From a175847fe0b441c569f76592ab40523736b8110c Mon Sep 17 00:00:00 2001 From: Filip Hanik Date: Thu, 27 Aug 2015 09:22:24 -0600 Subject: [PATCH] Rename IdentityProviderDefinition to SamlIdentityProviderDefinition to clarify the name and its purpose --- .../login/LoginInfoEndpoint.java | 14 ++-- .../uaa/config/IdentityProviderBootstrap.java | 11 ++- .../saml/LoginSamlAuthenticationProvider.java | 2 +- .../uaa/login/saml/LoginSamlEntryPoint.java | 14 ++-- .../login/saml/ProviderChangedListener.java | 8 +-- ... => SamlIdentityProviderConfigurator.java} | 72 +++++++++---------- ...va => SamlIdentityProviderDefinition.java} | 18 ++--- .../login/saml/ZoneAwareMetadataManager.java | 8 +-- .../JdbcIdentityProviderProvisioning.java | 5 +- .../login/LoginInfoEndpointTest.java | 66 ++++++++--------- .../config/IdentityProviderBootstrapTest.java | 26 ++++--- .../IdentityProviderConfiguratorTests.java | 66 ++++++++--------- .../saml/IdentityProviderDefinitionTests.java | 20 +++--- docs/UAA-APIs.rst | 2 +- .../uaa/zone/IdentityProviderEndpoints.java | 21 +++--- .../webapp/WEB-INF/spring/saml-providers.xml | 4 +- .../uaa/integration/feature/SamlLoginIT.java | 64 ++++++++--------- .../identity/uaa/login/BootstrapTests.java | 49 +++++++------ .../identity/uaa/login/LoginMockMvcTests.java | 34 ++++----- .../saml/SamlIDPRefreshMockMvcTests.java | 37 +++++----- ...IdentityProviderEndpointsMockMvcTests.java | 15 ++-- 21 files changed, 270 insertions(+), 286 deletions(-) rename common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/{IdentityProviderConfigurator.java => SamlIdentityProviderConfigurator.java} (84%) rename common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/{IdentityProviderDefinition.java => SamlIdentityProviderDefinition.java} (87%) diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpoint.java b/common/src/main/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpoint.java index 261c8f4407b..73cc84ac4b1 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpoint.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpoint.java @@ -23,8 +23,8 @@ import org.cloudfoundry.identity.uaa.login.AutologinRequest; import org.cloudfoundry.identity.uaa.login.AutologinResponse; import org.cloudfoundry.identity.uaa.login.PasscodeInformation; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.login.saml.LoginSamlAuthenticationToken; import org.cloudfoundry.identity.uaa.user.UaaAuthority; import org.cloudfoundry.identity.uaa.util.JsonUtils; @@ -98,7 +98,7 @@ public class LoginInfoEndpoint { protected Environment environment; - private IdentityProviderConfigurator idpDefinitions; + private SamlIdentityProviderConfigurator idpDefinitions; private long codeExpirationMillis = 5 * 60 * 1000; @@ -119,7 +119,7 @@ public void setCodeExpirationMillis(long codeExpirationMillis) { this.codeExpirationMillis = codeExpirationMillis; } - public void setIdpDefinitions(IdentityProviderConfigurator idpDefinitions) { + public void setIdpDefinitions(SamlIdentityProviderConfigurator idpDefinitions) { this.idpDefinitions = idpDefinitions; } @@ -209,7 +209,7 @@ private String login(Model model, Principal principal, List excludedProm HttpSession session = request != null ? request.getSession(false) : null; List allowedIdps = getAllowedIdps(session); - List idps = getIdentityProviderDefinitions(allowedIdps); + List idps = getSamlIdentityProviderDefinitions(allowedIdps); boolean fieldUsernameShow = true; @@ -242,7 +242,7 @@ private String login(Model model, Principal principal, List excludedProm // Entity ID to start the discovery model.addAttribute("entityID", getZonifiedEntityId()); model.addAttribute("idpDefinitions", idps); - for (IdentityProviderDefinition idp : idps) { + for (SamlIdentityProviderDefinition idp : idps) { if(idp.isShowSamlLink()) { model.addAttribute("showSamlLoginLinks", true); noSamlIdpsPresent = false; @@ -283,7 +283,7 @@ private String login(Model model, Principal principal, List excludedProm return "home"; } - protected List getIdentityProviderDefinitions(List allowedIdps) { + protected List getSamlIdentityProviderDefinitions(List allowedIdps) { return idpDefinitions.getIdentityProviderDefinitions(allowedIdps, IdentityZoneHolder.get()); } diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrap.java b/common/src/main/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrap.java index a6d04dc5b2d..2fad9311463 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrap.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrap.java @@ -20,9 +20,8 @@ import java.util.List; import org.cloudfoundry.identity.uaa.authentication.Origin; -import org.cloudfoundry.identity.uaa.authentication.manager.PeriodLockoutPolicy; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.util.JsonUtils; import org.cloudfoundry.identity.uaa.zone.IdentityProvider; import org.cloudfoundry.identity.uaa.zone.IdentityProviderProvisioning; @@ -37,7 +36,7 @@ public class IdentityProviderBootstrap implements InitializingBean { public static final String DEFAULT_MAP = "{\"default\":\"default\"}"; private IdentityProviderProvisioning provisioning; private List providers = new LinkedList<>(); - private IdentityProviderConfigurator configurator; + private SamlIdentityProviderConfigurator configurator; private HashMap ldapConfig; private HashMap keystoneConfig; private Environment environment; @@ -53,14 +52,14 @@ public IdentityProviderBootstrap(IdentityProviderProvisioning provisioning, Envi } - public void setSamlProviders(IdentityProviderConfigurator configurator) { + public void setSamlProviders(SamlIdentityProviderConfigurator configurator) { this.configurator = configurator; } protected void addSamlProviders() { if (configurator==null) { return; } - for (IdentityProviderDefinition def : configurator.getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : configurator.getIdentityProviderDefinitions()) { IdentityProvider provider = new IdentityProvider(); provider.setType(Origin.SAML); provider.setOriginKey(def.getIdpEntityAlias()); diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlAuthenticationProvider.java b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlAuthenticationProvider.java index 77d2c2627ef..dee7c02c4be 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlAuthenticationProvider.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlAuthenticationProvider.java @@ -74,7 +74,7 @@ public Authentication authenticate(Authentication authentication) throws Authent boolean addNew = true; try { IdentityProvider idp = identityProviderProvisioning.retrieveByOrigin(alias, IdentityZoneHolder.get().getId()); - IdentityProviderDefinition samlConfig = idp.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition samlConfig = idp.getConfigValue(SamlIdentityProviderDefinition.class); addNew = samlConfig.isAddShadowUserOnLogin(); if (!idp.isActive()) { diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlEntryPoint.java b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlEntryPoint.java index 5d139cac6ba..d4b1a9f93c7 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlEntryPoint.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/LoginSamlEntryPoint.java @@ -21,18 +21,16 @@ import org.springframework.security.saml.metadata.ExtendedMetadata; import org.springframework.security.saml.websso.WebSSOProfileOptions; -import java.util.List; - public class LoginSamlEntryPoint extends SAMLEntryPoint { - private IdentityProviderConfigurator providerDefinitionList; + private SamlIdentityProviderConfigurator providerDefinitionList; - public IdentityProviderConfigurator getProviderDefinitionList() { + public SamlIdentityProviderConfigurator getProviderDefinitionList() { return providerDefinitionList; } - public void setProviderDefinitionList(IdentityProviderConfigurator providerDefinitionList) { + public void setProviderDefinitionList(SamlIdentityProviderConfigurator providerDefinitionList) { this.providerDefinitionList = providerDefinitionList; } @@ -44,7 +42,7 @@ protected WebSSOProfileOptions getProfileOptions(SAMLMessageContext context, Aut ExtendedMetadata extendedMetadata = this.metadata.getExtendedMetadata(idpEntityId); if (extendedMetadata!=null) { String alias = extendedMetadata.getAlias(); - IdentityProviderDefinition def = getIDPDefinition(alias); + SamlIdentityProviderDefinition def = getIDPDefinition(alias); if (def.getNameID()!=null) { options.setNameID(def.getNameID()); } @@ -56,9 +54,9 @@ protected WebSSOProfileOptions getProfileOptions(SAMLMessageContext context, Aut return options; } - private IdentityProviderDefinition getIDPDefinition(String alias) throws MetadataProviderException { + private SamlIdentityProviderDefinition getIDPDefinition(String alias) throws MetadataProviderException { if (alias!=null) { - for (IdentityProviderDefinition def : getProviderDefinitionList().getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : getProviderDefinitionList().getIdentityProviderDefinitions()) { if (alias.equals(def.getIdpEntityAlias()) && IdentityZoneHolder.get().getId().equals(def.getZoneId())) { return def; } diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ProviderChangedListener.java b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ProviderChangedListener.java index 93fa2a5c7a4..bcfcbc588d8 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ProviderChangedListener.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ProviderChangedListener.java @@ -31,10 +31,10 @@ public class ProviderChangedListener implements ApplicationListener identityProviders = new HashMap<>(); - private List toBeFetchedProviders = new LinkedList<>(); + private Map identityProviders = new HashMap<>(); + private List toBeFetchedProviders = new LinkedList<>(); private HttpClientParams clientParams; private BasicParserPool parserPool; @@ -89,17 +89,17 @@ public void scheduleAtFixedRate(TimerTask task, long delay, long period) {} public void scheduleAtFixedRate(TimerTask task, Date firstTime, long period) {} }; - public IdentityProviderConfigurator() { + public SamlIdentityProviderConfigurator() { dummyTimer.cancel(); } - public List getIdentityProviderDefinitions() { + public List getIdentityProviderDefinitions() { return Collections.unmodifiableList(new ArrayList<>(identityProviders.keySet())); } - public List getIdentityProviderDefinitionsForZone(IdentityZone zone) { - List result = new LinkedList<>(); - for (IdentityProviderDefinition def : getIdentityProviderDefinitions()) { + public List getIdentityProviderDefinitionsForZone(IdentityZone zone) { + List result = new LinkedList<>(); + for (SamlIdentityProviderDefinition def : getIdentityProviderDefinitions()) { if (zone.getId().equals(def.getZoneId())) { result.add(def); } @@ -107,11 +107,11 @@ public List getIdentityProviderDefinitionsForZone(Id return result; } - public List getIdentityProviderDefinitions(List allowedIdps, IdentityZone zone) { - List idpsInTheZone = getIdentityProviderDefinitionsForZone(zone); + public List getIdentityProviderDefinitions(List allowedIdps, IdentityZone zone) { + List idpsInTheZone = getIdentityProviderDefinitionsForZone(zone); if (allowedIdps != null) { - List result = new LinkedList<>(); - for (IdentityProviderDefinition def : idpsInTheZone) { + List result = new LinkedList<>(); + for (SamlIdentityProviderDefinition def : idpsInTheZone) { if (allowedIdps.contains(def.getIdpEntityAlias())) { result.add(def); } @@ -123,9 +123,9 @@ public List getIdentityProviderDefinitions(List providerDefinitions = new LinkedList<>(toBeFetchedProviders); + List providerDefinitions = new LinkedList<>(toBeFetchedProviders); if (getLegacyIdpMetaData()!=null) { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setMetaDataLocation(getLegacyIdpMetaData()); def.setMetadataTrustCheck(isLegacyMetadataTrustCheck()); def.setNameID(getLegacyNameId()); @@ -141,23 +141,23 @@ protected void parseIdentityProviderDefinitions() { providerDefinitions.add(def); } Set uniqueAlias = new HashSet<>(); - for (IdentityProviderDefinition def : providerDefinitions) { + for (SamlIdentityProviderDefinition def : providerDefinitions) { String alias = getUniqueAlias(def); if (uniqueAlias.contains(alias)) { throw new IllegalStateException("Duplicate IDP alias found:"+alias); } uniqueAlias.add(alias); } - for (IdentityProviderDefinition def : providerDefinitions) { + for (SamlIdentityProviderDefinition def : providerDefinitions) { try { - addIdentityProviderDefinition(def); + addSamlIdentityProviderDefinition(def); } catch (MetadataProviderException e) { logger.error("Unable to configure SAML provider:"+def, e); } } } - protected String getUniqueAlias(IdentityProviderDefinition def) { + protected String getUniqueAlias(SamlIdentityProviderDefinition def) { return getUniqueAlias(def.getIdpEntityAlias(), def.getZoneId()); } @@ -171,7 +171,7 @@ protected String getUniqueAlias(String idpAlias, String zoneId) { * @return an array consisting of {provider-added, provider-deleted} where provider-deleted may be null * @throws MetadataProviderException if the system fails to fetch meta data for this provider */ - public synchronized ExtendedMetadataDelegate[] addIdentityProviderDefinition(IdentityProviderDefinition providerDefinition) throws MetadataProviderException { + public synchronized ExtendedMetadataDelegate[] addSamlIdentityProviderDefinition(SamlIdentityProviderDefinition providerDefinition) throws MetadataProviderException { ExtendedMetadataDelegate added, deleted=null; if (providerDefinition==null) { throw new NullPointerException(); @@ -182,18 +182,18 @@ public synchronized ExtendedMetadataDelegate[] addIdentityProviderDefinition(Ide if (!StringUtils.hasText(providerDefinition.getZoneId())) { throw new NullPointerException("IDP Zone Id must be set"); } - for (IdentityProviderDefinition def : getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : getIdentityProviderDefinitions()) { if (getUniqueAlias(providerDefinition).equals(getUniqueAlias(def))) { deleted = identityProviders.remove(def); break; } } - IdentityProviderDefinition clone = providerDefinition.clone(); + SamlIdentityProviderDefinition clone = providerDefinition.clone(); added = getExtendedMetadataDelegate(clone); String entityIDToBeAdded = ((ConfigMetadataProvider)added.getDelegate()).getEntityID(); boolean entityIDexists = false; - for (Map.Entry entry : identityProviders.entrySet()) { - IdentityProviderDefinition definition = entry.getKey(); + for (Map.Entry entry : identityProviders.entrySet()) { + SamlIdentityProviderDefinition definition = entry.getKey(); if (clone.getZoneId().equals(definition.getZoneId())) { ConfigMetadataProvider provider = (ConfigMetadataProvider) entry.getValue().getDelegate(); if (entityIDToBeAdded.equals(provider.getEntityID())) { @@ -210,8 +210,8 @@ public synchronized ExtendedMetadataDelegate[] addIdentityProviderDefinition(Ide return new ExtendedMetadataDelegate[] {added, deleted}; } - public synchronized ExtendedMetadataDelegate removeIdentityProviderDefinition(IdentityProviderDefinition providerDefinition) { - for (IdentityProviderDefinition def : getIdentityProviderDefinitions()) { + public synchronized ExtendedMetadataDelegate removeIdentityProviderDefinition(SamlIdentityProviderDefinition providerDefinition) { + for (SamlIdentityProviderDefinition def : getIdentityProviderDefinitions()) { if (getUniqueAlias(providerDefinition).equals(getUniqueAlias(def))) { return identityProviders.remove(def); } @@ -219,13 +219,13 @@ public synchronized ExtendedMetadataDelegate removeIdentityProviderDefinition(Id return null; } - public List getIdentityProviders() { - return getIdentityProviders(null); + public List getSamlIdentityProviders() { + return getSamlIdentityProviders(null); } - public List getIdentityProviders(IdentityZone zone) { + public List getSamlIdentityProviders(IdentityZone zone) { List result = new LinkedList<>(); - for (IdentityProviderDefinition def : getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : getIdentityProviderDefinitions()) { if (zone==null || zone.getId().equals(def.getZoneId())) { ExtendedMetadataDelegate metadata = identityProviders.get(def); if (metadata!=null) { @@ -236,11 +236,11 @@ public List getIdentityProviders(IdentityZone zone) { return result; } - public ExtendedMetadataDelegate getExtendedMetadataDelegateFromCache(IdentityProviderDefinition def) throws MetadataProviderException { + public ExtendedMetadataDelegate getExtendedMetadataDelegateFromCache(SamlIdentityProviderDefinition def) throws MetadataProviderException { return identityProviders.get(def); } - public ExtendedMetadataDelegate getExtendedMetadataDelegate(IdentityProviderDefinition def) throws MetadataProviderException { + public ExtendedMetadataDelegate getExtendedMetadataDelegate(SamlIdentityProviderDefinition def) throws MetadataProviderException { ExtendedMetadataDelegate metadata; switch (def.getType()) { case DATA: { @@ -262,7 +262,7 @@ public ExtendedMetadataDelegate getExtendedMetadataDelegate(IdentityProviderDefi return metadata; } - protected ExtendedMetadataDelegate configureXMLMetadata(IdentityProviderDefinition def) { + protected ExtendedMetadataDelegate configureXMLMetadata(SamlIdentityProviderDefinition def) { ConfigMetadataProvider configMetadataProvider = new ConfigMetadataProvider(def.getZoneId(), def.getIdpEntityAlias(), def.getMetaDataLocation()); configMetadataProvider.setParserPool(getParserPool()); ExtendedMetadata extendedMetadata = new ExtendedMetadata(); @@ -274,7 +274,7 @@ protected ExtendedMetadataDelegate configureXMLMetadata(IdentityProviderDefiniti return delegate; } - protected ExtendedMetadataDelegate configureFileMetadata(IdentityProviderDefinition def) throws MetadataProviderException { + protected ExtendedMetadataDelegate configureFileMetadata(SamlIdentityProviderDefinition def) throws MetadataProviderException { try { def = def.clone(); File metadataFile = FileLocator.locate(def.getMetaDataLocation()); @@ -287,7 +287,7 @@ protected ExtendedMetadataDelegate configureFileMetadata(IdentityProviderDefinit } } - protected ExtendedMetadataDelegate configureURLMetadata(IdentityProviderDefinition def) throws MetadataProviderException { + protected ExtendedMetadataDelegate configureURLMetadata(SamlIdentityProviderDefinition def) throws MetadataProviderException { Class socketFactory = null; try { def = def.clone(); @@ -344,7 +344,7 @@ public void setIdentityProviders(Map> providers) { String iconUrl = (String)((Map)entry.getValue()).get("iconUrl"); String zoneId = (String)((Map)entry.getValue()).get("zoneId"); List emailDomain = (List) saml.get("emailDomain"); - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); if (alias==null) { throw new IllegalArgumentException("Invalid IDP - alias must not be null ["+metaDataLocation+"]"); } diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinition.java b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/SamlIdentityProviderDefinition.java similarity index 87% rename from common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinition.java rename to common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/SamlIdentityProviderDefinition.java index 739a44f7445..f837b8810ef 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinition.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/SamlIdentityProviderDefinition.java @@ -20,12 +20,12 @@ import java.util.ArrayList; import java.util.List; -public class IdentityProviderDefinition { +public class SamlIdentityProviderDefinition { public static final String DEFAULT_HTTP_SOCKET_FACTORY = "org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory"; public static final String DEFAULT_HTTPS_SOCKET_FACTORY = "org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory"; - public static enum MetadataLocation { + public enum MetadataLocation { URL, FILE, DATA, @@ -45,9 +45,9 @@ public static enum MetadataLocation { private List emailDomain; private boolean addShadowUserOnLogin = true; - public IdentityProviderDefinition() {} + public SamlIdentityProviderDefinition() {} - public IdentityProviderDefinition(String metaDataLocation, String idpEntityAlias, String nameID, int assertionConsumerIndex, boolean metadataTrustCheck, boolean showSamlLink, String linkText, String iconUrl, String zoneId) { + public SamlIdentityProviderDefinition(String metaDataLocation, String idpEntityAlias, String nameID, int assertionConsumerIndex, boolean metadataTrustCheck, boolean showSamlLink, String linkText, String iconUrl, String zoneId) { this.metaDataLocation = metaDataLocation; this.idpEntityAlias = idpEntityAlias; this.nameID = nameID; @@ -59,7 +59,7 @@ public IdentityProviderDefinition(String metaDataLocation, String idpEntityAlias this.zoneId = zoneId; } - public IdentityProviderDefinition(String metaDataLocation, String idpEntityAlias, String nameID, int assertionConsumerIndex, boolean metadataTrustCheck, boolean showSamlLink, String linkText, String iconUrl, String zoneId, boolean addShadowUserOnLogin, List emailDomain) { + public SamlIdentityProviderDefinition(String metaDataLocation, String idpEntityAlias, String nameID, int assertionConsumerIndex, boolean metadataTrustCheck, boolean showSamlLink, String linkText, String iconUrl, String zoneId, boolean addShadowUserOnLogin, List emailDomain) { this.metaDataLocation = metaDataLocation; this.idpEntityAlias = idpEntityAlias; this.nameID = nameID; @@ -216,8 +216,8 @@ public void setEmailDomain(List emailDomain) { this.emailDomain = emailDomain; } - public IdentityProviderDefinition clone() { - return new IdentityProviderDefinition(metaDataLocation, idpEntityAlias, nameID, assertionConsumerIndex, metadataTrustCheck, showSamlLink, linkText, iconUrl, zoneId, addShadowUserOnLogin, emailDomain!=null ? new ArrayList<>(emailDomain) : null); + public SamlIdentityProviderDefinition clone() { + return new SamlIdentityProviderDefinition(metaDataLocation, idpEntityAlias, nameID, assertionConsumerIndex, metadataTrustCheck, showSamlLink, linkText, iconUrl, zoneId, addShadowUserOnLogin, emailDomain!=null ? new ArrayList<>(emailDomain) : null); } @Override @@ -225,7 +225,7 @@ public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; - IdentityProviderDefinition that = (IdentityProviderDefinition) o; + SamlIdentityProviderDefinition that = (SamlIdentityProviderDefinition) o; if (!idpEntityAlias.equals(that.idpEntityAlias)) return false; if (!zoneId.equals(that.zoneId)) return false; @@ -242,7 +242,7 @@ public int hashCode() { @Override public String toString() { - return "IdentityProviderDefinition{" + + return "SamlIdentityProviderDefinition{" + "idpEntityAlias='" + idpEntityAlias + '\'' + ", metaDataLocation='" + metaDataLocation + '\'' + ", nameID='" + nameID + '\'' + diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ZoneAwareMetadataManager.java b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ZoneAwareMetadataManager.java index 755734bea52..c0c5734c978 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ZoneAwareMetadataManager.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/login/saml/ZoneAwareMetadataManager.java @@ -60,7 +60,7 @@ public class ZoneAwareMetadataManager extends MetadataManager implements Extende private static final Log logger = LogFactory.getLog(ZoneAwareMetadataManager.class); private IdentityProviderProvisioning providerDao; private IdentityZoneProvisioning zoneDao; - private IdentityProviderConfigurator configurator; + private SamlIdentityProviderConfigurator configurator; private KeyManager keyManager; private Map metadataManagers; private long refreshInterval = 30000l; @@ -71,7 +71,7 @@ public class ZoneAwareMetadataManager extends MetadataManager implements Extende public ZoneAwareMetadataManager(IdentityProviderProvisioning providerDao, IdentityZoneProvisioning zoneDao, - IdentityProviderConfigurator configurator, + SamlIdentityProviderConfigurator configurator, KeyManager keyManager, ProviderChangedListener listener) throws MetadataProviderException { super(Collections.emptyList()); @@ -131,11 +131,11 @@ protected void refreshAllProviders(boolean ignoreTimestamp) throws MetadataProvi for (IdentityProvider provider : providerDao.retrieveAll(false,zone.getId())) { if (Origin.SAML.equals(provider.getType()) && (ignoreTimestamp || lastRefresh < provider.getLastModified().getTime())) { try { - IdentityProviderDefinition definition = JsonUtils.readValue(provider.getConfig(), IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = JsonUtils.readValue(provider.getConfig(), SamlIdentityProviderDefinition.class); try { if (provider.isActive()) { log.info("Adding SAML IDP zone[" + zone.getId() + "] alias[" + definition.getIdpEntityAlias() + "]"); - ExtendedMetadataDelegate[] delegates = configurator.addIdentityProviderDefinition(definition); + ExtendedMetadataDelegate[] delegates = configurator.addSamlIdentityProviderDefinition(definition); if (delegates[1] != null) { manager.removeMetadataProvider(delegates[1]); } diff --git a/common/src/main/java/org/cloudfoundry/identity/uaa/zone/JdbcIdentityProviderProvisioning.java b/common/src/main/java/org/cloudfoundry/identity/uaa/zone/JdbcIdentityProviderProvisioning.java index 812ad6469b6..54b3e73b796 100644 --- a/common/src/main/java/org/cloudfoundry/identity/uaa/zone/JdbcIdentityProviderProvisioning.java +++ b/common/src/main/java/org/cloudfoundry/identity/uaa/zone/JdbcIdentityProviderProvisioning.java @@ -13,7 +13,7 @@ package org.cloudfoundry.identity.uaa.zone; import org.cloudfoundry.identity.uaa.authentication.Origin; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.util.JsonUtils; import org.springframework.dao.DataIntegrityViolationException; import org.springframework.dao.DuplicateKeyException; @@ -22,7 +22,6 @@ import org.springframework.jdbc.core.RowMapper; import org.springframework.util.Assert; import org.springframework.util.StringUtils; -import org.springframework.web.bind.annotation.RequestBody; import java.sql.PreparedStatement; import java.sql.ResultSet; @@ -140,7 +139,7 @@ protected void validate(IdentityProvider provider) { } //ensure that SAML IDPs have reduntant fields synchronized if (Origin.SAML.equals(provider.getType()) && provider.getConfig()!=null) { - IdentityProviderDefinition saml = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition saml = provider.getConfigValue(SamlIdentityProviderDefinition.class); saml.setIdpEntityAlias(provider.getOriginKey()); saml.setZoneId(provider.getIdentityZoneId()); provider.setConfig(JsonUtils.writeValueAsString(saml)); diff --git a/common/src/test/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpointTest.java b/common/src/test/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpointTest.java index b19aec1f3f1..32f16344e11 100644 --- a/common/src/test/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpointTest.java +++ b/common/src/test/java/org/cloudfoundry/identity/uaa/authentication/login/LoginInfoEndpointTest.java @@ -7,8 +7,8 @@ import org.cloudfoundry.identity.uaa.client.ClientConstants; import org.cloudfoundry.identity.uaa.codestore.ExpiringCodeStore; import org.cloudfoundry.identity.uaa.codestore.InMemoryExpiringCodeStore; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.login.saml.LoginSamlAuthenticationToken; import org.cloudfoundry.identity.uaa.zone.IdentityZone; import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder; @@ -161,8 +161,8 @@ public void test_PromptLogic() throws Exception { assertEquals("password", listPrompts.get(1).get("name")); //add a SAML IDP, should make the passcode prompt appear - List idps = getIdps(); - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + List idps = getIdps(); + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); when(mockIDPConfigurator.getIdentityProviderDefinitions((List) isNull(), eq(IdentityZone.getUaa()))).thenReturn(idps); endpoint.setIdpDefinitions(mockIDPConfigurator); endpoint.infoForJson(model, null); @@ -187,9 +187,9 @@ public void testFilterIdpsForDefaultZone() throws Exception { when(savedRequest.getRedirectUrl()).thenReturn("http://localhost:8080/uaa"); session.setAttribute("SPRING_SECURITY_SAVED_REQUEST", savedRequest); request.setSession(session); - // mock IdentityProviderConfigurator - List idps = getIdps(); - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + // mock SamlIdentityProviderConfigurator + List idps = getIdps(); + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); when(mockIDPConfigurator.getIdentityProviderDefinitions((List) isNull(), eq(IdentityZone.getUaa()))).thenReturn(idps); LoginInfoEndpoint endpoint = getEndpoint(); @@ -197,11 +197,11 @@ public void testFilterIdpsForDefaultZone() throws Exception { Model model = new ExtendedModelMap(); endpoint.loginForHtml(model, null, request); - List idpDefinitions = (List) model.asMap().get("idpDefinitions"); + List idpDefinitions = (List) model.asMap().get("idpDefinitions"); assertEquals(2, idpDefinitions.size()); - Iterator iterator = idpDefinitions.iterator(); - IdentityProviderDefinition clientIdp = iterator.next(); + Iterator iterator = idpDefinitions.iterator(); + SamlIdentityProviderDefinition clientIdp = iterator.next(); assertEquals("awesome-idp", clientIdp.getIdpEntityAlias()); assertEquals(true, clientIdp.isShowSamlLink()); @@ -214,9 +214,9 @@ public void testFilterIdpsForDefaultZone() throws Exception { @Test public void testFilterIdpsWithNoSavedRequest() throws Exception { - // mock IdentityProviderConfigurator - List idps = getIdps(); - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + // mock SamlIdentityProviderConfigurator + List idps = getIdps(); + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); when(mockIDPConfigurator.getIdentityProviderDefinitions((List) isNull(), eq(IdentityZone.getUaa()))).thenReturn(idps); LoginInfoEndpoint endpoint = getEndpoint(); @@ -224,11 +224,11 @@ public void testFilterIdpsWithNoSavedRequest() throws Exception { Model model = new ExtendedModelMap(); endpoint.loginForHtml(model, null, new MockHttpServletRequest()); - List idpDefinitions = (List) model.asMap().get("idpDefinitions"); + List idpDefinitions = (List) model.asMap().get("idpDefinitions"); assertEquals(2, idpDefinitions.size()); - Iterator iterator = idpDefinitions.iterator(); - IdentityProviderDefinition clientIdp = iterator.next(); + Iterator iterator = idpDefinitions.iterator(); + SamlIdentityProviderDefinition clientIdp = iterator.next(); assertEquals("awesome-idp", clientIdp.getIdpEntityAlias()); assertEquals(true, clientIdp.isShowSamlLink()); @@ -253,11 +253,11 @@ public void testFilterIDPsForAuthcodeClientInDefaultZone() throws Exception { ClientDetailsService clientDetailsService = mock(ClientDetailsService.class); when(clientDetailsService.loadClientByClientId("client-id")).thenReturn(clientDetails); - // mock IdentityProviderConfigurator - List clientIDPs = new LinkedList<>(); + // mock SamlIdentityProviderConfigurator + List clientIDPs = new LinkedList<>(); clientIDPs.add(createIdentityProviderDefinition("my-client-awesome-idp1", "uaa")); clientIDPs.add(createIdentityProviderDefinition("my-client-awesome-idp2", "uaa")); - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); when(mockIDPConfigurator.getIdentityProviderDefinitions(eq(allowedProviders), eq(IdentityZone.getUaa()))).thenReturn(clientIDPs); LoginInfoEndpoint endpoint = getEndpoint(); @@ -266,10 +266,10 @@ public void testFilterIDPsForAuthcodeClientInDefaultZone() throws Exception { Model model = new ExtendedModelMap(); endpoint.loginForHtml(model, null, request); - List idpDefinitions = (List) model.asMap().get("idpDefinitions"); + List idpDefinitions = (List) model.asMap().get("idpDefinitions"); assertEquals(2, idpDefinitions.size()); - IdentityProviderDefinition clientIdp = idpDefinitions.iterator().next(); + SamlIdentityProviderDefinition clientIdp = idpDefinitions.iterator().next(); assertEquals("my-client-awesome-idp1", clientIdp.getIdpEntityAlias()); assertEquals(true, clientIdp.isShowSamlLink()); assertEquals(true, model.asMap().get("fieldUsernameShow")); @@ -293,11 +293,11 @@ public void testFilterIDPsForAuthcodeClientInOtherZone() throws Exception { ClientDetailsService clientDetailsService = mock(ClientDetailsService.class); when(clientDetailsService.loadClientByClientId("client-id")).thenReturn(clientDetails); - // mock IdentityProviderConfigurator - List clientIDPs = new LinkedList<>(); + // mock SamlIdentityProviderConfigurator + List clientIDPs = new LinkedList<>(); clientIDPs.add(createIdentityProviderDefinition("my-client-awesome-idp1", "uaa")); clientIDPs.add(createIdentityProviderDefinition("my-client-awesome-idp2", "uaa")); - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); when(mockIDPConfigurator.getIdentityProviderDefinitions(eq(allowedProviders), eq(zone))).thenReturn(clientIDPs); @@ -307,10 +307,10 @@ public void testFilterIDPsForAuthcodeClientInOtherZone() throws Exception { Model model = new ExtendedModelMap(); endpoint.loginForHtml(model, null, request); - List idpDefinitions = (List) model.asMap().get("idpDefinitions"); + List idpDefinitions = (List) model.asMap().get("idpDefinitions"); assertEquals(2, idpDefinitions.size()); - IdentityProviderDefinition clientIdp = idpDefinitions.iterator().next(); + SamlIdentityProviderDefinition clientIdp = idpDefinitions.iterator().next(); assertEquals("my-client-awesome-idp1", clientIdp.getIdpEntityAlias()); assertEquals(true, clientIdp.isShowSamlLink()); assertEquals(false, model.asMap().get("fieldUsernameShow")); @@ -330,8 +330,8 @@ public void testFilterIDPsForAuthcodeClientWithNoAllowedIDPsInOtherZone() throws IdentityZone zone = MultitenancyFixture.identityZone("other-zone", "other-zone"); IdentityZoneHolder.set(zone); - // mock IdentityProviderConfigurator - IdentityProviderConfigurator mockIDPConfigurator = mock(IdentityProviderConfigurator.class); + // mock SamlIdentityProviderConfigurator + SamlIdentityProviderConfigurator mockIDPConfigurator = mock(SamlIdentityProviderConfigurator.class); LoginInfoEndpoint endpoint = getEndpoint(); endpoint.setClientDetailsService(clientDetailsService); @@ -357,22 +357,22 @@ private MockHttpServletRequest getMockHttpServletRequest() { private LoginInfoEndpoint getEndpoint() { LoginInfoEndpoint endpoint = new LoginInfoEndpoint(); endpoint.setBaseUrl("http://someurl"); - IdentityProviderConfigurator emptyConfigurator = new IdentityProviderConfigurator(); + SamlIdentityProviderConfigurator emptyConfigurator = new SamlIdentityProviderConfigurator(); endpoint.setIdpDefinitions(emptyConfigurator); endpoint.setEnvironment(new MockEnvironment()); endpoint.setPrompts(prompts); return endpoint; } - private List getIdps() { - List idps = new LinkedList<>(); + private List getIdps() { + List idps = new LinkedList<>(); idps.add(createIdentityProviderDefinition("awesome-idp", "uaa")); idps.add(createIdentityProviderDefinition("my-client-awesome-idp", "uaa")); return idps; } - private IdentityProviderDefinition createIdentityProviderDefinition(String idpEntityAlias, String zoneId) { - IdentityProviderDefinition idp1 = new IdentityProviderDefinition(); + private SamlIdentityProviderDefinition createIdentityProviderDefinition(String idpEntityAlias, String zoneId) { + SamlIdentityProviderDefinition idp1 = new SamlIdentityProviderDefinition(); idp1.setIdpEntityAlias(idpEntityAlias); idp1.setShowSamlLink(true); idp1.setZoneId(zoneId); diff --git a/common/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java b/common/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java index 22ce411353b..aab786f97ee 100644 --- a/common/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java +++ b/common/src/test/java/org/cloudfoundry/identity/uaa/config/IdentityProviderBootstrapTest.java @@ -15,12 +15,10 @@ package org.cloudfoundry.identity.uaa.config; import com.fasterxml.jackson.core.type.TypeReference; -import org.cloudfoundry.identity.uaa.audit.UaaAuditService; import org.cloudfoundry.identity.uaa.authentication.Origin; -import org.cloudfoundry.identity.uaa.authentication.manager.PeriodLockoutPolicy; import org.cloudfoundry.identity.uaa.ldap.LdapIdentityProviderDefinition; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.test.JdbcTestBase; import org.cloudfoundry.identity.uaa.util.JsonUtils; import org.cloudfoundry.identity.uaa.zone.IdentityProvider; @@ -204,7 +202,7 @@ public void testRemovedKeystoneBootstrapIsInactive() throws Exception { @Test public void testSamlBootstrap() throws Exception { - IdentityProviderDefinition definition = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition definition = new SamlIdentityProviderDefinition(); definition.setAssertionConsumerIndex(0); definition.setIconUrl("iconUrl"); definition.setIdpEntityAlias("alias"); @@ -214,7 +212,7 @@ public void testSamlBootstrap() throws Exception { definition.setShowSamlLink(true); definition.setMetadataTrustCheck(true); definition.setEmailDomain(Arrays.asList("test.domain")); - IdentityProviderConfigurator configurator = mock(IdentityProviderConfigurator.class); + SamlIdentityProviderConfigurator configurator = mock(SamlIdentityProviderConfigurator.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(definition)); IdentityProviderProvisioning provisioning = new JdbcIdentityProviderProvisioning(jdbcTemplate); @@ -233,7 +231,7 @@ public void testSamlBootstrap() throws Exception { @Test public void testRemovedSamlBootstrapIsInactive() throws Exception { - IdentityProviderDefinition definition = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition definition = new SamlIdentityProviderDefinition(); definition.setAssertionConsumerIndex(0); definition.setIconUrl("iconUrl"); definition.setIdpEntityAlias("alias"); @@ -243,11 +241,11 @@ public void testRemovedSamlBootstrapIsInactive() throws Exception { definition.setShowSamlLink(true); definition.setMetadataTrustCheck(true); - IdentityProviderDefinition definition2 = definition.clone(); + SamlIdentityProviderDefinition definition2 = definition.clone(); definition.setIdpEntityAlias("alias2"); definition.setMetaDataLocation("http://location2"); - IdentityProviderConfigurator configurator = mock(IdentityProviderConfigurator.class); + SamlIdentityProviderConfigurator configurator = mock(SamlIdentityProviderConfigurator.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(definition, definition2)); IdentityProviderProvisioning provisioning = new JdbcIdentityProviderProvisioning(jdbcTemplate); @@ -273,7 +271,7 @@ public void testRemovedSamlBootstrapIsInactive() throws Exception { assertEquals(Origin.SAML, samlProvider2.getType()); assertTrue(samlProvider2.isActive()); - configurator = mock(IdentityProviderConfigurator.class); + configurator = mock(SamlIdentityProviderConfigurator.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(definition)); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); @@ -294,7 +292,7 @@ public void testRemovedSamlBootstrapIsInactive() throws Exception { assertEquals(Origin.SAML, samlProvider2.getType()); assertFalse(samlProvider2.isActive()); - configurator = mock(IdentityProviderConfigurator.class); + configurator = mock(SamlIdentityProviderConfigurator.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(definition2)); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); @@ -315,8 +313,8 @@ public void testRemovedSamlBootstrapIsInactive() throws Exception { assertEquals(Origin.SAML, samlProvider2.getType()); assertTrue(samlProvider2.isActive()); - configurator = mock(IdentityProviderConfigurator.class); - when(configurator.getIdentityProviderDefinitions()).thenReturn(new LinkedList()); + configurator = mock(SamlIdentityProviderConfigurator.class); + when(configurator.getIdentityProviderDefinitions()).thenReturn(new LinkedList()); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); @@ -336,7 +334,7 @@ public void testRemovedSamlBootstrapIsInactive() throws Exception { assertEquals(Origin.SAML, samlProvider2.getType()); assertFalse(samlProvider2.isActive()); - configurator = mock(IdentityProviderConfigurator.class); + configurator = mock(SamlIdentityProviderConfigurator.class); when(configurator.getIdentityProviderDefinitions()).thenReturn(Arrays.asList(definition2,definition)); bootstrap.setSamlProviders(configurator); bootstrap.afterPropertiesSet(); diff --git a/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderConfiguratorTests.java b/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderConfiguratorTests.java index 5232fa5bc46..618e3fc9359 100644 --- a/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderConfiguratorTests.java +++ b/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderConfiguratorTests.java @@ -76,10 +76,10 @@ public static void initializeOpenSAML() throws Exception { public static final String xmlWithoutHeader = xmlWithoutID.replace("", ""); - IdentityProviderConfigurator conf = null; + SamlIdentityProviderConfigurator conf = null; private static Map> data = null; - IdentityProviderDefinition singleAdd = null; - IdentityProviderDefinition singleAddWithoutHeader = null; + SamlIdentityProviderDefinition singleAdd = null; + SamlIdentityProviderDefinition singleAddWithoutHeader = null; private static final String singleAddAlias = "sample-alias"; private static String sampleYaml = " providers:\n" + @@ -133,9 +133,9 @@ public static void initializeOpenSAML() throws Exception { @Before public void setUp() throws Exception { - conf = new IdentityProviderConfigurator(); + conf = new SamlIdentityProviderConfigurator(); conf.setParserPool(new BasicParserPool()); - singleAdd = new IdentityProviderDefinition( + singleAdd = new SamlIdentityProviderDefinition( String.format(xmlWithoutID, new RandomValueStringGenerator().generate()), singleAddAlias, "sample-nameID", @@ -146,7 +146,7 @@ public void setUp() throws Exception { "sample-icon-url" ,"uaa" ); - singleAddWithoutHeader = new IdentityProviderDefinition( + singleAddWithoutHeader = new SamlIdentityProviderDefinition( String.format(xmlWithoutHeader, new RandomValueStringGenerator().generate()), singleAddAlias, "sample-nameID", @@ -176,7 +176,7 @@ private static void parseYaml(String sampleYaml) { @Test public void testCloneIdentityProviderDefinition() throws Exception { - IdentityProviderDefinition clone = singleAdd.clone(); + SamlIdentityProviderDefinition clone = singleAdd.clone(); assertEquals(singleAdd, clone); assertNotSame(singleAdd, clone); } @@ -185,7 +185,7 @@ public void testCloneIdentityProviderDefinition() throws Exception { public void testSingleAddProviderDefinition() throws Exception { conf.setIdentityProviders(data); conf.afterPropertiesSet(); - conf.addIdentityProviderDefinition(singleAdd); + conf.addSamlIdentityProviderDefinition(singleAdd); testGetIdentityProviderDefinitions(4, false); } @@ -193,19 +193,19 @@ public void testSingleAddProviderDefinition() throws Exception { public void testSingleAddProviderWithoutXMLHeader() throws Exception { conf.setIdentityProviders(data); conf.afterPropertiesSet(); - conf.addIdentityProviderDefinition(singleAddWithoutHeader); + conf.addSamlIdentityProviderDefinition(singleAddWithoutHeader); testGetIdentityProviderDefinitions(4, false); } @Test(expected = NullPointerException.class) public void testAddNullProvider() throws Exception { - conf.addIdentityProviderDefinition(null); + conf.addSamlIdentityProviderDefinition(null); } @Test(expected = NullPointerException.class) public void testAddNullProviderAlias() throws Exception { singleAdd.setIdpEntityAlias(null); - conf.addIdentityProviderDefinition(singleAdd); + conf.addSamlIdentityProviderDefinition(singleAdd); } @Test @@ -213,7 +213,7 @@ public void testGetEntityID() throws Exception { Timer t = new Timer(); conf.setIdentityProviders(data); conf.afterPropertiesSet(); - for (IdentityProviderDefinition def : conf.getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : conf.getIdentityProviderDefinitions()) { switch (def.getIdpEntityAlias()) { case "okta-local" : { ComparableProvider provider = (ComparableProvider)conf.getExtendedMetadataDelegateFromCache(def).getDelegate(); @@ -245,9 +245,9 @@ public void testGetEntityID() throws Exception { @Test public void testIdentityProviderDefinitionSocketFactoryTest() { singleAdd.setMetaDataLocation("http://www.test.org/saml/metadata"); - assertEquals(IdentityProviderDefinition.DEFAULT_HTTP_SOCKET_FACTORY, singleAdd.getSocketFactoryClassName()); + assertEquals(SamlIdentityProviderDefinition.DEFAULT_HTTP_SOCKET_FACTORY, singleAdd.getSocketFactoryClassName()); singleAdd.setMetaDataLocation("https://www.test.org/saml/metadata"); - assertEquals(IdentityProviderDefinition.DEFAULT_HTTPS_SOCKET_FACTORY, singleAdd.getSocketFactoryClassName()); + assertEquals(SamlIdentityProviderDefinition.DEFAULT_HTTPS_SOCKET_FACTORY, singleAdd.getSocketFactoryClassName()); singleAdd.setSocketFactoryClassName(TLSProtocolSocketFactory.class.getName()); assertEquals(TLSProtocolSocketFactory.class.getName(), singleAdd.getSocketFactoryClassName()); } @@ -257,10 +257,10 @@ public void testGetIdentityProviderDefinitionsForZone() throws Exception { String zoneId = UUID.randomUUID().toString(); IdentityZone zone = MultitenancyFixture.identityZone(zoneId, "test-zone"); - IdentityProviderDefinition identityProviderDefinition = new IdentityProviderDefinition(xml, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", zoneId); - conf.addIdentityProviderDefinition(identityProviderDefinition); + SamlIdentityProviderDefinition samlIdentityProviderDefinition = new SamlIdentityProviderDefinition(xml, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", zoneId); + conf.addSamlIdentityProviderDefinition(samlIdentityProviderDefinition); - List idps = conf.getIdentityProviderDefinitionsForZone(zone); + List idps = conf.getIdentityProviderDefinitionsForZone(zone); assertEquals(1, idps.size()); assertEquals("zoneIdpAlias", idps.get(0).getIdpEntityAlias()); } @@ -273,7 +273,7 @@ public void testGetIdentityProviderDefinititonsForAllowedProviders() throws Exce conf.setIdentityProviders(data); conf.afterPropertiesSet(); - List clientIdps = conf.getIdentityProviderDefinitions(clientIdpAliases, IdentityZoneHolder.get()); + List clientIdps = conf.getIdentityProviderDefinitions(clientIdpAliases, IdentityZoneHolder.get()); assertEquals(2, clientIdps.size()); assertTrue(clientIdpAliases.contains(clientIdps.get(0).getIdpEntityAlias())); assertTrue(clientIdpAliases.contains(clientIdps.get(1).getIdpEntityAlias())); @@ -283,13 +283,13 @@ public void testGetIdentityProviderDefinititonsForAllowedProviders() throws Exce public void testReturnAllIdpsInZoneForClientWithNoAllowedProviders() throws Exception { conf.setIdentityProviders(data); conf.afterPropertiesSet(); - IdentityProviderDefinition identityProviderDefinitionInOtherZone = new IdentityProviderDefinition(xml, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", "other-zone-id"); + SamlIdentityProviderDefinition samlIdentityProviderDefinitionInOtherZone = new SamlIdentityProviderDefinition(xml, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", "other-zone-id"); try { - conf.addIdentityProviderDefinition(identityProviderDefinitionInOtherZone); + conf.addSamlIdentityProviderDefinition(samlIdentityProviderDefinitionInOtherZone); } catch (MetadataProviderException e) { } - List clientIdps = conf.getIdentityProviderDefinitions(null, IdentityZoneHolder.get()); + List clientIdps = conf.getIdentityProviderDefinitions(null, IdentityZoneHolder.get()); assertEquals(3, clientIdps.size()); } @@ -298,10 +298,10 @@ public void testReturnNoIdpsInZoneForClientWithNoAllowedProviders() throws Excep conf.setIdentityProviders(data); conf.afterPropertiesSet(); String xmlMetadata = String.format(xmlWithoutID, new RandomValueStringGenerator().generate()); - IdentityProviderDefinition identityProviderDefinitionInOtherZone = new IdentityProviderDefinition(xmlMetadata, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", "other-zone-id"); - conf.addIdentityProviderDefinition(identityProviderDefinitionInOtherZone); + SamlIdentityProviderDefinition samlIdentityProviderDefinitionInOtherZone = new SamlIdentityProviderDefinition(xmlMetadata, "zoneIdpAlias","sample-nameID",1,true,true,"sample-link-test","sample-icon-url", "other-zone-id"); + conf.addSamlIdentityProviderDefinition(samlIdentityProviderDefinitionInOtherZone); - List clientIdps = conf.getIdentityProviderDefinitions(null, IdentityZoneHolder.get()); + List clientIdps = conf.getIdentityProviderDefinitions(null, IdentityZoneHolder.get()); assertFalse(clientIdps.isEmpty()); } @@ -318,12 +318,12 @@ protected void testGetIdentityProviderDefinitions(int count, boolean addData) th conf.setIdentityProviders(data); conf.afterPropertiesSet(); } - List idps = conf.getIdentityProviderDefinitions(); + List idps = conf.getIdentityProviderDefinitions(); assertEquals(count, idps.size()); - for (IdentityProviderDefinition idp : idps) { + for (SamlIdentityProviderDefinition idp : idps) { switch (idp.getIdpEntityAlias()) { case "okta-local" : { - assertEquals(IdentityProviderDefinition.MetadataLocation.FILE, idp.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.FILE, idp.getType()); assertEquals("test-file-metadata.xml", idp.getMetaDataLocation()); assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", idp.getNameID()); assertEquals(0, idp.getAssertionConsumerIndex()); @@ -335,7 +335,7 @@ protected void testGetIdentityProviderDefinitions(int count, boolean addData) th break; } case "okta-local-2" : { - assertEquals(IdentityProviderDefinition.MetadataLocation.DATA, idp.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.DATA, idp.getType()); assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", idp.getNameID()); assertEquals(0, idp.getAssertionConsumerIndex()); assertEquals("Okta Preview 2", idp.getLinkText()); @@ -345,7 +345,7 @@ protected void testGetIdentityProviderDefinitions(int count, boolean addData) th break; } case "okta-local-3" : { - assertEquals(IdentityProviderDefinition.MetadataLocation.FILE, idp.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.FILE, idp.getType()); assertEquals("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", idp.getNameID()); assertEquals(0, idp.getAssertionConsumerIndex()); assertEquals("Use your corporate credentials", idp.getLinkText()); @@ -390,7 +390,7 @@ public void testGetIdentityProvidersWithLegacy_Valid_Provider() throws Exception public void testGetIdentityProviders() throws Exception { conf.setClientParams(new HttpClientParams()); testGetIdentityProviderDefinitions(3); - conf.getIdentityProviders(); + conf.getSamlIdentityProviders(); } @@ -409,7 +409,7 @@ public void testDuplicate_EntityID_IsRejected() throws Exception { conf.afterPropertiesSet(); testGetIdentityProviderDefinitions(3, false); - IdentityProviderDefinition def = new IdentityProviderDefinition( + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition( "http://simplesamlphp.identity.cf-app.com/saml2/idp/metadata.php", "simplesamlphp-url-2", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", @@ -424,7 +424,7 @@ public void testDuplicate_EntityID_IsRejected() throws Exception { //duplicate entityID - different alias ExtendedMetadataDelegate[] delegate = null; try { - delegate = conf.addIdentityProviderDefinition(def); + delegate = conf.addSamlIdentityProviderDefinition(def); fail("Duplicate entity ID should not succeed"); }catch (MetadataProviderException x) {} testGetIdentityProviderDefinitions(3, false); @@ -432,7 +432,7 @@ public void testDuplicate_EntityID_IsRejected() throws Exception { //duplicate entityID - same alias def.setIdpEntityAlias("simplesamlphp-url"); - delegate = conf.addIdentityProviderDefinition(def); + delegate = conf.addSamlIdentityProviderDefinition(def); testGetIdentityProviderDefinitions(3, false); assertNotNull(delegate); assertNotNull(delegate[0]); diff --git a/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinitionTests.java b/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinitionTests.java index 738e012c6f6..e5732a28afb 100644 --- a/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinitionTests.java +++ b/common/src/test/java/org/cloudfoundry/identity/uaa/login/saml/IdentityProviderDefinitionTests.java @@ -13,36 +13,36 @@ public class IdentityProviderDefinitionTests { @Test public void testGetType() throws Exception { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setMetaDataLocation(""); - assertEquals(IdentityProviderDefinition.MetadataLocation.DATA, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.DATA, def.getType()); def.setMetaDataLocation("https://dadas.dadas.dadas/sdada"); - assertEquals(IdentityProviderDefinition.MetadataLocation.URL, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.URL, def.getType()); def.setMetaDataLocation("http://dadas.dadas.dadas/sdada"); - assertEquals(IdentityProviderDefinition.MetadataLocation.URL, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.URL, def.getType()); def.setMetaDataLocation("test-file-metadata.xml"); - assertEquals(IdentityProviderDefinition.MetadataLocation.FILE, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.FILE, def.getType()); File f = new File(System.getProperty("java.io.tmpdir"),IdentityProviderDefinitionTests.class.getName()+".testcase"); f.createNewFile(); f.deleteOnExit(); def.setMetaDataLocation(f.getAbsolutePath()); - assertEquals(IdentityProviderDefinition.MetadataLocation.FILE, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.FILE, def.getType()); f.delete(); def.setMetaDataLocation(f.getAbsolutePath()); - assertEquals(IdentityProviderDefinition.MetadataLocation.UNKNOWN, def.getType()); + assertEquals(SamlIdentityProviderDefinition.MetadataLocation.UNKNOWN, def.getType()); } @Test public void testSetIdpEntityAlias() throws Exception { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setIdpEntityAlias("testalias"); } @Test public void testSetEmailDomain() { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setEmailDomain(Arrays.asList("test.com")); assertEquals("test.com", def.getEmailDomain().get(0)); } @@ -50,7 +50,7 @@ public void testSetEmailDomain() { @Test public void testGetSocketFactoryClassName() throws Exception { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setMetaDataLocation("https://dadas.dadas.dadas/sdada"); assertEquals("org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory", def.getSocketFactoryClassName()); def.setMetaDataLocation("http://dadas.dadas.dadas/sdada"); diff --git a/docs/UAA-APIs.rst b/docs/UAA-APIs.rst index 2c9668f8db8..8516ae39ecf 100644 --- a/docs/UAA-APIs.rst +++ b/docs/UAA-APIs.rst @@ -1053,7 +1053,7 @@ Fields *Available Fields* :: requireSpecialCharacter int Required Minimum number of special characters for a user provided password, 0+ Valid-List: !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ expirePasswordInMonths int Required Password expiration in months 0+ (0 means expiration is disabled) - SAML Provider Configuration (provided in JSON format as part of the ``config`` field on the Identity Provider - See class org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition + SAML Provider Configuration (provided in JSON format as part of the ``config`` field on the Identity Provider - See class org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition ====================== =============== ======== ================================================================================================================================================================================================= idpEntityAlias String Required Must match ``originKey`` in the provider definition zoneId String Required Must match ``identityZoneId`` in the provider definition diff --git a/login/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderEndpoints.java b/login/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderEndpoints.java index 9b66ea29a70..f1950a4432b 100644 --- a/login/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderEndpoints.java +++ b/login/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderEndpoints.java @@ -18,8 +18,8 @@ import org.cloudfoundry.identity.uaa.authentication.manager.DynamicLdapAuthenticationManager; import org.cloudfoundry.identity.uaa.authentication.manager.LdapLoginAuthenticationManager; import org.cloudfoundry.identity.uaa.ldap.LdapIdentityProviderDefinition; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.scim.ScimGroupExternalMembershipManager; import org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning; import org.cloudfoundry.identity.uaa.util.JsonUtils; @@ -27,14 +27,10 @@ import org.springframework.dao.EmptyResultDataAccessException; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; -import org.springframework.security.access.AccessDeniedException; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.InternalAuthenticationServiceException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; -import org.springframework.util.LinkedMultiValueMap; -import org.springframework.util.MultiValueMap; -import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; @@ -47,7 +43,6 @@ import java.util.List; import static org.springframework.http.HttpStatus.BAD_REQUEST; -import static org.springframework.http.HttpStatus.CONFLICT; import static org.springframework.http.HttpStatus.EXPECTATION_FAILED; import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; import static org.springframework.http.HttpStatus.OK; @@ -66,13 +61,13 @@ public class IdentityProviderEndpoints { private final ScimGroupExternalMembershipManager scimGroupExternalMembershipManager; private final ScimGroupProvisioning scimGroupProvisioning; private final NoOpLdapLoginAuthenticationManager noOpManager = new NoOpLdapLoginAuthenticationManager(); - private final IdentityProviderConfigurator samlConfigurator; + private final SamlIdentityProviderConfigurator samlConfigurator; public IdentityProviderEndpoints( IdentityProviderProvisioning identityProviderProvisioning, ScimGroupExternalMembershipManager scimGroupExternalMembershipManager, ScimGroupProvisioning scimGroupProvisioning, - IdentityProviderConfigurator samlConfigurator + SamlIdentityProviderConfigurator samlConfigurator ) { this.identityProviderProvisioning = identityProviderProvisioning; this.scimGroupExternalMembershipManager = scimGroupExternalMembershipManager; @@ -85,10 +80,10 @@ public ResponseEntity createIdentityProvider(@RequestBody Iden String zoneId = IdentityZoneHolder.get().getId(); body.setIdentityZoneId(zoneId); if (Origin.SAML.equals(body.getType())) { - IdentityProviderDefinition definition = JsonUtils.readValue(body.getConfig(), IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = JsonUtils.readValue(body.getConfig(), SamlIdentityProviderDefinition.class); definition.setZoneId(zoneId); definition.setIdpEntityAlias(body.getOriginKey()); - samlConfigurator.addIdentityProviderDefinition(definition); + samlConfigurator.addSamlIdentityProviderDefinition(definition); body.setConfig(JsonUtils.writeValueAsString(definition)); } IdentityProvider createdIdp = identityProviderProvisioning.create(body); @@ -106,10 +101,10 @@ public ResponseEntity updateIdentityProvider(@PathVariable Str } if (Origin.SAML.equals(body.getType())) { body.setOriginKey(existing.getOriginKey()); //we do not allow origin to change for a SAML provider, since that can cause clashes - IdentityProviderDefinition definition = JsonUtils.readValue(body.getConfig(), IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = JsonUtils.readValue(body.getConfig(), SamlIdentityProviderDefinition.class); definition.setZoneId(zoneId); definition.setIdpEntityAlias(body.getOriginKey()); - samlConfigurator.addIdentityProviderDefinition(definition); + samlConfigurator.addSamlIdentityProviderDefinition(definition); body.setConfig(JsonUtils.writeValueAsString(definition)); } IdentityProvider updatedIdp = identityProviderProvisioning.update(body); diff --git a/uaa/src/main/webapp/WEB-INF/spring/saml-providers.xml b/uaa/src/main/webapp/WEB-INF/spring/saml-providers.xml index 442bb5bf7fb..4428c4ff099 100644 --- a/uaa/src/main/webapp/WEB-INF/spring/saml-providers.xml +++ b/uaa/src/main/webapp/WEB-INF/spring/saml-providers.xml @@ -102,7 +102,7 @@ - + - + diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java index f8012809ff2..ae98b99cb32 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/SamlLoginIT.java @@ -17,7 +17,7 @@ import org.cloudfoundry.identity.uaa.authentication.Origin; import org.cloudfoundry.identity.uaa.client.ClientConstants; import org.cloudfoundry.identity.uaa.integration.util.IntegrationTestUtils; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.login.test.LoginServerClassRunner; import org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils; import org.cloudfoundry.identity.uaa.scim.ScimUser; @@ -26,10 +26,8 @@ import org.cloudfoundry.identity.uaa.zone.IdentityProvider; import org.cloudfoundry.identity.uaa.zone.IdentityZone; import org.hamcrest.Matchers; -import org.junit.After; import org.junit.Assert; import org.junit.Before; -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; @@ -215,7 +213,7 @@ private void testSimpleSamlLogin(String firstUrl, String lookfor) throws Excepti webDriver.get(baseUrl + firstUrl); Assert.assertEquals("Cloud Foundry", webDriver.getTitle()); - webDriver.findElement(By.xpath("//a[text()='"+provider.getConfigValue(IdentityProviderDefinition.class).getLinkText()+"']")).click(); + webDriver.findElement(By.xpath("//a[text()='"+provider.getConfigValue(SamlIdentityProviderDefinition.class).getLinkText()+"']")).click(); //takeScreenShot(); webDriver.findElement(By.xpath("//h2[contains(text(), 'Enter your username and password')]")); webDriver.findElement(By.name("username")).clear(); @@ -254,14 +252,14 @@ protected IdentityProvider createIdentityProvider(String originKey, boolean addS email, "secr3T"); - IdentityProviderDefinition identityProviderDefinition = createSimplePHPSamlIDP(originKey, Origin.UAA); - identityProviderDefinition.setAddShadowUserOnLogin(addShadowUserOnLogin); + SamlIdentityProviderDefinition samlIdentityProviderDefinition = createSimplePHPSamlIDP(originKey, Origin.UAA); + samlIdentityProviderDefinition.setAddShadowUserOnLogin(addShadowUserOnLogin); IdentityProvider provider = new IdentityProvider(); provider.setIdentityZoneId(Origin.UAA); provider.setType(Origin.SAML); provider.setActive(true); - provider.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition)); - provider.setOriginKey(identityProviderDefinition.getIdpEntityAlias()); + provider.setConfig(JsonUtils.writeValueAsString(samlIdentityProviderDefinition)); + provider.setOriginKey(samlIdentityProviderDefinition.getIdpEntityAlias()); provider.setName("simplesamlphp for uaa"); provider = IntegrationTestUtils.createOrUpdateProvider(zoneAdminToken,baseUrl,provider); assertNotNull(provider.getId()); @@ -346,17 +344,17 @@ public void testSamlLoginClientIDPAuthorizationAutomaticRedirectInZone1() throws email, "secr3T"); - IdentityProviderDefinition identityProviderDefinition = createTestZone1IDP("simplesamlphp"); + SamlIdentityProviderDefinition samlIdentityProviderDefinition = createTestZone1IDP("simplesamlphp"); IdentityProvider provider = new IdentityProvider(); provider.setIdentityZoneId(zoneId); provider.setType(Origin.SAML); provider.setActive(true); - provider.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition)); - provider.setOriginKey(identityProviderDefinition.getIdpEntityAlias()); + provider.setConfig(JsonUtils.writeValueAsString(samlIdentityProviderDefinition)); + provider.setOriginKey(samlIdentityProviderDefinition.getIdpEntityAlias()); provider.setName("simplesamlphp for testzone1"); provider = IntegrationTestUtils.createOrUpdateProvider(zoneAdminToken,baseUrl,provider); - assertEquals(provider.getOriginKey(), provider.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias()); + assertEquals(provider.getOriginKey(), provider.getConfigValue(SamlIdentityProviderDefinition.class).getIdpEntityAlias()); List idps = Arrays.asList(provider.getOriginKey()); String clientId = UUID.randomUUID().toString(); @@ -410,28 +408,28 @@ public void testSimpleSamlPhpLoginInTestZone1Works() throws Exception { email, "secr3T"); - IdentityProviderDefinition identityProviderDefinition = createTestZone1IDP("simplesamlphp"); + SamlIdentityProviderDefinition samlIdentityProviderDefinition = createTestZone1IDP("simplesamlphp"); IdentityProvider provider = new IdentityProvider(); provider.setIdentityZoneId(zoneId); provider.setType(Origin.SAML); provider.setActive(true); - provider.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition)); - provider.setOriginKey(identityProviderDefinition.getIdpEntityAlias()); + provider.setConfig(JsonUtils.writeValueAsString(samlIdentityProviderDefinition)); + provider.setOriginKey(samlIdentityProviderDefinition.getIdpEntityAlias()); provider.setName("simplesamlphp for testzone1"); provider = IntegrationTestUtils.createOrUpdateProvider(zoneAdminToken,baseUrl,provider); //we have to create two providers to avoid automatic redirect - IdentityProviderDefinition identityProviderDefinition1 = identityProviderDefinition.clone(); - identityProviderDefinition1.setIdpEntityAlias(identityProviderDefinition.getIdpEntityAlias()+"-1"); - identityProviderDefinition1.setMetaDataLocation(getValidRandomIDPMetaData()); + SamlIdentityProviderDefinition samlIdentityProviderDefinition1 = samlIdentityProviderDefinition.clone(); + samlIdentityProviderDefinition1.setIdpEntityAlias(samlIdentityProviderDefinition.getIdpEntityAlias()+"-1"); + samlIdentityProviderDefinition1.setMetaDataLocation(getValidRandomIDPMetaData()); IdentityProvider provider1 = new IdentityProvider(); provider1.setIdentityZoneId(zoneId); provider1.setType(Origin.SAML); provider1.setActive(true); - provider1.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition1)); - provider1.setOriginKey(identityProviderDefinition1.getIdpEntityAlias()); + provider1.setConfig(JsonUtils.writeValueAsString(samlIdentityProviderDefinition1)); + provider1.setOriginKey(samlIdentityProviderDefinition1.getIdpEntityAlias()); provider1.setName("simplesamlphp 1 for testzone1"); provider1 = IntegrationTestUtils.createOrUpdateProvider(zoneAdminToken,baseUrl,provider1); @@ -443,13 +441,13 @@ public void testSimpleSamlPhpLoginInTestZone1Works() throws Exception { webDriver.get(testZone1Url + "/login"); Assert.assertEquals(zone.getName(), webDriver.getTitle()); - List elements = webDriver.findElements(By.xpath("//a[text()='"+identityProviderDefinition.getLinkText()+"']")); + List elements = webDriver.findElements(By.xpath("//a[text()='"+ samlIdentityProviderDefinition.getLinkText()+"']")); assertNotNull(elements); assertEquals(2, elements.size()); - WebElement element = webDriver.findElement(By.xpath("//a[text()='" + identityProviderDefinition1.getLinkText() + "']")); + WebElement element = webDriver.findElement(By.xpath("//a[text()='" + samlIdentityProviderDefinition1.getLinkText() + "']")); assertNotNull(element); - element = webDriver.findElement(By.xpath("//a[text()='" + identityProviderDefinition.getLinkText() + "']")); + element = webDriver.findElement(By.xpath("//a[text()='" + samlIdentityProviderDefinition.getLinkText() + "']")); element.click(); webDriver.findElement(By.xpath("//h2[contains(text(), 'Enter your username and password')]")); webDriver.findElement(By.name("username")).clear(); @@ -468,7 +466,7 @@ public void testSimpleSamlPhpLoginInTestZone1Works() throws Exception { assertNotNull(provider.getId()); webDriver.get(testZone1Url + "/login"); Assert.assertEquals(zone.getName(), webDriver.getTitle()); - elements = webDriver.findElements(By.xpath("//a[text()='"+identityProviderDefinition.getLinkText()+"']")); + elements = webDriver.findElements(By.xpath("//a[text()='"+ samlIdentityProviderDefinition.getLinkText()+"']")); assertNotNull(elements); assertEquals(1, elements.size()); @@ -478,7 +476,7 @@ public void testSimpleSamlPhpLoginInTestZone1Works() throws Exception { assertNotNull(provider.getId()); webDriver.get(testZone1Url + "/login"); Assert.assertEquals(zone.getName(), webDriver.getTitle()); - elements = webDriver.findElements(By.xpath("//a[text()='"+identityProviderDefinition.getLinkText()+"']")); + elements = webDriver.findElements(By.xpath("//a[text()='"+ samlIdentityProviderDefinition.getLinkText()+"']")); assertNotNull(elements); assertEquals(2, elements.size()); @@ -489,8 +487,8 @@ public void testLoginPageShowsIDPsForAuthcodeClient() throws Exception { IdentityProvider provider = createIdentityProvider("simplesamlphp"); IdentityProvider provider2 = createIdentityProvider("simplesamlphp2"); List idps = Arrays.asList( - provider.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias(), - provider2.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias() + provider.getConfigValue(SamlIdentityProviderDefinition.class).getIdpEntityAlias(), + provider2.getConfigValue(SamlIdentityProviderDefinition.class).getIdpEntityAlias() ); String adminAccessToken = testClient.getOAuthAccessToken("admin", "adminsecret", "client_credentials", "clients.read clients.write clients.secret"); @@ -503,8 +501,8 @@ public void testLoginPageShowsIDPsForAuthcodeClient() throws Exception { testClient.createClient(adminAccessToken, clientDetails); webDriver.get(baseUrl + "/oauth/authorize?client_id=" + clientId + "&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Flogin&response_type=code&state=8tp0tR"); - webDriver.findElement(By.xpath("//a[text()='" + provider.getConfigValue(IdentityProviderDefinition.class).getLinkText() + "']")); - webDriver.findElement(By.xpath("//a[text()='" + provider2.getConfigValue(IdentityProviderDefinition.class).getLinkText()+"']")); + webDriver.findElement(By.xpath("//a[text()='" + provider.getConfigValue(SamlIdentityProviderDefinition.class).getLinkText() + "']")); + webDriver.findElement(By.xpath("//a[text()='" + provider2.getConfigValue(SamlIdentityProviderDefinition.class).getLinkText()+"']")); } @Test @@ -535,7 +533,7 @@ public void testLoginSamlOnlyProviderNoUsernamePassword() throws Exception { @Test public void testSamlLoginClientIDPAuthorizationAutomaticRedirect() throws Exception { IdentityProvider provider = createIdentityProvider("simplesamlphp"); - assertEquals(provider.getOriginKey(), provider.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias()); + assertEquals(provider.getOriginKey(), provider.getConfigValue(SamlIdentityProviderDefinition.class).getIdpEntityAlias()); List idps = Arrays.asList(provider.getOriginKey()); webDriver.get(baseUrl + "/logout.do"); String adminAccessToken = testClient.getOAuthAccessToken("admin", "adminsecret", "client_credentials", "clients.read clients.write clients.secret"); @@ -594,10 +592,10 @@ protected boolean doesSupportZoneDNS() { } } - public IdentityProviderDefinition createTestZone1IDP(String alias) { + public SamlIdentityProviderDefinition createTestZone1IDP(String alias) { return createSimplePHPSamlIDP(alias, "testzone1"); } - public IdentityProviderDefinition createSimplePHPSamlIDP(String alias, String zoneId) { + public SamlIdentityProviderDefinition createSimplePHPSamlIDP(String alias, String zoneId) { if (!("simplesamlphp".equals(alias) || "simplesamlphp2".equals(alias))) { throw new IllegalArgumentException("Only valid origins are: simplesamlphp,simplesamlphp2"); } @@ -632,7 +630,7 @@ public IdentityProviderDefinition createSimplePHPSamlIDP(String alias, String zo " fhanik@pivotal.io\n" + " \n" + ""; - IdentityProviderDefinition def = new IdentityProviderDefinition(); + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setZoneId(zoneId); def.setMetaDataLocation(idpMetaData); def.setNameID("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/BootstrapTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/BootstrapTests.java index 1690f4af793..eae4a35b0b2 100755 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/BootstrapTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/BootstrapTests.java @@ -16,14 +16,13 @@ import org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory; import org.apache.tomcat.jdbc.pool.DataSource; import org.cloudfoundry.identity.uaa.authentication.Origin; -import org.cloudfoundry.identity.uaa.authentication.login.LoginInfoEndpoint; import org.cloudfoundry.identity.uaa.authentication.login.Prompt; import org.cloudfoundry.identity.uaa.authentication.manager.PeriodLockoutPolicy; import org.cloudfoundry.identity.uaa.config.LockoutPolicy; import org.cloudfoundry.identity.uaa.config.PasswordPolicy; import org.cloudfoundry.identity.uaa.config.YamlServletProfileInitializer; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfigurator; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderConfigurator; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.login.util.FakeJavaMailSender; import org.cloudfoundry.identity.uaa.oauth.token.UaaTokenStore; import org.cloudfoundry.identity.uaa.rest.jdbc.SimpleSearchQueryConverter; @@ -370,7 +369,7 @@ public void testBootstrappedIdps() throws Exception { context = getServletContext("ldap,default", true, "test/bootstrap/login.yml,login.yml","test/bootstrap/uaa.yml,uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("resetPasswordController", ResetPasswordController.class)); - IdentityProviderConfigurator samlProviders = context.getBean("metaDataProviders", IdentityProviderConfigurator.class); + SamlIdentityProviderConfigurator samlProviders = context.getBean("metaDataProviders", SamlIdentityProviderConfigurator.class); IdentityProviderProvisioning providerProvisioning = context.getBean("identityProviderProvisioning", IdentityProviderProvisioning.class); //ensure that ldap has been loaded up assertNotNull(context.getBean("ldapPooled")); @@ -381,7 +380,7 @@ public void testBootstrappedIdps() throws Exception { assertTrue(samlProviders.getIdentityProviderDefinitions().size() >= 4); //verify that they got loaded in the DB - for (IdentityProviderDefinition def : samlProviders.getIdentityProviderDefinitions()) { + for (SamlIdentityProviderDefinition def : samlProviders.getIdentityProviderDefinitions()) { assertNotNull(providerProvisioning.retrieveByOrigin(def.getIdpEntityAlias(), IdentityZone.getUaa().getId())); } @@ -397,8 +396,8 @@ public void testSamlProfileNoData() throws Exception { Assume.assumeTrue(context.getEnvironment().getProperty("login.idpMetadataURL") == null); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("samlLogger", SAMLDefaultLogger.class)); - assertFalse(context.getBean(IdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); - assertEquals(0, context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions().size()); + assertFalse(context.getBean(SamlIdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); + assertEquals(0, context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions().size()); SimpleUrlLogoutSuccessHandler handler = context.getBean(SimpleUrlLogoutSuccessHandler.class); Method getDefaultTargetUrl = ReflectionUtils.findMethod(SimpleUrlLogoutSuccessHandler.class, "getDefaultTargetUrl"); getDefaultTargetUrl.setAccessible(true); @@ -436,18 +435,18 @@ public void testLegacySamlHttpMetaUrl() throws Exception { context = getServletContext("default", "login.yml","uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("samlLogger", SAMLDefaultLogger.class)); - assertFalse(context.getBean(IdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); - List defs = context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions(); + assertFalse(context.getBean(SamlIdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); + List defs = context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions(); assertNotNull(findProvider(defs, "testIDPFile")); assertEquals( - IdentityProviderDefinition.MetadataLocation.URL, + SamlIdentityProviderDefinition.MetadataLocation.URL, findProvider(defs, "testIDPFile").getType()); assertEquals( DefaultProtocolSocketFactory.class.getName(), findProvider(defs, "testIDPFile").getSocketFactoryClassName() ); assertEquals( - IdentityProviderDefinition.MetadataLocation.URL, + SamlIdentityProviderDefinition.MetadataLocation.URL, defs.get(defs.size() - 1).getType() ); } @@ -460,16 +459,16 @@ public void testLegacySamlProfileMetadataFile() throws Exception { context = getServletContext("default,saml,fileMetadata", "login.yml","uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("samlLogger", SAMLDefaultLogger.class)); - assertFalse(context.getBean(IdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); - List defs = context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions(); + assertFalse(context.getBean(SamlIdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); + List defs = context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions(); assertNotNull(findProvider(defs, "testIDPFile")); assertEquals( - IdentityProviderDefinition.MetadataLocation.FILE, + SamlIdentityProviderDefinition.MetadataLocation.FILE, findProvider(defs, "testIDPFile").getType()); } - protected IdentityProviderDefinition findProvider(List defs, String alias) { - for (IdentityProviderDefinition def : defs) { + protected SamlIdentityProviderDefinition findProvider(List defs, String alias) { + for (SamlIdentityProviderDefinition def : defs) { if (alias.equals(def.getIdpEntityAlias())) { return def; } @@ -483,9 +482,9 @@ public void testLegacySamlProfileMetadataConfig() throws Exception { System.setProperty("login.idpMetadata", metadataString); System.setProperty("login.idpEntityAlias", "testIDPData"); context = getServletContext("default,saml,configMetadata", "login.yml","uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); - List defs = context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions(); + List defs = context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions(); assertEquals( - IdentityProviderDefinition.MetadataLocation.DATA, + SamlIdentityProviderDefinition.MetadataLocation.DATA, findProvider(defs, "testIDPData").getType()); } @@ -499,14 +498,14 @@ public void testLegacySamlProfileHttpsMetaUrl() throws Exception { context = getServletContext("default", "login.yml","uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("samlLogger", SAMLDefaultLogger.class)); - assertFalse(context.getBean(IdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); - List defs = context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions(); + assertFalse(context.getBean(SamlIdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); + List defs = context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions(); assertEquals( EasySSLProtocolSocketFactory.class.getName(), defs.get(defs.size() - 1).getSocketFactoryClassName() ); assertEquals( - IdentityProviderDefinition.MetadataLocation.URL, + SamlIdentityProviderDefinition.MetadataLocation.URL, defs.get(defs.size() - 1).getType() ); @@ -521,17 +520,17 @@ public void testLegacySamlProfileHttpsMetaUrlWithoutPort() throws Exception { context = getServletContext("default", "login.yml","uaa.yml", "file:./src/main/webapp/WEB-INF/spring-servlet.xml"); assertNotNull(context.getBean("viewResolver", ViewResolver.class)); assertNotNull(context.getBean("samlLogger", SAMLDefaultLogger.class)); - assertFalse(context.getBean(IdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); - List defs = context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions(); + assertFalse(context.getBean(SamlIdentityProviderConfigurator.class).isLegacyMetadataTrustCheck()); + List defs = context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions(); assertFalse( - context.getBean(IdentityProviderConfigurator.class).getIdentityProviderDefinitions().isEmpty() + context.getBean(SamlIdentityProviderConfigurator.class).getIdentityProviderDefinitions().isEmpty() ); assertEquals( EasySSLProtocolSocketFactory.class.getName(), defs.get(defs.size() - 1).getSocketFactoryClassName() ); assertEquals( - IdentityProviderDefinition.MetadataLocation.URL, + SamlIdentityProviderDefinition.MetadataLocation.URL, defs.get(defs.size() - 1).getType() ); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/LoginMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/LoginMockMvcTests.java index bc38051570c..c8f6d7766dd 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/LoginMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/LoginMockMvcTests.java @@ -20,7 +20,7 @@ import org.cloudfoundry.identity.uaa.client.ClientConstants; import org.cloudfoundry.identity.uaa.config.LockoutPolicy; import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfiguratorTests; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.mock.InjectedMockContextTest; import org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils; import org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils.IdentityZoneCreationResult; @@ -520,29 +520,29 @@ public void testSamlLoginLinksShowActiveProviders() throws Exception { String zoneAdminToken = identityZoneCreationResult.getZoneAdminToken(); String metadata = String.format(MockMvcUtils.IDP_META_DATA, new RandomValueStringGenerator().generate()); - IdentityProviderDefinition activeIdentityProviderDefinition = new IdentityProviderDefinition(metadata, activeAlias, null, 0, false, true, "Active SAML Provider", null, identityZone.getId()); + SamlIdentityProviderDefinition activeSamlIdentityProviderDefinition = new SamlIdentityProviderDefinition(metadata, activeAlias, null, 0, false, true, "Active SAML Provider", null, identityZone.getId()); IdentityProvider activeIdentityProvider = new IdentityProvider(); activeIdentityProvider.setType(Origin.SAML); activeIdentityProvider.setName("Active SAML Provider"); - activeIdentityProvider.setConfig(JsonUtils.writeValueAsString(activeIdentityProviderDefinition)); + activeIdentityProvider.setConfig(JsonUtils.writeValueAsString(activeSamlIdentityProviderDefinition)); activeIdentityProvider.setActive(true); activeIdentityProvider.setOriginKey(activeAlias); mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, activeIdentityProvider, status().isCreated()); metadata = String.format(MockMvcUtils.IDP_META_DATA, new RandomValueStringGenerator().generate()); - IdentityProviderDefinition inactiveIdentityProviderDefinition = new IdentityProviderDefinition(metadata, inactiveAlias, null, 0, false, true, "You should not see me", null, identityZone.getId()); + SamlIdentityProviderDefinition inactiveSamlIdentityProviderDefinition = new SamlIdentityProviderDefinition(metadata, inactiveAlias, null, 0, false, true, "You should not see me", null, identityZone.getId()); IdentityProvider inactiveIdentityProvider = new IdentityProvider(); inactiveIdentityProvider.setType(Origin.SAML); inactiveIdentityProvider.setName("Inactive SAML Provider"); - inactiveIdentityProvider.setConfig(JsonUtils.writeValueAsString(inactiveIdentityProviderDefinition)); + inactiveIdentityProvider.setConfig(JsonUtils.writeValueAsString(inactiveSamlIdentityProviderDefinition)); inactiveIdentityProvider.setActive(false); inactiveIdentityProvider.setOriginKey(inactiveAlias); mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, inactiveIdentityProvider, status().isCreated()); getMockMvc().perform(get("/login").accept(TEXT_HTML).with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"))) .andExpect(status().isOk()) - .andExpect(xpath("//a[text()='" + activeIdentityProviderDefinition.getLinkText() + "']").exists()) - .andExpect(xpath("//a[text()='" + inactiveIdentityProviderDefinition.getLinkText() + "']").doesNotExist()); + .andExpect(xpath("//a[text()='" + activeSamlIdentityProviderDefinition.getLinkText() + "']").exists()) + .andExpect(xpath("//a[text()='" + inactiveSamlIdentityProviderDefinition.getLinkText() + "']").doesNotExist()); } @Test @@ -557,12 +557,12 @@ public void testSamlRedirectWhenTheOnlyProvider() throws Exception { String zoneAdminToken = identityZoneCreationResult.getZoneAdminToken(); String metadata = String.format(MockMvcUtils.IDP_META_DATA, new RandomValueStringGenerator().generate()); - IdentityProviderDefinition activeIdentityProviderDefinition = new IdentityProviderDefinition(metadata, alias, null, 0, false, true, "Active SAML Provider", null, identityZone.getId()); + SamlIdentityProviderDefinition activeSamlIdentityProviderDefinition = new SamlIdentityProviderDefinition(metadata, alias, null, 0, false, true, "Active SAML Provider", null, identityZone.getId()); IdentityProvider activeIdentityProvider = new IdentityProvider(); activeIdentityProvider.setType(Origin.SAML); activeIdentityProvider.setName("Active SAML Provider"); activeIdentityProvider.setActive(true); - activeIdentityProvider.setConfig(JsonUtils.writeValueAsString(activeIdentityProviderDefinition)); + activeIdentityProvider.setConfig(JsonUtils.writeValueAsString(activeSamlIdentityProviderDefinition)); activeIdentityProvider.setOriginKey(alias); activeIdentityProvider = mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, activeIdentityProvider, status().isCreated()); @@ -611,7 +611,7 @@ public void testNoCreateAccountLinksWhenUAAisNotAllowedProvider() throws Excepti IdentityZone identityZone = identityZoneCreationResult.getIdentityZone(); String zoneAdminToken = identityZoneCreationResult.getZoneAdminToken(); - IdentityProviderDefinition activeIdentityProviderDefinition3 = new IdentityProviderDefinition( + SamlIdentityProviderDefinition activeSamlIdentityProviderDefinition3 = new SamlIdentityProviderDefinition( String.format(IdentityProviderConfiguratorTests.xmlWithoutID,"http://example3.com/saml/metadata"), alias3, null, @@ -626,16 +626,16 @@ public void testNoCreateAccountLinksWhenUAAisNotAllowedProvider() throws Excepti activeIdentityProvider3.setType(Origin.SAML); activeIdentityProvider3.setName("Active 3 SAML Provider"); activeIdentityProvider3.setActive(true); - activeIdentityProvider3.setConfig(JsonUtils.writeValueAsString(activeIdentityProviderDefinition3)); + activeIdentityProvider3.setConfig(JsonUtils.writeValueAsString(activeSamlIdentityProviderDefinition3)); activeIdentityProvider3.setOriginKey(alias3); activeIdentityProvider3 = mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, activeIdentityProvider3, status().isCreated()); - IdentityProviderDefinition activeIdentityProviderDefinition2 = new IdentityProviderDefinition(String.format(IdentityProviderConfiguratorTests.xmlWithoutID,"http://example2.com/saml/metadata"), alias2, null, 0, false, true, "Active2 SAML Provider", null, identityZone.getId()); + SamlIdentityProviderDefinition activeSamlIdentityProviderDefinition2 = new SamlIdentityProviderDefinition(String.format(IdentityProviderConfiguratorTests.xmlWithoutID,"http://example2.com/saml/metadata"), alias2, null, 0, false, true, "Active2 SAML Provider", null, identityZone.getId()); IdentityProvider activeIdentityProvider2 = new IdentityProvider(); activeIdentityProvider2.setType(Origin.SAML); activeIdentityProvider2.setName("Active 2 SAML Provider"); activeIdentityProvider2.setActive(true); - activeIdentityProvider2.setConfig(JsonUtils.writeValueAsString(activeIdentityProviderDefinition2)); + activeIdentityProvider2.setConfig(JsonUtils.writeValueAsString(activeSamlIdentityProviderDefinition2)); activeIdentityProvider2.setOriginKey(alias2); activeIdentityProvider2 = mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, activeIdentityProvider2, status().isCreated()); @@ -686,26 +686,26 @@ public void testDeactivatedProviderIsRemovedFromSamlLoginLinks() throws Exceptio String zoneAdminToken = identityZoneCreationResult.getZoneAdminToken(); String metadata = String.format(MockMvcUtils.IDP_META_DATA, new RandomValueStringGenerator().generate()); - IdentityProviderDefinition identityProviderDefinition = new IdentityProviderDefinition(metadata, alias, null, 0, false, true, "SAML Provider", null, identityZone.getId()); + SamlIdentityProviderDefinition samlIdentityProviderDefinition = new SamlIdentityProviderDefinition(metadata, alias, null, 0, false, true, "SAML Provider", null, identityZone.getId()); IdentityProvider identityProvider = new IdentityProvider(); identityProvider.setType(Origin.SAML); identityProvider.setName("SAML Provider"); identityProvider.setActive(true); - identityProvider.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition)); + identityProvider.setConfig(JsonUtils.writeValueAsString(samlIdentityProviderDefinition)); identityProvider.setOriginKey(alias); identityProvider = mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, identityProvider, status().isCreated()); getMockMvc().perform(get("/login").accept(TEXT_HTML).with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"))) .andExpect(status().isOk()) - .andExpect(xpath("//a[text()='" + identityProviderDefinition.getLinkText() + "']").exists()); + .andExpect(xpath("//a[text()='" + samlIdentityProviderDefinition.getLinkText() + "']").exists()); identityProvider.setActive(false); mockMvcUtils.createIdpUsingWebRequest(getMockMvc(), identityZone.getId(), zoneAdminToken, identityProvider, status().isOk(), true); getMockMvc().perform(get("/login").accept(TEXT_HTML).with(new SetServerNameRequestPostProcessor(identityZone.getSubdomain() + ".localhost"))) .andExpect(status().isOk()) - .andExpect(xpath("//a[text()='" + identityProviderDefinition.getLinkText() + "']").doesNotExist()); + .andExpect(xpath("//a[text()='" + samlIdentityProviderDefinition.getLinkText() + "']").doesNotExist()); } @Test diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/saml/SamlIDPRefreshMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/saml/SamlIDPRefreshMockMvcTests.java index 45b430613ef..7b9f5bc755e 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/saml/SamlIDPRefreshMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/login/saml/SamlIDPRefreshMockMvcTests.java @@ -41,7 +41,6 @@ import static org.springframework.http.MediaType.TEXT_HTML; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; -import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -64,7 +63,7 @@ public class SamlIDPRefreshMockMvcTests extends InjectedMockContextTest { private IdentityZoneProvisioning zoneProvisioning; - private IdentityProviderConfigurator configurator; + private SamlIdentityProviderConfigurator configurator; @Before public void setUpContext() throws Exception { @@ -74,7 +73,7 @@ public void setUpContext() throws Exception { providerProvisioning = getWebApplicationContext().getBean(IdentityProviderProvisioning.class); zoneAwareMetadataManager = getWebApplicationContext().getBean(ZoneAwareMetadataManager.class); zoneProvisioning = getWebApplicationContext().getBean(IdentityZoneProvisioning.class); - configurator = getWebApplicationContext().getBean(IdentityProviderConfigurator.class); + configurator = getWebApplicationContext().getBean(SamlIdentityProviderConfigurator.class); //ensure that we don't fire the listener, we want to test the DB refresh getWebApplicationContext().getBean(ProviderChangedListener.class).setMetadataManager(null); cleanSamlProviders(); @@ -87,7 +86,7 @@ public void cleanSamlProviders() throws Exception { for (IdentityProvider provider : providerProvisioning.retrieveAll(false, zone.getId())) { if (Origin.SAML.equals(provider.getType())) { ZoneAwareMetadataManager.ExtensionMetadataManager manager = zoneAwareMetadataManager.getManager(zone); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); ExtendedMetadataDelegate delegate = configurator.getExtendedMetadataDelegateFromCache(definition); configurator.removeIdentityProviderDefinition(definition); if (delegate!=null) { @@ -121,7 +120,7 @@ public void testFallbackIDP_shows_Error_Message_Instead_Of_Default() throws Exce public void testThatDBAddedXMLProviderShowsOnLoginPage() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(DEFAULT_SIMPLE_SAML_METADATA, "simplesamlphp", "Log in with Simple Saml PHP Config"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); //this simulates what the timer does @@ -141,7 +140,7 @@ public void testThatDBAddedXMLProviderShowsOnLoginPage() throws Exception { public void test_Reject_Duplicate_Alias_and_Duplicate_Entity_ID() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(DEFAULT_SIMPLE_SAML_METADATA, "simplesamlphp", "Log in with Simple Saml PHP Config"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); //this simulates what the timer does @@ -169,7 +168,7 @@ public void test_Reject_Duplicate_Alias_and_Duplicate_Entity_ID() throws Excepti zoneAwareMetadataManager.refreshAllProviders(); assertEquals(2, zoneAwareMetadataManager.getAvailableProviders().size()); - definition = provider.getConfigValue(IdentityProviderDefinition.class); + definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that it exists in the link getMockMvc().perform(get("/login").accept(TEXT_HTML)) .andExpect(status().isOk()) @@ -180,7 +179,7 @@ public void test_Reject_Duplicate_Alias_and_Duplicate_Entity_ID() throws Excepti public void testThatDBXMLDisabledProvider() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(DEFAULT_SIMPLE_SAML_METADATA, "simplesamlphp", "Log in with Simple Saml PHP Config"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); @@ -197,7 +196,7 @@ public void testThatDBXMLDisabledProvider() throws Exception { provider.setActive(false); provider = providerProvisioning.update(provider); - definition = provider.getConfigValue(IdentityProviderDefinition.class); + definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //this simulates what the timer does zoneAwareMetadataManager.refreshAllProviders(); @@ -215,7 +214,7 @@ public void testThatDBXMLDisabledProvider() throws Exception { public void testThatDBAddedFileProviderShowsOnLoginPage() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(getMetadataFile(DEFAULT_SIMPLE_SAML_METADATA).getAbsolutePath(), "simplesamlphp", "Log in with Simple Saml PHP File"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); @@ -236,7 +235,7 @@ public void testThatDBAddedFileProviderShowsOnLoginPage() throws Exception { public void testThatDBFileDisabledProvider() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(getMetadataFile(DEFAULT_SIMPLE_SAML_METADATA).getAbsolutePath(), "simplesamlphp", "Log in with Simple Saml PHP File"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); @@ -253,7 +252,7 @@ public void testThatDBFileDisabledProvider() throws Exception { provider.setActive(false); provider = providerProvisioning.update(provider); - definition = provider.getConfigValue(IdentityProviderDefinition.class); + definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //this simulates what the timer does zoneAwareMetadataManager.refreshAllProviders(); @@ -271,7 +270,7 @@ public void testThatDBFileDisabledProvider() throws Exception { public void testThatDBAddedUrlProviderShowsOnLoginPage() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider("http://simplesamlphp.cfapps.io/saml2/idp/metadata.php", "simplesamlphp", "Log in with Simple Saml PHP URL"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); @@ -292,7 +291,7 @@ public void testThatDBAddedUrlProviderShowsOnLoginPage() throws Exception { public void testThatDBFileUrlProvider() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider("http://simplesamlphp.cfapps.io/saml2/idp/metadata.php", "simplesamlphpurl", "Log in with Simple Saml PHP URL"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); @@ -309,7 +308,7 @@ public void testThatDBFileUrlProvider() throws Exception { provider.setActive(false); provider = providerProvisioning.update(provider); - definition = provider.getConfigValue(IdentityProviderDefinition.class); + definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //this simulates what the timer does zoneAwareMetadataManager.refreshAllProviders(); @@ -327,7 +326,7 @@ public void testThatDBFileUrlProvider() throws Exception { public void testThatDifferentMetadataLocationsShowsOnLoginPage() throws Exception { assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); IdentityProvider provider = createSamlProvider(DEFAULT_SIMPLE_SAML_METADATA, "simplesamlphp", "Log in with Simple Saml PHP Config"); - IdentityProviderDefinition definition = provider.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition definition = provider.getConfigValue(SamlIdentityProviderDefinition.class); //ensure that the listener was not the one who created the provider assertEquals(1, zoneAwareMetadataManager.getAvailableProviders().size()); //this simulates what the timer does @@ -411,7 +410,7 @@ public File getMetadataFile(String metadata) throws Exception { } public IdentityProvider createSamlProvider(String metadata, String alias, String linkText) { - IdentityProviderDefinition definition = createSimplePHPSamlIDP(IdentityZone.getUaa().getId(), metadata, alias, linkText); + SamlIdentityProviderDefinition definition = createSimplePHPSamlIDP(IdentityZone.getUaa().getId(), metadata, alias, linkText); IdentityProvider provider = new IdentityProvider(); provider.setActive(true); provider.setConfig(JsonUtils.writeValueAsString(definition)); @@ -424,8 +423,8 @@ public IdentityProvider createSamlProvider(String metadata, String alias, String } - public IdentityProviderDefinition createSimplePHPSamlIDP(String zoneId, String metaData, String alias, String linkText) { - IdentityProviderDefinition def = new IdentityProviderDefinition(); + public SamlIdentityProviderDefinition createSimplePHPSamlIDP(String zoneId, String metaData, String alias, String linkText) { + SamlIdentityProviderDefinition def = new SamlIdentityProviderDefinition(); def.setZoneId(zoneId); def.setMetaDataLocation(metaData); def.setNameID("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"); diff --git a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityProviderEndpointsMockMvcTests.java b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityProviderEndpointsMockMvcTests.java index c54c0582bc9..da3d238eb08 100644 --- a/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityProviderEndpointsMockMvcTests.java +++ b/uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/zones/IdentityProviderEndpointsMockMvcTests.java @@ -17,8 +17,7 @@ import org.cloudfoundry.identity.uaa.audit.AuditEventType; import org.cloudfoundry.identity.uaa.authentication.Origin; import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderConfiguratorTests; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinition; -import org.cloudfoundry.identity.uaa.login.saml.IdentityProviderDefinitionTests; +import org.cloudfoundry.identity.uaa.login.saml.SamlIdentityProviderDefinition; import org.cloudfoundry.identity.uaa.mock.InjectedMockContextTest; import org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils; import org.cloudfoundry.identity.uaa.scim.ScimUser; @@ -105,14 +104,14 @@ public void testCreateSamlProvider() throws Exception { provider.setIdentityZoneId(IdentityZone.getUaa().getId()); provider.setType(Origin.SAML); provider.setOriginKey(origin); - IdentityProviderDefinition samlDefinition = new IdentityProviderDefinition(metadata, null, null, 0, false, true, "Test SAML Provider", null, null); + SamlIdentityProviderDefinition samlDefinition = new SamlIdentityProviderDefinition(metadata, null, null, 0, false, true, "Test SAML Provider", null, null); samlDefinition.setEmailDomain(Arrays.asList("test.com", "test2.com")); provider.setConfig(JsonUtils.writeValueAsString(samlDefinition)); IdentityProvider created = createIdentityProvider(null, provider, accessToken, status().isCreated()); assertNotNull(created.getConfig()); - IdentityProviderDefinition samlCreated = created.getConfigValue(IdentityProviderDefinition.class); + SamlIdentityProviderDefinition samlCreated = created.getConfigValue(SamlIdentityProviderDefinition.class); assertEquals(Arrays.asList("test.com", "test2.com"), samlCreated.getEmailDomain()); assertEquals(IdentityZone.getUaa().getId(), samlCreated.getZoneId()); assertEquals(provider.getOriginKey(), samlCreated.getIdpEntityAlias()); @@ -273,7 +272,7 @@ public void test_Create_Duplicate_Saml_Identity_Provider_In_Other_Zone() throws IdentityProvider identityProvider = MultitenancyFixture.identityProvider(origin1, zone.getId()); identityProvider.setType(Origin.SAML); - IdentityProviderDefinition providerDefinition = new IdentityProviderDefinition( + SamlIdentityProviderDefinition providerDefinition = new SamlIdentityProviderDefinition( IdentityProviderConfiguratorTests.xml, identityProvider.getOriginKey(), "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", @@ -293,7 +292,7 @@ public void test_Create_Duplicate_Saml_Identity_Provider_In_Other_Zone() throws assertEquals(identityProvider.getOriginKey(), createdIDP.getOriginKey()); identityProvider.setOriginKey(origin2); - providerDefinition = new IdentityProviderDefinition( + providerDefinition = new SamlIdentityProviderDefinition( IdentityProviderConfiguratorTests.xml, identityProvider.getOriginKey(), "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", @@ -322,7 +321,7 @@ public void test_Create_Duplicate_Saml_Identity_Provider_In_Default_Zone() throw IdentityProvider identityProvider = MultitenancyFixture.identityProvider(origin1, IdentityZone.getUaa().getId()); identityProvider.setType(Origin.SAML); - IdentityProviderDefinition providerDefinition = new IdentityProviderDefinition( + SamlIdentityProviderDefinition providerDefinition = new SamlIdentityProviderDefinition( IdentityProviderConfiguratorTests.xml, identityProvider.getOriginKey(), "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", @@ -342,7 +341,7 @@ public void test_Create_Duplicate_Saml_Identity_Provider_In_Default_Zone() throw assertEquals(identityProvider.getOriginKey(), createdIDP.getOriginKey()); identityProvider.setOriginKey(origin2); - providerDefinition = new IdentityProviderDefinition( + providerDefinition = new SamlIdentityProviderDefinition( IdentityProviderConfiguratorTests.xml, identityProvider.getOriginKey(), "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",