Metadata Resolvers schema validation

TIER · Aug 23, 2019 · ffffc0b · ffffc0b
1 parent bdf8e93
commit ffffc0b
Show file tree

Hide file tree

Showing 9 changed files with 75 additions and 24 deletions.
diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/jsonschema/LowLevelJsonSchemaValidator.groovy
@@ -13,14 +13,16 @@ import static edu.internet2.tier.shibboleth.admin.ui.jsonschema.JsonSchemaLocati
 class LowLevelJsonSchemaValidator {
 
     static HttpInputMessage validatePayloadAgainstSchema(HttpInputMessage inputMessage, URI schemaUri) {
-        def json = extractJsonPayload(inputMessage)
+        def origInput = [inputMessage.body.bytes, inputMessage.headers]
+        def json = extractJsonPayload(origInput)
         def schema = Json.schema(schemaUri)
-        doValidate(schema, json)
+        doValidate(origInput, schema, json)
     }
 
     static HttpInputMessage validateMetadataResolverTypePayloadAgainstSchema(HttpInputMessage inputMessage,
                                                                              JsonSchemaResourceLocationRegistry schemaRegistry) {
-        def json = extractJsonPayload(inputMessage)
+        def origInput = [inputMessage.body.bytes, inputMessage.headers]
+        def json = extractJsonPayload(origInput)
         def schemaUri = null
         switch (json.asMap()['@type']) {
             case 'LocalDynamicMetadataResolver':
@@ -36,23 +38,27 @@ class LowLevelJsonSchemaValidator {
                 break
         }
         if(!schemaUri) {
-            return inputMessage
+            return newInputMessage(origInput)
         }
-        doValidate(Json.schema(schemaUri), json)
+        doValidate(origInput, Json.schema(schemaUri), json)
     }
 
-    private static Json extractJsonPayload(HttpInputMessage inputMessage) {
-        Json.read(new ByteArrayInputStream(inputMessage.body.bytes).getText())
+    private static Json extractJsonPayload(List origInput) {
+        Json.read(new ByteArrayInputStream(origInput[0]).getText())
     }
 
-    private static HttpInputMessage doValidate(Json.Schema schema, Json json) {
+    private static HttpInputMessage doValidate(List origInput, Json.Schema schema, Json json) {
         def validationResult = schema.validate(json)
         if (!validationResult.at('ok')) {
             throw new JsonSchemaValidationFailedException(validationResult.at('errors').asList())
         }
-        return [
-                getBody   : { new ByteArrayInputStream(bytes) },
-                getHeaders: { inputMessage.headers }
+        newInputMessage(origInput)
+    }
+
+    private static newInputMessage(origInput) {
+        [
+                getBody   : { new ByteArrayInputStream(origInput[0]) },
+                getHeaders: { origInput[1] }
         ] as HttpInputMessage
     }
 }
diff --git a/.../edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java b/.../edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicHttpMetadataResolver.java
@@ -36,6 +36,8 @@ public class DynamicHttpMetadataResolver extends MetadataResolver {
 
     private Integer maxConnectionsPerRoute = 100;
 
+    private String metadataURL;
+
     @ElementCollection
     @OrderColumn
     private List<String> supportedContentTypes;

diff --git a/...nternet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicMetadataResolverAttributes.java b/...nternet2/tier/shibboleth/admin/ui/domain/resolvers/DynamicMetadataResolverAttributes.java
@@ -20,7 +20,7 @@ public class DynamicMetadataResolverAttributes {
 
     private String taskTimerRef;
 
-    private Double refreshDelayFactor = 0.75;
+    private Float refreshDelayFactor = 0.75F;
 
     private String minCacheDuration = "PT10M";
 

diff --git a/...bboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java b/...bboleth/admin/ui/domain/resolvers/opensaml/OpenSamlMetadataResolverConstructorHelper.java
@@ -57,7 +57,7 @@ public static void updateOpenSamlMetadataResolverFromDynamicMetadataResolverAttr
         }
 
         if (attributes.getRefreshDelayFactor() != null) {
-            dynamicMetadataResolver.setRefreshDelayFactor(attributes.getRefreshDelayFactor().floatValue());
+            dynamicMetadataResolver.setRefreshDelayFactor(attributes.getRefreshDelayFactor());
         }
 
         if (attributes.getRemoveIdleEntityData() != null) {

diff --git a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
@@ -147,7 +147,7 @@
                 "refreshDelayFactor": {
                     "title": "label.refresh-delay-factor",
                     "description": "tooltip.refresh-delay-factor",
-                    "type": "string",
+                    "type": "number",
                     "widget": {
                         "id": "string",
                         "help": "message.real-number"
@@ -578,7 +578,7 @@
         "metadataFilters": {
             "title": "",
             "description": "",
-            "type": "object",
+            "type": "array",
             "properties": {
                 "RequiredValidUntil": {
                     "title": "label.required-valid-until",
@@ -703,4 +703,4 @@
             }
         }
     }
-}
+}
diff --git a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
@@ -61,7 +61,7 @@
                 "refreshDelayFactor": {
                     "title": "label.refresh-delay-factor",
                     "description": "tooltip.refresh-delay-factor",
-                    "type": "string",
+                    "type": "number",
                     "widget": {
                         "id": "string",
                         "help": "message.real-number"
@@ -188,4 +188,4 @@
             }
         }
     }
-}
+}
diff --git a/...eth/admin/ui/controller/MetadataResolverControllerSchemaValidationIntegrationTests.groovy b/...eth/admin/ui/controller/MetadataResolverControllerSchemaValidationIntegrationTests.groovy
@@ -17,6 +17,16 @@ class MetadataResolverControllerSchemaValidationIntegrationTests extends Specifi
 
     static RESOURCE_URI = '/api/MetadataResolvers'
 
+    private HTTP_POST = { body ->
+        this.restTemplate.postForEntity(RESOURCE_URI, createRequestHttpEntityFor(body), Map)
+    }
+
+    private static checkJsonValidationIsPerformed = {
+        assert it.statusCodeValue == 400
+        assert it.body.errorMessage.count('Type mistmatch for null') > 0
+        true
+    }
+
     def 'POST for LocalDynamicMetadataResolver with invalid payload according to schema validation'() {
         given:
         def postedJsonBody = """            
@@ -87,14 +97,36 @@ class MetadataResolverControllerSchemaValidationIntegrationTests extends Specifi
         """
 
         when:
-        def result = this.restTemplate.postForEntity(RESOURCE_URI, createRequestHttpEntityFor { postedJsonBody }, Map)
+        def result = HTTP_POST(postedJsonBody)
+
+        then:
+        checkJsonValidationIsPerformed(result)
+
+    }
+
+    def 'POST for DynamicHttpMetadataResolver with invalid payload according to schema validation'() {
+        given:
+        def postedJsonBody = """            
+            {
+                "name" : null,
+                "xmlId": "123",
+                "metadataURL": "http://metadata",                
+                "metadataRequestURLConstructionScheme": {"@type": "MetadataQueryProtocol", "content": "scheme"},                                                                
+                "@type" : "DynamicHttpMetadataResolver"
+            }                
+        """
+
+        when:
+        def result = HTTP_POST(postedJsonBody)
 
         then:
-        result.statusCodeValue == 400
-        result.body.errorMessage.count('Type mistmatch for null') > 0
+        checkJsonValidationIsPerformed(result)
+
     }
 
-    private static HttpEntity<String> createRequestHttpEntityFor(Closure jsonBodySupplier) {
-        new HttpEntity<String>(jsonBodySupplier(), ['Content-Type': 'application/json'] as HttpHeaders)
+    private static HttpEntity<String> createRequestHttpEntityFor(String jsonBody) {
+        new HttpEntity<String>(jsonBody, ['Content-Type': 'application/json'] as HttpHeaders)
     }
+
+
 }
diff --git a/...t2/tier/shibboleth/admin/ui/controller/MetadataResolversControllerIntegrationTests.groovy b/...t2/tier/shibboleth/admin/ui/controller/MetadataResolversControllerIntegrationTests.groovy
@@ -8,6 +8,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFil
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetadataResolver
+import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataQueryProtocolScheme
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository
 import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator
@@ -27,6 +28,7 @@ import org.springframework.test.context.ActiveProfiles
 import spock.lang.Specification
 import spock.lang.Unroll
 
+import static com.fasterxml.jackson.annotation.JsonInclude.Include.*
 import static org.springframework.http.HttpMethod.PUT
 
 /**
@@ -59,6 +61,7 @@ class MetadataResolversControllerIntegrationTests extends Specification {
         generator = new TestObjectGenerator(attributeUtility, customPropertiesConfiguration)
         mapper = new ObjectMapper()
         mapper.enable(SerializationFeature.INDENT_OUTPUT)
+        mapper.setSerializationInclusion(NON_NULL)
         mapper.registerModule(new JavaTimeModule())
     }
 
@@ -254,7 +257,14 @@ class MetadataResolversControllerIntegrationTests extends Specification {
     def "PUT concrete MetadataResolver with version conflict -> /api/MetadataResolvers/{resourceId}"() {
         given: 'One resolver is available in data store'
         def resolver = new DynamicHttpMetadataResolver().with {
-            it.name = 'Test DynamicHttpMetadataResolver'
+            it.name = 'DynamicHTTP'
+            it.xmlId = 'DynamicHTTP'
+            it.metadataURL = 'http://metadata'
+            it.metadataRequestURLConstructionScheme = new MetadataQueryProtocolScheme().with {
+                it.transformRef = 'transformRef'
+                it.content = 'content'
+                it
+            }
             it
         }
         def resolverResourceId = resolver.resourceId

diff --git a/...nd/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/...nd/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy
@@ -535,6 +535,7 @@ class TestObjectGenerator {
         new DynamicHttpMetadataResolver().with {
             it.name = 'DynamicHTTP'
             it.xmlId = 'DynamicHTTP'
+            it.metadataURL = 'http://metadata'
             it.dynamicMetadataResolverAttributes = new DynamicMetadataResolverAttributes().with {
                 it
             }