Permalink
Browse files

Merge branch 'release/1.4.1'

Conflicts:
	common/pom.xml
	pom.xml
	samples/api/pom.xml
	samples/app/pom.xml
	samples/pom.xml
	scim/pom.xml
	uaa/pom.xml
  • Loading branch information...
2 parents 1081b11 + 8dd588a commit c4c413412572a7979d7a88314b3a17274950fa72 @vedyval vedyval committed Mar 26, 2013
Showing with 2,144 additions and 702 deletions.
  1. +35 −33 README.md
  2. +35 −2 common/pom.xml
  3. +66 −0 common/src/main/java/org/cloudfoundry/identity/uaa/config/CustomPropertyConstructor.java
  4. +75 −0 common/src/main/java/org/cloudfoundry/identity/uaa/config/YamlConfigurationValidator.java
  5. +9 −5 common/src/main/java/org/cloudfoundry/identity/uaa/config/YamlServletProfileInitializer.java
  6. +19 −0 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/CheckTokenEndpoint.java
  7. +1 −0 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/Claims.java
  8. +5 −3 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/ClientAdminEndpoints.java
  9. +4 −3 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/approval/ApprovalsAdminEndpoints.java
  10. +20 −2 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/SignerProvider.java
  11. +13 −99 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpoint.java
  12. +95 −118 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/UaaTokenServices.java
  13. +12 −9 common/src/main/java/org/cloudfoundry/identity/uaa/rest/SearchResultsFactory.java
  14. +14 −7 common/src/main/java/org/cloudfoundry/identity/uaa/rest/jdbc/AbstractQueryable.java
  15. +4 −2 common/src/main/java/org/cloudfoundry/identity/uaa/rest/jdbc/JdbcPagingList.java
  16. +23 −0 common/src/main/java/org/cloudfoundry/identity/uaa/util/UaaPagingUtils.java
  17. +19 −0 common/src/main/resources/org/cloudfoundry/identity/uaa/schema-drop-mysql.sql
  18. +66 −0 common/src/main/resources/org/cloudfoundry/identity/uaa/schema-mysql.sql
  19. +1 −0 common/src/main/sql/hsqldb.vpp
  20. +28 −0 common/src/main/sql/mysql.properties
  21. +5 −0 common/src/main/sql/mysql.vpp
  22. +1 −0 common/src/main/sql/postgresql.vpp
  23. +4 −4 common/src/main/sql/schema-drop.sql.vpp
  24. +1 −1 common/src/main/sql/schema.sql.vpp
  25. +3 −3 common/src/test/java/org/cloudfoundry/identity/uaa/audit/JdbcAuditServiceTests.java
  26. +2 −2 ...n/src/test/java/org/cloudfoundry/identity/uaa/audit/JdbcFailedLoginCountingAuditServiceTests.java
  27. +401 −0 common/src/test/java/org/cloudfoundry/identity/uaa/config/YamlBindingTests.java
  28. +64 −0 common/src/test/java/org/cloudfoundry/identity/uaa/config/YamlConfigurationValidatorTests.java
  29. +19 −0 common/src/test/java/org/cloudfoundry/identity/uaa/config/YamlPropertiesFactoryBeanTests.java
  30. +1 −1 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/JdbcScimClientDetailsServiceTests.java
  31. +1 −1 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/UserManagedAuthzApprovalHandlerTests.java
  32. +1 −1 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/approval/ApprovalsAdminEndpointsTests.java
  33. +20 −13 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/approval/JdbcApprovalStoreTests.java
  34. +35 −3 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/SignerProviderTests.java
  35. +5 −56 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpointTests.java
  36. +4 −4 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/UaaTokenServicesTests.java
  37. +16 −22 ...uaa/scim → common/src/test/java/org/cloudfoundry/identity/uaa/rest}/jdbc/JdbcPagingListTests.java
  38. +1 −1 common/src/test/java/org/cloudfoundry/identity/uaa/user/JdbcUaaUserDatabaseTests.java
  39. +74 −0 common/src/test/java/org/cloudfoundry/identity/uaa/util/UaaPagingUtilsTests.java
  40. +4 −0 common/src/test/resources/mysql.properties
  41. +7 −0 common/src/test/resources/test-data-source.xml
  42. +19 −0 docs/Sysadmin-Guide.rst
  43. +30 −0 docs/default-login.yml
  44. +57 −0 docs/default-uaa.yml
  45. BIN docs/uaa_concepts.odp
  46. BIN docs/uaa_concepts.pdf
  47. BIN docs/uaa_developers.odp
  48. BIN docs/uaa_developers.pdf
  49. BIN docs/uaa_operators.odp
  50. BIN docs/uaa_operators.pdf
  51. +1 −1 pom.xml
  52. +1 −1 samples/api/pom.xml
  53. +1 −1 samples/app/pom.xml
  54. +2 −2 samples/login/login.rb
  55. +1 −1 samples/pom.xml
  56. +9 −1 scim/pom.xml
  57. +5 −3 scim/src/main/java/org/cloudfoundry/identity/uaa/scim/ScimGroupJsonSerializer.java
  58. +59 −15 scim/src/main/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimGroupEndpoints.java
  59. +9 −5 scim/src/main/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimUserEndpoints.java
  60. +2 −2 scim/src/main/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimUserProvisioning.java
  61. +16 −0 scim/src/main/resources/org/cloudfoundry/identity/uaa/scim/schema-drop-mysql.sql
  62. +31 −0 scim/src/main/resources/org/cloudfoundry/identity/uaa/scim/schema-mysql.sql
  63. +1 −0 scim/src/main/sql/hsqldb.vpp
  64. +28 −0 scim/src/main/sql/mysql.properties
  65. +5 −0 scim/src/main/sql/mysql.vpp
  66. +1 −0 scim/src/main/sql/postgresql.vpp
  67. +2 −2 scim/src/main/sql/schema-drop.sql.vpp
  68. +4 −4 scim/src/main/sql/schema.sql.vpp
  69. +0 −142 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/JdbcUaaUserDatabaseTests.java
  70. +8 −7 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/bootstrap/ScimGroupBootstrapTests.java
  71. +139 −49 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimGroupEndpointsTests.java
  72. +8 −0 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimUserEndpointsTests.java
  73. +17 −16 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupMembershipManagerTests.java
  74. +9 −8 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimGroupProvisioningTests.java
  75. +22 −23 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/jdbc/JdbcScimUserProvisioningTests.java
  76. +12 −3 scim/src/test/java/org/cloudfoundry/identity/uaa/scim/test/TestUtils.java
  77. +4 −0 scim/src/test/resources/mysql.properties
  78. +7 −0 scim/src/test/resources/test-data-source.xml
  79. +8 −1 uaa/pom.xml
  80. +145 −0 uaa/src/main/java/org/cloudfoundry/identity/uaa/UaaConfiguration.java
  81. +85 −0 uaa/src/main/resources/org/cloudfoundry/identity/uaa/schema-mysql-cloudfoundry.sql
  82. +21 −0 uaa/src/main/resources/org/cloudfoundry/identity/uaa/schema-mysql-drop-cloudfoundry.sql
  83. 0 ...rces/org/cloudfoundry/identity/uaa/{schema-cloudfoundry.sql → schema-postgresql-cloudfoundry.sql}
  84. 0 ...loudfoundry/identity/uaa/{schema-drop-cloudfoundry.sql → schema-postgresql-drop-cloudfoundry.sql}
  85. +2 −2 uaa/src/main/webapp/WEB-INF/jsp/access_confirmation.jsp
  86. +26 −4 uaa/src/main/webapp/WEB-INF/spring/env.xml
  87. +2 −3 uaa/src/main/webapp/WEB-INF/spring/oauth-endpoints.xml
  88. +48 −0 uaa/src/test/java/org/cloudfoundry/identity/uaa/UaaConfigurationTests.java
  89. +30 −11 uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/RefreshTokenSupportIntegrationTests.java
  90. +30 −0 uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/ScimUserEndpointsIntegrationTests.java
  91. +24 −0 uaa/src/test/resources/test/profiles/mysql/uaa.yml
View
@@ -64,11 +64,11 @@ the login endpoint to tell you about the system:
}
Then you can try logging in with the UAA ruby gem. Make sure you have
-ruby 1.9, and bundler installed, then
+ruby 1.9, then
- $ cd gem/; bundle
- $ ./bin/uaac target http://localhost:8080/uaa
- $ ./bin/uaac token get marissa koala
+ $ gem install cf-uaac
+ $ uaac target http://localhost:8080/uaa
+ $ uaac token get marissa koala
(or leave out the username / password to be prompted).
@@ -82,34 +82,20 @@ console).
Then you can login as a resource server and retrieve the token
details:
- $ ./bin/uaac target http://localhost:8080/uaa app
- $ ./bin/uaac login token [token-value-from-above]
+ $ uaac target http://localhost:8080/uaa
+ $ uaac token decode [token-value-from-above]
-You will be prompted for the client secret (`appclientsecret`), and
-then you should see your username and the client id of the original
+You should see your username and the client id of the original
token grant on stdout, e.g.
- id: 6e1ac414-f446-4869-9b41-41f1f41b96df
- resource-ids:
- - tokens
- - openid
- - cloud_controller
- - password
- expires-at: 1339120767
- scope:
- - read
- - write
- - openid
- - password
- email: marissa@test.org
- client-authorities:
- - ROLE_UNTRUSTED
- expires-in: 43158
- user-authorities:
- - uaa.user
- user-id: marissa
- client-id: vmc
- token-id: 90162e5c-228d-4620-b457-83e2d591eedf
+ exp: 1355348409
+ user_name: marissa
+ scope: cloud_controller.read openid password.write scim.userids tokens.read tokens.write
+ email: marissa@test.org
+ aud: scim tokens openid cloud_controller password
+ jti: ea2fac72-3f51-4c8f-a7a6-5ffc117af542
+ user_id: ba14fea0-9d87-4f0c-b59e-32aaa8eb1434
+ client_id: vmc
### Demo of command line usage on cloudfoundry.com
@@ -126,11 +112,11 @@ about the system:
}
}
-You can then try logging in with the UAA ruby gem. Make sure you have ruby 1.9, and bundler installed, then
+You can then try logging in with the UAA ruby gem. Make sure you have ruby 1.9, then
- $ cd gem/; bundle
- $ ./bin/uaac target uaa.cloudfoundry.com vmc
- $ ./bin/uaac login implicit [yourusername] [yourpassword]
+ $ gem install cf-uaac
+ $ uaac target uaa.cloudfoundry.com
+ $ uaac token get [yourusername] [yourpassword]
(or leave out the username / password to be prompted).
@@ -268,6 +254,22 @@ will look for an environment variable (or system property)
used to expose `UAA_ADMIN_CLIENT_SECRET` etc. in the standard
configuration.
+### Using Maven with to test with postgresql or mysql
+
+The default uaa unit tests (mvn test) use hsqldb.
+
+To run the unit tests using postgresql:
+
+ $ SPRING_PROFILES_ACTIVE=test,postgresql CLOUD_FOUNDRY_CONFIG_PATH=src/test/resources/test/profiles/postgresql mvn test
+
+To run the unit tests using mysql:
+
+ $ SPRING_PROFILES_ACTIVE=test,mysql CLOUD_FOUNDRY_CONFIG_PATH=src/test/resources/test/profiles/mysql mvn test
+
+The database configuration for the common and scim modules is located at:
+common/src/test/resources/(mysql|postgresql).properties
+scim/src/test/resources/(mysql|postgresql).properties
+
## Inventory
There are actually several projects here, the main `uaa` server application and some samples:
View
@@ -6,7 +6,7 @@
<parent>
<groupId>org.cloudfoundry.identity</groupId>
<artifactId>cloudfoundry-identity-parent</artifactId>
- <version>1.4.0</version>
+ <version>1.4.1</version>
<relativePath>..</relativePath>
</parent>
@@ -48,6 +48,7 @@
</macrodef>
<sql-script platform="hsqldb" />
<sql-script platform="postgresql" />
+ <sql-script platform="mysql" />
</target>
</configuration>
<goals>
@@ -199,6 +200,31 @@
</dependency>
<dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ <version>1.7.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.7.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ <version>1.7.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-validator</artifactId>
+ <version>4.3.1.Final</version>
+ <!--<optional>true</optional>-->
+ </dependency>
+
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
</dependency>
@@ -226,7 +252,7 @@
<dependency>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
- <version>1.9</version>
+ <version>1.12</version>
</dependency>
<dependency>
@@ -244,6 +270,13 @@
</dependency>
<dependency>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ <version>5.1.23</version>
+ <scope>test</scope>
+ </dependency>
+
+ <dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-all</artifactId>
<version>1.8.5</version>
@@ -0,0 +1,66 @@
+package org.cloudfoundry.identity.uaa.config;
+
+import java.beans.IntrospectionException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.yaml.snakeyaml.constructor.Constructor;
+import org.yaml.snakeyaml.introspector.Property;
+import org.yaml.snakeyaml.introspector.PropertyUtils;
+import org.yaml.snakeyaml.nodes.NodeId;
+
+/**
+ * Extended version of snakeyaml's Constructor class to facilitate mapping custom
+ * YML keys to Javabean property names.
+ *
+ * @author Luke Taylor
+ */
+public class CustomPropertyConstructor extends Constructor {
+ private final Map<Class<?>, Map<String,Property>> properties = new HashMap<Class<?>, Map<String, Property>>();
+ private final PropertyUtils propertyUtils = new PropertyUtils();
+
+ public CustomPropertyConstructor(Class<?> theRoot) {
+ super(theRoot);
+ yamlClassConstructors.put(NodeId.mapping, new CustomPropertyConstructMapping());
+ }
+
+ /**
+ * Adds an alias for a Javabean property name on a particular type.
+ * The values of YML keys with the alias name will be mapped to the Javabean
+ * property.
+ */
+ protected final void addPropertyAlias(String alias, Class<?> type, String name) {
+ Map<String,Property> typeMap = properties.get(type);
+
+ if (typeMap == null) {
+ typeMap = new HashMap<String, Property>();
+ properties.put(type, typeMap);
+ }
+
+ try {
+ typeMap.put(alias, propertyUtils.getProperty(type, name));
+ }
+ catch (IntrospectionException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ class CustomPropertyConstructMapping extends ConstructMapping {
+
+ @Override
+ protected Property getProperty(Class<?> type, String name) throws IntrospectionException {
+ Property p = lookupProperty(type, name);
+
+ return p != null ? p : super.getProperty(type, name);
+ }
+
+ private Property lookupProperty(Class<?> type, String name) {
+ Map<String,Property> m = properties.get(type);
+
+ if (m != null) {
+ return m.get(name);
+ }
+ return null;
+ }
+ }
+}
@@ -0,0 +1,75 @@
+package org.cloudfoundry.identity.uaa.config;
+
+import javax.validation.*;
+import java.util.Collections;
+import java.util.Set;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.util.Assert;
+import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.Constructor;
+import org.yaml.snakeyaml.error.YAMLException;
+
+/**
+ * Uses a defined SnakeYAML constructor to validate the "__rawYaml" property
+ * obtained from the environment.
+ *
+ * @author Luke Taylor
+ */
+public class YamlConfigurationValidator implements ApplicationContextAware, InitializingBean {
+ private static final Log logger = LogFactory.getLog(YamlConfigurationValidator.class);
+
+ private Constructor constructor;
+ private boolean exceptionIfInvalid;
+ private ApplicationContext ctx;
+
+ /**
+ * Sets a validation constructor which will be applied to the YAML doc to see whether it matches
+ * the expected Javabean.
+ */
+ public YamlConfigurationValidator(Constructor constructor) {
+ Assert.notNull(constructor);
+ this.constructor = constructor;
+ }
+
+ @SuppressWarnings("unchecked")
+ public void setApplicationContext(ApplicationContext ctx) throws ValidationException, YAMLException {
+ this.ctx = ctx;
+ }
+
+ public void setExceptionIfInvalid(boolean exceptionIfInvalid) {
+ this.exceptionIfInvalid = exceptionIfInvalid;
+ }
+
+ @SuppressWarnings("unchecked")
+ public void afterPropertiesSet() throws Exception {
+ Validator validator = Validation.buildDefaultValidatorFactory().getValidator();
+
+ try {
+ String yaml = ctx.getEnvironment().getRequiredProperty("__rawYaml");
+
+ logger.trace("Yaml document is\n" + yaml);
+ Set<ConstraintViolation<Object>> errors = validator.validate((new Yaml(constructor)).load(yaml));
+
+ if (!errors.isEmpty()) {
+ logger.error("YAML configuration failed validation");
+ for (ConstraintViolation error: errors) {
+ logger.error(error.getPropertyPath() + ": " + error.getMessage());
+ }
+ if (exceptionIfInvalid) {
+ throw new ConstraintViolationException((Set)errors);
+ }
+ }
+ } catch (YAMLException e) {
+ if (exceptionIfInvalid) {
+ throw e;
+ }
+ logger.error("Failed to load YAML validation bean. Your YAML file may be invalid.", e);
+ }
+ }
+}
@@ -30,19 +30,21 @@
import org.springframework.util.StringUtils;
import org.springframework.web.context.ConfigurableWebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
+import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.Constructor;
/**
* An {@link ApplicationContextInitializer} for a web application to enable it to externalize the environment and
* logging configuration. A YAML config file is loaded if present and inserted into the environment. In addition if the
* YAML contains some special properties, some initialization is carried out:
- *
+ *
* <ul>
* <li><code>spring_profiles</code> - then the active profiles are set</li>
* <li><code>logging.config</code> - then log4j is initialized from that location (if it exists)</li>
* </ul>
- *
+ *
* @author Dave Syer
- *
+ *
*/
public class YamlServletProfileInitializer implements ApplicationContextInitializer<ConfigurableWebApplicationContext> {
@@ -85,11 +87,13 @@ public void initialize(ConfigurableWebApplicationContext applicationContext) {
resources.add(defaultResource);
}
}
-
+
resources.add(resource);
factory.setResources(resources.toArray(new Resource[resources.size()]));
-
+
Map<String, Object> map = factory.getObject();
+ String yamlStr = (new Yaml()).dump(map);
+ map.put("__rawYaml", yamlStr);
NestedMapPropertySource properties = new NestedMapPropertySource("servletConfigYaml", map);
applicationContext.getEnvironment().getPropertySources().addLast(properties);
applySpringProfiles(applicationContext.getEnvironment(), servletContext);
Oops, something went wrong.

0 comments on commit c4c4134

Please sign in to comment.