You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by mm...@apache.org on 2021/04/23 10:05:00 UTC
[syncope] branch master updated: Switch to CAS 6.4 (#258)
This is an automated email from the ASF dual-hosted git repository.
mmoayyed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 833c002 Switch to CAS 6.4 (#258)
833c002 is described below
commit 833c002dc8e53237e1e26e640669601e922aba46
Author: Misagh Moayyed <mi...@gmail.com>
AuthorDate: Fri Apr 23 14:34:50 2021 +0430
Switch to CAS 6.4 (#258)
* switch to rc3
* fix issues with startup and saml metadata
* switch to snapshot with test fixes
* update properties for webauthn namespace
* Trigger build with an update
* fix tests
* add test case for saml2 sp metadata
* re-adjust test assertion for saml2 sp metadata
* update pac4j
* replace base64 class with that of JDK's
* wip: remove exclusion rules to fix tests
---
fit/wa-reference/src/main/resources/wa.properties | 8 ++++----
.../java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java | 16 ++++++++++++++++
pom.xml | 4 ++--
.../wa/starter/config/SyncopeWAConfiguration.java | 11 ++---------
.../wa/starter/mapping/OIDCRPClientAppTOMapper.java | 1 -
.../saml/idp/metadata/RestfulSamlIdPMetadataLocator.java | 11 ++++++-----
wa/starter/src/main/resources/wa.properties | 8 ++++----
7 files changed, 34 insertions(+), 25 deletions(-)
diff --git a/fit/wa-reference/src/main/resources/wa.properties b/fit/wa-reference/src/main/resources/wa.properties
index 4cf189c..5d0cd5c 100644
--- a/fit/wa-reference/src/main/resources/wa.properties
+++ b/fit/wa-reference/src/main/resources/wa.properties
@@ -54,9 +54,9 @@ springdoc.model-and-view-allowed=true
springdoc.writer-with-default-pretty-printer=true
springdoc.swagger-ui.displayRequestDuration=true
-cas.authn.mfa.web-authn.allowed-origins=${cas.server.name}
-cas.authn.mfa.web-authn.application-id=https://localhost:8443
-cas.authn.mfa.web-authn.relying-party-name=Syncope
-cas.authn.mfa.web-authn.relying-party-id=syncope.apache.org
+cas.authn.mfa.web-authn.core.allowed-origins=${cas.server.name}
+cas.authn.mfa.web-authn.core.application-id=https://localhost:8443
+cas.authn.mfa.web-authn.core.relying-party-name=Syncope
+cas.authn.mfa.web-authn.core.relying-party-id=syncope.apache.org
cas.authn.syncope.url=${cas.server.name}/syncope/rest/
diff --git a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
index 9f76428..24115ea 100644
--- a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
+++ b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
@@ -20,6 +20,7 @@ package org.apache.syncope.fit.ui;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.fail;
import java.io.IOException;
@@ -54,6 +55,7 @@ import org.apache.syncope.common.lib.types.ClientAppType;
import org.apache.syncope.common.lib.types.SAML2SPNameId;
import org.apache.syncope.common.rest.api.RESTHeaders;
import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
public class SAML2SP4UIITCase extends AbstractUIITCase {
@@ -156,6 +158,20 @@ public class SAML2SP4UIITCase extends AbstractUIITCase {
saml2sp4UIIdPService.update(cas);
}
+ @Test
+ public void fetchSpMetadata() throws Exception {
+ try (CloseableHttpClient httpclient = HttpClients.createDefault()) {
+ HttpClientContext context = HttpClientContext.create();
+ context.setCookieStore(new BasicCookieStore());
+
+ HttpGet get = new HttpGet(WA_ADDRESS + "/sp/metadata");
+ CloseableHttpResponse response = httpclient.execute(get, context);
+ assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode());
+ String responseBody = EntityUtils.toString(response.getEntity());
+ assertFalse(responseBody.isEmpty());
+ }
+ }
+
@Override
protected void sso(final String baseURL, final String username, final String password) throws IOException {
CloseableHttpClient httpclient = HttpClients.createDefault();
diff --git a/pom.xml b/pom.xml
index 9545b00..22082dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -449,9 +449,9 @@ under the License.
<modernizer-maven.version>2.2.0</modernizer-maven.version>
- <pac4j.version>5.0.0-RC2</pac4j.version>
+ <pac4j.version>5.0.1</pac4j.version>
- <cas.version>6.4.0-RC2</cas.version>
+ <cas.version>6.4.0-SNAPSHOT</cas.version>
<cas-client.version>3.6.2</cas-client.version>
<h2.version>1.4.200</h2.version>
diff --git a/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/SyncopeWAConfiguration.java b/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/SyncopeWAConfiguration.java
index 39066d9..3d156e6 100644
--- a/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/SyncopeWAConfiguration.java
+++ b/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/SyncopeWAConfiguration.java
@@ -223,15 +223,8 @@ public class SyncopeWAConfiguration {
@Autowired
@Bean
- public SamlIdPMetadataGenerator samlIdPMetadataGenerator(final WARestClient restClient) {
- SamlIdPMetadataGeneratorConfigurationContext context =
- SamlIdPMetadataGeneratorConfigurationContext.builder().
- samlIdPMetadataLocator(samlIdPMetadataLocator(restClient)).
- samlIdPCertificateAndKeyWriter(samlSelfSignedCertificateWriter.getObject()).
- applicationContext(ctx).
- casProperties(casProperties).
- metadataCipherExecutor(CipherExecutor.noOpOfStringToString()).
- build();
+ public SamlIdPMetadataGenerator samlIdPMetadataGenerator(final WARestClient restClient,
+ final SamlIdPMetadataGeneratorConfigurationContext context) {
return new RestfulSamlIdPMetadataGenerator(context, restClient);
}
diff --git a/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/OIDCRPClientAppTOMapper.java b/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/OIDCRPClientAppTOMapper.java
index f714377..eca4e7d 100644
--- a/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/OIDCRPClientAppTOMapper.java
+++ b/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/OIDCRPClientAppTOMapper.java
@@ -67,7 +67,6 @@ public class OIDCRPClientAppTOMapper extends AbstractClientAppMapper {
service.setServiceId(Stream.concat(rp.getRedirectUris().stream(), Stream.of(rp.getLogoutUri())).
filter(Objects::nonNull).
collect(Collectors.joining("|")));
- service.setRedirectUrl(service.getServiceId());
service.setClientId(rp.getClientId());
service.setClientSecret(rp.getClientSecret());
service.setSignIdToken(rp.isSignIdToken());
diff --git a/wa/starter/src/main/java/org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataLocator.java b/wa/starter/src/main/java/org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataLocator.java
index 96c6d35..88568e8 100644
--- a/wa/starter/src/main/java/org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataLocator.java
+++ b/wa/starter/src/main/java/org/apache/syncope/wa/starter/saml/idp/metadata/RestfulSamlIdPMetadataLocator.java
@@ -19,7 +19,6 @@
package org.apache.syncope.wa.starter.saml.idp.metadata;
import com.github.benmanes.caffeine.cache.Cache;
-import com.github.scribejava.core.java8.Base64;
import java.nio.charset.StandardCharsets;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.SyncopeClientException;
@@ -32,6 +31,8 @@ import org.apereo.cas.support.saml.services.idp.metadata.SamlIdPMetadataDocument
import org.apereo.cas.util.crypto.CipherExecutor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
+import java.util.Base64;
import java.util.Optional;
import org.apache.syncope.common.rest.api.service.SAML2IdPEntityService;
@@ -66,16 +67,16 @@ public class RestfulSamlIdPMetadataLocator extends AbstractSamlIdPMetadataLocato
entityTO.getSigningCertificate()), StandardCharsets.UTF_8));
}
if (entityTO.getSigningKey() != null) {
- document.setSigningKey((new String(Base64.getDecoder().decode(
- entityTO.getSigningKey()), StandardCharsets.UTF_8)));
+ document.setSigningKey(new String(Base64.getDecoder().decode(
+ entityTO.getSigningKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
}
if (entityTO.getEncryptionCertificate() != null) {
document.setEncryptionCertificate(new String(Base64.getDecoder().decode(
entityTO.getEncryptionCertificate()), StandardCharsets.UTF_8));
}
if (entityTO.getEncryptionKey() != null) {
- document.setEncryptionKey((new String(Base64.getDecoder().decode(
- entityTO.getEncryptionKey()), StandardCharsets.UTF_8)));
+ document.setEncryptionKey(new String(Base64.getDecoder().decode(
+ entityTO.getEncryptionKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
}
if (document.isValid()) {
diff --git a/wa/starter/src/main/resources/wa.properties b/wa/starter/src/main/resources/wa.properties
index 738f9c2..81d0d2e 100644
--- a/wa/starter/src/main/resources/wa.properties
+++ b/wa/starter/src/main/resources/wa.properties
@@ -54,9 +54,9 @@ springdoc.model-and-view-allowed=true
springdoc.writer-with-default-pretty-printer=true
springdoc.swagger-ui.displayRequestDuration=true
-cas.authn.mfa.web-authn.allowed-origins=${cas.server.name}
-cas.authn.mfa.web-authn.application-id=https://localhost:8443
-cas.authn.mfa.web-authn.relying-party-name=Syncope
-cas.authn.mfa.web-authn.relying-party-id=syncope.apache.org
+cas.authn.mfa.web-authn.core.allowed-origins=${cas.server.name}
+cas.authn.mfa.web-authn.core.application-id=https://localhost:8443
+cas.authn.mfa.web-authn.core.relying-party-name=Syncope
+cas.authn.mfa.web-authn.core.relying-party-id=syncope.apache.org
cas.authn.syncope.url=${cas.server.name}/syncope/rest/