Merge branch 'saml-tokens' into 'develop-4.0'

Allow variable tokens in SAML2 initialization files

See merge request weblogic-cloud/weblogic-deploy-tooling!1613

Author: robertpatrick

core/src/main/python/wlsdeploy/tool/util/saml2_security_helper.py

@@ -9,6 +9,7 @@
 from wlsdeploy.logging.platform_logger import PlatformLogger
 from wlsdeploy.util import dictionary_utils
 from wlsdeploy.util import string_utils
+from wlsdeploy.util import variables
 
 DOMAIN_SECURITY_FOLDER = 'security'
 IDP_FILE_PREFIX = 'saml2idppartner'
@@ -39,19 +40,27 @@ def extract_initialization_files(self, archive_helper, deployer=None):
         """
         Extract initialization files from the archive to the security directory.
         :param archive_helper: used to find initialization files in archive
+        :param deployer: used to transfer files for online deployment
         """
-        self._extract_initialization_files(IDP_FILE_PREFIX, IDP_PARTNERS_KEY, archive_helper, deployer)
-        self._extract_initialization_files(SP_FILE_PREFIX, SP_PARTNERS_KEY, archive_helper, deployer)
+        variable_map = {}
+        variable_file = self._model_context.get_variable_file()
+        if variable_file is not None and os.path.exists(variable_file):
+            variable_map = variables.load_variables(variable_file)
 
-    def _extract_initialization_files(self, prefix, partners_key, archive_helper, deployer):
+        self._extract_initialization_files(IDP_FILE_PREFIX, IDP_PARTNERS_KEY, archive_helper, deployer, variable_map)
+        self._extract_initialization_files(SP_FILE_PREFIX, SP_PARTNERS_KEY, archive_helper, deployer, variable_map)
+
+    def _extract_initialization_files(self, prefix, partners_key, archive_helper, deployer, variable_map):
         """
         Extract initialization files for a specific prefix.
         Don't install any files if the <prefix>initialized file exists in the security directory
         :param prefix: the prefix of the "initialized" and "properties" file names
         :param partners_key: the key in the properties file that contains the partner IDs
         :param archive_helper: used to find initialization files
+        :param deployer: used to transfer files for online deployment
+        :param variable_map: used for token replacement
         """
-        _method_name = '_install_initialization_files'
+        _method_name = '_extract_initialization_files'
 
         properties_file_name = prefix + '.properties'
         properties_path = WLSDeployArchive.getSaml2DataArchivePath(properties_file_name)
@@ -61,28 +70,67 @@ def _extract_initialization_files(self, prefix, partners_key, archive_helper, de
             initialized_path = os.path.join(self._domain_security_directory, initialized_file)
             if self._model_context.is_ssh():
                 extracted_file_path = archive_helper.extract_file(properties_path, deployer.upload_temporary_dir)
-                deployer.upload_specific_file_to_remote_server(extracted_file_path, self._domain_security_directory)
+                if self._detokenize_file(extracted_file_path, variable_map):
+                    deployer.upload_specific_file_to_remote_server(extracted_file_path, self._domain_security_directory)
+                    self._extract_metadata_files(extracted_file_path, partners_key, archive_helper, deployer)
             elif not self._model_context.is_ssh() and os.path.isfile(initialized_path):
                 self._logger.info('WLSDPLY-23000', properties_file_name, initialized_file,
                                   class_name=self._class_name, method_name=_method_name)
             else:
                 # extract the properties file, the read it to determine metadata files
                 self._logger.info('WLSDPLY-23001', properties_file_name, class_name=self._class_name,
                                   method_name=_method_name)
+                extracted_file_path = archive_helper.extract_file(properties_path, self._domain_security_directory)
+                if self._detokenize_file(extracted_file_path, variable_map):
+                    self._extract_metadata_files(extracted_file_path, partners_key, archive_helper, deployer)
+
+    def _detokenize_file(self, file_path, variable_map):
+        """
+        Replace tokens in the specified file from the variable map
+        :param file_path: the file to detokenize
+        :param variable_map: variables to resolve property tokens
+        """
+        _method_name = '_detokenize_file'
+
+        file_reader = None
+        file_writer = None
+        error_total = 0
 
-                archive_helper.extract_file(properties_path, self._domain_security_directory)
-                self._extract_metadata_files(properties_file_name, partners_key, archive_helper, deployer)
+        try:
+            file_reader = open(file_path, 'r')
+            lines = file_reader.readlines()
+            file_reader.close()
+            file_reader = None
 
-    def _extract_metadata_files(self, properties_file_name, partners_key, archive_helper, deployer):
+            new_lines = []
+            for line in lines:
+                line, error_count = variables.substitute_text(line, variable_map, self._model_context)
+                new_lines.append(line)
+                error_total += error_count
+
+            if error_total:
+                self._logger.severe('WLSDPLY-23008', error_total, file_path,
+                                    class_name=self._class_name, method_name=_method_name)
+            file_writer = open(file_path, 'w')
+            file_writer.writelines(new_lines)
+        finally:
+            if file_reader is not None:
+                file_reader.close()
+            if file_writer is not None:
+                file_writer.close()
+
+        return error_total == 0
+
+    def _extract_metadata_files(self, properties_file, partners_key, archive_helper, deployer):
         """
         Extract metadata files specified in the properties file.
-        :param properties_file_name: the name of the properties file containing the metadata file names
+        :param properties_file: the properties file containing the metadata file names
         :param partners_key: the key in the properties file that contains the partner IDs
         :param archive_helper: used to find metadata files
+        :param deployer: used to transfer files for online deployment
         """
-        _method_name = '_install_metadata_files'
+        _method_name = '_extract_metadata_files'
 
-        properties_file = os.path.join(self._domain_security_directory, properties_file_name)
         metadata_file_names = self._get_metadata_file_names(properties_file, partners_key)
         for metadata_file_name in metadata_file_names:
             metadata_file = WLSDeployArchive.getSaml2DataArchivePath(metadata_file_name)
@@ -94,7 +142,7 @@ def _extract_metadata_files(self, properties_file_name, partners_key, archive_he
                 if self._model_context.is_ssh():
                     extracted_file_path = archive_helper.extract_file(metadata_file, deployer.upload_temporary_dir)
                     deployer.upload_specific_file_to_remote_server(extracted_file_path,
-                                                                    self._domain_security_directory)
+                                                                   self._domain_security_directory)
                 else:
                     archive_helper.extract_file(metadata_file, self._domain_security_directory)
             else:
@@ -128,7 +176,8 @@ def _discover_initialization_files(self, prefix, partners_key, archive, discover
             results = self._model_context.get_ssh_context().get_directory_contents(self._domain_security_directory, True)
             for result in results:
                 if result.lower().endswith(properties_file_name.lower()):
-                    properties_file = discoverer.download_deployment_from_remote_server(properties_file,
+                    properties_file = discoverer.download_deployment_from_remote_server(
+                        properties_file,
                         discoverer.download_temporary_dir, "samlInitFile")
         if os.path.isfile(properties_file):
             if archive:

core/src/main/python/wlsdeploy/util/variables.py

@@ -1,5 +1,5 @@
 """
-Copyright (c) 2017, 2023, Oracle Corporation and/or its affiliates.
+Copyright (c) 2017, 2024, Oracle and/or its affiliates.
 Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
 """
 import os
@@ -188,6 +188,20 @@ def substitute_value(text, variables, model_context):
     return result
 
 
+def substitute_text(text, variables, model_context):
+    """
+    Perform token substitutions on a single text value.
+    Return a tuple with the revised text and the number of errors reported.
+    :param text: the original text
+    :param variables: a dictionary of variables for substitution
+    :param model_context: used to resolve variables in file paths
+    :return the revised text and the number of errors reported
+    """
+    error_info = {'errorCount': 0}
+    result = _substitute(text, variables, model_context, error_info)
+    return result, error_info['errorCount']
+
+
 def substitute(dictionary, variables, model_context):
     """
     Substitute fields in the specified dictionary with variable values.

core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties

@@ -2062,6 +2062,7 @@ WLSDPLY-23004=Metadata key {0} was not found in SAML2 initialization file {1}
 WLSDPLY-23005=Adding SAML2 initialization file {0} to archive
 WLSDPLY-23006=Adding SAML2 initialization metadata file {0} to archive
 WLSDPLY-23007=SAML2 initialization metadata file {0} specified in properties file {1} was not found
+WLSDPLY-23008=Found {0} unresolved variable token(s) in file {1}
 
 ####################################################################
 #   Message number 30000 - 30999 Archive Helper                    #