This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 249d6b6701 Upgrading CAS, Pac4j, Elasticsearch and Swagger UI (#1405)
249d6b6701 is described below
commit 249d6b670133a74ec0892197f0c83064bad94af0
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Mon Jun 1 11:54:23 2026 +0200
Upgrading CAS, Pac4j, Elasticsearch and Swagger UI (#1405)
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
.mvn/extensions.xml | 2 +-
.../clientapps/ClientAppModalPanelBuilder.java | 144 ++++++++++++---------
.../clientapps/ClientAppDirectoryPanel.properties | 1 +
.../ClientAppDirectoryPanel_fr_CA.properties | 1 +
.../ClientAppDirectoryPanel_it.properties | 1 +
.../ClientAppDirectoryPanel_ja.properties | 1 +
.../ClientAppDirectoryPanel_pt_BR.properties | 1 +
.../ClientAppDirectoryPanel_ru.properties | 1 +
.../syncope/common/lib/to/SAML2SPClientAppTO.java | 42 ++++--
.../api/entity/am/SAML2SPClientApp.java | 10 +-
.../jpa/entity/am/JPASAML2SPClientApp.java | 32 +++--
.../neo4j/entity/am/Neo4jSAML2SPClientApp.java | 28 ++--
.../java/data/ClientAppDataBinderImpl.java | 22 ++--
.../apache/syncope/fit/sra/OAUTH2SRAITCase.java | 2 +-
.../org/apache/syncope/fit/ui/OIDCC4UIITCase.java | 2 -
.../apache/syncope/fit/ui/SAML2SP4UIITCase.java | 2 -
pom.xml | 10 +-
.../syncope/wa/starter/config/WAContext.java | 10 +-
.../starter/mapping/SAML2SPClientAppTOMapper.java | 7 +-
.../wa/starter/multitenancy/WATenantsManager.java | 17 +++
20 files changed, 216 insertions(+), 120 deletions(-)
diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
index 0fa026d33a..01a3142452 100644
--- a/.mvn/extensions.xml
+++ b/.mvn/extensions.xml
@@ -21,6 +21,6 @@ under the License.
<extension>
<groupId>org.apache.maven.extensions</groupId>
<artifactId>maven-build-cache-extension</artifactId>
- <version>1.2.2</version>
+ <version>1.2.3</version>
</extension>
</extensions>
diff --git
a/client/am/console/src/main/java/org/apache/syncope/client/console/clientapps/ClientAppModalPanelBuilder.java
b/client/am/console/src/main/java/org/apache/syncope/client/console/clientapps/ClientAppModalPanelBuilder.java
index 480b9c5d50..bc98659487 100644
---
a/client/am/console/src/main/java/org/apache/syncope/client/console/clientapps/ClientAppModalPanelBuilder.java
+++
b/client/am/console/src/main/java/org/apache/syncope/client/console/clientapps/ClientAppModalPanelBuilder.java
@@ -20,6 +20,7 @@ package org.apache.syncope.client.console.clientapps;
import jakarta.ws.rs.core.MediaType;
import java.nio.charset.StandardCharsets;
+import java.time.Duration;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Comparator;
@@ -91,12 +92,29 @@ import org.apache.wicket.model.LoadableDetachableModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.model.PropertyModel;
import org.apache.wicket.model.util.ListModel;
+import org.apache.wicket.validation.IValidatable;
+import org.apache.wicket.validation.IValidator;
+import org.apache.wicket.validation.ValidationError;
import org.apache.wicket.validation.validator.UrlValidator;
public class ClientAppModalPanelBuilder<T extends ClientAppTO> extends
AbstractModalPanelBuilder<T> {
private static final long serialVersionUID = 5945391813567245081L;
+ protected static class DurationValidator implements IValidator<String> {
+
+ private static final long serialVersionUID = 3978328825079032964L;
+
+ @Override
+ public void validate(final IValidatable<String> validatable) {
+ try {
+ Duration.parse(validatable.getValue());
+ } catch (Exception e) {
+ validatable.error(new ValidationError(this));
+ }
+ }
+ }
+
protected final IModel<Map<String, String>> accessPolicies = new
LoadableDetachableModel<>() {
private static final long serialVersionUID = -2012833443695917883L;
@@ -522,44 +540,44 @@ public class ClientAppModalPanelBuilder<T extends
ClientAppTO> extends AbstractM
new PropertyModel<>(clientAppTO,
"metadataSignatureLocation"), false));
AjaxDropDownChoicePanel<MetadataCriteriaDirection>
metadataCriteriaDirection =
- new AjaxDropDownChoicePanel<>(
- "field", "metadataCriteriaDirection",
- new PropertyModel<>(clientAppTO,
"metadataCriteriaDirection"),
- false);
+ new AjaxDropDownChoicePanel<>(
+ "field", "metadataCriteriaDirection",
+ new PropertyModel<>(clientAppTO,
"metadataCriteriaDirection"),
+ false);
metadataCriteriaDirection.setChoices(List.of(MetadataCriteriaDirection.values()));
fields.add(metadataCriteriaDirection);
fields.add(new AjaxTextFieldPanel(
- "field", "metadataCriteriaPattern",
- new PropertyModel<>(clientAppTO,
"metadataCriteriaPattern"), false));
+ "field", "metadataCriteriaPattern",
+ new PropertyModel<>(clientAppTO,
"metadataCriteriaPattern"), false));
fields.add(new AjaxTextFieldPanel(
- "field", "subjectLocality",
- new PropertyModel<>(clientAppTO, "subjectLocality"),
false));
+ "field", "subjectLocality",
+ new PropertyModel<>(clientAppTO,
"subjectLocality"), false));
AjaxDropDownChoicePanel<SigningCredentialType>
signingCredentialType =
- new AjaxDropDownChoicePanel<>(
- "field", "signingCredentialType",
- new PropertyModel<>(clientAppTO,
"signingCredentialType"),
- false);
+ new AjaxDropDownChoicePanel<>(
+ "field", "signingCredentialType",
+ new PropertyModel<>(clientAppTO,
"signingCredentialType"),
+ false);
signingCredentialType.setChoices(List.of(SigningCredentialType.values()));
fields.add(signingCredentialType);
AjaxDropDownChoicePanel<SAML2BindingType>
logoutResponseBinding =
- new AjaxDropDownChoicePanel<>(
- "field", "logoutResponseBinding",
- new PropertyModel<>(clientAppTO,
"logoutResponseBinding"),
- false);
+ new AjaxDropDownChoicePanel<>(
+ "field", "logoutResponseBinding",
+ new PropertyModel<>(clientAppTO,
"logoutResponseBinding"),
+ false);
logoutResponseBinding.setChoices(List.of(SAML2BindingType.values()));
fields.add(logoutResponseBinding);
fields.add(new AjaxCheckBoxPanel(
- "field", "logoutResponseEnabled",
- new PropertyModel<>(clientAppTO,
"logoutResponseEnabled")));
+ "field", "logoutResponseEnabled",
+ new PropertyModel<>(clientAppTO,
"logoutResponseEnabled")));
fields.add(new AjaxCheckBoxPanel(
- "field", "requireSignedRoot",
- new PropertyModel<>(clientAppTO,
"requireSignedRoot")));
+ "field", "requireSignedRoot",
+ new PropertyModel<>(clientAppTO,
"requireSignedRoot")));
fields.add(new AjaxCheckBoxPanel(
"field", "signAssertions", new
PropertyModel<>(clientAppTO, "signAssertions")));
@@ -574,76 +592,76 @@ public class ClientAppModalPanelBuilder<T extends
ClientAppTO> extends AbstractM
"field", "encryptAssertions", new
PropertyModel<>(clientAppTO, "encryptAssertions")));
fields.add(new AjaxCheckBoxPanel(
- "field", "encryptAttributes",
- new PropertyModel<>(clientAppTO,
"encryptAttributes")));
-
+ "field", "encryptAttributes",
+ new PropertyModel<>(clientAppTO,
"encryptAttributes")));
+
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingAssertionNameId",
- new PropertyModel<>(clientAppTO,
"skipGeneratingAssertionNameId")));
+ "field", "skipGeneratingAssertionNameId",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingAssertionNameId")));
fields.add(new AjaxCheckBoxPanel(
- "field",
"skipGeneratingSubjectConfirmationInResponseTo",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationInResponseTo")));
+ "field",
"skipGeneratingSubjectConfirmationInResponseTo",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationInResponseTo")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingResponseInResponseTo",
- new PropertyModel<>(clientAppTO,
"skipGeneratingResponseInResponseTo")));
+ "field", "skipGeneratingResponseInResponseTo",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingResponseInResponseTo")));
fields.add(new AjaxCheckBoxPanel(
- "field",
"skipGeneratingSubjectConfirmationNotOnOrAfter",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNotOnOrAfter")));
+ "field",
"skipGeneratingSubjectConfirmationNotOnOrAfter",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNotOnOrAfter")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingSubjectConfirmationRecipient",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationRecipient")));
+ "field",
"skipGeneratingSubjectConfirmationRecipient",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationRecipient")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingSubjectConfirmationRecipient",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationRecipient")));
+ "field",
"skipGeneratingSubjectConfirmationRecipient",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationRecipient")));
fields.add(new AjaxCheckBoxPanel(
- "field",
"skipGeneratingSubjectConfirmationAddress",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationAddress")));
+ "field",
"skipGeneratingSubjectConfirmationAddress",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationAddress")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingSubjectConfirmationNotBefore",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNotBefore")));
+ "field",
"skipGeneratingSubjectConfirmationNotBefore",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNotBefore")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingSubjectConfirmationNameId",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNameId")));
+ "field", "skipGeneratingSubjectConfirmationNameId",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSubjectConfirmationNameId")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingNameIdQualifiers",
- new PropertyModel<>(clientAppTO,
"skipGeneratingNameIdQualifiers")));
+ "field", "skipGeneratingNameIdQualifiers",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingNameIdQualifiers")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingTransientNameId",
- new PropertyModel<>(clientAppTO,
"skipGeneratingTransientNameId")));
+ "field", "skipGeneratingTransientNameId",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingTransientNameId")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipValidatingAuthnRequest",
- new PropertyModel<>(clientAppTO,
"skipValidatingAuthnRequest")));
+ "field", "skipValidatingAuthnRequest",
+ new PropertyModel<>(clientAppTO,
"skipValidatingAuthnRequest")));
fields.add(new AjaxCheckBoxPanel(
- "field",
"skipGeneratingServiceProviderNameIdQualifier",
- new PropertyModel<>(clientAppTO,
"skipGeneratingServiceProviderNameIdQualifier")));
+ "field",
"skipGeneratingServiceProviderNameIdQualifier",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingServiceProviderNameIdQualifier")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingAuthenticatingAuthority",
- new PropertyModel<>(clientAppTO,
"skipGeneratingAuthenticatingAuthority")));
+ "field", "skipGeneratingAuthenticatingAuthority",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingAuthenticatingAuthority")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingNameIdQualifier",
- new PropertyModel<>(clientAppTO,
"skipGeneratingNameIdQualifier")));
+ "field", "skipGeneratingNameIdQualifier",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingNameIdQualifier")));
fields.add(new AjaxCheckBoxPanel(
- "field", "skipGeneratingSessionNotOnOrAfter",
- new PropertyModel<>(clientAppTO,
"skipGeneratingSessionNotOnOrAfter")));
+ "field", "skipGeneratingSessionNotOnOrAfter",
+ new PropertyModel<>(clientAppTO,
"skipGeneratingSessionNotOnOrAfter")));
fields.add(new AjaxCheckBoxPanel(
- "field", "validateMetadataCertificates",
- new PropertyModel<>(clientAppTO,
"validateMetadataCertificates")));
+ "field", "validateMetadataCertificates",
+ new PropertyModel<>(clientAppTO,
"validateMetadataCertificates")));
fields.add(new AjaxTextFieldPanel(
"field", "requiredAuthenticationContextClass",
@@ -656,9 +674,15 @@ public class ClientAppModalPanelBuilder<T extends
ClientAppTO> extends AbstractM
requiredNameIdFormat.addRequiredLabel().setEnabled(true);
fields.add(requiredNameIdFormat);
- fields.add(new
AjaxNumberFieldPanel.Builder<Integer>().min(0).build(
- "field", "skewAllowance", Integer.class,
- new PropertyModel<>(clientAppTO,
"skewAllowance")));
+ AjaxTextFieldPanel skewAllowance = new AjaxTextFieldPanel(
+ "field", "skewAllowance", new
PropertyModel<>(clientAppTO, "skewAllowance"), false);
+ skewAllowance.addValidator(new DurationValidator());
+ fields.add(skewAllowance);
+
+ AjaxTextFieldPanel validityUntil = new AjaxTextFieldPanel(
+ "field", "validityUntil", new
PropertyModel<>(clientAppTO, "validityUntil"), false);
+ validityUntil.addValidator(new DurationValidator());
+ fields.add(validityUntil);
fields.add(new AjaxTextFieldPanel(
"field", "nameIdQualifier", new
PropertyModel<>(clientAppTO, "nameIdQualifier"), false));
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel.properties
index a8f51846ac..bdc0ffef1b 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel.properties
@@ -106,3 +106,4 @@ userInfoEncryptedResponseAlg=UserInfo Encrypted Response
Algorithm
userInfoEncryptedResponseEncoding=UserInfo Encrypted Response Encoding
evaluationOrder=Evaluation Order
idp=Identity Provider
+validityUntil=Validity Until
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_fr_CA.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_fr_CA.properties
index 2c3e428cdc..3d7316bf5b 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_fr_CA.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_fr_CA.properties
@@ -106,3 +106,4 @@ userInfoEncryptedResponseAlg=UserInfo Encrypted Response
Algorithm
userInfoEncryptedResponseEncoding=UserInfo Encrypted Response Encoding
evaluationOrder=Evaluation Order
idp=Identity Provider
+validityUntil=Validity Until
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_it.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_it.properties
index d4123f56c6..96dcd2705c 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_it.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_it.properties
@@ -106,3 +106,4 @@ userInfoEncryptedResponseAlg=Algoritmo di cifratura
risposta UserInfo
userInfoEncryptedResponseEncoding=Codifica di cifratura risposta UserInfo
evaluationOrder=Ordine di valutazione
idp=Identity Provider
+validityUntil=Validit\u00e0
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ja.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ja.properties
index 06aa5f2737..fd95fba6ae 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ja.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ja.properties
@@ -106,3 +106,4 @@ userInfoEncryptedResponseAlg=UserInfo Encrypted Response
Algorithm
userInfoEncryptedResponseEncoding=UserInfo Encrypted Response Encoding
evaluationOrder=Evaluation Order
idp=Identity Provider
+validityUntil=Validity Until
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_pt_BR.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_pt_BR.properties
index ceaecd955c..a1f4bdd85d 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_pt_BR.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_pt_BR.properties
@@ -106,3 +106,4 @@ userInfoEncryptedResponseAlg=UserInfo Encrypted Response
Algorithm
userInfoEncryptedResponseEncoding=UserInfo Encrypted Response Encoding
evaluationOrder=Evaluation Order
idp=Identity Provider
+validityUntil=Validity Until
diff --git
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ru.properties
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ru.properties
index 1284cc9602..393ce1f407 100644
---
a/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ru.properties
+++
b/client/am/console/src/main/resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ru.properties
@@ -107,3 +107,4 @@ userInfoEncryptedResponseAlg=UserInfo Encrypted Response
Algorithm
userInfoEncryptedResponseEncoding=UserInfo Encrypted Response Encoding
evaluationOrder=Evaluation Order
idp=Identity Provider
+validityUntil=Validity Until
diff --git
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/to/SAML2SPClientAppTO.java
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/to/SAML2SPClientAppTO.java
index 2c3f63c230..87f2782d49 100644
---
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/to/SAML2SPClientAppTO.java
+++
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/to/SAML2SPClientAppTO.java
@@ -51,7 +51,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
private SigningCredentialType signingCredentialType;
- private SAML2BindingType logoutResponseBinding;
+ private SAML2BindingType logoutResponseBinding;
private boolean signAssertions;
@@ -103,7 +103,15 @@ public class SAML2SPClientAppTO extends ClientAppTO {
private SAML2SPNameId requiredNameIdFormat;
- private Integer skewAllowance;
+ /**
+ * This settings supports the java.time.Duration syntax.
+ */
+ private String skewAllowance;
+
+ /**
+ * This settings supports the java.time.Duration syntax.
+ */
+ private String validityUntil;
private String nameIdQualifier;
@@ -272,7 +280,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
}
public void setSkipGeneratingSubjectConfirmationInResponseTo(
- final boolean skipGeneratingSubjectConfirmationInResponseTo) {
+ final boolean skipGeneratingSubjectConfirmationInResponseTo) {
this.skipGeneratingSubjectConfirmationInResponseTo =
skipGeneratingSubjectConfirmationInResponseTo;
}
@@ -289,7 +297,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
}
public void setSkipGeneratingSubjectConfirmationNotOnOrAfter(
- final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
+ final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
this.skipGeneratingSubjectConfirmationNotOnOrAfter =
skipGeneratingSubjectConfirmationNotOnOrAfter;
}
@@ -298,7 +306,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
}
public void setSkipGeneratingSubjectConfirmationRecipient(
- final boolean skipGeneratingSubjectConfirmationRecipient) {
+ final boolean skipGeneratingSubjectConfirmationRecipient) {
this.skipGeneratingSubjectConfirmationRecipient =
skipGeneratingSubjectConfirmationRecipient;
}
@@ -315,7 +323,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
}
public void setSkipGeneratingSubjectConfirmationNotBefore(
- final boolean skipGeneratingSubjectConfirmationNotBefore) {
+ final boolean skipGeneratingSubjectConfirmationNotBefore) {
this.skipGeneratingSubjectConfirmationNotBefore =
skipGeneratingSubjectConfirmationNotBefore;
}
@@ -356,7 +364,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
}
public void setSkipGeneratingServiceProviderNameIdQualifier(
- final boolean skipGeneratingServiceProviderNameIdQualifier) {
+ final boolean skipGeneratingServiceProviderNameIdQualifier) {
this.skipGeneratingServiceProviderNameIdQualifier =
skipGeneratingServiceProviderNameIdQualifier;
}
@@ -408,14 +416,22 @@ public class SAML2SPClientAppTO extends ClientAppTO {
this.requiredNameIdFormat = requiredNameIdFormat;
}
- public Integer getSkewAllowance() {
+ public String getSkewAllowance() {
return skewAllowance;
}
- public void setSkewAllowance(final Integer skewAllowance) {
+ public void setSkewAllowance(final String skewAllowance) {
this.skewAllowance = skewAllowance;
}
+ public String getValidityUntil() {
+ return validityUntil;
+ }
+
+ public void setValidityUntil(final String validityUntil) {
+ this.validityUntil = validityUntil;
+ }
+
public String getNameIdQualifier() {
return nameIdQualifier;
}
@@ -490,10 +506,10 @@ public class SAML2SPClientAppTO extends ClientAppTO {
.append(this.encryptAttributes, rhs.encryptAttributes)
.append(this.skipGeneratingAssertionNameId,
rhs.skipGeneratingAssertionNameId)
.append(this.skipGeneratingSubjectConfirmationInResponseTo,
- rhs.skipGeneratingSubjectConfirmationInResponseTo)
+ rhs.skipGeneratingSubjectConfirmationInResponseTo)
.append(this.skipGeneratingResponseInResponseTo,
rhs.skipGeneratingResponseInResponseTo)
.append(this.skipGeneratingSubjectConfirmationNotOnOrAfter,
- rhs.skipGeneratingSubjectConfirmationNotOnOrAfter)
+ rhs.skipGeneratingSubjectConfirmationNotOnOrAfter)
.append(this.skipGeneratingSubjectConfirmationRecipient,
rhs.skipGeneratingSubjectConfirmationRecipient)
.append(this.skipGeneratingSubjectConfirmationAddress,
rhs.skipGeneratingSubjectConfirmationAddress)
.append(this.skipGeneratingSubjectConfirmationNotBefore,
rhs.skipGeneratingSubjectConfirmationNotBefore)
@@ -502,7 +518,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
.append(this.skipGeneratingTransientNameId,
rhs.skipGeneratingTransientNameId)
.append(this.skipValidatingAuthnRequest,
rhs.skipValidatingAuthnRequest)
.append(this.skipGeneratingServiceProviderNameIdQualifier,
- rhs.skipGeneratingServiceProviderNameIdQualifier)
+ rhs.skipGeneratingServiceProviderNameIdQualifier)
.append(this.skipGeneratingAuthenticatingAuthority,
rhs.skipGeneratingAuthenticatingAuthority)
.append(this.skipGeneratingNameIdQualifier,
rhs.skipGeneratingNameIdQualifier)
.append(this.skipGeneratingSessionNotOnOrAfter,
rhs.skipGeneratingSessionNotOnOrAfter)
@@ -511,6 +527,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
.append(this.requiredAuthenticationContextClass,
rhs.requiredAuthenticationContextClass)
.append(this.requiredNameIdFormat, rhs.requiredNameIdFormat)
.append(this.skewAllowance, rhs.skewAllowance)
+ .append(this.validityUntil, rhs.validityUntil)
.append(this.nameIdQualifier, rhs.nameIdQualifier)
.append(this.assertionAudiences, rhs.assertionAudiences)
.append(this.serviceProviderNameIdQualifier,
rhs.serviceProviderNameIdQualifier)
@@ -561,6 +578,7 @@ public class SAML2SPClientAppTO extends ClientAppTO {
.append(requiredAuthenticationContextClass)
.append(requiredNameIdFormat)
.append(skewAllowance)
+ .append(validityUntil)
.append(nameIdQualifier)
.append(assertionAudiences)
.append(serviceProviderNameIdQualifier)
diff --git
a/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/am/SAML2SPClientApp.java
b/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/am/SAML2SPClientApp.java
index 1cde400d76..5a9d879197 100644
---
a/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/am/SAML2SPClientApp.java
+++
b/core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/am/SAML2SPClientApp.java
@@ -100,7 +100,7 @@ public interface SAML2SPClientApp extends ClientApp {
boolean isSkipGeneratingSubjectConfirmationInResponseTo();
void setSkipGeneratingSubjectConfirmationInResponseTo(boolean
skipGeneratingSubjectConfirmationInResponseTo);
-
+
boolean isSkipGeneratingResponseInResponseTo();
void setSkipGeneratingResponseInResponseTo(boolean
skipGeneratingResponseInResponseTo);
@@ -165,9 +165,13 @@ public interface SAML2SPClientApp extends ClientApp {
SAML2SPNameId getRequiredNameIdFormat();
- void setSkewAllowance(Integer location);
+ void setSkewAllowance(String skewAllowance);
+
+ String getSkewAllowance();
+
+ void setValidityUntil(String validityUntil);
- Integer getSkewAllowance();
+ String getValidityUntil();
void setNameIdQualifier(String location);
diff --git
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/am/JPASAML2SPClientApp.java
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/am/JPASAML2SPClientApp.java
index 3b3635204c..6de6d2622a 100644
---
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/am/JPASAML2SPClientApp.java
+++
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/am/JPASAML2SPClientApp.java
@@ -70,7 +70,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
private boolean encryptAttributes;
private boolean skipGeneratingAssertionNameId;
-
+
private boolean logoutResponseEnable;
@Column(name = "skipGeneSubjectConfInRespTo")
@@ -118,7 +118,9 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
private SAML2SPNameId requiredNameIdFormat;
- private Integer skewAllowance;
+ private String skewAllowance;
+
+ private String validityUntil;
private String nameIdQualifier;
@@ -262,7 +264,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSubjectLocality(final String subjectLocality) {
- this.subjectLocality = subjectLocality;
+ this.subjectLocality = subjectLocality;
}
@Override
@@ -352,7 +354,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSkipGeneratingSubjectConfirmationInResponseTo(
- final boolean skipGeneratingSubjectConfirmationInResponseTo) {
+ final boolean skipGeneratingSubjectConfirmationInResponseTo) {
this.skipGeneratingSubjectConfirmationInResponseTo =
skipGeneratingSubjectConfirmationInResponseTo;
}
@@ -373,7 +375,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSkipGeneratingSubjectConfirmationNotOnOrAfter(
- final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
+ final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
this.skipGeneratingSubjectConfirmationNotOnOrAfter =
skipGeneratingSubjectConfirmationNotOnOrAfter;
}
@@ -384,7 +386,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSkipGeneratingSubjectConfirmationRecipient(
- final boolean skipGeneratingSubjectConfirmationRecipient) {
+ final boolean skipGeneratingSubjectConfirmationRecipient) {
this.skipGeneratingSubjectConfirmationRecipient =
skipGeneratingSubjectConfirmationRecipient;
}
@@ -405,7 +407,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSkipGeneratingSubjectConfirmationNotBefore(
- final boolean skipGeneratingSubjectConfirmationNotBefore) {
+ final boolean skipGeneratingSubjectConfirmationNotBefore) {
this.skipGeneratingSubjectConfirmationNotBefore =
skipGeneratingSubjectConfirmationNotBefore;
}
@@ -456,7 +458,7 @@ public class JPASAML2SPClientApp extends AbstractClientApp
implements SAML2SPCli
@Override
public void setSkipGeneratingServiceProviderNameIdQualifier(
- final boolean skipGeneratingServiceProviderNameIdQualifier) {
+ final boolean skipGeneratingServiceProviderNameIdQualifier) {
this.skipGeneratingServiceProviderNameIdQualifier =
skipGeneratingServiceProviderNameIdQualifier;
}
@@ -521,15 +523,25 @@ public class JPASAML2SPClientApp extends
AbstractClientApp implements SAML2SPCli
}
@Override
- public Integer getSkewAllowance() {
+ public String getSkewAllowance() {
return skewAllowance;
}
@Override
- public void setSkewAllowance(final Integer skewAllowance) {
+ public void setSkewAllowance(final String skewAllowance) {
this.skewAllowance = skewAllowance;
}
+ @Override
+ public String getValidityUntil() {
+ return validityUntil;
+ }
+
+ @Override
+ public void setValidityUntil(final String validityUntil) {
+ this.validityUntil = validityUntil;
+ }
+
@Override
public String getNameIdQualifier() {
return nameIdQualifier;
diff --git
a/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/am/Neo4jSAML2SPClientApp.java
b/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/am/Neo4jSAML2SPClientApp.java
index 3f9c120455..dbc9fcbe2e 100644
---
a/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/am/Neo4jSAML2SPClientApp.java
+++
b/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/am/Neo4jSAML2SPClientApp.java
@@ -113,7 +113,9 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
private SAML2SPNameId requiredNameIdFormat;
- private Integer skewAllowance;
+ private String skewAllowance;
+
+ private String validityUntil;
private String nameIdQualifier;
@@ -337,7 +339,7 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
@Override
public void setSkipGeneratingSubjectConfirmationInResponseTo(
- final boolean skipGeneratingSubjectConfirmationInResponseTo) {
+ final boolean skipGeneratingSubjectConfirmationInResponseTo) {
this.skipGeneratingSubjectConfirmationInResponseTo =
skipGeneratingSubjectConfirmationInResponseTo;
}
@@ -358,7 +360,7 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
@Override
public void setSkipGeneratingSubjectConfirmationNotOnOrAfter(
- final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
+ final boolean skipGeneratingSubjectConfirmationNotOnOrAfter) {
this.skipGeneratingSubjectConfirmationNotOnOrAfter =
skipGeneratingSubjectConfirmationNotOnOrAfter;
}
@@ -369,7 +371,7 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
@Override
public void setSkipGeneratingSubjectConfirmationRecipient(
- final boolean skipGeneratingSubjectConfirmationRecipient) {
+ final boolean skipGeneratingSubjectConfirmationRecipient) {
this.skipGeneratingSubjectConfirmationRecipient =
skipGeneratingSubjectConfirmationRecipient;
}
@@ -390,7 +392,7 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
@Override
public void setSkipGeneratingSubjectConfirmationNotBefore(
- final boolean skipGeneratingSubjectConfirmationNotBefore) {
+ final boolean skipGeneratingSubjectConfirmationNotBefore) {
this.skipGeneratingSubjectConfirmationNotBefore =
skipGeneratingSubjectConfirmationNotBefore;
}
@@ -441,7 +443,7 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
@Override
public void setSkipGeneratingServiceProviderNameIdQualifier(
- final boolean skipGeneratingServiceProviderNameIdQualifier) {
+ final boolean skipGeneratingServiceProviderNameIdQualifier) {
this.skipGeneratingServiceProviderNameIdQualifier =
skipGeneratingServiceProviderNameIdQualifier;
}
@@ -506,15 +508,25 @@ public class Neo4jSAML2SPClientApp extends
AbstractClientApp implements SAML2SPC
}
@Override
- public Integer getSkewAllowance() {
+ public String getSkewAllowance() {
return skewAllowance;
}
@Override
- public void setSkewAllowance(final Integer skewAllowance) {
+ public void setSkewAllowance(final String skewAllowance) {
this.skewAllowance = skewAllowance;
}
+ @Override
+ public String getValidityUntil() {
+ return validityUntil;
+ }
+
+ @Override
+ public void setValidityUntil(final String validityUntil) {
+ this.validityUntil = validityUntil;
+ }
+
@Override
public String getNameIdQualifier() {
return nameIdQualifier;
diff --git
a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ClientAppDataBinderImpl.java
b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ClientAppDataBinderImpl.java
index 753c6a4804..f5851bcb84 100644
---
a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ClientAppDataBinderImpl.java
+++
b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ClientAppDataBinderImpl.java
@@ -148,21 +148,21 @@ public class ClientAppDataBinderImpl implements
ClientAppDataBinder {
clientApp.setEncryptAttributes(clientAppTO.isEncryptAttributes());
clientApp.setSkipGeneratingAssertionNameId(clientAppTO.isSkipGeneratingAssertionNameId());
clientApp.setSkipGeneratingSubjectConfirmationInResponseTo(
- clientAppTO.isSkipGeneratingSubjectConfirmationInResponseTo());
+ clientAppTO.isSkipGeneratingSubjectConfirmationInResponseTo());
clientApp.setSkipGeneratingResponseInResponseTo(clientAppTO.isSkipGeneratingResponseInResponseTo());
clientApp.setSkipGeneratingSubjectConfirmationNotOnOrAfter(
- clientAppTO.isSkipGeneratingSubjectConfirmationNotOnOrAfter());
+ clientAppTO.isSkipGeneratingSubjectConfirmationNotOnOrAfter());
clientApp.setSkipGeneratingSubjectConfirmationRecipient(
- clientAppTO.isSkipGeneratingSubjectConfirmationRecipient());
+ clientAppTO.isSkipGeneratingSubjectConfirmationRecipient());
clientApp.setSkipGeneratingSubjectConfirmationAddress(clientAppTO.isSkipGeneratingSubjectConfirmationAddress());
clientApp.setSkipGeneratingSubjectConfirmationNotBefore(
- clientAppTO.isSkipGeneratingSubjectConfirmationNotBefore());
+ clientAppTO.isSkipGeneratingSubjectConfirmationNotBefore());
clientApp.setSkipGeneratingSubjectConfirmationNameId(clientAppTO.isSkipGeneratingSubjectConfirmationNameId());
clientApp.setSkipGeneratingNameIdQualifiers(clientAppTO.isSkipGeneratingNameIdQualifiers());
clientApp.setSkipGeneratingTransientNameId(clientAppTO.isSkipGeneratingTransientNameId());
clientApp.setSkipValidatingAuthnRequest(clientAppTO.isSkipValidatingAuthnRequest());
clientApp.setSkipGeneratingServiceProviderNameIdQualifier(
- clientAppTO.isSkipGeneratingServiceProviderNameIdQualifier());
+ clientAppTO.isSkipGeneratingServiceProviderNameIdQualifier());
clientApp.setSkipGeneratingAuthenticatingAuthority(clientAppTO.isSkipGeneratingAuthenticatingAuthority());
clientApp.setSkipGeneratingNameIdQualifier(clientAppTO.isSkipGeneratingNameIdQualifier());
clientApp.setSkipGeneratingSessionNotOnOrAfter(clientAppTO.isSkipGeneratingSessionNotOnOrAfter());
@@ -170,6 +170,7 @@ public class ClientAppDataBinderImpl implements
ClientAppDataBinder {
clientApp.setRequiredAuthenticationContextClass(clientAppTO.getRequiredAuthenticationContextClass());
clientApp.setRequiredNameIdFormat(clientAppTO.getRequiredNameIdFormat());
clientApp.setSkewAllowance(clientAppTO.getSkewAllowance());
+ clientApp.setValidityUntil(clientAppTO.getValidityUntil());
clientApp.setNameIdQualifier(clientAppTO.getNameIdQualifier());
clientApp.getAssertionAudiences().clear();
clientApp.getAssertionAudiences().addAll(clientAppTO.getAssertionAudiences());
@@ -244,21 +245,21 @@ public class ClientAppDataBinderImpl implements
ClientAppDataBinder {
clientAppTO.setEncryptAttributes(clientApp.isEncryptAttributes());
clientAppTO.setSkipGeneratingAssertionNameId(clientApp.isSkipGeneratingAssertionNameId());
clientAppTO.setSkipGeneratingSubjectConfirmationInResponseTo(
- clientApp.isSkipGeneratingSubjectConfirmationInResponseTo());
+ clientApp.isSkipGeneratingSubjectConfirmationInResponseTo());
clientAppTO.setSkipGeneratingResponseInResponseTo(clientApp.isSkipGeneratingResponseInResponseTo());
clientAppTO.setSkipGeneratingSubjectConfirmationNotOnOrAfter(
- clientApp.isSkipGeneratingSubjectConfirmationNotOnOrAfter());
+ clientApp.isSkipGeneratingSubjectConfirmationNotOnOrAfter());
clientAppTO.setSkipGeneratingSubjectConfirmationRecipient(
- clientApp.isSkipGeneratingSubjectConfirmationRecipient());
+ clientApp.isSkipGeneratingSubjectConfirmationRecipient());
clientAppTO.setSkipGeneratingSubjectConfirmationAddress(clientApp.isSkipGeneratingSubjectConfirmationAddress());
clientAppTO.setSkipGeneratingSubjectConfirmationNotBefore(
- clientApp.isSkipGeneratingSubjectConfirmationNotBefore());
+ clientApp.isSkipGeneratingSubjectConfirmationNotBefore());
clientAppTO.setSkipGeneratingSubjectConfirmationNameId(clientApp.isSkipGeneratingSubjectConfirmationNameId());
clientAppTO.setSkipGeneratingNameIdQualifiers(clientApp.isSkipGeneratingNameIdQualifiers());
clientAppTO.setSkipGeneratingTransientNameId(clientApp.isSkipGeneratingTransientNameId());
clientAppTO.setSkipValidatingAuthnRequest(clientApp.isSkipValidatingAuthnRequest());
clientAppTO.setSkipGeneratingServiceProviderNameIdQualifier(
- clientApp.isSkipGeneratingServiceProviderNameIdQualifier());
+ clientApp.isSkipGeneratingServiceProviderNameIdQualifier());
clientAppTO.setSkipGeneratingAuthenticatingAuthority(clientApp.isSkipGeneratingAuthenticatingAuthority());
clientAppTO.setSkipGeneratingNameIdQualifier(clientApp.isSkipGeneratingNameIdQualifier());
clientAppTO.setSkipGeneratingSessionNotOnOrAfter(clientApp.isSkipGeneratingSessionNotOnOrAfter());
@@ -266,6 +267,7 @@ public class ClientAppDataBinderImpl implements
ClientAppDataBinder {
clientAppTO.setRequiredAuthenticationContextClass(clientApp.getRequiredAuthenticationContextClass());
clientAppTO.setRequiredNameIdFormat(clientApp.getRequiredNameIdFormat());
clientAppTO.setSkewAllowance(clientApp.getSkewAllowance());
+ clientAppTO.setValidityUntil(clientApp.getValidityUntil());
clientAppTO.setNameIdQualifier(clientApp.getNameIdQualifier());
clientAppTO.getAssertionAudiences().addAll(clientApp.getAssertionAudiences());
clientAppTO.setServiceProviderNameIdQualifier(clientApp.getServiceProviderNameIdQualifier());
diff --git
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/OAUTH2SRAITCase.java
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/OAUTH2SRAITCase.java
index aa2689b0fe..cec0d75f6d 100644
---
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/OAUTH2SRAITCase.java
+++
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/OAUTH2SRAITCase.java
@@ -66,7 +66,7 @@ class OAUTH2SRAITCase extends AbstractOIDCITCase {
@Override
protected void checkLogout(final CloseableHttpResponse response) {
- assertEquals(HttpStatus.SC_NOT_FOUND,
response.getStatusLine().getStatusCode());
+ assertEquals(HttpStatus.SC_OK,
response.getStatusLine().getStatusCode());
}
@Override
diff --git
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/OIDCC4UIITCase.java
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/OIDCC4UIITCase.java
index 839a28ad8c..8a65494bb3 100644
---
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/OIDCC4UIITCase.java
+++
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/OIDCC4UIITCase.java
@@ -394,7 +394,6 @@ public class OIDCC4UIITCase extends AbstractUIITCase {
assertNotNull(passwordResetBody);
// check WA reset password screen
- assertTrue(passwordResetBody.contains("currentPassword"));
assertTrue(passwordResetBody.contains("password"));
assertTrue(passwordResetBody.contains("confirmedPassword"));
assertTrue(passwordResetBody.contains("execution"));
@@ -406,7 +405,6 @@ public class OIDCC4UIITCase extends AbstractUIITCase {
List<NameValuePair> form = new ArrayList<>();
form.add(new BasicNameValuePair("_eventId", "submit"));
form.add(new BasicNameValuePair("execution", execution));
- form.add(new BasicNameValuePair("currentPassword", password));
form.add(new BasicNameValuePair("password", newpassword));
form.add(new BasicNameValuePair("confirmedPassword", newpassword));
diff --git
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
index 708dc9ac12..cf2c64f21b 100644
---
a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
+++
b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java
@@ -379,7 +379,6 @@ public class SAML2SP4UIITCase extends AbstractUIITCase {
responseBody = EntityUtils.toString(response.getEntity());
// check WA reset password screen
- assertTrue(responseBody.contains("currentPassword"));
assertTrue(responseBody.contains("password"));
assertTrue(responseBody.contains("confirmedPassword"));
assertTrue(responseBody.contains("execution"));
@@ -392,7 +391,6 @@ public class SAML2SP4UIITCase extends AbstractUIITCase {
List<NameValuePair> form = new ArrayList<>();
form.add(new BasicNameValuePair("_eventId", "submit"));
form.add(new BasicNameValuePair("execution", execution));
- form.add(new BasicNameValuePair("currentPassword", password));
form.add(new BasicNameValuePair("password", newpassword));
form.add(new BasicNameValuePair("confirmedPassword", newpassword));
diff --git a/pom.xml b/pom.xml
index 0a22458c93..1616751257 100644
--- a/pom.xml
+++ b/pom.xml
@@ -451,7 +451,7 @@ under the License.
<disruptor.version>4.0.0</disruptor.version>
- <elasticsearch.version>9.4.1</elasticsearch.version>
+ <elasticsearch.version>9.4.2</elasticsearch.version>
<opensearch.version>3.6.0</opensearch.version>
<opensearch-java.version>3.8.0</opensearch-java.version>
@@ -464,13 +464,13 @@ under the License.
<commons-text.version>1.15.0</commons-text.version>
<commons-codec.version>1.22.0</commons-codec.version>
- <pac4j.version>6.4.3</pac4j.version>
+ <pac4j.version>6.5.2</pac4j.version>
- <cas.version>8.0.0-RC4</cas.version>
+ <cas.version>8.0.0-RC5</cas.version>
<cas-client.version>4.1.1</cas-client.version>
<swagger-core.version>2.2.50</swagger-core.version>
- <swagger-ui.version>5.32.5</swagger-ui.version>
+ <swagger-ui.version>5.32.6</swagger-ui.version>
<jquery-slimscroll.version>1.3.8</jquery-slimscroll.version>
<jquery-cookie.version>1.4.1-1</jquery-cookie.version>
@@ -485,7 +485,7 @@ under the License.
<chartjs.version>4.4.3</chartjs.version>
<wicket.version>10.9.1</wicket.version>
- <wicketstuff.version>10.9.1</wicketstuff.version>
+ <wicketstuff.version>10.9.2</wicketstuff.version>
<wicket-bootstrap.version>7.0.14</wicket-bootstrap.version>
<wicket-spring-boot.version>5.0.0</wicket-spring-boot.version>
diff --git
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/WAContext.java
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/WAContext.java
index 8516f74915..abb4ae129d 100644
---
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/WAContext.java
+++
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/config/WAContext.java
@@ -83,7 +83,7 @@ import
org.apereo.cas.configuration.CasConfigurationProperties;
import
org.apereo.cas.configuration.model.support.mfa.gauth.LdapGoogleAuthenticatorMultifactorProperties;
import
org.apereo.cas.configuration.model.support.pm.PasswordManagementProperties;
import org.apereo.cas.configuration.support.JpaBeans;
-import org.apereo.cas.consent.ConsentRepository;
+import org.apereo.cas.consent.ConsentRepositoryBuilder;
import org.apereo.cas.gauth.CasGoogleAuthenticator;
import
org.apereo.cas.gauth.credential.LdapGoogleAuthenticatorTokenCredentialRepository;
import org.apereo.cas.multitenancy.TenantsManager;
@@ -111,6 +111,7 @@ import
org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustS
import org.apereo.cas.util.LdapUtils;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.CasApplicationReadyListener;
+import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.webauthn.storage.WebAuthnCredentialRepository;
import org.ldaptive.ConnectionFactory;
import org.pac4j.core.client.Client;
@@ -572,8 +573,11 @@ public class WAContext {
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
@Bean
- public ConsentRepository consentRepository(final WARestClient
waRestClient) {
- return new WAConsentRepository(waRestClient);
+ public ConsentRepositoryBuilder waConsentRepositoryBuilder(final
WARestClient waRestClient) {
+ return BeanSupplier.of(ConsentRepositoryBuilder.class).
+ supply(() -> () -> new WAConsentRepository(waRestClient)).
+ otherwiseProxy().
+ get();
}
@Bean
diff --git
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/SAML2SPClientAppTOMapper.java
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/SAML2SPClientAppTOMapper.java
index 2a8a1636a8..a93e48352a 100644
---
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/SAML2SPClientAppTOMapper.java
+++
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/SAML2SPClientAppTOMapper.java
@@ -72,11 +72,11 @@ public class SAML2SPClientAppTOMapper extends
AbstractClientAppMapper {
service.setEncryptAssertions(sp.isEncryptAssertions());
service.setSubjectLocality(sp.getSubjectLocality());
service.setLogoutResponseBinding(
-
Optional.ofNullable(sp.getLogoutResponseBinding()).map(Enum::name).orElse(null));
+
Optional.ofNullable(sp.getLogoutResponseBinding()).map(Enum::name).orElse(null));
service.setMetadataCriteriaDirection(sp.getMetadataCriteriaDirection().name());
service.setMetadataCriteriaPattern(sp.getMetadataCriteriaPattern());
service.setSigningCredentialType(
-
Optional.ofNullable(sp.getSigningCredentialType()).map(Enum::name).orElse(null));
+
Optional.ofNullable(sp.getSigningCredentialType()).map(Enum::name).orElse(null));
service.setEncryptAttributes(sp.isEncryptAttributes());
service.setRequireSignedRoot(sp.isRequireSignedRoot());
service.setLogoutResponseEnabled(sp.isLogoutResponseEnabled());
@@ -98,7 +98,8 @@ public class SAML2SPClientAppTOMapper extends
AbstractClientAppMapper {
service.setValidateMetadataCertificates(sp.isValidateMetadataCertificates());
service.setRequiredAuthenticationContextClass(sp.getRequiredAuthenticationContextClass());
service.setRequiredNameIdFormat(sp.getRequiredNameIdFormat().getNameId());
-
service.setSkewAllowance(Optional.ofNullable(sp.getSkewAllowance()).orElse(0));
+
service.setSkewAllowance(Optional.ofNullable(sp.getSkewAllowance()).orElse(null));
+
service.setValidityUntil(Optional.ofNullable(sp.getValidityUntil()).orElse(null));
service.setNameIdQualifier(sp.getNameIdQualifier());
if (!sp.getAssertionAudiences().isEmpty()) {
service.setAssertionAudiences(String.join(",",
sp.getAssertionAudiences()));
diff --git
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/multitenancy/WATenantsManager.java
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/multitenancy/WATenantsManager.java
index ac68ea3b5c..b400b9dc6d 100644
---
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/multitenancy/WATenantsManager.java
+++
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/multitenancy/WATenantsManager.java
@@ -123,4 +123,21 @@ public class WATenantsManager implements TenantsManager {
domainOps.list().forEach(domain ->
findTenant(domain.getKey()).ifPresent(tenants::add));
return tenants;
}
+
+ @Override
+ public TenantDefinition save(final TenantDefinition tenantDefinition) {
+ // Syncope Domains are managed by Core
+ return tenantDefinition;
+ }
+
+ @Override
+ public boolean delete(final String tenantId) {
+ // Syncope Domains are managed by Core
+ return false;
+ }
+
+ @Override
+ public void load() {
+ // nothing to do
+ }
}
