syncope git commit: Revert "[SYNCOPE-1190] Toggle menu header is now updated when elements get updated"
Repository: syncope Updated Branches: refs/heads/2_0_X 3b24fd10f -> 3ab10dd44 Revert "[SYNCOPE-1190] Toggle menu header is now updated when elements get updated" This reverts commit 84a7b68e4f8a2ea9e3fd99f5b01266b16d99a3fd. Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/3ab10dd4 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/3ab10dd4 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/3ab10dd4 Branch: refs/heads/2_0_X Commit: 3ab10dd447b5c110e96ffdc34e8e37cf0629df91 Parents: 3b24fd1 Author: skylark17 Authored: Fri Aug 11 11:48:13 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 11:50:18 2017 +0200 -- .../console/panels/AbstractLogsPanel.java | 1 - .../panels/SecurityQuestionsModalPanel.java | 6 -- .../client/console/panels/TogglePanel.java | 105 --- .../policies/PolicyModalPanelBuilder.java | 7 -- .../client/console/topology/Topology.java | 2 +- .../console/topology/TopologyTogglePanel.java | 18 +--- .../html/form/ActionLinksTogglePanel.java | 72 +++-- .../console/wizards/AjaxWizardBuilder.java | 5 - 8 files changed, 64 insertions(+), 152 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/3ab10dd4/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java index 5246509..fef5be5 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java @@ -74,7 +74,6 @@ public abstract class AbstractLogsPanel extends Pane loggerTOs.hideLabel(); loggerTOs.setChoices(Arrays.asList(LoggerLevel.values())); -loggerTOs.setNullValid(false); loggerTOs.getField().add(new IndicatorAjaxFormComponentUpdatingBehavior(Constants.ON_CHANGE) { private static final long serialVersionUID = -1107858522700306810L; http://git-wip-us.apache.org/repos/asf/syncope/blob/3ab10dd4/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java index 883325d..a639035 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java @@ -27,7 +27,6 @@ import org.apache.syncope.client.console.wicket.markup.html.bootstrap.dialog.Bas import org.apache.syncope.common.lib.to.SecurityQuestionTO; import org.apache.wicket.PageReference; import org.apache.wicket.ajax.AjaxRequestTarget; -import org.apache.wicket.event.Broadcast; import org.apache.wicket.markup.html.form.Form; public class SecurityQuestionsModalPanel extends AbstractModalPanel { @@ -63,11 +62,6 @@ public class SecurityQuestionsModalPanel extends AbstractModalPanel(target, securityQuestionTO)); - modal.close(target); } catch (Exception e) { LOG.error("While creating or updating {}", securityQuestionTO, e); http://git-wip-us.apache.org/repos/asf/syncope/blob/3ab10dd4/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java index ba9f9b1..62c2af4 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java @@ -21,29 +21,7 @@ package org.apache.syncope.client.console.panels; import java.io.Serializable; import org.apache.commons.lang3.StringUtils; import org.apache.syncope.client.console.commons.Constants; -import org.apache.syncope.client.console.commons.status.StatusBean; -import org.apache.syncope.client.console.policies.PolicyRuleDirectoryPanel; -import org.apache.syncope.client.console.reports.ReportletDirectoryPanel; import org.apache.syn
syncope git commit: Upgrade Tomcat
Repository: syncope Updated Branches: refs/heads/2_0_X 3ab10dd44 -> afea27ae6 Upgrade Tomcat Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/afea27ae Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/afea27ae Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/afea27ae Branch: refs/heads/2_0_X Commit: afea27ae65193919bb0e2f2ad4722cfa6a46d89f Parents: 3ab10dd Author: Francesco Chicchiriccò Authored: Fri Aug 11 11:39:47 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 11:51:35 2017 +0200 -- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/afea27ae/pom.xml -- diff --git a/pom.xml b/pom.xml index 36fafc0..e29b8a4 100644 --- a/pom.xml +++ b/pom.xml @@ -484,7 +484,7 @@ under the License. ${log.directory}/cargo.log ${log.directory}/cargo-output.log -8.5.16 +8.5.20 1.2.0 2.1.1
syncope git commit: Revert "[SYNCOPE-1190] Toggle menu header is now updated when elements get updated"
Repository: syncope Updated Branches: refs/heads/master 8e73cd830 -> d91e41e12 Revert "[SYNCOPE-1190] Toggle menu header is now updated when elements get updated" This reverts commit 84a7b68e4f8a2ea9e3fd99f5b01266b16d99a3fd. Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/d91e41e1 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/d91e41e1 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/d91e41e1 Branch: refs/heads/master Commit: d91e41e12e5fcb0fef9c10649fc09c568e944e74 Parents: 8e73cd8 Author: skylark17 Authored: Fri Aug 11 11:48:13 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 11:51:14 2017 +0200 -- .../console/panels/AbstractLogsPanel.java | 1 - .../panels/SecurityQuestionsModalPanel.java | 6 -- .../client/console/panels/TogglePanel.java | 105 --- .../policies/PolicyModalPanelBuilder.java | 7 -- .../client/console/topology/Topology.java | 2 +- .../console/topology/TopologyTogglePanel.java | 18 +--- .../html/form/ActionLinksTogglePanel.java | 72 +++-- .../console/wizards/AjaxWizardBuilder.java | 5 - 8 files changed, 64 insertions(+), 152 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/d91e41e1/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java index 5246509..fef5be5 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java @@ -74,7 +74,6 @@ public abstract class AbstractLogsPanel extends Pane loggerTOs.hideLabel(); loggerTOs.setChoices(Arrays.asList(LoggerLevel.values())); -loggerTOs.setNullValid(false); loggerTOs.getField().add(new IndicatorAjaxFormComponentUpdatingBehavior(Constants.ON_CHANGE) { private static final long serialVersionUID = -1107858522700306810L; http://git-wip-us.apache.org/repos/asf/syncope/blob/d91e41e1/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java index 883325d..a639035 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/SecurityQuestionsModalPanel.java @@ -27,7 +27,6 @@ import org.apache.syncope.client.console.wicket.markup.html.bootstrap.dialog.Bas import org.apache.syncope.common.lib.to.SecurityQuestionTO; import org.apache.wicket.PageReference; import org.apache.wicket.ajax.AjaxRequestTarget; -import org.apache.wicket.event.Broadcast; import org.apache.wicket.markup.html.form.Form; public class SecurityQuestionsModalPanel extends AbstractModalPanel { @@ -63,11 +62,6 @@ public class SecurityQuestionsModalPanel extends AbstractModalPanel(target, securityQuestionTO)); - modal.close(target); } catch (Exception e) { LOG.error("While creating or updating {}", securityQuestionTO, e); http://git-wip-us.apache.org/repos/asf/syncope/blob/d91e41e1/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java index ba9f9b1..62c2af4 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/TogglePanel.java @@ -21,29 +21,7 @@ package org.apache.syncope.client.console.panels; import java.io.Serializable; import org.apache.commons.lang3.StringUtils; import org.apache.syncope.client.console.commons.Constants; -import org.apache.syncope.client.console.commons.status.StatusBean; -import org.apache.syncope.client.console.policies.PolicyRuleDirectoryPanel; -import org.apache.syncope.client.console.reports.ReportletDirectoryPanel; import org.apache.s
syncope git commit: Upgrade Tomcat
Repository: syncope Updated Branches: refs/heads/master d91e41e12 -> 8f97769cf Upgrade Tomcat Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/8f97769c Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/8f97769c Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/8f97769c Branch: refs/heads/master Commit: 8f97769cf0e60aefe897ef677ab2780a4650c824 Parents: d91e41e Author: Francesco Chicchiriccò Authored: Fri Aug 11 11:39:47 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 11:51:48 2017 +0200 -- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/8f97769c/pom.xml -- diff --git a/pom.xml b/pom.xml index 23501fd..fdd22f2 100644 --- a/pom.xml +++ b/pom.xml @@ -482,7 +482,7 @@ under the License. ${log.directory}/cargo.log ${log.directory}/cargo-output.log -8.5.16 +8.5.20 1.2.0 2.1.1
Syncope-2_0_X-deploy - Build # 541 - Failure
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #541) Status: Failure Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/541/ to view the results.
Syncope-2_0_X-deploy - Build # 542 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #542) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/542/ to view the results.
Syncope-2_0_X - Build # 100 - Aborted
The Apache Jenkins build system has built Syncope-2_0_X (build #100) Status: Aborted Check console output at https://builds.apache.org/job/Syncope-2_0_X/100/ to view the results.
Syncope-2_0_X-deploy - Build # 543 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #543) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/543/ to view the results.
syncope git commit: [SYNCOPE-1181] When adding a new condition in a 'SearchPanel', it is now mandatory to fill the dropdowns first
Repository: syncope Updated Branches: refs/heads/2_0_X afea27ae6 -> 7fed99aa0 [SYNCOPE-1181] When adding a new condition in a 'SearchPanel', it is now mandatory to fill the dropdowns first Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/7fed99aa Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/7fed99aa Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/7fed99aa Branch: refs/heads/2_0_X Commit: 7fed99aa0e7972414258bb12d3b41b6c212704d1 Parents: afea27a Author: skylark17 Authored: Fri Aug 11 12:48:02 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 12:48:23 2017 +0200 -- .../org/apache/syncope/client/console/panels/AnyPanel.java | 6 +++--- .../syncope/client/console/wizards/any/DynamicMemberships.java | 2 +- .../syncope/client/console/wizards/role/RoleWizardBuilder.java | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/7fed99aa/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java index d1aa9fc..127471b 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java @@ -201,7 +201,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("username"); panel = new UserSearchPanel.Builder( -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; case GROUP: clause.setComparator(SearchClause.Comparator.EQUALS); @@ -209,7 +209,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("name"); panel = new GroupSearchPanel.Builder( -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; case ANY_OBJECT: clause.setComparator(SearchClause.Comparator.EQUALS); @@ -217,7 +217,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("name"); panel = new AnyObjectSearchPanel.Builder(anyTypeTO.getKey(), -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; default: panel = null; http://git-wip-us.apache.org/repos/asf/syncope/blob/7fed99aa/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java index 2f73fa8..5da9273 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java @@ -80,7 +80,7 @@ public class DynamicMemberships extends WizardStep { @Override public Panel getPanel(final String panelId) { return new UserSearchPanel.Builder(new PropertyModel>(groupWrapper, "uDynClauses")). -required(false).build(panelId); +required(true).build(panelId); } }), Model.of(StringUtils.isBlank(groupWrapper.getUDynMembershipCond()) ? -1 : 0)).setOutputMarkupId(true)); // http://git-wip-us.apache.org/repos/asf/syncope/blob/7fed99aa/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java index 49f377b..4f60fa5 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java +++ b/client/console/src/
Syncope-2_0_X-deploy - Build # 544 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #544) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/544/ to view the results.
syncope git commit: [SYNCOPE-1181] When adding a new condition in a 'SearchPanel', it is now mandatory to fill the dropdowns first
Repository: syncope Updated Branches: refs/heads/master 8f97769cf -> 7b7668d02 [SYNCOPE-1181] When adding a new condition in a 'SearchPanel', it is now mandatory to fill the dropdowns first Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/7b7668d0 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/7b7668d0 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/7b7668d0 Branch: refs/heads/master Commit: 7b7668d02b83711b7a32cea6a4a8afb1a6400019 Parents: 8f97769 Author: skylark17 Authored: Fri Aug 11 12:48:02 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 12:50:43 2017 +0200 -- .../org/apache/syncope/client/console/panels/AnyPanel.java | 6 +++--- .../syncope/client/console/wizards/any/DynamicMemberships.java | 2 +- .../syncope/client/console/wizards/role/RoleWizardBuilder.java | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/7b7668d0/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java index d1aa9fc..127471b 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java @@ -201,7 +201,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("username"); panel = new UserSearchPanel.Builder( -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; case GROUP: clause.setComparator(SearchClause.Comparator.EQUALS); @@ -209,7 +209,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("name"); panel = new GroupSearchPanel.Builder( -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; case ANY_OBJECT: clause.setComparator(SearchClause.Comparator.EQUALS); @@ -217,7 +217,7 @@ public class AnyPanel extends Panel implements ModalPanel { clause.setProperty("name"); panel = new AnyObjectSearchPanel.Builder(anyTypeTO.getKey(), -new ListModel<>(clauses)).required(false).enableSearch().build(id); +new ListModel<>(clauses)).required(true).enableSearch().build(id); break; default: panel = null; http://git-wip-us.apache.org/repos/asf/syncope/blob/7b7668d0/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java index 2f73fa8..5da9273 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/DynamicMemberships.java @@ -80,7 +80,7 @@ public class DynamicMemberships extends WizardStep { @Override public Panel getPanel(final String panelId) { return new UserSearchPanel.Builder(new PropertyModel>(groupWrapper, "uDynClauses")). -required(false).build(panelId); +required(true).build(panelId); } }), Model.of(StringUtils.isBlank(groupWrapper.getUDynMembershipCond()) ? -1 : 0)).setOutputMarkupId(true)); // http://git-wip-us.apache.org/repos/asf/syncope/blob/7b7668d0/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java index 49f377b..4f60fa5 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/role/RoleWizardBuilder.java +++ b/client/console/sr
Syncope-2_0_X - Build # 101 - Failure
The Apache Jenkins build system has built Syncope-2_0_X (build #101) Status: Failure Check console output at https://builds.apache.org/job/Syncope-2_0_X/101/ to view the results.
[1/2] syncope git commit: Hide SAML2SP extension in Admin Console for non-admin users
Repository: syncope Updated Branches: refs/heads/2_0_X 7fed99aa0 -> 055ee2d24 refs/heads/master 7b7668d02 -> 9ee741d2b Hide SAML2SP extension in Admin Console for non-admin users Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/055ee2d2 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/055ee2d2 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/055ee2d2 Branch: refs/heads/2_0_X Commit: 055ee2d24a802a829a95a362d2a50950f0feb204 Parents: 7fed99a Author: Francesco Chicchiriccò Authored: Fri Aug 11 13:26:08 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 13:26:48 2017 +0200 -- .../java/org/apache/syncope/client/console/pages/SAML2SP.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/055ee2d2/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java -- diff --git a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java index 8399ff0..ea0ac93 100644 --- a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java +++ b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java @@ -25,6 +25,7 @@ import org.apache.syncope.client.console.BookmarkablePageLinkBuilder; import org.apache.syncope.client.console.annotations.ExtPage; import org.apache.syncope.client.console.panels.SAML2IdPsDirectoryPanel; import org.apache.syncope.client.console.panels.SAML2SPPanel; +import org.apache.syncope.common.lib.types.SAML2SPEntitlement; import org.apache.wicket.extensions.markup.html.tabs.AbstractTab; import org.apache.wicket.extensions.markup.html.tabs.ITab; import org.apache.wicket.markup.html.WebMarkupContainer; @@ -32,7 +33,7 @@ import org.apache.wicket.markup.html.panel.Panel; import org.apache.wicket.model.ResourceModel; import org.apache.wicket.request.mapper.parameter.PageParameters; -@ExtPage(label = "SAML 2.0 SP", icon = "fa-sign-in", listEntitlement = "", priority = 100) +@ExtPage(label = "SAML 2.0 SP", icon = "fa-sign-in", listEntitlement = SAML2SPEntitlement.IDP_READ, priority = 100) public class SAML2SP extends BaseExtPage { private static final long serialVersionUID = -4837201407211278956L;
[2/2] syncope git commit: Hide SAML2SP extension in Admin Console for non-admin users
Hide SAML2SP extension in Admin Console for non-admin users Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/9ee741d2 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/9ee741d2 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/9ee741d2 Branch: refs/heads/master Commit: 9ee741d2b8b9a7d37e93057931ed12e9ab2670f3 Parents: 7b7668d Author: Francesco Chicchiriccò Authored: Fri Aug 11 13:26:08 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 13:26:54 2017 +0200 -- .../java/org/apache/syncope/client/console/pages/SAML2SP.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/9ee741d2/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java -- diff --git a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java index 8399ff0..ea0ac93 100644 --- a/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java +++ b/ext/saml2sp/client-console/src/main/java/org/apache/syncope/client/console/pages/SAML2SP.java @@ -25,6 +25,7 @@ import org.apache.syncope.client.console.BookmarkablePageLinkBuilder; import org.apache.syncope.client.console.annotations.ExtPage; import org.apache.syncope.client.console.panels.SAML2IdPsDirectoryPanel; import org.apache.syncope.client.console.panels.SAML2SPPanel; +import org.apache.syncope.common.lib.types.SAML2SPEntitlement; import org.apache.wicket.extensions.markup.html.tabs.AbstractTab; import org.apache.wicket.extensions.markup.html.tabs.ITab; import org.apache.wicket.markup.html.WebMarkupContainer; @@ -32,7 +33,7 @@ import org.apache.wicket.markup.html.panel.Panel; import org.apache.wicket.model.ResourceModel; import org.apache.wicket.request.mapper.parameter.PageParameters; -@ExtPage(label = "SAML 2.0 SP", icon = "fa-sign-in", listEntitlement = "", priority = 100) +@ExtPage(label = "SAML 2.0 SP", icon = "fa-sign-in", listEntitlement = SAML2SPEntitlement.IDP_READ, priority = 100) public class SAML2SP extends BaseExtPage { private static final long serialVersionUID = -4837201407211278956L;
Syncope-2_0_X-deploy - Build # 545 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #545) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/545/ to view the results.
syncope git commit: Fixed dropdowns in 'Logs' view
Repository: syncope Updated Branches: refs/heads/master 9ee741d2b -> 5da5326ac Fixed dropdowns in 'Logs' view Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/5da5326a Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/5da5326a Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/5da5326a Branch: refs/heads/master Commit: 5da5326ac44b790ff071e2d6b06681803143cfb4 Parents: 9ee741d Author: skylark17 Authored: Fri Aug 11 13:41:00 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 13:41:40 2017 +0200 -- .../org/apache/syncope/client/console/panels/AbstractLogsPanel.java | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/5da5326a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java index fef5be5..5246509 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java @@ -74,6 +74,7 @@ public abstract class AbstractLogsPanel extends Pane loggerTOs.hideLabel(); loggerTOs.setChoices(Arrays.asList(LoggerLevel.values())); +loggerTOs.setNullValid(false); loggerTOs.getField().add(new IndicatorAjaxFormComponentUpdatingBehavior(Constants.ON_CHANGE) { private static final long serialVersionUID = -1107858522700306810L;
syncope git commit: Fixed dropdowns in 'Logs' view
Repository: syncope Updated Branches: refs/heads/2_0_X 055ee2d24 -> 5160df7ba Fixed dropdowns in 'Logs' view Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/5160df7b Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/5160df7b Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/5160df7b Branch: refs/heads/2_0_X Commit: 5160df7ba0c5a7788a6b47ec5b3cb41472a37f0e Parents: 055ee2d Author: skylark17 Authored: Fri Aug 11 13:41:00 2017 +0200 Committer: skylark17 Committed: Fri Aug 11 13:42:34 2017 +0200 -- .../org/apache/syncope/client/console/panels/AbstractLogsPanel.java | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/5160df7b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java -- diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java index fef5be5..5246509 100644 --- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java +++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AbstractLogsPanel.java @@ -74,6 +74,7 @@ public abstract class AbstractLogsPanel extends Pane loggerTOs.hideLabel(); loggerTOs.setChoices(Arrays.asList(LoggerLevel.values())); +loggerTOs.setNullValid(false); loggerTOs.getField().add(new IndicatorAjaxFormComponentUpdatingBehavior(Constants.ON_CHANGE) { private static final long serialVersionUID = -1107858522700306810L;
Syncope-2_0_X-deploy - Build # 546 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #546) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/546/ to view the results.
Syncope-master-deploy - Build # 2452 - Failure
The Apache Jenkins build system has built Syncope-master-deploy (build #2452) Status: Failure Check console output at https://builds.apache.org/job/Syncope-master-deploy/2452/ to view the results.
Syncope-2_0_X - Build # 102 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X (build #102) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X/102/ to view the results.
Syncope-master-deploy - Build # 2453 - Fixed
The Apache Jenkins build system has built Syncope-master-deploy (build #2453) Status: Fixed Check console output at https://builds.apache.org/job/Syncope-master-deploy/2453/ to view the results.
[2/3] syncope git commit: Dynamically generate a keypair for use in the SAML signing tests
Dynamically generate a keypair for use in the SAML signing tests Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/d8d5fe5e Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/d8d5fe5e Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/d8d5fe5e Branch: refs/heads/master Commit: d8d5fe5ee8c7e887f5c2fda8362aa9a0296635c9 Parents: a22a6b5 Author: Colm O hEigeartaigh Authored: Fri Aug 11 12:38:06 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:15:07 2017 +0100 -- fit/core-reference/pom.xml | 7 ++ .../apache/syncope/fit/core/SAML2ITCase.java| 104 +-- fit/core-reference/src/test/resources/fediz.xml | 14 +-- pom.xml | 2 + 4 files changed, 108 insertions(+), 19 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/d8d5fe5e/fit/core-reference/pom.xml -- diff --git a/fit/core-reference/pom.xml b/fit/core-reference/pom.xml index 5762a33..45a6214 100644 --- a/fit/core-reference/pom.xml +++ b/fit/core-reference/pom.xml @@ -176,6 +176,13 @@ under the License. junit test + + org.bouncycastle + bcpkix-jdk15on + ${bouncycastle.version} + test + + http://git-wip-us.apache.org/repos/asf/syncope/blob/d8d5fe5e/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index 93608c2..9ee5653 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -26,12 +26,23 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import java.io.File; import java.io.InputStream; import java.io.InputStreamReader; +import java.io.OutputStream; +import java.math.BigInteger; import java.nio.charset.StandardCharsets; +import java.nio.file.FileSystems; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.KeyStore; +import java.security.SecureRandom; +import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Collections; +import java.util.Date; import java.util.Optional; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -71,6 +82,13 @@ import org.apache.wss4j.common.util.Loader; import org.apache.wss4j.dom.WSConstants; import org.apache.wss4j.dom.engine.WSSConfig; import org.apache.xml.security.signature.XMLSignature; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.style.RFC4519Style; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.cert.X509v3CertificateBuilder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.joda.time.DateTime; import org.junit.AfterClass; import org.junit.Assume; @@ -85,6 +103,8 @@ import org.w3c.dom.Element; public class SAML2ITCase extends AbstractITCase { private static SyncopeClient anonymous; +private static Path keystorePath; +private static Path truststorePath; @BeforeClass public static void setup() { @@ -97,13 +117,17 @@ public class SAML2ITCase extends AbstractITCase { } @BeforeClass -public static void importFromIdPMetadata() { +public static void importFromIdPMetadata() throws Exception { if (!SAML2SPDetector.isSAML2SPAvailable()) { return; } assertTrue(saml2IdPService.list().isEmpty()); +createKeystores(); + +updateMetadataWithCert(); + WebClient.client(saml2IdPService). accept(MediaType.APPLICATION_XML_TYPE). type(MediaType.APPLICATION_XML_TYPE); @@ -123,7 +147,7 @@ public class SAML2ITCase extends AbstractITCase { } @AfterClass -public static void clearIdPs() { +public static void clearIdPs() throws Exception { if (!SAML2SPDetector.isSAML2SPAvailable()) { return; } @@ -131,6 +155,9 @@ public class SAML2ITCase extends AbstractITCase { for (SAML2IdPTO idp : saml2IdPService.list()) { saml2IdPService.delete(idp.getKey()); } + +Files.delete(keystorePath); +Files.delete(truststo
[1/3] syncope git commit: Take the valid SAML Assertion from the validator response instead.
Repository: syncope Updated Branches: refs/heads/master 5da5326ac -> 883911633 Take the valid SAML Assertion from the validator response instead. Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/88391163 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/88391163 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/88391163 Branch: refs/heads/master Commit: 88391163320f5d73ca51e4c03b0edc5371ab6e1e Parents: d8d5fe5 Author: Colm O hEigeartaigh Authored: Fri Aug 11 12:51:22 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:15:07 2017 +0100 -- .../apache/syncope/core/logic/SAML2SPLogic.java | 65 ++-- .../core/logic/saml2/SAML2ReaderWriter.java | 8 ++- 2 files changed, 39 insertions(+), 34 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/88391163/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 31ef8c4..03576ab 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -37,6 +37,7 @@ import org.apache.commons.lang3.tuple.Pair; import org.apache.commons.lang3.tuple.Triple; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; +import org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse; import org.apache.syncope.common.lib.AbstractBaseBean; import org.apache.syncope.common.lib.SyncopeClientException; import org.apache.syncope.common.lib.to.AttrTO; @@ -371,8 +372,10 @@ public class SAML2SPLogic extends AbstractSAML2Logic { if (idp.getConnObjectKeyItem() == null) { throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" + idp.getId() + "'"); } + +SSOValidatorResponse validatorResponse = null; try { -saml2rw.validate( +validatorResponse = saml2rw.validate( samlResponse, idp, getAssertionConsumerURL(response.getSpEntityID(), response.getUrlContext()), @@ -390,47 +393,45 @@ public class SAML2SPLogic extends AbstractSAML2Logic { responseTO.setIdp(idp.getId()); responseTO.setSloSupported(idp.getSLOLocation(idp.getBindingType()) != null); -NameID nameID = null; +Assertion assertion = validatorResponse.getOpensamlAssertion(); +NameID nameID = assertion.getSubject().getNameID(); String keyValue = null; -for (Assertion assertion : samlResponse.getAssertions()) { -nameID = assertion.getSubject().getNameID(); -if (StringUtils.isNotBlank(nameID.getValue()) -&& idp.getConnObjectKeyItem().getExtAttrName().equals("NameID")) { +if (StringUtils.isNotBlank(nameID.getValue()) +&& idp.getConnObjectKeyItem().getExtAttrName().equals("NameID")) { -keyValue = nameID.getValue(); -} +keyValue = nameID.getValue(); +} -if (assertion.getConditions().getNotOnOrAfter() != null) { - responseTO.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter().toDate()); -} -for (AuthnStatement authnStmt : assertion.getAuthnStatements()) { -responseTO.setSessionIndex(authnStmt.getSessionIndex()); +if (assertion.getConditions().getNotOnOrAfter() != null) { + responseTO.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter().toDate()); +} +for (AuthnStatement authnStmt : assertion.getAuthnStatements()) { +responseTO.setSessionIndex(authnStmt.getSessionIndex()); - responseTO.setAuthInstant(authnStmt.getAuthnInstant().toDate()); -if (authnStmt.getSessionNotOnOrAfter() != null) { - responseTO.setNotOnOrAfter(authnStmt.getSessionNotOnOrAfter().toDate()); -} +responseTO.setAuthInstant(authnStmt.getAuthnInstant().toDate()); +if (authnStmt.getSessionNotOnOrAfter() != null) { + responseTO.setNotOnOrAfter(authnStmt.getSessionNotOnOrAfter().toDate()); } +} -for (AttributeStatement attrStmt : assertion.getAttributeStatements()) { -for (Attribute attr : attrStmt.getAttributes()) { -if (!attr.getAttributeValues().isEmpty()) { -String attrNa
[3/3] syncope git commit: SYNCOPE-1194 - Sign the SAML SSO Service Provider Metadata
SYNCOPE-1194 - Sign the SAML SSO Service Provider Metadata Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/a22a6b55 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/a22a6b55 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/a22a6b55 Branch: refs/heads/master Commit: a22a6b55f83846bf06bbb322e9acc234a9425ea5 Parents: 5da5326 Author: Colm O hEigeartaigh Authored: Fri Aug 11 11:59:08 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:15:07 2017 +0100 -- .../apache/syncope/core/logic/SAML2SPLogic.java | 1 + .../core/logic/saml2/SAML2ReaderWriter.java | 3 +-- .../org/apache/syncope/fit/core/SAML2ITCase.java | 18 ++ 3 files changed, 20 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/a22a6b55/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 87b7eb6..31ef8c4 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -200,6 +200,7 @@ public class SAML2SPLogic extends AbstractSAML2Logic { } spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); +saml2rw.sign(spEntityDescriptor); saml2rw.write(new OutputStreamWriter(os), spEntityDescriptor, true); } catch (Exception e) { http://git-wip-us.apache.org/repos/asf/syncope/blob/a22a6b55/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java index e83af5e..fa48e77 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java @@ -152,14 +152,13 @@ public class SAML2ReaderWriter { return responseObject; } -public void sign(final RequestAbstractType request) throws SecurityException { +public void sign(final SignableSAMLObject signableObject) throws SecurityException { org.opensaml.xmlsec.signature.Signature signature = OpenSAMLUtil.buildSignature(); signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); signature.setSignatureAlgorithm(sigAlgo); signature.setSigningCredential(loader.getCredential()); signature.setKeyInfo(keyInfoGenerator.generate(loader.getCredential())); -SignableSAMLObject signableObject = (SignableSAMLObject) request; signableObject.setSignature(signature); signableObject.releaseDOM(); signableObject.releaseChildrenDOM(true); http://git-wip-us.apache.org/repos/asf/syncope/blob/a22a6b55/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index b87db1b..93608c2 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -30,10 +30,13 @@ import java.io.InputStream; import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; import java.security.KeyStore; +import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Optional; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import javax.xml.namespace.QName; + import org.apache.commons.codec.binary.Base64; import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.jaxrs.client.WebClient; @@ -67,6 +70,7 @@ import org.apache.wss4j.common.util.DOM2Writer; import org.apache.wss4j.common.util.Loader; import org.apache.wss4j.dom.WSConstants; import org.apache.wss4j.dom.engine.WSSConfig; +import org.apache.xml.security.signature.XMLSignature; import org.joda.time.DateTime; import org.junit.AfterClass; import org.junit.Assume; @@ -74,6 +78,7 @@ import org.junit.BeforeClass; import org.junit.Test; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.
[5/5] syncope git commit: SYNCOPE-1195 - Remove copy of OpenSAMLUtil when WSS4J 2.1.11 is out
SYNCOPE-1195 - Remove copy of OpenSAMLUtil when WSS4J 2.1.11 is out Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/6b3ace02 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/6b3ace02 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/6b3ace02 Branch: refs/heads/2_0_X Commit: 6b3ace024498e4d86bff1e12c782e6c55c036511 Parents: c8748ba Author: Colm O hEigeartaigh Authored: Fri Aug 11 13:39:21 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:39:21 2017 +0100 -- .../syncope/core/logic/saml2/OpenSAMLUtil.java | 141 +++ .../core/logic/saml2/SAML2ReaderWriter.java | 5 +- 2 files changed, 143 insertions(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/6b3ace02/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java new file mode 100644 index 000..ff197d4 --- /dev/null +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/OpenSAMLUtil.java @@ -0,0 +1,141 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.syncope.core.logic.saml2; + +import org.apache.wss4j.common.ext.WSSecurityException; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; +import org.opensaml.core.xml.io.Marshaller; +import org.opensaml.core.xml.io.MarshallerFactory; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.saml.common.SignableSAMLObject; +import org.opensaml.xmlsec.signature.Signature; +import org.opensaml.xmlsec.signature.support.SignatureException; +import org.opensaml.xmlsec.signature.support.Signer; +import org.opensaml.xmlsec.signature.support.SignerProvider; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; + +/** + * Class OpenSAMLUtil provides static helper methods for the OpenSaml library. + * TODO Remove once we pick up WSS4J 2.1.11 - See https://issues.apache.org/jira/browse/WSS-613 + */ +final class OpenSAMLUtil { + +private OpenSAMLUtil() { +// Complete +} + +/** + * Convert a SAML Assertion from a XMLObject to a DOM Element + * + * @param xmlObject of type XMLObject + * @param doc of type Document + * @param signObject whether to sign the XMLObject during marshalling + * @return Element + * @throws WSSecurityException + */ +public static Element toDom( +final XMLObject xmlObject, +final Document doc, +final boolean signObject +) throws WSSecurityException { +MarshallerFactory marshallerFactory = XMLObjectProviderRegistrySupport.getMarshallerFactory(); +Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject); +Element element = null; +DocumentFragment frag = doc == null ? null : doc.createDocumentFragment(); +try { +if (frag != null) { +while (doc.getFirstChild() != null) { +frag.appendChild(doc.removeChild(doc.getFirstChild())); +} +} +try { +if (doc == null) { +element = marshaller.marshall(xmlObject); +} else { +element = marshaller.marshall(xmlObject, doc); +} +} catch (MarshallingException ex) { +throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex, "empty", + new Object[] {"Error marshalling a SAML assertion"}); +} + +if (signObject) { +signXMLObject(xmlObject); +} +} finally { +if (frag != null) { +while (doc.getFir
[3/5] syncope git commit: Take the valid SAML Assertion from the validator response instead.
Take the valid SAML Assertion from the validator response instead. Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/fecfc6ff Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/fecfc6ff Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/fecfc6ff Branch: refs/heads/2_0_X Commit: fecfc6ff37e71b5eedf7f86be429205d9dd1715e Parents: 1d8b6c6 Author: Colm O hEigeartaigh Authored: Fri Aug 11 12:51:22 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:16:36 2017 +0100 -- .../apache/syncope/core/logic/SAML2SPLogic.java | 65 ++-- .../core/logic/saml2/SAML2ReaderWriter.java | 8 ++- 2 files changed, 39 insertions(+), 34 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/fecfc6ff/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 31ef8c4..03576ab 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -37,6 +37,7 @@ import org.apache.commons.lang3.tuple.Pair; import org.apache.commons.lang3.tuple.Triple; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; +import org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse; import org.apache.syncope.common.lib.AbstractBaseBean; import org.apache.syncope.common.lib.SyncopeClientException; import org.apache.syncope.common.lib.to.AttrTO; @@ -371,8 +372,10 @@ public class SAML2SPLogic extends AbstractSAML2Logic { if (idp.getConnObjectKeyItem() == null) { throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" + idp.getId() + "'"); } + +SSOValidatorResponse validatorResponse = null; try { -saml2rw.validate( +validatorResponse = saml2rw.validate( samlResponse, idp, getAssertionConsumerURL(response.getSpEntityID(), response.getUrlContext()), @@ -390,47 +393,45 @@ public class SAML2SPLogic extends AbstractSAML2Logic { responseTO.setIdp(idp.getId()); responseTO.setSloSupported(idp.getSLOLocation(idp.getBindingType()) != null); -NameID nameID = null; +Assertion assertion = validatorResponse.getOpensamlAssertion(); +NameID nameID = assertion.getSubject().getNameID(); String keyValue = null; -for (Assertion assertion : samlResponse.getAssertions()) { -nameID = assertion.getSubject().getNameID(); -if (StringUtils.isNotBlank(nameID.getValue()) -&& idp.getConnObjectKeyItem().getExtAttrName().equals("NameID")) { +if (StringUtils.isNotBlank(nameID.getValue()) +&& idp.getConnObjectKeyItem().getExtAttrName().equals("NameID")) { -keyValue = nameID.getValue(); -} +keyValue = nameID.getValue(); +} -if (assertion.getConditions().getNotOnOrAfter() != null) { - responseTO.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter().toDate()); -} -for (AuthnStatement authnStmt : assertion.getAuthnStatements()) { -responseTO.setSessionIndex(authnStmt.getSessionIndex()); +if (assertion.getConditions().getNotOnOrAfter() != null) { + responseTO.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter().toDate()); +} +for (AuthnStatement authnStmt : assertion.getAuthnStatements()) { +responseTO.setSessionIndex(authnStmt.getSessionIndex()); - responseTO.setAuthInstant(authnStmt.getAuthnInstant().toDate()); -if (authnStmt.getSessionNotOnOrAfter() != null) { - responseTO.setNotOnOrAfter(authnStmt.getSessionNotOnOrAfter().toDate()); -} +responseTO.setAuthInstant(authnStmt.getAuthnInstant().toDate()); +if (authnStmt.getSessionNotOnOrAfter() != null) { + responseTO.setNotOnOrAfter(authnStmt.getSessionNotOnOrAfter().toDate()); } +} -for (AttributeStatement attrStmt : assertion.getAttributeStatements()) { -for (Attribute attr : attrStmt.getAttributes()) { -if (!attr.getAttributeValues().isEmpty()) { -String attrName = attr.getFriendlyName() == null ? attr.getName() : attr.getFriendlyName(); -
[1/5] syncope git commit: SYNCOPE-1194 - Sign the SAML SSO Service Provider Metadata
Repository: syncope Updated Branches: refs/heads/2_0_X 5160df7ba -> 6b3ace024 SYNCOPE-1194 - Sign the SAML SSO Service Provider Metadata Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/919584f3 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/919584f3 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/919584f3 Branch: refs/heads/2_0_X Commit: 919584f3f780a54b3447dd4f397a29eea438af94 Parents: 5160df7 Author: Colm O hEigeartaigh Authored: Fri Aug 11 11:59:08 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:15:33 2017 +0100 -- .../apache/syncope/core/logic/SAML2SPLogic.java | 1 + .../core/logic/saml2/SAML2ReaderWriter.java | 3 +-- .../org/apache/syncope/fit/core/SAML2ITCase.java | 18 ++ 3 files changed, 20 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/919584f3/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 87b7eb6..31ef8c4 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -200,6 +200,7 @@ public class SAML2SPLogic extends AbstractSAML2Logic { } spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); +saml2rw.sign(spEntityDescriptor); saml2rw.write(new OutputStreamWriter(os), spEntityDescriptor, true); } catch (Exception e) { http://git-wip-us.apache.org/repos/asf/syncope/blob/919584f3/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java index 62e90e7..22b0fd1 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java @@ -151,14 +151,13 @@ public class SAML2ReaderWriter { return responseObject; } -public void sign(final RequestAbstractType request) throws SecurityException { +public void sign(final SignableSAMLObject signableObject) throws SecurityException { org.opensaml.xmlsec.signature.Signature signature = OpenSAMLUtil.buildSignature(); signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); signature.setSignatureAlgorithm(sigAlgo); signature.setSigningCredential(loader.getCredential()); signature.setKeyInfo(keyInfoGenerator.generate(loader.getCredential())); -SignableSAMLObject signableObject = (SignableSAMLObject) request; signableObject.setSignature(signature); signableObject.releaseDOM(); signableObject.releaseChildrenDOM(true); http://git-wip-us.apache.org/repos/asf/syncope/blob/919584f3/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index 6967e73..e8a5add 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -30,9 +30,12 @@ import java.io.InputStream; import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; import java.security.KeyStore; +import java.security.cert.X509Certificate; import java.util.Collections; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import javax.xml.namespace.QName; + import org.apache.commons.codec.binary.Base64; import org.apache.commons.collections4.IterableUtils; import org.apache.commons.collections4.Predicate; @@ -68,6 +71,7 @@ import org.apache.wss4j.common.util.DOM2Writer; import org.apache.wss4j.common.util.Loader; import org.apache.wss4j.dom.WSConstants; import org.apache.wss4j.dom.engine.WSSConfig; +import org.apache.xml.security.signature.XMLSignature; import org.joda.time.DateTime; import org.junit.AfterClass; import org.junit.Assume; @@ -75,6 +79,7 @@ import org.junit.BeforeClass; import org.junit.Test; import org.op
[2/5] syncope git commit: Dynamically generate a keypair for use in the SAML signing tests
Dynamically generate a keypair for use in the SAML signing tests Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/1d8b6c62 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/1d8b6c62 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/1d8b6c62 Branch: refs/heads/2_0_X Commit: 1d8b6c62110564b57eb615b405346f1c978ee65e Parents: 919584f Author: Colm O hEigeartaigh Authored: Fri Aug 11 12:38:06 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:16:06 2017 +0100 -- fit/core-reference/pom.xml | 7 ++ .../apache/syncope/fit/core/SAML2ITCase.java| 104 +-- fit/core-reference/src/test/resources/fediz.xml | 14 +-- pom.xml | 2 + 4 files changed, 108 insertions(+), 19 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/1d8b6c62/fit/core-reference/pom.xml -- diff --git a/fit/core-reference/pom.xml b/fit/core-reference/pom.xml index de491a3..d28eb06 100644 --- a/fit/core-reference/pom.xml +++ b/fit/core-reference/pom.xml @@ -176,6 +176,13 @@ under the License. junit test + + org.bouncycastle + bcpkix-jdk15on + ${bouncycastle.version} + test + + http://git-wip-us.apache.org/repos/asf/syncope/blob/1d8b6c62/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index e8a5add..4ae8c8f 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -26,12 +26,23 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import java.io.File; import java.io.InputStream; import java.io.InputStreamReader; +import java.io.OutputStream; +import java.math.BigInteger; import java.nio.charset.StandardCharsets; +import java.nio.file.FileSystems; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.KeyStore; +import java.security.SecureRandom; +import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Collections; +import java.util.Date; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.xml.namespace.QName; @@ -72,6 +83,13 @@ import org.apache.wss4j.common.util.Loader; import org.apache.wss4j.dom.WSConstants; import org.apache.wss4j.dom.engine.WSSConfig; import org.apache.xml.security.signature.XMLSignature; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.style.RFC4519Style; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.cert.X509v3CertificateBuilder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.joda.time.DateTime; import org.junit.AfterClass; import org.junit.Assume; @@ -86,6 +104,8 @@ import org.w3c.dom.Element; public class SAML2ITCase extends AbstractITCase { private static SyncopeClient anonymous; +private static Path keystorePath; +private static Path truststorePath; @BeforeClass public static void setup() { @@ -98,13 +118,17 @@ public class SAML2ITCase extends AbstractITCase { } @BeforeClass -public static void importFromIdPMetadata() { +public static void importFromIdPMetadata() throws Exception { if (!SAML2SPDetector.isSAML2SPAvailable()) { return; } assertTrue(saml2IdPService.list().isEmpty()); +createKeystores(); + +updateMetadataWithCert(); + WebClient.client(saml2IdPService). accept(MediaType.APPLICATION_XML_TYPE). type(MediaType.APPLICATION_XML_TYPE); @@ -124,7 +148,7 @@ public class SAML2ITCase extends AbstractITCase { } @AfterClass -public static void clearIdPs() { +public static void clearIdPs() throws Exception { if (!SAML2SPDetector.isSAML2SPAvailable()) { return; } @@ -132,6 +156,9 @@ public class SAML2ITCase extends AbstractITCase { for (SAML2IdPTO idp : saml2IdPService.list()) { saml2IdPService.delete(idp.getKey()); } + +Files.delete(keystorePath); +Files.delete(tr
[4/5] syncope git commit: Temporarily adding SSOValidatorResponse until we pick up CXF 3.1.13
Temporarily adding SSOValidatorResponse until we pick up CXF 3.1.13 Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c8748ba1 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c8748ba1 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c8748ba1 Branch: refs/heads/2_0_X Commit: c8748ba107bdda6ae4e8a3aec6dcf4cf9e25a3f6 Parents: fecfc6f Author: Colm O hEigeartaigh Authored: Fri Aug 11 13:25:57 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 13:35:24 2017 +0100 -- .../apache/syncope/core/logic/SAML2SPLogic.java | 3 +- .../core/logic/saml2/SAML2ReaderWriter.java | 1 - .../logic/saml2/SAMLSSOResponseValidator.java | 78 +- .../core/logic/saml2/SSOValidatorResponse.java | 84 4 files changed, 125 insertions(+), 41 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/c8748ba1/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 03576ab..0891f59 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -19,6 +19,8 @@ package org.apache.syncope.core.logic; import org.apache.syncope.core.logic.saml2.SAML2UserManager; +import org.apache.syncope.core.logic.saml2.SSOValidatorResponse; + import com.fasterxml.uuid.Generators; import com.fasterxml.uuid.impl.RandomBasedGenerator; import java.io.OutputStream; @@ -37,7 +39,6 @@ import org.apache.commons.lang3.tuple.Pair; import org.apache.commons.lang3.tuple.Triple; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; -import org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse; import org.apache.syncope.common.lib.AbstractBaseBean; import org.apache.syncope.common.lib.SyncopeClientException; import org.apache.syncope.common.lib.to.AttrTO; http://git-wip-us.apache.org/repos/asf/syncope/blob/c8748ba1/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java index dba63cc..f530afb 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java @@ -43,7 +43,6 @@ import javax.xml.transform.stream.StreamResult; import org.apache.commons.codec.binary.Base64; import org.apache.cxf.rs.security.saml.DeflateEncoderDecoder; import org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator; -import org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse; import org.apache.cxf.staxutils.StaxUtils; import org.apache.syncope.common.lib.SSOConstants; import org.apache.syncope.common.lib.types.SAML2BindingType; http://git-wip-us.apache.org/repos/asf/syncope/blob/c8748ba1/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAMLSSOResponseValidator.java -- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAMLSSOResponseValidator.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAMLSSOResponseValidator.java index a730140..a32ed09 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAMLSSOResponseValidator.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAMLSSOResponseValidator.java @@ -25,7 +25,6 @@ import java.util.logging.Logger; import org.w3c.dom.Element; import org.apache.cxf.common.logging.LogUtils; -import org.apache.cxf.rs.security.saml.sso.SSOValidatorResponse; import org.apache.cxf.rs.security.saml.sso.TokenReplayCache; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.builder.SAML2Constants; @@ -39,9 +38,9 @@ import org.opensaml.saml.saml2.core.AuthnStatement; */ //CHECKSTYLE:OFF public class SAMLSSOResponseValidator { - + private static final Logger LOG = LogUtils.getL7dLogger(SAMLSSOResponseValidator.class); - + private String issuerIDP; private String assertionConsumerURL; private String clientAddress; @@ -51,7 +50,7 @@ public class SAMLSSOResponse
Syncope-2_0_X-deploy - Build # 547 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #547) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/547/ to view the results.
Syncope-2_0_X - Build # 103 - Still unstable
The Apache Jenkins build system has built Syncope-2_0_X (build #103) Status: Still unstable Check console output at https://builds.apache.org/job/Syncope-2_0_X/103/ to view the results.
Syncope-2_0_X - Build # 104 - Failure
The Apache Jenkins build system has built Syncope-2_0_X (build #104) Status: Failure Check console output at https://builds.apache.org/job/Syncope-2_0_X/104/ to view the results.
[2/2] syncope git commit: [SYNCOPE-1193] Now read, update and delete works both with key and (user)name for Users, Groups and Any Objects
[SYNCOPE-1193] Now read, update and delete works both with key and (user)name for Users, Groups and Any Objects Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/81515d7e Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/81515d7e Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/81515d7e Branch: refs/heads/master Commit: 81515d7e243e8116409e2be2cb6bf036a305f988 Parents: 8839116 Author: Francesco Chicchiriccò Authored: Fri Aug 11 16:06:42 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 16:06:54 2017 +0200 -- .../common/rest/api/service/AnyService.java | 12 ++--- .../syncope/core/logic/AbstractAnyLogic.java| 3 -- .../syncope/core/logic/AnyObjectLogic.java | 13 -- .../apache/syncope/core/logic/GroupLogic.java | 11 - .../apache/syncope/core/logic/UserLogic.java| 12 - .../core/persistence/api/dao/AnyDAO.java| 2 + .../core/persistence/api/dao/AnyObjectDAO.java | 2 - .../core/persistence/api/dao/GroupDAO.java | 2 - .../core/persistence/api/dao/UserDAO.java | 2 - .../persistence/jpa/dao/AbstractAnyDAO.java | 17 +++ .../persistence/jpa/dao/JPAAnyObjectDAO.java| 24 +++--- .../core/persistence/jpa/dao/JPAGroupDAO.java | 24 +++--- .../core/persistence/jpa/dao/JPAUserDAO.java| 25 +++--- .../provisioning/api/data/UserDataBinder.java | 2 - .../java/data/AnyObjectDataBinderImpl.java | 5 +- .../java/data/GroupDataBinderImpl.java | 5 +- .../java/data/UserDataBinderImpl.java | 11 + .../rest/cxf/service/AbstractAnyService.java| 49 .../rest/cxf/service/AnyObjectServiceImpl.java | 10 .../core/rest/cxf/service/GroupServiceImpl.java | 10 .../core/rest/cxf/service/UserServiceImpl.java | 12 - .../apache/syncope/core/logic/SAML2SPLogic.java | 4 +- .../core/logic/saml2/SAML2ReaderWriter.java | 2 +- fit/core-reference/pom.xml | 2 - .../apache/syncope/fit/core/SAML2ITCase.java| 20 .../org/apache/syncope/fit/core/UserITCase.java | 11 + pom.xml | 8 +++- 27 files changed, 151 insertions(+), 149 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/81515d7e/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java -- diff --git a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java index d288e59..ac2fc20 100644 --- a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java +++ b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java @@ -50,7 +50,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @return list of attributes, owned by the given any object, for the given schema type */ @@ -65,7 +65,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @param schema schema * @return attribute, owned by the given any object, for the given schema type and schema @@ -84,7 +84,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key key of any object to be read + * @param key any object key or name * @return any object with matching key */ @GET @@ -130,7 +130,7 @@ public interface AnyService extends JAXRSS /** * Adds or replaces the attribute, owned by the given any object, for the given schema type and schema. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @param attrTO attribute * @return Response object featuring the updated any object attribute - as Entity @@ -160,7 +160,7 @@ public interface AnyService extends JAXRSS /** * Deletes the at
[1/2] syncope git commit: [SYNCOPE-1193] Now read, update and delete works both with key and (user)name for Users, Groups and Any Objects
Repository: syncope Updated Branches: refs/heads/2_0_X 6b3ace024 -> c306a3bf9 refs/heads/master 883911633 -> 81515d7e2 [SYNCOPE-1193] Now read, update and delete works both with key and (user)name for Users, Groups and Any Objects Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c306a3bf Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c306a3bf Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c306a3bf Branch: refs/heads/2_0_X Commit: c306a3bf9bbdb47712f5db7ec318b7aa6f4a7c4f Parents: 6b3ace0 Author: Francesco Chicchiriccò Authored: Fri Aug 11 16:06:42 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 16:06:42 2017 +0200 -- .../common/rest/api/service/AnyService.java | 12 ++--- .../syncope/core/logic/AbstractAnyLogic.java| 3 -- .../syncope/core/logic/AnyObjectLogic.java | 13 -- .../apache/syncope/core/logic/GroupLogic.java | 11 - .../apache/syncope/core/logic/UserLogic.java| 12 - .../core/persistence/api/dao/AnyDAO.java| 2 + .../core/persistence/api/dao/AnyObjectDAO.java | 2 - .../core/persistence/api/dao/GroupDAO.java | 2 - .../core/persistence/api/dao/UserDAO.java | 2 - .../persistence/jpa/dao/AbstractAnyDAO.java | 17 +++ .../persistence/jpa/dao/JPAAnyObjectDAO.java| 24 +++--- .../core/persistence/jpa/dao/JPAGroupDAO.java | 24 +++--- .../core/persistence/jpa/dao/JPAUserDAO.java| 25 +++--- .../provisioning/api/data/UserDataBinder.java | 2 - .../java/data/AnyObjectDataBinderImpl.java | 5 +- .../java/data/GroupDataBinderImpl.java | 5 +- .../java/data/UserDataBinderImpl.java | 11 + .../rest/cxf/service/AbstractAnyService.java| 49 .../rest/cxf/service/AnyObjectServiceImpl.java | 10 .../core/rest/cxf/service/GroupServiceImpl.java | 10 .../core/rest/cxf/service/UserServiceImpl.java | 12 - .../apache/syncope/core/logic/SAML2SPLogic.java | 4 +- .../core/logic/saml2/SAML2ReaderWriter.java | 2 +- fit/core-reference/pom.xml | 2 - .../apache/syncope/fit/core/SAML2ITCase.java| 20 .../org/apache/syncope/fit/core/UserITCase.java | 11 + pom.xml | 8 +++- 27 files changed, 151 insertions(+), 149 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/c306a3bf/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java -- diff --git a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java index d288e59..ac2fc20 100644 --- a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java +++ b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AnyService.java @@ -50,7 +50,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @return list of attributes, owned by the given any object, for the given schema type */ @@ -65,7 +65,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @param schema schema * @return attribute, owned by the given any object, for the given schema type and schema @@ -84,7 +84,7 @@ public interface AnyService extends JAXRSS * Note that for the UserService, GroupService and AnyObjectService subclasses, if the key parameter * looks like a UUID then it is interpreted as as key, otherwise as a (user)name. * - * @param key key of any object to be read + * @param key any object key or name * @return any object with matching key */ @GET @@ -130,7 +130,7 @@ public interface AnyService extends JAXRSS /** * Adds or replaces the attribute, owned by the given any object, for the given schema type and schema. * - * @param key any object key + * @param key any object key or name * @param schemaType schema type * @param attrTO attribute * @return Response object featuring the updated any
Syncope-2_0_X-deploy - Build # 548 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #548) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/548/ to view the results.
Syncope-2_0_X - Build # 105 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X (build #105) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X/105/ to view the results.
[1/2] syncope git commit: Build with JDK 7
Repository: syncope Updated Branches: refs/heads/2_0_X c306a3bf9 -> 1a5baa232 refs/heads/master 81515d7e2 -> b627a63d2 Build with JDK 7 Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/1a5baa23 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/1a5baa23 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/1a5baa23 Branch: refs/heads/2_0_X Commit: 1a5baa23252761c54e5728d4b99e2f25a4e7182f Parents: c306a3b Author: Francesco Chicchiriccò Authored: Fri Aug 11 16:27:43 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 16:27:43 2017 +0200 -- .../src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/1a5baa23/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index 0170f51..0f51f2c 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -502,7 +502,7 @@ public class SAML2ITCase extends AbstractITCase { InputStream input = Files.newInputStream(truststorePath); keyStore.load(input, "security".toCharArray()); X509Certificate cert = (X509Certificate) keyStore.getCertificate("subject"); -String certEncoded = java.util.Base64.getMimeEncoder().encodeToString(cert.getEncoded()); +String certEncoded = Base64.encodeBase64String(cert.getEncoded()); // Replace the "cert-placeholder" string in the metadata with the actual cert String basedir = System.getProperty("basedir");
[2/2] syncope git commit: Build with JDK 8
Build with JDK 8 Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/b627a63d Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/b627a63d Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/b627a63d Branch: refs/heads/master Commit: b627a63d22f74f86c37ecf50c20e1ac452116ab3 Parents: 81515d7 Author: Francesco Chicchiriccò Authored: Fri Aug 11 16:34:17 2017 +0200 Committer: Francesco Chicchiriccò Committed: Fri Aug 11 16:34:17 2017 +0200 -- .../java/org/apache/syncope/fit/core/SAML2ITCase.java | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) -- http://git-wip-us.apache.org/repos/asf/syncope/blob/b627a63d/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java -- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java index 07ead35..e20c77c 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/SAML2ITCase.java @@ -41,13 +41,13 @@ import java.security.KeyStore; import java.security.SecureRandom; import java.security.cert.Certificate; import java.security.cert.X509Certificate; +import java.util.Base64; import java.util.Collections; import java.util.Date; import java.util.Optional; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.xml.namespace.QName; -import org.apache.commons.codec.binary.Base64; import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; @@ -203,7 +203,7 @@ public class SAML2ITCase extends AbstractITCase { assertEquals("https://idp.testshib.org/idp/profile/SAML2/POST/SSO";, loginRequest.getIdpServiceAddress()); assertNotNull(loginRequest.getContent()); -assertTrue(Base64.isBase64(loginRequest.getContent())); + assertTrue(org.apache.commons.codec.binary.Base64.isBase64(loginRequest.getContent())); assertNotNull(loginRequest.getRelayState()); } @@ -257,7 +257,7 @@ public class SAML2ITCase extends AbstractITCase { assertEquals("https://localhost:8443/fediz-idp/saml/up";, loginRequest.getIdpServiceAddress()); assertNotNull(loginRequest.getContent()); -assertTrue(Base64.isBase64(loginRequest.getContent())); + assertTrue(org.apache.commons.codec.binary.Base64.isBase64(loginRequest.getContent())); assertNotNull(loginRequest.getRelayState()); // Check a null relaystate @@ -291,7 +291,7 @@ public class SAML2ITCase extends AbstractITCase { String responseStr = DOM2Writer.nodeToString(responseElement); // Validate the SAML Response - response.setSamlResponse(java.util.Base64.getEncoder().encodeToString(responseStr.getBytes())); + response.setSamlResponse(Base64.getEncoder().encodeToString(responseStr.getBytes())); SAML2LoginResponseTO loginResponse = saml2Service.validateLoginResponse(response); assertNotNull(loginResponse.getAccessToken()); assertEquals("puccini", loginResponse.getNameID()); @@ -323,7 +323,7 @@ public class SAML2ITCase extends AbstractITCase { String responseStr = DOM2Writer.nodeToString(responseElement); // Validate the SAML Response - response.setSamlResponse(java.util.Base64.getEncoder().encodeToString(responseStr.getBytes())); + response.setSamlResponse(Base64.getEncoder().encodeToString(responseStr.getBytes())); try { saml2Service.validateLoginResponse(response); fail("Failure expected on an unsigned Assertion"); @@ -385,7 +385,7 @@ public class SAML2ITCase extends AbstractITCase { String responseStr = DOM2Writer.nodeToString(responseElement); // Validate the SAML Response - response.setSamlResponse(java.util.Base64.getEncoder().encodeToString(responseStr.getBytes())); + response.setSamlResponse(Base64.getEncoder().encodeToString(responseStr.getBytes())); try { saml2Service.validateLoginResponse(response); fail("Failure expected on an unsigned Assertion"); @@ -500,7 +500,7 @@ public class SAML2ITCase extends AbstractITCase { InputStream input = Files.newInputStream(truststorePath); keyStore.load(input, "security".toCharArray()); X509Certificate cert = (X509Certificate) keyStore.getCertificate("subject"); -String certEncoded = java.util.Base64.getMimeEncoder().encodeToString(cert.getEncoded()); +String certEncoded = Base64.getMimeEncoder().e
Syncope-2_0_X-deploy - Build # 549 - Still Failing
The Apache Jenkins build system has built Syncope-2_0_X-deploy (build #549) Status: Still Failing Check console output at https://builds.apache.org/job/Syncope-2_0_X-deploy/549/ to view the results.
Syncope-2_0_X - Build # 106 - Fixed
The Apache Jenkins build system has built Syncope-2_0_X (build #106) Status: Fixed Check console output at https://builds.apache.org/job/Syncope-2_0_X/106/ to view the results.