JanssenProject · yuriyz · Mar 1, 2024 · Feb 20, 2024 · Feb 20, 2024 · Feb 20, 2024
@@ -7898,18 +7898,18 @@ components:
           type: boolean
         whitePagesCanView:
           type: boolean
+        adminCanView:
+          type: boolean
         adminCanEdit:
           type: boolean
         userCanEdit:
           type: boolean
-        adminCanView:
-          type: boolean
         userCanView:
           type: boolean
-        userCanAccess:
-          type: boolean
         adminCanAccess:
           type: boolean
+        userCanAccess:
+          type: boolean
         baseDn:
           type: string
     PatchRequest:
@@ -10180,10 +10180,10 @@ components:
         ttl:
           type: integer
           format: int32
-        persisted:
-          type: boolean
         opbrowserState:
           type: string
+        persisted:
+          type: boolean
     SessionIdAccessMap:
       type: object
       properties:

@@ -686,10 +686,26 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/TrustRelationship'
+        "400":
+          description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "401":
           description: Unauthorized
+        "404":
+          description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "500":
           description: InternalServerError
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
       security:
       - oauth2:
         - https://jans.io/oauth/config/saml.write
@@ -716,10 +732,26 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/TrustRelationship'
+        "400":
+          description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "401":
           description: Unauthorized
+        "404":
+          description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "500":
           description: InternalServerError
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
       security:
       - oauth2:
         - https://jans.io/oauth/config/saml.write
@@ -1070,10 +1102,7 @@ components:
           type: string
           enum:
           - file
-          - uri
-          - federation
           - manual
-          - mdq
         samlMetadata:
           $ref: '#/components/schemas/SAMLMetadata'
         redirectUris:
@@ -1129,6 +1158,15 @@ components:
         metaDataFile:
           type: string
           format: binary
+    ApiError:
+      type: object
+      properties:
+        code:
+          type: string
+        message:
+          type: string
+        description:
+          type: string
   securitySchemes:
     oauth2:
       type: oauth2

@@ -324,12 +324,24 @@ paths:
                     }
         "400":
           description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "401":
           description: Unauthorized
         "404":
           description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "500":
           description: InternalServerError
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
       security:
       - oauth2:
         - https://jans.io/oauth/config/user.write
@@ -528,10 +540,24 @@ paths:
                     }
         "400":
           description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "401":
           description: Unauthorized
+        "404":
+          description: Not Found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
         "500":
           description: InternalServerError
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ApiError'
       security:
       - oauth2:
         - https://jans.io/oauth/config/user.write
@@ -882,6 +908,15 @@ components:
           type: string
         baseDn:
           type: string
+    ApiError:
+      type: object
+      properties:
+        code:
+          type: string
+        message:
+          type: string
+        description:
+          type: string
     UserPagedResult:
       type: object
       properties:

@@ -16,7 +16,7 @@
  */
 public enum MetadataSourceType implements AttributeEnum {
 
-	FILE("file", "File",1), URI("uri", "URI",2), FEDERATION("federation", "Federation",3), MANUAL("manual", "Manual",4), MDQ("mdq", "MDQ",5);
+	FILE("file", "File",1),  MANUAL("manual", "Manual",2);
 
 	private final String value;
 	private final String displayName;

@@ -1,10 +1,12 @@
 package io.jans.configapi.plugin.saml.rest;
 
 import static io.jans.as.model.util.Util.escapeLog;
-import io.jans.configapi.plugin.saml.model.TrustRelationship;
-import io.jans.configapi.plugin.saml.form.TrustRelationshipForm;
+import io.jans.configapi.core.model.ApiError;
 import io.jans.configapi.core.rest.BaseResource;
 import io.jans.configapi.core.rest.ProtectedApi;
+import io.jans.configapi.plugin.saml.model.MetadataSourceType;
+import io.jans.configapi.plugin.saml.model.TrustRelationship;
+import io.jans.configapi.plugin.saml.form.TrustRelationshipForm;
 import io.jans.configapi.plugin.saml.util.Constants;
 import io.jans.configapi.util.AttributeNames;
 import io.jans.configapi.plugin.saml.service.SamlService;
@@ -31,6 +33,7 @@
 import java.util.*;
 import java.util.stream.*;
 
+import org.apache.commons.lang.StringUtils;
 import org.jboss.resteasy.annotations.providers.multipart.MultipartForm;
 import org.slf4j.Logger;
 
@@ -44,6 +47,8 @@ public class TrustRelationshipResource extends BaseResource {
     private static final String SAML_TRUST_RELATIONSHIP_CHECK_STR = "Trust Relationship identified by '";
     private static final String NAME_CONFLICT = "NAME_CONFLICT";
     private static final String NAME_CONFLICT_MSG = "Trust Relationship with same name `%s` already exists!";
+    private static final String DATA_NULL_CHK = "RESOURCE_IS_NULL";
+    private static final String DATA_NULL_MSG = "`%s` should not be null!";
 
     @Inject
     Logger logger;
@@ -95,8 +100,11 @@ public Response getTrustRelationshipById(
     @RequestBody(description = "Trust Relationship object", content = @Content(mediaType = MediaType.MULTIPART_FORM_DATA, schema = @Schema(implementation = TrustRelationshipForm.class), examples = @ExampleObject(name = "Request example", value = "example/trust-relationship/trust-relationship-post.json")))
     @ApiResponses(value = {
             @ApiResponse(responseCode = "201", description = "Newly created Trust Relationship", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = TrustRelationship.class))),
+            @ApiResponse(responseCode = "400", description = "Bad Request" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+            @ApiResponse(responseCode = "404", description = "Not Found" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))),
+            @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))),
+            })
     @Consumes(MediaType.MULTIPART_FORM_DATA)
     @Path("/upload")
     @ProtectedApi(scopes = { Constants.SAML_WRITE_ACCESS }, groupScopes = {}, superScopes = {
@@ -127,6 +135,7 @@ public Response createTrustRelationshipWithFile(@MultipartForm TrustRelationship
             logger.debug(" Create metaDataFile.available():{}", metaDataFile.available());
         }
 
+        validateSpMetaDataSourceType(trustRelationship, metaDataFile);
         String inum = samlService.generateInumForNewRelationship();
         trustRelationship.setInum(inum);
         trustRelationship.setDn(samlService.getDnForTrustRelationship(inum));
@@ -143,8 +152,11 @@ public Response createTrustRelationshipWithFile(@MultipartForm TrustRelationship
     @RequestBody(description = "Trust Relationship object", content = @Content(mediaType = MediaType.MULTIPART_FORM_DATA, schema = @Schema(implementation = TrustRelationshipForm.class), examples = @ExampleObject(name = "Request example", value = "example/trust-relationship/trust-relationship-put.json")))
     @ApiResponses(value = {
             @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = TrustRelationship.class))),
+            @ApiResponse(responseCode = "400", description = "Bad Request" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+            @ApiResponse(responseCode = "404", description = "Not Found" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))),
+            @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))),
+            })
     @ProtectedApi(scopes = { Constants.SAML_WRITE_ACCESS })
     @Consumes(MediaType.MULTIPART_FORM_DATA)
     @Path("/upload")
@@ -193,8 +205,8 @@ public Response updateTrustRelationship(@MultipartForm TrustRelationshipForm tru
         if (metaDataFile != null) {
             logger.debug(" Create metaDataFile.available():{}", metaDataFile.available());
         }
-
-
+        
+        validateSpMetaDataSourceType(trustRelationship, metaDataFile);
         // Update
         trustRelationship = samlService.updateTrustRelationship(trustRelationship);
 
@@ -245,5 +257,45 @@ public Response processMetadataFiles() {
 
         return Response.ok().build();
     }
+
+    private void validateSpMetaDataSourceType(TrustRelationship trustRelationship, InputStream metaDataFile)
+            throws IOException {
+        logger.info("Validate SP MetaDataSourceType trustRelationship:{}, metaDataFile:{}", trustRelationship,
+                metaDataFile);
+
+        checkResourceNotNull(trustRelationship.getSpMetaDataSourceType(), "SP MetaData Source Type");
+
+        logger.info("Validate trustRelationship.getSpMetaDataSourceType():{}",
+                trustRelationship.getSpMetaDataSourceType());
+
+        if (trustRelationship.getSpMetaDataSourceType().equals(MetadataSourceType.FILE)) {
+
+            if (metaDataFile == null || metaDataFile.available() <= 0) {
+                throwBadRequestException(DATA_NULL_CHK, String.format(DATA_NULL_MSG, "SP MetaData File"));
+            }
+
+            // Since SP Metadata source is File set SamlMetadata manual elements to null
+            trustRelationship.setSamlMetadata(null);
+
+        } else if (trustRelationship.getSpMetaDataSourceType().equals(MetadataSourceType.MANUAL)) {
+
+            if (metaDataFile != null && metaDataFile.available() > 0) {
+                throwBadRequestException("SP MetaData File should not be provided!");
+            }
+
+            checkResourceNotNull(trustRelationship.getSamlMetadata(), "'SamlMetadata manual elements'");
+            checkNotNull(trustRelationship.getSamlMetadata().getEntityId(), "'EntityId'");
+            checkNotNull(trustRelationship.getSamlMetadata().getNameIDPolicyFormat(),
+                    "'NameIDPolicyFormat'");
+            checkNotNull(trustRelationship.getSamlMetadata().getSingleLogoutServiceUrl(),
+                    "'SingleLogoutServiceUrl'");
+            if (StringUtils.isBlank(trustRelationship.getSamlMetadata().getJansAssertionConsumerServiceGetURL())
+                    && (StringUtils
+                            .isBlank(trustRelationship.getSamlMetadata().getJansAssertionConsumerServiceGetURL()))) {
+                throwBadRequestException("Either of AssertionConsumerService GET or POST URL should be provided!");
+            }
+        }
+
+    }
 
 }
@@ -2,6 +2,7 @@
 
 import com.github.fge.jsonpatch.JsonPatchException;
 import io.jans.as.common.model.common.User;
+import io.jans.configapi.core.model.ApiError;
 import io.jans.configapi.core.rest.BaseResource;
 import io.jans.configapi.core.rest.ProtectedApi;
 import io.jans.configapi.plugin.mgt.model.user.CustomUser;
@@ -134,9 +135,11 @@ public Response getUserByInum(
     @RequestBody(description = "User object", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class), examples = @ExampleObject(name = "Request json example", value = "example/user/user-post.json")))
     @ApiResponses(value = {
             @ApiResponse(responseCode = "201", description = "Created", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class, description = "Created Object"), examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))),
-            @ApiResponse(responseCode = "400", description = "Bad Request"),
+            @ApiResponse(responseCode = "400", description = "Bad Request" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+            @ApiResponse(responseCode = "404", description = "Not Found" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))),
+            @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))),
+            })
     @POST
     @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
     public Response createUser(@Valid CustomUser customUser,
@@ -147,6 +150,7 @@ public Response createUser(@Valid CustomUser customUser,
                     removeNonLDAPAttributes);
         }
 
+        try {
         // get User object
         User user = setUserAttributes(customUser);
 
@@ -168,6 +172,10 @@ public Response createUser(@Valid CustomUser customUser,
         // get custom user
         customUser = getCustomUser(user, removeNonLDAPAttributes);
         logger.info("newly created customUser:{}", customUser);
+        }catch(WebApplicationException waex) {
+            logger.error("ApplicationException while creating user is:", waex);
+            throwInternalServerException("USER_CREATION", waex.getMessage());
+        }
 
         return Response.status(Response.Status.CREATED).entity(customUser).build();
     }
@@ -178,10 +186,11 @@ public Response createUser(@Valid CustomUser customUser,
     @RequestBody(description = "User object", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class), examples = @ExampleObject(name = "Request json example", value = "example/user/user.json")))
     @ApiResponses(value = {
             @ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = CustomUser.class), examples = @ExampleObject(name = "Response json example", value = "example/user/user.json"))),
-            @ApiResponse(responseCode = "400", description = "Bad Request"),
+            @ApiResponse(responseCode = "400", description = "Bad Request" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "BadRequestException"))),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
-            @ApiResponse(responseCode = "404", description = "Not Found"),
-            @ApiResponse(responseCode = "500", description = "InternalServerError") })
+            @ApiResponse(responseCode = "404", description = "Not Found" , content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "NotFoundException"))),
+            @ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = ApiError.class, description = "InternalServerError"))),
+            })
     @PUT
     @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
     public Response updateUser(@Valid CustomUser customUser,

@@ -58,7 +58,7 @@
 		<swagger-maven-plugin-jakarta>2.2.19</swagger-maven-plugin-jakarta>
 		<swagger-models-jakarta>2.2.7</swagger-models-jakarta>
 
-        <apache.james.version>0.8.9</apache.james.version>
+        <apache.james.version>0.8.10</apache.james.version>
 	</properties>
 
 	<prerequisites>