Merge pull request #5 from apereo/5.3.x-register-service-updates

DelegateAuthnPolicy, Groovy MFA and Groovy Access Strategy
apereo · Jan 10, 2018 · 76aab93 · 76aab93
2 parents ded0f00 + af7e079
commit 76aab93
Show file tree

Hide file tree

Showing 27 changed files with 334 additions and 2,397 deletions.
diff --git a/...agement-webapp-support/src/main/java/org/apereo/cas/mgmt/services/web/beans/FormData.java b/...agement-webapp-support/src/main/java/org/apereo/cas/mgmt/services/web/beans/FormData.java
@@ -179,6 +179,26 @@ public CaseCanonicalizationMode[] getCanonicalizationModes() {
         return CaseCanonicalizationMode.values();
     }
 
+    /**
+     * Returns a list of providers that authentication can be delegated to.
+     *
+     * @return the providers
+     */
+    public List<String> getDelegatedAuthnProviders() {
+        final List<String> providers = new ArrayList<>();
+        providers.add("Twitter");
+        providers.add("Paypal");
+        providers.add("Wordpress");
+        providers.add("Yahoo");
+        providers.add("Orcid");
+        providers.add("Dropbox");
+        providers.add("Github");
+        providers.add("Foursquare");
+        providers.add("WindowsLive");
+        providers.add("Google");
+        return providers;
+    }
+
     private static class Option {
         private String display;
         private String value;

diff --git a/...pp-mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.html b/...pp-mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.html
@@ -43,7 +43,9 @@ <h5>Service Access Strategy</h5>
     <h5>Required Attributes</h5>
   </mat-card-title>
   <div class="cardContent">
-    <app-rejectedattributes [attributes]="data.service.accessStrategy.requiredAttributes"></app-rejectedattributes>
+    <app-attributemapping [attributes]="data.service.accessStrategy.requiredAttributes"
+                          [attributeNames]="data.formData.availableAttributes">
+    </app-attributemapping>
     <div>
       <mat-checkbox [(ngModel)]="data.service.accessStrategy.caseInsensitive">
         <ng-container i18n="services.form.label.sas.caseinsensitive">
@@ -94,6 +96,42 @@ <h5>Type</h5>
         <app-surrogate></app-surrogate>
       </div>
 
+      <div *ngIf="type == TYPE.GROOVY">
+        <mat-form-field class="textInput">
+          <input matInput
+                 i18n-placeholder="services.form.label.sas.groovy.scriptFile"
+                 [placeholder]="messages.services_form_label_sas_groovy_scriptFile"
+                 [(ngModel)]="data.service.accessStrategy.groovyScript">
+        </mat-form-field>
+        <mat-icon style="font-size: medium"
+                  i18n-matTooltip="services.form.tooltip.sas.groovy.scriptFile"
+                  [matTooltip]="messages.services_form_tooltip_sas_groovy_scriptFile">help
+        </mat-icon>
+      </div>
+
+    </div>
+  </mat-card>
+
+  <mat-card class="tabCard">
+    <mat-card-title>
+      <h5>Delegated Authentication</h5>
+    </mat-card-title>
+    <div class="cardContent">
+      <div>
+        <mat-form-field class="textInput">
+          <mat-select i18n-placeHolder="services.form.label.sas.delegatedAuthn" multiple
+                      [placeholder]="messages.services_form_label_sas_delegatedAuthn"
+                      [(ngModel)]="delegatedAuthn" (change)="changeDelegatedAuthns()">
+            <mat-option *ngFor="let opt of formData.delegatedAuthnProviders" [value]="opt">
+              {{ opt }}
+            </mat-option>
+          </mat-select>
+        </mat-form-field>
+        <mat-icon style="font-size: medium"
+                  i18n-matTooltip="services.form.tooltip.sas.delegatedAuthn"
+                  [matTooltip]="messages.services_form_tooltip_sas_delegatedAuthn">help
+        </mat-icon>
+      </div>
     </div>
   </mat-card>
 
@@ -102,7 +140,7 @@ <h5>Type</h5>
       <h5>Rejected Attributes</h5>
     </mat-card-title>
     <div class="cardContent">
-    <app-rejectedattributes [attributes]="data.service.accessStrategy.rejectedAttributes"></app-rejectedattributes>
+    <app-attributemapping [attributes]="data.service.accessStrategy.rejectedAttributes"></app-attributemapping>
     </div>
   </mat-card>
 

diff --git a/...mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.spec.ts b/...mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.spec.ts
@@ -5,7 +5,7 @@ import { By } from '@angular/platform-browser';
 import { DebugElement } from '@angular/core';
 
 import { AccessStrategyComponent } from './access-strategy.component';
-import {RejectedattributesComponent} from '../rejectedattributes/rejectedattributes.component';
+import {AttributemappingComponent} from '../attributemapping/attributemapping.component';
 import {Messages} from '../../messages';
 import {FormData} from '../../../domain/form-data';
 import {SharedModule} from '../../shared/shared.module';
@@ -17,7 +17,7 @@ describe('AccessStrategyComponent', () => {
   beforeEach(async(() => {
     TestBed.configureTestingModule({
       imports: [ FormsModule, SharedModule ],
-      declarations: [ AccessStrategyComponent, RejectedattributesComponent ],
+      declarations: [ AccessStrategyComponent, AttributemappingComponent ],
       providers: [
         Messages
       ]

diff --git a/webapp-mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.ts b/webapp-mgmt/cas-management-webapp/src/app/form/access-strategy/access-strategy.component.ts
@@ -1,17 +1,19 @@
 import {Component, OnInit, Input} from '@angular/core';
 import {Messages} from '../../messages';
 import {
-  DefaultRegisteredServiceAccessStrategy, GrouperRegisteredServiceAccessStrategy,
-  RemoteEndpointServiceAccessStrategy, SurrogateRegisteredServiceAccessStrategy,
-  TimeBasedRegisteredServiceAccessStrategy
+    DefaultRegisteredServiceAccessStrategy, GroovyRegisteredServiceAccessStrategy,
+    GrouperRegisteredServiceAccessStrategy,
+    RemoteEndpointServiceAccessStrategy, SurrogateRegisteredServiceAccessStrategy,
+    TimeBasedRegisteredServiceAccessStrategy
 } from '../../../domain/access-strategy';
 import {FormData} from '../../../domain/form-data';
 import {Util} from '../../util/util';
 import {Data} from '../data';
+import {DefaultRegisteredServiceDelegatedAuthenticationPolicy} from '../../../domain/delegated-authn';
 
 
 enum Type {
-  DEFAULT, TIME, GROUPER, REMOTE, SURROGATE
+  DEFAULT, TIME, GROUPER, REMOTE, SURROGATE, GROOVY
 }
 
 @Component({
@@ -25,7 +27,8 @@ export class AccessStrategyComponent implements OnInit {
   formData: FormData;
   type: Type;
   TYPE = Type;
-  types = [Type.DEFAULT, Type.TIME, Type.GROUPER, Type.REMOTE, Type.SURROGATE];
+  types = [Type.DEFAULT, Type.TIME, Type.GROUPER, Type.REMOTE, Type.SURROGATE, Type.GROOVY];
+  delegatedAuthn: String[] = [];
 
   constructor(public messages: Messages,
               public data: Data) {
@@ -44,9 +47,9 @@ export class AccessStrategyComponent implements OnInit {
       service.accessStrategy.requiredAttributes = new Map();
     }
 
-    this.formData.availableAttributes.forEach((item: any) => {
-      service.accessStrategy.requiredAttributes[item] = service.accessStrategy.requiredAttributes[item] || [item];
-    });
+    if (Util.isEmpty(service.accessStrategy.requiredAttributes)) {
+      service.accessStrategy.requiredAttributes = new Map();
+    }
 
     if (RemoteEndpointServiceAccessStrategy.instanceOf(service.accessStrategy)) {
       this.type = Type.REMOTE;
@@ -56,6 +59,8 @@ export class AccessStrategyComponent implements OnInit {
       this.type = Type.GROUPER;
     } else if (SurrogateRegisteredServiceAccessStrategy.instanceOf(service.accessStrategy)) {
       this.type = Type.SURROGATE;
+    } else if (GroovyRegisteredServiceAccessStrategy.instanceOf(service.accessStrategy)) {
+      this.type = Type.GROOVY;
     } else {
       this.type = Type.DEFAULT;
     }
@@ -78,7 +83,20 @@ export class AccessStrategyComponent implements OnInit {
       case Type.SURROGATE :
         this.data.service.accessStrategy = new SurrogateRegisteredServiceAccessStrategy(this.data.service.accessStrategy);
         break;
+      case Type.GROOVY :
+        this.data.service.accessStrategy = new GroovyRegisteredServiceAccessStrategy(this.data.service.accessStrategy);
+        break;
       default:
     }
   }
+
+  changeDelegatedAuthns() {
+    if (this.delegatedAuthn.length === 0) {
+      this.data.service.accessStrategy.delegatedAuthenticationPolicy = null;
+    } else {
+      const policy = new DefaultRegisteredServiceDelegatedAuthenticationPolicy();
+      policy.allowedProviders = this.delegatedAuthn;
+      this.data.service.accessStrategy.delegatedAuthenticationPolicy = policy;
+    }
+  }
 }
diff --git a/...-webapp/src/app/form/attribute-release-policies/attribute-release-policies.component.html b/...-webapp/src/app/form/attribute-release-policies/attribute-release-policies.component.html
@@ -54,8 +54,10 @@
   </mat-icon>
 </div>
 
-<div *ngIf="type == TYPE.RETURN_MAPPED && !isEmpty( formData.availableAttributes )">
-  <app-mappedattributes [attributes]="data.service.attributeReleasePolicy.allowedAttributes"></app-mappedattributes>
+<div *ngIf="type == TYPE.RETURN_MAPPED">
+  <app-attributemapping [attributes]="data.service.attributeReleasePolicy.allowedAttributes"
+                        [attributeNames]="data.formData.availableAttributes">
+  </app-attributemapping>
 </div>
 
 <div *ngIf="type == TYPE.METADATA" style="padding-top:25px;">

diff --git a/...nt-webapp/src/app/form/attribute-release-policies/attribute-release-policies.component.ts b/...nt-webapp/src/app/form/attribute-release-policies/attribute-release-policies.component.ts
@@ -16,6 +16,7 @@ import {
 } from '../../../domain/attribute-release';
 import {Data} from '../data';
 import {SamlRegisteredService} from '../../../domain/saml-service';
+import {Util} from '../../util/util';
 
 enum Type {
   RETURN_ALL,
@@ -56,9 +57,9 @@ export class AttributeReleasePoliciesComponent implements OnInit {
       this.type = Type.DENY_ALL;
     } else if (ReturnMappedAttributeReleasePolicy.instanceOf(this.data.service.attributeReleasePolicy)) {
       const mapped: ReturnMappedAttributeReleasePolicy = this.data.service.attributeReleasePolicy as ReturnMappedAttributeReleasePolicy;
-      this.formData.availableAttributes.forEach((item: any) => {
-        mapped.allowedAttributes[item] = mapped.allowedAttributes[item] || [item];
-      });
+      if (Util.isEmpty(mapped.allowedAttributes)) {
+        mapped.allowedAttributes = new Map();
+      }
       this.type = Type.RETURN_MAPPED;
     } else if (ReturnAllowedAttributeReleasePolicy.instanceOf(this.data.service.attributeReleasePolicy)) {
       this.type = Type.RETURN_ALLOWED;
@@ -112,9 +113,6 @@ export class AttributeReleasePoliciesComponent implements OnInit {
       case Type.RETURN_MAPPED :
         const mapped: ReturnMappedAttributeReleasePolicy = new ReturnMappedAttributeReleasePolicy(this.data.service.attributeReleasePolicy);
         mapped.allowedAttributes = new Map();
-        this.formData.availableAttributes.forEach((item: any) => {
-          mapped.allowedAttributes[item] = [item];
-        });
         this.data.service.attributeReleasePolicy = mapped;
         break;
       case Type.RETURN_ALLOWED :

diff --git a/...tributes/rejectedattributes.component.css → ...utemapping/attributemapping.component.css b/...tributes/rejectedattributes.component.css → ...utemapping/attributemapping.component.css
diff --git a/...ributes/rejectedattributes.component.html → ...temapping/attributemapping.component.html b/...ributes/rejectedattributes.component.html → ...temapping/attributemapping.component.html
@@ -5,8 +5,8 @@
       <mat-header-cell *cdkHeaderCellDef [ngClass]="'nameWidth'">Name</mat-header-cell>
       <mat-cell *cdkCellDef="let row" [ngClass]="'nameWidth'">
         <mat-form-field>
-          <input matInput #text
-                 [ngModel]="row.key"
+          <input matInput #text [matAutocomplete]="auto"
+                 [ngModel]="row.key" (click)="selectedRow = row"
                  (change)="doChange(row,$event.target.value)">
         </mat-form-field>
       </mat-cell>
@@ -38,3 +38,7 @@
     <button mat-mini-fab (click)="addRow()" style="float:right;">+</button>
   </div>
 </div>
+
+<mat-autocomplete #auto="matAutocomplete" (optionSelected)="selection($event)">
+  <mat-option *ngFor="let opt of attributeNames" [value]="opt">{{ opt }}</mat-option>
+</mat-autocomplete>
diff --git a/...utes/rejectedattributes.component.spec.ts → ...apping/attributemapping.component.spec.ts b/...utes/rejectedattributes.component.spec.ts → ...apping/attributemapping.component.spec.ts
@@ -1,29 +1,26 @@
 /* tslint:disable:no-unused-variable */
 import { async, ComponentFixture, TestBed } from '@angular/core/testing';
 import { FormsModule } from '@angular/forms';
-import { By } from '@angular/platform-browser';
-import { DebugElement } from '@angular/core';
 
-import { RejectedattributesComponent } from './rejectedattributes.component';
+import { AttributemappingComponent } from './attributemapping.component';
 import {Messages} from '../../messages';
 import {SharedModule} from '../../shared/shared.module';
-import {RegexRegisteredService} from '../../../domain/registered-service';
 
-describe('RejectedattributesComponent', () => {
-  let component: RejectedattributesComponent;
-  let fixture: ComponentFixture<RejectedattributesComponent>;
+describe('AttributemappingComponent', () => {
+  let component: AttributemappingComponent;
+  let fixture: ComponentFixture<AttributemappingComponent>;
 
   beforeEach(async(() => {
     TestBed.configureTestingModule({
       imports: [ FormsModule, SharedModule ],
-      declarations: [ RejectedattributesComponent ],
+      declarations: [ AttributemappingComponent ],
       providers: [ Messages ]
     })
     .compileComponents();
   }));
 
   beforeEach(() => {
-    fixture = TestBed.createComponent(RejectedattributesComponent);
+    fixture = TestBed.createComponent(AttributemappingComponent);
     component = fixture.componentInstance;
     fixture.detectChanges();
   });

diff --git a/...ttributes/rejectedattributes.component.ts → ...butemapping/attributemapping.component.ts b/...ttributes/rejectedattributes.component.ts → ...butemapping/attributemapping.component.ts
@@ -5,20 +5,26 @@ import 'rxjs/add/operator/startWith';
 import 'rxjs/add/observable/merge';
 import 'rxjs/add/operator/map';
 import {Row, RowDataSource} from '../row';
+import {MatAutocompleteSelectedEvent} from '@angular/material';
 
 @Component({
-  selector: 'app-rejectedattributes',
-  templateUrl: './rejectedattributes.component.html',
-  styleUrls: ['./rejectedattributes.component.css']
+  selector: 'app-attributemapping',
+  templateUrl: './attributemapping.component.html',
+  styleUrls: ['./attributemapping.component.css']
 })
-export class RejectedattributesComponent implements OnInit {
+export class AttributemappingComponent implements OnInit {
 
   displayedColumns = ['source', 'mapped', 'delete'];
   dataSource: RowDataSource;
 
   @Input()
   attributes: Map<String, String[]>;
 
+  @Input()
+  attributeNames: String[];
+
+  selectedRow;
+
   constructor(public messages: Messages,
               public data: Data) {
   }
@@ -45,4 +51,9 @@ export class RejectedattributesComponent implements OnInit {
     delete this.attributes[row.key as string];
     this.dataSource.removeRow(row);
   }
+
+  selection(val: MatAutocompleteSelectedEvent) {
+    const opt =  val.option.value;
+    this.doChange(this.selectedRow, opt)
+  }
 }
diff --git a/webapp-mgmt/cas-management-webapp/src/app/form/form.component.html b/webapp-mgmt/cas-management-webapp/src/app/form/form.component.html
@@ -96,6 +96,6 @@ <h4 style="display: inline;position: relative;top: -5px;">
     </mat-tab>
   </mat-tab-group>
 </div>
-<div style="position:relative;top:90px;margin-bottom:75px;">
+<div style="position:relative;top:90px;padding-bottom:75px;">
   <router-outlet name="form"></router-outlet>
 </div>
diff --git a/webapp-mgmt/cas-management-webapp/src/app/form/form.module.ts b/webapp-mgmt/cas-management-webapp/src/app/form/form.module.ts
@@ -31,7 +31,7 @@ import {OauthclientComponent} from './oauthclient/oauthclient.component';
 import {PropertiespaneComponent} from './propertiespane/propertiespane.component';
 import {ProxyComponent} from './proxy/proxy.component';
 import {PubkeyComponent} from './pubkey/pubkey.component';
-import {RejectedattributesComponent} from './rejectedattributes/rejectedattributes.component';
+import {AttributemappingComponent} from './attributemapping/attributemapping.component';
 import {ReqhandlersComponent} from './reqhandlers/reqhandlers.component';
 import {SamlclientComponent} from './samlclient/samlclient.component';
 import {ServicedescComponent} from './servicedesc/servicedesc.component';
@@ -54,7 +54,6 @@ import { RemoteComponent } from './access-strategy/remote/remote.component';
 import { TimeComponent } from './access-strategy/time/time.component';
 import { GrouperComponent } from './access-strategy/grouper/grouper.component';
 import { OidcclientComponent } from './oidcclient/oidcclient.component';
-import { MappedattributesComponent } from './mappedattributes/mappedattributes.component';
 import { TabOauthComponent } from './tab-oauth/tab-oauth.component';
 import { TabSamlComponent } from './tab-saml/tab-saml.component';
 import { TabWsfedComponent } from './tab-wsfed/tab-wsfed.component';
@@ -112,7 +111,7 @@ import {InvalidDomainDirective} from './serviceid/invalid-domain.directive';
     PropertiespaneComponent,
     ProxyComponent,
     PubkeyComponent,
-    RejectedattributesComponent,
+    AttributemappingComponent,
     ReqhandlersComponent,
     SamlclientComponent,
     ServicedescComponent,
@@ -132,7 +131,6 @@ import {InvalidDomainDirective} from './serviceid/invalid-domain.directive';
     TimeComponent,
     GrouperComponent,
     OidcclientComponent,
-    MappedattributesComponent,
     TabOauthComponent,
     TabSamlComponent,
     TabWsfedComponent,

diff --git a/...p-mgmt/cas-management-webapp/src/app/form/mappedattributes/mappedattributes.component.css b/...p-mgmt/cas-management-webapp/src/app/form/mappedattributes/mappedattributes.component.css
diff --git a/...-mgmt/cas-management-webapp/src/app/form/mappedattributes/mappedattributes.component.html b/...-mgmt/cas-management-webapp/src/app/form/mappedattributes/mappedattributes.component.html