Adjust SamlConfig JSON serialization. Do not serialize legacy key if …

…there isn't one Signed-off-by: Filip Hanik <fhanik@pivotal.io>
cloudfoundry · Apr 12, 2017 · 31e5661 · 31e5661
1 parent 57aeb9a
commit 31e5661
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 12 deletions.
diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/zone/SamlConfig.java b/model/src/main/java/org/cloudfoundry/identity/uaa/zone/SamlConfig.java
@@ -65,33 +65,37 @@ public void setWantAssertionSigned(boolean wantAssertionSigned) {
     @JsonProperty("certificate")
     public void setCertificate(String certificate) {
         SamlKey legacyKey = keys.get(LEGACY_KEY_ID);
-        if (null == legacyKey) {
+        if (hasText(certificate) && null == legacyKey) {
             legacyKey = new SamlKey();
         }
-        legacyKey.setCertificate(certificate);
-        keys.put(LEGACY_KEY_ID, legacyKey);
+        if (legacyKey != null) {
+            legacyKey.setCertificate(certificate);
+            keys.put(LEGACY_KEY_ID, legacyKey);
+        }
     }
 
     @JsonProperty("privateKey")
     public void setPrivateKey(String privateKey) {
         SamlKey legacyKey = keys.get(LEGACY_KEY_ID);
-        if (null == legacyKey) {
+        if (hasText(privateKey) && null == legacyKey) {
             legacyKey = new SamlKey();
         }
-        legacyKey.setKey(privateKey);
-        keys.put(LEGACY_KEY_ID, legacyKey);
-
+        if (legacyKey != null) {
+            legacyKey.setKey(privateKey);
+            keys.put(LEGACY_KEY_ID, legacyKey);
+        }
     }
 
     @JsonProperty("privateKeyPassword")
     public void setPrivateKeyPassword(String privateKeyPassword) {
         SamlKey legacyKey = keys.get(LEGACY_KEY_ID);
-        if (null == legacyKey) {
+        if (hasText(privateKeyPassword) && null == legacyKey) {
             legacyKey = new SamlKey();
         }
-        legacyKey.setPassphrase(privateKeyPassword);
-        keys.put(LEGACY_KEY_ID, legacyKey);
-
+        if (legacyKey != null) {
+            legacyKey.setPassphrase(privateKeyPassword);
+            keys.put(LEGACY_KEY_ID, legacyKey);
+        }
     }
 
     public boolean isWantAuthnRequestSigned() {
@@ -142,7 +146,9 @@ public String getActiveKeyId() {
     }
 
     public void setActiveKeyId(String activeKeyId) {
-        this.activeKeyId = activeKeyId;
+        if (!LEGACY_KEY_ID.equals(activeKeyId)) {
+            this.activeKeyId = activeKeyId;
+        }
     }
 
     public Map<String, SamlKey> getKeys() {

diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointDocs.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityZoneEndpointDocs.java
@@ -307,6 +307,7 @@ public void getAllIdentityZones() throws Exception {
             fieldWithPath("[].config.samlConfig.certificate").type(STRING).description(CERTIFICATE_DESC),
 
             fieldWithPath("[].config.samlConfig.activeKeyId").type(STRING).description(SAML_ACTIVE_KEY_ID_DESC),
+            fieldWithPath("[].config.samlConfig.keys").ignored().type(OBJECT).description(CERTIFICATE_DESC),
             fieldWithPath("[].config.samlConfig.keys.*").type(OBJECT).description(CERTIFICATE_DESC),
             fieldWithPath("[].config.samlConfig.keys.*.certificate").type(STRING).description(CERTIFICATE_DESC),