This is an automated email from the ASF dual-hosted git repository. ilgrosso pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push: new cce3457 Upgrading CXF, Spring Boot and Wicket Spring Boot (#300) cce3457 is described below commit cce345771e11cceed3b7817aadd27aaffdb358b3 Author: Francesco Chicchiriccò <ilgro...@users.noreply.github.com> AuthorDate: Fri Dec 24 12:53:34 2021 +0100 Upgrading CXF, Spring Boot and Wicket Spring Boot (#300) --- .../panels/SAML2SPEntityDirectoryPanel.java | 2 - .../client/console/SyncopeWebApplication.java | 1 + .../client/enduser/SyncopeWebApplication.java | 1 + .../rest/api/service/AuthProfileService.java | 3 - .../rest/cxf/service/AbstractSearchService.java | 2 - .../ConsoleCodeConsumerResource.java | 2 +- .../{ => oidcc4ui}/ConsoleLogoutResource.java | 2 +- .../saml2sp4ui/AssertionConsumerResource.java | 4 - .../ConsoleAssertionConsumerResource.java | 2 +- .../{ => saml2sp4ui}/ConsoleLogoutResource.java | 2 +- .../buildtools/SyncopeBuildToolsApplication.java | 45 ++++-- .../fit/buildtools/cxf/GreenMailService.java | 32 ++++- .../fit/buildtools/cxf/GreenMailServiceImpl.java | 57 -------- .../fit/buildtools/cxf/ProvisioningImpl.java | 12 +- .../syncope/fit/buildtools/cxf/UserService.java | 121 ++++++++++++++-- .../fit/buildtools/cxf/UserServiceImpl.java | 153 --------------------- .../syncope/fit/enduser/AnonymousITCase.java | 2 - .../org/apache/syncope/fit/AbstractITCase.java | 2 +- .../org/apache/syncope/fit/sra/SAML2SRAITCase.java | 108 +++++++++------ .../apache/syncope/fit/ui/SAML2SP4UIITCase.java | 89 +++++++----- pom.xml | 6 +- 21 files changed, 315 insertions(+), 333 deletions(-) diff --git a/client/am/console/src/main/java/org/apache/syncope/client/console/panels/SAML2SPEntityDirectoryPanel.java b/client/am/console/src/main/java/org/apache/syncope/client/console/panels/SAML2SPEntityDirectoryPanel.java index faafbfc..ad2ffee 100644 --- a/client/am/console/src/main/java/org/apache/syncope/client/console/panels/SAML2SPEntityDirectoryPanel.java +++ b/client/am/console/src/main/java/org/apache/syncope/client/console/panels/SAML2SPEntityDirectoryPanel.java @@ -18,8 +18,6 @@ */ package org.apache.syncope.client.console.panels; -import static org.apache.wicket.Component.RENDER; - import de.agilecoders.wicket.core.markup.html.bootstrap.dialog.Modal; import java.util.ArrayList; import java.util.Collection; diff --git a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java index 182c114..4c4ec81 100644 --- a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java +++ b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java @@ -189,6 +189,7 @@ public class SyncopeWebApplication extends WicketBootSecuredWebApplication { try { AbstractResource instance = resource.getDeclaredConstructor().newInstance(); + LOG.debug("Mounting {} under {}", resource.getName(), annotation.path()); mountResource(annotation.path(), new ResourceReference(annotation.key()) { protected static final long serialVersionUID = -128426276529456602L; diff --git a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java index 95a0d5e..72849f1 100644 --- a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java +++ b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java @@ -168,6 +168,7 @@ public class SyncopeWebApplication extends WicketBootStandardWebApplication { try { AbstractResource instance = resource.getDeclaredConstructor().newInstance(); + LOG.debug("Mounting {} under {}", resource.getName(), annotation.path()); mountResource(annotation.path(), new ResourceReference(annotation.key()) { private static final long serialVersionUID = -128426276529456602L; diff --git a/common/am/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AuthProfileService.java b/common/am/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AuthProfileService.java index 0919c7e..6971aa3 100644 --- a/common/am/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AuthProfileService.java +++ b/common/am/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/AuthProfileService.java @@ -18,9 +18,6 @@ */ package org.apache.syncope.common.rest.api.service; -import static org.apache.syncope.common.rest.api.service.JAXRSService.PARAM_PAGE; -import static org.apache.syncope.common.rest.api.service.JAXRSService.PARAM_SIZE; - import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.headers.Header; diff --git a/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/AbstractSearchService.java b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/AbstractSearchService.java index 28537e0..7b0ccbb 100644 --- a/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/AbstractSearchService.java +++ b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/AbstractSearchService.java @@ -18,8 +18,6 @@ */ package org.apache.syncope.core.rest.cxf.service; -import static org.apache.syncope.core.rest.cxf.service.AbstractService.LOG; - import org.apache.commons.lang3.exception.ExceptionUtils; import org.apache.cxf.jaxrs.ext.search.SearchBean; import org.apache.cxf.jaxrs.ext.search.SearchCondition; diff --git a/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleCodeConsumerResource.java b/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleCodeConsumerResource.java similarity index 96% rename from ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleCodeConsumerResource.java rename to ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleCodeConsumerResource.java index 8809e23..6ab412e 100644 --- a/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleCodeConsumerResource.java +++ b/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleCodeConsumerResource.java @@ -16,7 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -package org.apache.syncope.client.console.resources; +package org.apache.syncope.client.console.resources.oidcc4ui; import org.apache.commons.lang3.tuple.Pair; import org.apache.syncope.client.console.pages.OIDCClientLogin; diff --git a/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java b/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleLogoutResource.java similarity index 96% rename from ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java rename to ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleLogoutResource.java index 7116f88..c4400ce 100644 --- a/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java +++ b/ext/oidcc4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/oidcc4ui/ConsoleLogoutResource.java @@ -16,7 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -package org.apache.syncope.client.console.resources; +package org.apache.syncope.client.console.resources.oidcc4ui; import org.apache.syncope.client.console.pages.OIDCClientLogout; import org.apache.syncope.client.ui.commons.annotations.Resource; diff --git a/ext/saml2sp4ui/client-common-ui/src/main/java/org/apache/syncope/client/ui/commons/resources/saml2sp4ui/AssertionConsumerResource.java b/ext/saml2sp4ui/client-common-ui/src/main/java/org/apache/syncope/client/ui/commons/resources/saml2sp4ui/AssertionConsumerResource.java index b65aac3..8c3e0bc 100644 --- a/ext/saml2sp4ui/client-common-ui/src/main/java/org/apache/syncope/client/ui/commons/resources/saml2sp4ui/AssertionConsumerResource.java +++ b/ext/saml2sp4ui/client-common-ui/src/main/java/org/apache/syncope/client/ui/commons/resources/saml2sp4ui/AssertionConsumerResource.java @@ -32,15 +32,11 @@ import org.apache.wicket.Session; import org.apache.wicket.WicketRuntimeException; import org.apache.wicket.markup.html.WebPage; import org.apache.wicket.request.mapper.parameter.PageParameters; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; public abstract class AssertionConsumerResource extends AbstractSAML2SP4UIResource { private static final long serialVersionUID = 3858609271031003370L; - protected static final Logger LOG = LoggerFactory.getLogger(AssertionConsumerResource.class); - protected static final ObjectMapper MAPPER = new ObjectMapper().setSerializationInclusion(JsonInclude.Include.NON_EMPTY); diff --git a/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleAssertionConsumerResource.java b/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleAssertionConsumerResource.java similarity index 96% rename from ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleAssertionConsumerResource.java rename to ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleAssertionConsumerResource.java index 8f5aa13..c7c1385 100644 --- a/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleAssertionConsumerResource.java +++ b/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleAssertionConsumerResource.java @@ -16,7 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -package org.apache.syncope.client.console.resources; +package org.apache.syncope.client.console.resources.saml2sp4ui; import org.apache.commons.lang3.tuple.Pair; import org.apache.syncope.client.console.pages.SAML2SPLogin; diff --git a/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java b/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleLogoutResource.java similarity index 95% rename from ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java rename to ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleLogoutResource.java index 0a175fa..ad5894d 100644 --- a/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/ConsoleLogoutResource.java +++ b/ext/saml2sp4ui/client-console/src/main/java/org/apache/syncope/client/console/resources/saml2sp4ui/ConsoleLogoutResource.java @@ -16,7 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -package org.apache.syncope.client.console.resources; +package org.apache.syncope.client.console.resources.saml2sp4ui; import org.apache.syncope.client.console.pages.SAML2SPBeforeLogout; import org.apache.syncope.client.ui.commons.SAML2SP4UIConstants; diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/SyncopeBuildToolsApplication.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/SyncopeBuildToolsApplication.java index ae9ce5e..55ee22b 100644 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/SyncopeBuildToolsApplication.java +++ b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/SyncopeBuildToolsApplication.java @@ -19,20 +19,23 @@ package org.apache.syncope.fit.buildtools; import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider; - import java.util.List; - import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRegistration; +import javax.sql.DataSource; import javax.xml.ws.Endpoint; +import net.tirasa.connid.bundles.soap.provisioning.interfaces.Provisioning; import org.apache.cxf.Bus; import org.apache.cxf.endpoint.Server; import org.apache.cxf.jaxrs.spring.JAXRSServerFactoryBeanDefinitionParser.SpringJAXRSServerFactoryBean; import org.apache.cxf.jaxws.EndpointImpl; import org.apache.syncope.fit.buildtools.cxf.DateParamConverterProvider; +import org.apache.syncope.fit.buildtools.cxf.GreenMailService; import org.apache.syncope.fit.buildtools.cxf.ProvisioningImpl; +import org.apache.syncope.fit.buildtools.cxf.UserService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @@ -44,11 +47,10 @@ import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.jdbc.datasource.DriverManagerDataSource; -@SpringBootApplication(scanBasePackages = "org.apache.syncope.fit.buildtools", - exclude = { - ErrorMvcAutoConfiguration.class, - WebMvcAutoConfiguration.class, - HttpMessageConvertersAutoConfiguration.class }) +@SpringBootApplication(exclude = { + ErrorMvcAutoConfiguration.class, + WebMvcAutoConfiguration.class, + HttpMessageConvertersAutoConfiguration.class }) public class SyncopeBuildToolsApplication extends SpringBootServletInitializer { public static void main(final String[] args) { @@ -71,9 +73,6 @@ public class SyncopeBuildToolsApplication extends SpringBootServletInitializer { private Bus bus; @Autowired - private ProvisioningImpl provisioningImpl; - - @Autowired private ApplicationContext ctx; @Bean @@ -84,21 +83,39 @@ public class SyncopeBuildToolsApplication extends SpringBootServletInitializer { } @Bean - public Endpoint soapProvisioning() { - EndpointImpl soapProvisioning = new EndpointImpl(provisioningImpl); + @Autowired + public Provisioning provisioningImpl(@Qualifier("testDataSource") final DataSource dataSource) { + return new ProvisioningImpl(dataSource); + } + + @Bean + @Autowired + public Endpoint soapProvisioning(final Provisioning provisioning) { + EndpointImpl soapProvisioning = new EndpointImpl(provisioning); soapProvisioning.setBus(bus); soapProvisioning.publish("/soap"); return soapProvisioning; } @Bean - public Server restProvisioning() { + public GreenMailService greenMailService() { + return new GreenMailService(); + } + + @Bean + public UserService userService() { + return new UserService(); + } + + @Bean + @Autowired + public Server restProvisioning(final GreenMailService greenMailService, final UserService userService) { SpringJAXRSServerFactoryBean restProvisioning = new SpringJAXRSServerFactoryBean(); restProvisioning.setApplicationContext(ctx); restProvisioning.setBus(bus); restProvisioning.setAddress("/rest"); restProvisioning.setStaticSubresourceResolution(true); - restProvisioning.setBasePackages(List.of("org.apache.syncope.fit.buildtools.cxf")); + restProvisioning.setServiceBeans(List.of(greenMailService, userService)); restProvisioning.setProviders(List.of(new JacksonJsonProvider(), new DateParamConverterProvider())); return restProvisioning.create(); } diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailService.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailService.java index ff009c0..0cd5ced 100644 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailService.java +++ b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailService.java @@ -18,17 +18,43 @@ */ package org.apache.syncope.fit.buildtools.cxf; +import com.icegreen.greenmail.smtp.InterruptableSmtpServer; +import com.icegreen.greenmail.util.GreenMail; import javax.ws.rs.POST; import javax.ws.rs.Path; +import javax.ws.rs.core.Context; +import org.apache.cxf.jaxrs.ext.MessageContext; +import org.apache.syncope.fit.buildtools.GreenMailStartStopListener; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; @Path("greenMail") -public interface GreenMailService { +public class GreenMailService { + + private static final Logger LOG = LoggerFactory.getLogger(GreenMailService.class); + + @Context + private MessageContext messageContext; @POST @Path("start") - void start(); + public void start() { + GreenMail greenMail = (GreenMail) messageContext.getServletContext(). + getAttribute(GreenMailStartStopListener.GREENMAIL); + if (greenMail != null) { + ((InterruptableSmtpServer) greenMail.getSmtp()).setRejectRequests(false); + LOG.info("SMTP server is accepting requests"); + } + } @POST @Path("stop") - void stop(); + public void stop() { + GreenMail greenMail = (GreenMail) messageContext.getServletContext(). + getAttribute(GreenMailStartStopListener.GREENMAIL); + if (greenMail != null) { + ((InterruptableSmtpServer) greenMail.getSmtp()).setRejectRequests(true); + LOG.info("SMTP server is rejecting requests"); + } + } } diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailServiceImpl.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailServiceImpl.java deleted file mode 100644 index b4a455e..0000000 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/GreenMailServiceImpl.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.fit.buildtools.cxf; - -import com.icegreen.greenmail.smtp.InterruptableSmtpServer; -import com.icegreen.greenmail.util.GreenMail; -import javax.ws.rs.core.Context; -import org.apache.cxf.jaxrs.ext.MessageContext; -import org.apache.syncope.fit.buildtools.GreenMailStartStopListener; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; - -@Service -public class GreenMailServiceImpl implements GreenMailService { - - private static final Logger LOG = LoggerFactory.getLogger(GreenMailService.class); - - @Context - private MessageContext messageContext; - - @Override - public void start() { - GreenMail greenMail = (GreenMail) messageContext.getServletContext(). - getAttribute(GreenMailStartStopListener.GREENMAIL); - if (greenMail != null) { - ((InterruptableSmtpServer) greenMail.getSmtp()).setRejectRequests(false); - LOG.info("SMTP server is accepting requests"); - } - } - - @Override - public void stop() { - GreenMail greenMail = (GreenMail) messageContext.getServletContext(). - getAttribute(GreenMailStartStopListener.GREENMAIL); - if (greenMail != null) { - ((InterruptableSmtpServer) greenMail.getSmtp()).setRejectRequests(true); - LOG.info("SMTP server is rejecting requests"); - } - } -} diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java index c324242..e22f210 100644 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java +++ b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java @@ -29,7 +29,6 @@ import java.util.HashSet; import java.util.List; import java.util.Optional; import java.util.Set; -import javax.annotation.Resource; import javax.jws.WebService; import javax.sql.DataSource; import net.tirasa.connid.bundles.soap.exceptions.ProvisioningException; @@ -43,18 +42,19 @@ import org.identityconnectors.common.StringUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.jdbc.datasource.DataSourceUtils; -import org.springframework.stereotype.Service; @WebService( endpointInterface = "net.tirasa.connid.bundles.soap.provisioning.interfaces.Provisioning", serviceName = "Provisioning") -@Service public class ProvisioningImpl implements Provisioning { private static final Logger LOG = LoggerFactory.getLogger(Provisioning.class); - @Resource(name = "testDataSource") - private DataSource dataSource; + private final DataSource dataSource; + + public ProvisioningImpl(final DataSource dataSource) { + this.dataSource = dataSource; + } @Override public String delete(final String accountid) throws ProvisioningException { @@ -184,7 +184,7 @@ public class ProvisioningImpl implements Provisioning { try { String queryString = "SELECT * FROM user" + (Optional.ofNullable(query) - .map(operand -> " WHERE " + operand.toString()).orElse("")); + .map(operand -> " WHERE " + operand.toString()).orElse("")); queryString = queryString.replaceAll("__NAME__", "userId"). replaceAll("__UID__", "userId"). diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserService.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserService.java index 509a44b..e586d38 100644 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserService.java +++ b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserService.java @@ -19,56 +19,159 @@ package org.apache.syncope.fit.buildtools.cxf; import java.util.Date; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import java.util.Optional; import java.util.UUID; +import java.util.stream.Collectors; +import java.util.stream.Stream; +import javax.ws.rs.ClientErrorException; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; +import javax.ws.rs.ForbiddenException; import javax.ws.rs.GET; +import javax.ws.rs.NotFoundException; import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; +import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriInfo; @Path("users") -public interface UserService { +public class UserService { + + private static final Map<UUID, UserMetadata> USERS = new HashMap<>(); + + @Context + private UriInfo uriInfo; @GET @Produces({ MediaType.APPLICATION_JSON }) - List<User> list(); + public List<User> list() { + return USERS.values().stream(). + filter(meta -> !meta.isDeleted()). + map(UserMetadata::getUser). + collect(Collectors.toList()); + } @GET @Path("changelog") @Produces({ MediaType.APPLICATION_JSON }) - List<UserMetadata> changelog(@QueryParam("from") Date from); + public List<UserMetadata> changelog(@QueryParam("from") final Date from) { + Stream<UserMetadata> users = USERS.values().stream(); + if (from != null) { + users = users.filter(meta -> meta.getLastChangeDate().after(from)); + } + return users.collect(Collectors.toList()); + } @GET @Path("{key}") @Produces({ MediaType.APPLICATION_JSON }) - User read(@PathParam("key") UUID key); + public User read(@PathParam("key") final UUID key) { + UserMetadata meta = USERS.get(key); + if (meta == null || meta.isDeleted()) { + throw new NotFoundException(key.toString()); + } + return meta.getUser(); + } @POST @Consumes({ MediaType.APPLICATION_JSON }) - Response create(User user); + public Response create(final User user) { + if (user.getKey() == null) { + user.setKey(UUID.randomUUID()); + } + if (user.getStatus() == null) { + user.setStatus(User.Status.ACTIVE); + } + + UserMetadata meta = USERS.get(user.getKey()); + if (meta != null && !meta.isDeleted()) { + throw new ClientErrorException("User already exists: " + user.getKey(), Response.Status.CONFLICT); + } + + meta = new UserMetadata(); + meta.setLastChangeDate(new Date()); + meta.setUser(user); + USERS.put(user.getKey(), meta); + + return Response.created(uriInfo.getAbsolutePathBuilder().path(user.getKey().toString()).build()).build(); + } @PUT @Path("{key}") @Consumes({ MediaType.APPLICATION_JSON }) - void update(@PathParam("key") UUID key, User user); + public void update(@PathParam("key") final UUID key, final User updatedUser) { + UserMetadata meta = USERS.get(key); + if (meta == null || meta.isDeleted()) { + throw new NotFoundException(key.toString()); + } + + if (updatedUser.getUsername() != null) { + meta.getUser().setUsername(updatedUser.getUsername()); + } + if (updatedUser.getPassword() != null) { + meta.getUser().setPassword(updatedUser.getPassword()); + } + if (updatedUser.getFirstName() != null) { + meta.getUser().setFirstName(updatedUser.getFirstName()); + } + if (updatedUser.getSurname() != null) { + meta.getUser().setSurname(updatedUser.getSurname()); + } + if (updatedUser.getEmail() != null) { + meta.getUser().setEmail(updatedUser.getEmail()); + } + if (updatedUser.getStatus() != null) { + meta.getUser().setStatus(updatedUser.getStatus()); + } + + meta.setLastChangeDate(new Date()); + } @DELETE @Path("{key}") - void delete(@PathParam("key") UUID key); + public void delete(@PathParam("key") final UUID key) { + UserMetadata meta = USERS.get(key); + if (meta == null || meta.isDeleted()) { + throw new NotFoundException(key.toString()); + } + + meta.setDeleted(true); + meta.setLastChangeDate(new Date()); + } @POST @Path("authenticate") @Produces({ MediaType.APPLICATION_JSON }) - User authenticate(@QueryParam("username") String username, @QueryParam("password") String password); + public User authenticate( + @QueryParam("username") final String username, + @QueryParam("password") final String password) { + + Optional<User> user = USERS.values().stream(). + filter(meta -> !meta.isDeleted() && username.equals(meta.getUser().getUsername())). + findFirst().map(UserMetadata::getUser); + + if (user.isEmpty()) { + throw new NotFoundException(username); + } + if (!password.equals(user.get().getPassword())) { + throw new ForbiddenException(); + } + + return user.get(); + } @POST @Path("clear") - void clear(); + public void clear() { + USERS.clear(); + } } diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserServiceImpl.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserServiceImpl.java deleted file mode 100644 index b671f8e..0000000 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/UserServiceImpl.java +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.fit.buildtools.cxf; - -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; -import java.util.UUID; -import java.util.stream.Collectors; -import java.util.stream.Stream; -import javax.ws.rs.ClientErrorException; -import javax.ws.rs.ForbiddenException; -import javax.ws.rs.NotFoundException; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; -import org.springframework.stereotype.Service; - -@Service -public class UserServiceImpl implements UserService { - - private static final Map<UUID, UserMetadata> USERS = new HashMap<>(); - - @Context - private UriInfo uriInfo; - - @Override - public List<User> list() { - return USERS.values().stream(). - filter(meta -> !meta.isDeleted()). - map(UserMetadata::getUser). - collect(Collectors.toList()); - } - - @Override - public List<UserMetadata> changelog(final Date from) { - Stream<UserMetadata> users = USERS.values().stream(); - if (from != null) { - users = users.filter(meta -> meta.getLastChangeDate().after(from)); - } - return users.collect(Collectors.toList()); - } - - @Override - public User read(final UUID key) { - UserMetadata meta = USERS.get(key); - if (meta == null || meta.isDeleted()) { - throw new NotFoundException(key.toString()); - } - return meta.getUser(); - } - - @Override - public Response create(final User user) { - if (user.getKey() == null) { - user.setKey(UUID.randomUUID()); - } - if (user.getStatus() == null) { - user.setStatus(User.Status.ACTIVE); - } - - UserMetadata meta = USERS.get(user.getKey()); - if (meta != null && !meta.isDeleted()) { - throw new ClientErrorException("User already exists: " + user.getKey(), Response.Status.CONFLICT); - } - - meta = new UserMetadata(); - meta.setLastChangeDate(new Date()); - meta.setUser(user); - USERS.put(user.getKey(), meta); - - return Response.created(uriInfo.getAbsolutePathBuilder().path(user.getKey().toString()).build()).build(); - } - - @Override - public void update(final UUID key, final User updatedUser) { - UserMetadata meta = USERS.get(key); - if (meta == null || meta.isDeleted()) { - throw new NotFoundException(key.toString()); - } - - if (updatedUser.getUsername() != null) { - meta.getUser().setUsername(updatedUser.getUsername()); - } - if (updatedUser.getPassword() != null) { - meta.getUser().setPassword(updatedUser.getPassword()); - } - if (updatedUser.getFirstName() != null) { - meta.getUser().setFirstName(updatedUser.getFirstName()); - } - if (updatedUser.getSurname() != null) { - meta.getUser().setSurname(updatedUser.getSurname()); - } - if (updatedUser.getEmail() != null) { - meta.getUser().setEmail(updatedUser.getEmail()); - } - if (updatedUser.getStatus() != null) { - meta.getUser().setStatus(updatedUser.getStatus()); - } - - meta.setLastChangeDate(new Date()); - } - - @Override - public void delete(final UUID key) { - UserMetadata meta = USERS.get(key); - if (meta == null || meta.isDeleted()) { - throw new NotFoundException(key.toString()); - } - - meta.setDeleted(true); - meta.setLastChangeDate(new Date()); - } - - @Override - public User authenticate(final String username, final String password) { - Optional<User> user = USERS.values().stream(). - filter(meta -> !meta.isDeleted() && username.equals(meta.getUser().getUsername())). - findFirst().map(UserMetadata::getUser); - - if (user.isEmpty()) { - throw new NotFoundException(username); - } - if (!password.equals(user.get().getPassword())) { - throw new ForbiddenException(); - } - - return user.get(); - } - - @Override - public void clear() { - USERS.clear(); - } -} diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/enduser/AnonymousITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/enduser/AnonymousITCase.java index 2d22b27..02f55a6 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/enduser/AnonymousITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/enduser/AnonymousITCase.java @@ -18,8 +18,6 @@ */ package org.apache.syncope.fit.enduser; -import static org.apache.syncope.fit.enduser.AbstractEnduserITCase.securityQuestionService; -import static org.apache.syncope.fit.enduser.AbstractEnduserITCase.userService; import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; diff --git a/fit/wa-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java b/fit/wa-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java index ce42c1b..cd8ce72 100644 --- a/fit/wa-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java +++ b/fit/wa-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java @@ -120,7 +120,7 @@ public class AbstractITCase { assertNotEquals(-1, begin); int end = responseBody.indexOf("\"/>", begin); assertNotEquals(-1, end); - String relayState = responseBody.substring(begin + 25, end); + String relayState = StringEscapeUtils.unescapeXml(responseBody.substring(begin + 25, end)); assertNotNull(relayState); begin = responseBody.indexOf("name=\"SAMLRequest\" value=\""); diff --git a/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/SAML2SRAITCase.java b/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/SAML2SRAITCase.java index 0cd2e5c..f65c287 100644 --- a/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/SAML2SRAITCase.java +++ b/fit/wa-reference/src/test/java/org/apache/syncope/fit/sra/SAML2SRAITCase.java @@ -104,21 +104,23 @@ public class SAML2SRAITCase extends AbstractSRAITCase { HttpGet get = new HttpGet(SRA_ADDRESS + "/public/get?" + QUERY_STRING); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - CloseableHttpResponse response = httpclient.execute(get, context); - - ObjectNode headers = checkGetResponse(response, get.getURI().toASCIIString().replace("/public", "")); - assertFalse(headers.has(HttpHeaders.COOKIE)); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + ObjectNode headers = checkGetResponse(response, get.getURI().toASCIIString().replace("/public", "")); + assertFalse(headers.has(HttpHeaders.COOKIE)); + } // 2. protected get = new HttpGet(SRA_ADDRESS + "/protected/get?" + QUERY_STRING); String originalRequestURI = get.getURI().toASCIIString(); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + String responseBody; + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + responseBody = EntityUtils.toString(response.getEntity()); + } // 2a. post SAML request - String responseBody = EntityUtils.toString(response.getEntity()); Triple<String, String, String> parsed = parseSAMLRequestForm(responseBody); HttpPost post = new HttpPost(parsed.getLeft()); @@ -127,22 +129,42 @@ public class SAML2SRAITCase extends AbstractSRAITCase { post.setEntity(new UrlEncodedFormEntity( List.of(new BasicNameValuePair("RelayState", parsed.getMiddle()), new BasicNameValuePair("SAMLRequest", parsed.getRight())), Consts.UTF_8)); - response = httpclient.execute(post, context); - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + String location; + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + } // 2b. authenticate - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); - get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); - get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + post = new HttpPost(location); + post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); + post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + responseBody = EntityUtils.toString(response.getEntity()); + } + + boolean isOk = false; + try (CloseableHttpResponse response = + authenticateToCas("bellini", "password", responseBody, httpclient, context)) { + + switch (response.getStatusLine().getStatusCode()) { + case HttpStatus.SC_OK: + isOk = true; + responseBody = EntityUtils.toString(response.getEntity()); + break; - responseBody = EntityUtils.toString(response.getEntity()); - response = authenticateToCas("bellini", "password", responseBody, httpclient, context); + case HttpStatus.SC_MOVED_TEMPORARILY: + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + break; + + default: + fail(); + } + } // 2c. WA attribute consent screen - if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) { - responseBody = EntityUtils.toString(response.getEntity()); + if (isOk) { String execution = extractCASExecution(responseBody); List<NameValuePair> form = new ArrayList<>(); @@ -156,18 +178,21 @@ public class SAML2SRAITCase extends AbstractSRAITCase { post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8)); - response = httpclient.execute(post, context); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue().replace(":8080", ":9080"); + } } - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); + get = new HttpGet(location); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + responseBody = EntityUtils.toString(response.getEntity()); + } // 2d. post SAML response - responseBody = EntityUtils.toString(response.getEntity()); parsed = parseSAMLResponseForm(responseBody); post = new HttpPost(parsed.getLeft()); @@ -176,25 +201,28 @@ public class SAML2SRAITCase extends AbstractSRAITCase { post.setEntity(new UrlEncodedFormEntity( List.of(new BasicNameValuePair("RelayState", parsed.getMiddle()), new BasicNameValuePair("SAMLResponse", parsed.getRight())), Consts.UTF_8)); - response = httpclient.execute(post, context); - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + } // 2e. finally get requested content - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); + get = new HttpGet(location); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - - headers = checkGetResponse(response, originalRequestURI.replace("/protected", "")); - assertFalse(headers.get(HttpHeaders.COOKIE).asText().isBlank()); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + ObjectNode headers = checkGetResponse(response, originalRequestURI.replace("/protected", "")); + assertFalse(headers.get(HttpHeaders.COOKIE).asText().isBlank()); + } // 3. logout get = new HttpGet(SRA_ADDRESS + "/protected/logout"); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + responseBody = EntityUtils.toString(response.getEntity()); + } // 3a. post SAML request - responseBody = EntityUtils.toString(response.getEntity()); parsed = parseSAMLRequestForm(responseBody); post = new HttpPost(parsed.getLeft()); @@ -203,15 +231,17 @@ public class SAML2SRAITCase extends AbstractSRAITCase { post.setEntity(new UrlEncodedFormEntity( List.of(new BasicNameValuePair("RelayState", parsed.getMiddle()), new BasicNameValuePair("SAMLRequest", parsed.getRight())), Consts.UTF_8)); - response = httpclient.execute(post, context); - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + } - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); + get = new HttpGet(location); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - // 3b. check logout - checkLogout(response); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + checkLogout(response); + } } } diff --git a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java index 151c06d..26057e1 100644 --- a/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java +++ b/fit/wa-reference/src/test/java/org/apache/syncope/fit/ui/SAML2SP4UIITCase.java @@ -181,40 +181,62 @@ public class SAML2SP4UIITCase extends AbstractUIITCase { // 1. fetch login page HttpGet get = new HttpGet(baseURL); - CloseableHttpResponse response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + } // 2. click on the SAML 2.0 IdP get = new HttpGet(baseURL + SAML2SP4UIConstants.URL_CONTEXT + "/login?idp=http%3A//localhost%3A9080/syncope-wa/saml"); - response = httpclient.execute(get, context); - - // 2a. post SAML request - String responseBody = EntityUtils.toString(response.getEntity()); + String responseBody; + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + responseBody = EntityUtils.toString(response.getEntity()); + } Triple<String, String, String> parsed = parseSAMLRequestForm(responseBody); + // 2a. post SAML request HttpPost post = new HttpPost(parsed.getLeft()); post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); post.setEntity(new UrlEncodedFormEntity( List.of(new BasicNameValuePair("RelayState", parsed.getMiddle()), new BasicNameValuePair("SAMLRequest", parsed.getRight())), Consts.UTF_8)); - response = httpclient.execute(post, context); - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + String location; + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + } // 2b. authenticate - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); - get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); - get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); - - responseBody = EntityUtils.toString(response.getEntity()); - response = authenticateToCas(username, password, responseBody, httpclient, context); + post = new HttpPost(location); + post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); + post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); + post.addHeader(HttpHeaders.REFERER, get.getURI().toASCIIString()); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + responseBody = EntityUtils.toString(response.getEntity()); + } + boolean isOk = false; + try (CloseableHttpResponse response = + authenticateToCas(username, password, responseBody, httpclient, context)) { + + switch (response.getStatusLine().getStatusCode()) { + case HttpStatus.SC_OK: + isOk = true; + responseBody = EntityUtils.toString(response.getEntity()); + break; + + case HttpStatus.SC_MOVED_TEMPORARILY: + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + break; + + default: + fail(); + } + } // 2c. WA attribute consent screen - if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) { - responseBody = EntityUtils.toString(response.getEntity()); + if (isOk) { String execution = extractCASExecution(responseBody); List<NameValuePair> form = new ArrayList<>(); @@ -228,18 +250,21 @@ public class SAML2SP4UIITCase extends AbstractUIITCase { post.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); post.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); post.setEntity(new UrlEncodedFormEntity(form, Consts.UTF_8)); - response = httpclient.execute(post, context); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue().replace(":8080", ":9080"); + } } - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); - get = new HttpGet(response.getFirstHeader(HttpHeaders.LOCATION).getValue()); + get = new HttpGet(location); get.addHeader(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); get.addHeader(HttpHeaders.ACCEPT_LANGUAGE, EN_LANGUAGE); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + responseBody = EntityUtils.toString(response.getEntity()); + } // 2d. post SAML response - responseBody = EntityUtils.toString(response.getEntity()); parsed = parseSAMLResponseForm(responseBody); post = new HttpPost(parsed.getLeft()); @@ -248,15 +273,17 @@ public class SAML2SP4UIITCase extends AbstractUIITCase { post.setEntity(new UrlEncodedFormEntity( List.of(new BasicNameValuePair("RelayState", parsed.getMiddle()), new BasicNameValuePair("SAMLResponse", parsed.getRight())), Consts.UTF_8)); - response = httpclient.execute(post, context); - assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + try (CloseableHttpResponse response = httpclient.execute(post, context)) { + assertEquals(HttpStatus.SC_MOVED_TEMPORARILY, response.getStatusLine().getStatusCode()); + location = response.getFirstHeader(HttpHeaders.LOCATION).getValue(); + } // 3. verify that user is now authenticated - get = new HttpGet(baseURL + StringUtils.removeStart( - response.getFirstHeader(HttpHeaders.LOCATION).getValue(), "../")); - response = httpclient.execute(get, context); - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); - assertTrue(EntityUtils.toString(response.getEntity()).contains(username)); + get = new HttpGet(baseURL + StringUtils.removeStart(location, "../")); + try (CloseableHttpResponse response = httpclient.execute(get, context)) { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + assertTrue(EntityUtils.toString(response.getEntity()).contains(username)); + } } @Override diff --git a/pom.xml b/pom.xml index abfd8a3..52f72d7 100644 --- a/pom.xml +++ b/pom.xml @@ -403,13 +403,13 @@ under the License. <connid.scimv11.version>1.0.1</connid.scimv11.version> <connid.servicenow.version>1.0.0</connid.servicenow.version> - <cxf.version>3.4.5</cxf.version> + <cxf.version>3.5.0</cxf.version> <bouncycastle.version>1.70</bouncycastle.version> <nimbus-jose-jwt.version>9.15.2</nimbus-jose-jwt.version> <jackson.version>2.13.1</jackson.version> - <spring-boot.version>2.6.1</spring-boot.version> + <spring-boot.version>2.6.2</spring-boot.version> <spring-cloud-gateway.version>3.1.0</spring-cloud-gateway.version> <openjpa.version>3.2.0</openjpa.version> @@ -472,7 +472,7 @@ under the License. <wicketstuff.version>9.6.0</wicketstuff.version> <wicket-jqueryui.version>9.5.0</wicket-jqueryui.version> <wicket-bootstrap.version>5.0.6</wicket-bootstrap.version> - <wicket-spring-boot.version>3.0.4</wicket-spring-boot.version> + <wicket-spring-boot.version>3.1.6</wicket-spring-boot.version> <antlr4.version>4.9.3</antlr4.version>