);
     }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/oidc/OAuthRPExtensionsUnmarshaller.java

@@ -1,5 +1,6 @@
 package edu.internet2.tier.shibboleth.admin.ui.domain.oidc;
 
+import edu.internet2.tier.shibboleth.admin.ui.domain.Audience;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.io.UnmarshallingException;
@@ -39,7 +40,9 @@ protected void processChildElement(final XMLObject parentSAMLObject, final XMLOb
             extensions.addRequestUri((RequestUri) childSAMLObject);
         } else if (childSAMLObject instanceof PostLogoutRedirectUri) {
             extensions.addPostLogoutRedirectUri((PostLogoutRedirectUri) childSAMLObject);
-        } else {
+        } else if (childSAMLObject instanceof Audience) {
+            extensions.addAudience((Audience) childSAMLObject);
+        }else {
             extensions.getUnknownXMLObjects().add(childSAMLObject);
         }
     }

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java

@@ -156,6 +156,11 @@ private Map<String, Object> buildOAuthRPExtensionsMap(EntityDescriptor ed) {
                     oAuthRPExtensions.getDefaultAcrValues().forEach(acrValue -> defaultAcrValues.add(acrValue.getValue()));
                     result.put("defaultAcrValues", defaultAcrValues);
                 }
+                if (oAuthRPExtensions.getAudiences().size() > 0){
+                    List<String> audiences = new ArrayList<>();
+                    oAuthRPExtensions.getAudiences().forEach(aud -> audiences.add(aud.getURI()));
+                    result.put("audience", audiences);
+                }
             }
         }
         return result;

backend/src/main/java/edu/internet2/tier/shibboleth/admin/util/EntityDescriptorConversionUtils.java

@@ -3,6 +3,7 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Strings;
 import edu.internet2.tier.shibboleth.admin.ui.domain.AssertionConsumerService;
+import edu.internet2.tier.shibboleth.admin.ui.domain.Audience;
 import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPerson;
 import edu.internet2.tier.shibboleth.admin.ui.domain.ContactPersonBuilder;
 import edu.internet2.tier.shibboleth.admin.ui.domain.Description;
@@ -333,9 +334,7 @@ public static void setupSPSSODescriptor(EntityDescriptor ed, EntityDescriptorRep
             if (representation.getServiceProviderSsoDescriptor() != null && representation.getServiceProviderSsoDescriptor().getNameIdFormats() != null && representation.getServiceProviderSsoDescriptor().getNameIdFormats().size() > 0) {
                 for (String nameidFormat : representation.getServiceProviderSsoDescriptor().getNameIdFormats()) {
                     NameIDFormat nameIDFormat = openSamlObjects.buildDefaultInstanceOfType(NameIDFormat.class);
-
                     nameIDFormat.setURI(nameidFormat);
-
                     spssoDescriptor.getNameIDFormats().add(nameIDFormat);
                 }
             }
@@ -355,7 +354,7 @@ private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull Serv
         OAuthRPExtensions oAuthRPExtensions = new OAuthRPExtensions();
         oauthrpextMap.keySet().forEach(key -> {
             try {
-                if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key)){
+                if ("requestUris".equals(key) || "defaultAcrValues".equals(key) || "postLogoutRedirectUris".equals(key) || "audience".equals(key)){
                     Field field = oAuthRPExtensions.getClass().getDeclaredField(key);
                     field.setAccessible(true);
                     ((List<String>) oauthrpextMap.get(key)).forEach(value -> {
@@ -369,6 +368,9 @@ private static Extensions buildOAuthRPExtensionsFromRepresentation(@NonNull Serv
                         case "postLogoutRedirectUris":
                             oAuthRPExtensions.addPostLogoutRedirectUri(new PostLogoutRedirectUri((value)));
                             break;
+                        case "audience":
+                            oAuthRPExtensions.addAudience(new Audience(value));
+                            break;
                         }
                     });
                 }

backend/src/main/resources/jpa-saml2-assertion-config.xml

@@ -16,6 +16,12 @@
             <MarshallingClass className="org.opensaml.saml.saml2.core.impl.AttributeMarshaller"/>
             <UnmarshallingClass className="org.opensaml.saml.saml2.core.impl.AttributeUnmarshaller"/>
         </ObjectProvider>
-
+
+        <ObjectProvider qualifiedName="saml2:Audience">
+            <BuilderClass className="edu.internet2.tier.shibboleth.admin.ui.domain.AudienceBuilder"/>
+            <MarshallingClass className="org.opensaml.core.xml.schema.impl.XSURIMarshaller"/>
+            <UnmarshallingClass className="org.opensaml.core.xml.schema.impl.XSURIUnmarshaller"/>
+        </ObjectProvider>
+
     </ObjectProviders>
- </XMLTooling>
+ </XMLTooling>

backend/src/main/resources/modified-saml2-assertion-config.xml

@@ -70,13 +70,13 @@
             <UnmarshallingClass className="org.opensaml.saml.saml2.core.impl.AttributeStatementUnmarshaller"/>
         </ObjectProvider>
 
-        <!-- Audience -->
+        <!-- Audience
         <ObjectProvider qualifiedName="saml2:Audience">
             <BuilderClass className="org.opensaml.saml.saml2.core.impl.AudienceBuilder"/>
             <MarshallingClass className="org.opensaml.core.xml.schema.impl.XSURIMarshaller"/>
             <UnmarshallingClass className="org.opensaml.core.xml.schema.impl.XSURIUnmarshaller"/>
         </ObjectProvider>
-
+        -->
         <!-- AudienceRestriction -->
         <ObjectProvider qualifiedName="saml2:AudienceRestriction">
             <BuilderClass className="org.opensaml.saml.saml2.core.impl.AudienceRestrictionBuilder"/>