Merge pull request #8 from mpassid/versionUpdate

Update IdP version 5 support

README.md

@@ -1,4 +1,4 @@
-# Shibboleth IdP v3: Wilma Authentication
+# Shibboleth IdP v5: Wilma Authentication
 
 [![License](http://img.shields.io/:license-mit-blue.svg)](https://opensource.org/licenses/MIT)
 [![Build Status](https://travis-ci.org/mpassid/shibboleth-idp-authn-wilma.svg?branch=master)](https://travis-ci.org/mpassid/shibboleth-idp-authn-wilma)
@@ -13,7 +13,7 @@ prompting and validating the user credentials locally.
 
 ## Prerequisities and compilation
 
-- Java 7+
+- Java 17+
 - [Apache Maven 3](https://maven.apache.org/)
 
 ```

idp-authn-api-wilma/pom.xml

@@ -25,7 +25,7 @@ THE SOFTWARE.
 	<parent>
 		<artifactId>idp-authn-wilma</artifactId>
 		<groupId>fi.mpass</groupId>
-		<version>1.1</version>
+		<version>1.2</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>idp-authn-api-wilma</artifactId>
@@ -54,11 +54,11 @@ THE SOFTWARE.
 			<artifactId>idp-profile-api</artifactId>
 		</dependency>
 
-		<dependency>
+		<!--dependency>
 			<groupId>${opensaml.groupId}</groupId>
 			<artifactId>opensaml-core</artifactId>
 			<version>${opensaml.version}</version>
-		</dependency>
+		</dependency-->
 		<dependency>
 			<groupId>${opensaml.groupId}</groupId>
 			<artifactId>opensaml-profile-api</artifactId>

idp-authn-api-wilma/src/main/java/fi/mpass/shibboleth/authn/context/WilmaAuthenticationContext.java

@@ -27,7 +27,7 @@
 
 import org.opensaml.messaging.context.BaseContext;
 
-import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
+import net.shibboleth.shared.annotation.constraint.NotEmpty;
 
 /**
  * This context stores attributes required for creating an authentication

idp-authn-impl-wilma/pom.xml

@@ -25,7 +25,7 @@ THE SOFTWARE.
 	<parent>
 		<artifactId>idp-authn-wilma</artifactId>
 		<groupId>fi.mpass</groupId>
-		<version>1.1</version>
+		<version>1.2</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>idp-authn-impl-wilma</artifactId>
@@ -58,11 +58,11 @@ THE SOFTWARE.
 			<artifactId>idp-profile-api</artifactId>
 		</dependency>
 
-		<dependency>
+		<!--dependency>
 			<groupId>${opensaml.groupId}</groupId>
 			<artifactId>opensaml-core</artifactId>
 			<version>${opensaml.version}</version>
-		</dependency>
+		</dependency-->
 		<dependency>
 			<groupId>${opensaml.groupId}</groupId>
 			<artifactId>opensaml-profile-api</artifactId>
@@ -71,21 +71,38 @@ THE SOFTWARE.
 
 		<!-- Provided Dependencies -->
 		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>javax.servlet-api</artifactId>
+			<groupId>jakarta.servlet</groupId>
+			<artifactId>jakarta.servlet-api</artifactId>
 			<scope>provided</scope>
 		</dependency>
 
 
 		<!-- Runtime Dependencies -->
 
 		<!-- Test Dependencies -->
+        <dependency>
+            <groupId>${opensaml.groupId}</groupId>
+            <artifactId>opensaml-core-impl</artifactId>
+            <version>${opensaml.version}</version>
+            <scope>test</scope>
+        </dependency>
 		<dependency>
 			<groupId>${opensaml.groupId}</groupId>
-			<artifactId>opensaml-core</artifactId>
+			<artifactId>opensaml-testing</artifactId>
 			<version>${opensaml.version}</version>
 			<scope>test</scope>
-			<type>test-jar</type>
+		</dependency>
+		<dependency>
+			<groupId>net.shibboleth</groupId>
+			<artifactId>shib-testing</artifactId>
+			<version>9.0.0</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>net.shibboleth.idp</groupId>
+			<artifactId>idp-testing</artifactId>
+			<version>${shib.idp.version}</version>
+			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>${opensaml.groupId}</groupId>
@@ -161,7 +178,7 @@ THE SOFTWARE.
 		<dependency>
 			<groupId>org.testng</groupId>
 			<artifactId>testng</artifactId>
-			<version>6.14.3</version>
+			<version>${org.testing.version}</version>
 			<scope>test</scope>
 		</dependency>
 

idp-authn-impl-wilma/src/main/java/fi/mpass/shibboleth/authn/impl/BaseInitializeWilmaContext.java

@@ -31,7 +31,7 @@
 import javax.crypto.Mac;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.apache.commons.codec.EncoderException;
 import org.apache.commons.codec.binary.Hex;
@@ -46,14 +46,13 @@
 import fi.mpass.shibboleth.authn.context.WilmaAuthenticationContext;
 import net.shibboleth.idp.authn.AbstractAuthenticationAction;
 import net.shibboleth.idp.authn.context.AuthenticationContext;
-import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
-import net.shibboleth.utilities.java.support.logic.Constraint;
+import net.shibboleth.shared.annotation.constraint.NotEmpty;
+import net.shibboleth.shared.logic.Constraint;
 
 /**
  * Base class for constructing a new {@link WilmaAuthenticationContext} and attaching it to 
  * {@link AuthenticationContext}.
  */
-@SuppressWarnings("rawtypes")
 public abstract class BaseInitializeWilmaContext extends AbstractAuthenticationAction {
 
     /** Class logger. */

idp-authn-impl-wilma/src/main/java/fi/mpass/shibboleth/authn/impl/InitializeDataSourceWilmaContext.java

@@ -43,18 +43,16 @@
 import net.shibboleth.idp.authn.AuthnEventIds;
 import net.shibboleth.idp.authn.context.AuthenticationContext;
 import net.shibboleth.idp.authn.context.RequestedPrincipalContext;
-import net.shibboleth.utilities.java.support.annotation.constraint.NonNegative;
-import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
-import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements;
-import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
-import net.shibboleth.utilities.java.support.component.ComponentSupport;
-import net.shibboleth.utilities.java.support.logic.Constraint;
-import net.shibboleth.utilities.java.support.primitive.StringSupport;
+import net.shibboleth.shared.annotation.constraint.NonNegative;
+import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
+import net.shibboleth.shared.annotation.constraint.NonnullElements;
+import net.shibboleth.shared.annotation.constraint.NotEmpty;
+import net.shibboleth.shared.logic.Constraint;
+import net.shibboleth.shared.primitive.StringSupport;
 
 /**
  * Constructs a new {@link WilmaAuthenticationContext} and attaches it to {@link AuthenticationContext}.
  */
-@SuppressWarnings("rawtypes")
 public class InitializeDataSourceWilmaContext extends BaseInitializeWilmaContext {
 
     /** The database table name for Wilma authentication source settings. */
@@ -117,7 +115,7 @@ public InitializeDataSourceWilmaContext(final String sharedSecret, final DataSou
      * @param keyName What to set.
      */
     public void setSelectedAuthnStateKey(final String keyName) {
-        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
+        ifInitializedThrowUnmodifiabledComponentException();
 
         selectedAuthnStateKey = Constraint.isNotEmpty(keyName, "selectedAuthnStataKey cannot be null");
     }
@@ -196,7 +194,7 @@ protected String getAuthnContextClassRef() {
     protected void createWilmaContext(final AuthenticationContext authenticationContext, 
             @Nonnull @NotEmpty final String endpointUrl) {
         final WilmaAuthenticationContext wilmaContext =
-                authenticationContext.getSubcontext(WilmaAuthenticationContext.class, true);
+                authenticationContext.ensureSubcontext(WilmaAuthenticationContext.class);
         final String nonce = getRandomNonce();
         wilmaContext.setNonce(nonce);
         wilmaContext.setRedirectUrl(endpointUrl);

idp-authn-impl-wilma/src/main/java/fi/mpass/shibboleth/authn/impl/InitializeStaticWilmaContext.java

@@ -33,13 +33,12 @@
 
 import fi.mpass.shibboleth.authn.context.WilmaAuthenticationContext;
 import net.shibboleth.idp.authn.context.AuthenticationContext;
-import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
-import net.shibboleth.utilities.java.support.logic.Constraint;
+import net.shibboleth.shared.annotation.constraint.NotEmpty;
+import net.shibboleth.shared.logic.Constraint;
 
 /**
  * Constructs a new {@link WilmaAuthenticationContext} and attaches it to {@link AuthenticationContext}.
  */
-@SuppressWarnings("rawtypes")
 public class InitializeStaticWilmaContext extends BaseInitializeWilmaContext {
 
     /** Class logger. */
@@ -77,7 +76,7 @@ public InitializeStaticWilmaContext(final String sharedSecret, final String wilm
     protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext,
             @Nonnull final AuthenticationContext authenticationContext) {
         final WilmaAuthenticationContext wilmaContext =
-                authenticationContext.getSubcontext(WilmaAuthenticationContext.class, true);
+                authenticationContext.ensureSubcontext(WilmaAuthenticationContext.class);
         final String nonce = getRandomNonce();
         wilmaContext.setNonce(nonce);
         wilmaContext.setRedirectUrl(endpoint);

idp-authn-impl-wilma/src/main/java/fi/mpass/shibboleth/authn/impl/ValidateWilmaResponse.java

@@ -33,7 +33,7 @@
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import javax.security.auth.Subject;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.apache.commons.codec.DecoderException;
 import org.apache.commons.codec.binary.Hex;
@@ -48,14 +48,13 @@
 import net.shibboleth.idp.authn.AuthnEventIds;
 import net.shibboleth.idp.authn.context.AuthenticationContext;
 import net.shibboleth.idp.authn.principal.UsernamePrincipal;
-import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
-import net.shibboleth.utilities.java.support.logic.Constraint;
-import net.shibboleth.utilities.java.support.primitive.StringSupport;
+import net.shibboleth.shared.annotation.constraint.NotEmpty;
+import net.shibboleth.shared.logic.Constraint;
+import net.shibboleth.shared.primitive.StringSupport;
 
 /**
  * Validates the Wilma authentication response.
  */
-@SuppressWarnings({"unchecked", "rawtypes"})
 public class ValidateWilmaResponse extends AbstractValidationAction {
 
     /** Class logger. */
@@ -123,7 +122,7 @@ protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileReque
             ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
             return false;
         }
-        if (authenticationContext.getSubcontext(WilmaAuthenticationContext.class, false) == null) {
+        if (authenticationContext.getSubcontext(WilmaAuthenticationContext.class) == null) {
             log.warn("{}: No WilmaAuthenticationContext available in the context", getLogPrefix());
             ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
             return false;
@@ -138,7 +137,7 @@ protected void doExecute(@Nonnull final ProfileRequestContext profileRequestCont
             @Nonnull final AuthenticationContext authenticationContext) {
         final HttpServletRequest servletRequest = getHttpServletRequest();
         final WilmaAuthenticationContext wilmaContext =
-                authenticationContext.getSubcontext(WilmaAuthenticationContext.class, false);
+                authenticationContext.getSubcontext(WilmaAuthenticationContext.class);
         final String nonce = wilmaContext.getNonce();
         if (!getQueryParam(servletRequest, WilmaAuthenticationContext.PARAM_NAME_NONCE).equals(nonce)) {
             log.warn("{}: Invalid nonce in the incoming Wilma response!", getLogPrefix());

idp-authn-impl-wilma/src/main/resources/flows/authn/Wilma/wilma-beans.xml

@@ -33,12 +33,12 @@ THE SOFTWARE.
 
    <bean id="ValidateWilmaResponse"
             class="fi.mpass.shibboleth.authn.impl.ValidateWilmaResponse" scope="prototype"
-            p:httpServletRequest-ref="shibboleth.HttpServletRequest">
+            p:httpServletRequestSupplier-ref="shibboleth.HttpServletRequestSupplier">
        <constructor-arg type="String" value="mockSharedSecret"/>
    </bean>
 
     <bean id="InitializeWilmaContext" class="fi.mpass.shibboleth.authn.impl.InitializeWilmaContext" scope="prototype"
-        p:httpServletRequest-ref="shibboleth.HttpServletRequest">
+        p:httpServletRequestSupplier-ref="shibboleth.HttpServletRequestSupplier">
        <constructor-arg type="String" value="mockSharedSecret"/>
        <constructor-arg type="String" value="https://testwilma.example.org/mpass"/>
     </bean>

idp-authn-impl-wilma/src/test/java/fi/mpass/shibboleth/authn/impl/BaseInitializeWilmaContextTest.java

@@ -41,11 +41,12 @@
 import net.shibboleth.idp.authn.context.AuthenticationContext;
 import net.shibboleth.idp.authn.impl.testing.BaseAuthenticationContextTest;
 import net.shibboleth.idp.profile.testing.ActionTestingSupport;
-import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import net.shibboleth.shared.component.ComponentInitializationException;
 
 /**
  * Unit tests to be shared for classes extending {@link BaseInitializeWilmaContext}.
  */
+@SuppressWarnings("null")
 public abstract class BaseInitializeWilmaContextTest extends BaseAuthenticationContextTest {
 
     /** The action to be tested. */
@@ -107,12 +108,12 @@ protected MockHttpServletRequest initializeServletRequest() {
      */
     protected void testSuccess(final boolean forcedAuth) throws Exception {
         action.initialize();
-        prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow(authenticationFlows.get(0));
-        prc.getSubcontext(AuthenticationContext.class, false).setForceAuthn(forcedAuth);
+        prc.getSubcontext(AuthenticationContext.class).setAttemptedFlow(authenticationFlows.get(0));
+        prc.getSubcontext(AuthenticationContext.class).setForceAuthn(forcedAuth);
         final Event event = action.execute(src);
         Assert.assertNull(event);
-        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class, false);
-        final WilmaAuthenticationContext wilmaContext = authnContext.getSubcontext(WilmaAuthenticationContext.class, false);
+        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class);
+        final WilmaAuthenticationContext wilmaContext = authnContext.getSubcontext(WilmaAuthenticationContext.class);
         Assert.assertNotNull(wilmaContext);
         final String redirectUrl = action.getRedirect("execution=e1s1", authnContext);
         Assert.assertNotNull(redirectUrl);

idp-authn-impl-wilma/src/test/java/fi/mpass/shibboleth/authn/impl/InitializeDataSourceWilmaContextTest.java

@@ -43,12 +43,13 @@
 import net.shibboleth.idp.authn.impl.testing.BaseAuthenticationContextTest;
 import net.shibboleth.idp.authn.testing.TestPrincipal;
 import net.shibboleth.idp.profile.testing.ActionTestingSupport;
-import net.shibboleth.idp.testing.DatabaseTestingSupport;
-import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import net.shibboleth.shared.testing.DatabaseTestingSupport;
+import net.shibboleth.shared.component.ComponentInitializationException;
 
 /**
  * Unit tests for {@link InitializeDataSourceWilmaContext}.
  */
+@SuppressWarnings("null")
 public class InitializeDataSourceWilmaContextTest extends BaseAuthenticationContextTest {
 
     /** The action to be tested. */
@@ -107,20 +108,20 @@ public void tearDown() {
 
     @Test
     public void testNoMapping() throws Exception {
-        prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow(authenticationFlows.get(0));
+        prc.getSubcontext(AuthenticationContext.class).setAttemptedFlow(authenticationFlows.get(0));
         ActionTestingSupport.assertEvent(action.execute(src), AuthnEventIds.RESELECT_FLOW);
     }
 
     @Test
     public void testInvalidState() throws Exception {
-        prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow(authenticationFlows.get(0));
-        prc.getSubcontext(AuthenticationContext.class, false).getAuthenticationStateMap().put(selectedStateKey, "invalid");
+        prc.getSubcontext(AuthenticationContext.class).setAttemptedFlow(authenticationFlows.get(0));
+        prc.getSubcontext(AuthenticationContext.class).getAuthenticationStateMap().put(selectedStateKey, "invalid");
         ActionTestingSupport.assertEvent(action.execute(src), AuthnEventIds.RESELECT_FLOW);
     }
 
     @Test
     public void testValidState() throws Exception {
-        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class, false);
+        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class);
         authnContext.setAttemptedFlow(authenticationFlows.get(0));
         authnContext.getAuthenticationStateMap().put(selectedStateKey, techId1);
         Assert.assertNull(action.execute(src));
@@ -130,7 +131,7 @@ public void testValidState() throws Exception {
 
     @Test
     public void testInvalidContextRef() throws Exception {
-        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class, false);
+        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class);
         authnContext.setAttemptedFlow(authenticationFlows.get(0));
         final RequestedPrincipalContext rpc = new RequestedPrincipalContext();
         rpc.setOperator("exact");
@@ -141,7 +142,7 @@ public void testInvalidContextRef() throws Exception {
 
     @Test
     public void testValidContextRef() throws Exception {
-        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class, false);
+        final AuthenticationContext authnContext = prc.getSubcontext(AuthenticationContext.class);
         authnContext.setAttemptedFlow(authenticationFlows.get(0));
         final RequestedPrincipalContext rpc = new RequestedPrincipalContext();
         rpc.setOperator("exact");