From 4cd354a7f95c1a3fe0f3d619fb57286843c8a859 Mon Sep 17 00:00:00 2001 From: Thijs Kinkhorst Date: Fri, 23 Feb 2024 13:53:24 +0100 Subject: [PATCH 1/3] The deprovision API must be at `/deprovision/` for any app https://github.com/OpenConext/OpenConext-user-lifecycle/blob/develop/docs/deprovision-information.md --- .../java/access/lifecycle/UserLifeCycleController.java | 2 +- .../src/main/java/access/security/SecurityConfig.java | 4 ++-- .../access/lifecycle/UserLifeCycleControllerTest.java | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/server/src/main/java/access/lifecycle/UserLifeCycleController.java b/server/src/main/java/access/lifecycle/UserLifeCycleController.java index 2079afc3..f37107d0 100644 --- a/server/src/main/java/access/lifecycle/UserLifeCycleController.java +++ b/server/src/main/java/access/lifecycle/UserLifeCycleController.java @@ -23,7 +23,7 @@ import static access.SwaggerOpenIdConfig.LIFE_CYCLE_SCHEME_NAME; @RestController -@RequestMapping(value = {"/api/deprovisioning", "/api/external/v1/deprovisioning"}, produces = MediaType.APPLICATION_JSON_VALUE) +@RequestMapping(value = {"/api/deprovision", "/api/external/v1/deprovision"}, produces = MediaType.APPLICATION_JSON_VALUE) @SecurityRequirement(name = LIFE_CYCLE_SCHEME_NAME) public class UserLifeCycleController { diff --git a/server/src/main/java/access/security/SecurityConfig.java b/server/src/main/java/access/security/SecurityConfig.java index 85e9187f..fb804f0a 100644 --- a/server/src/main/java/access/security/SecurityConfig.java +++ b/server/src/main/java/access/security/SecurityConfig.java @@ -203,8 +203,8 @@ SecurityFilterChain basicAuthenticationSecurityFilterChain(HttpSecurity http) th "/api/external/v1/teams/**", "/api/aa/**", "/api/external/v1/aa/**", - "/api/deprovisioning/**", - "/api/external/v1/deprovisioning/**") + "/api/deprovision/**", + "/api/external/v1/deprovision/**") .sessionManagement(c -> c .sessionCreationPolicy(SessionCreationPolicy.STATELESS) ) diff --git a/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java b/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java index a4ba2d66..2bd469c1 100644 --- a/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java +++ b/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java @@ -23,7 +23,7 @@ void preview() { .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) - .get("/api/deprovisioning/{sub}") + .get("/api/deprovision/{sub}") .as(new TypeRef<>() { }); List memberships = lifeCycleResult.getData().stream().filter(attribute -> attribute.getName().equals("membership")) @@ -40,7 +40,7 @@ void lifeCycleRole() { .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) - .get("/api/deprovisioning/{sub}") + .get("/api/deprovision/{sub}") .then() .statusCode(400); } @@ -53,7 +53,7 @@ void dryRun() { .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) - .delete("/api/deprovisioning/{sub}/dry-run") + .delete("/api/deprovision/{sub}/dry-run") .as(new TypeRef<>() { }); List memberships = lifeCycleResult.getData().stream().filter(attribute -> attribute.getName().equals("membership")) @@ -76,7 +76,7 @@ void deprovision() throws JsonProcessingException { .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) - .delete("/api/deprovisioning/{sub}") + .delete("/api/deprovision/{sub}") .as(new TypeRef<>() { }); List memberships = lifeCycleResult.getData().stream().filter(attribute -> attribute.getName().equals("membership")) @@ -87,4 +87,4 @@ void deprovision() throws JsonProcessingException { } -} \ No newline at end of file +} From f04028271f6a2c3261c2f62daaead67576ebe4ef Mon Sep 17 00:00:00 2001 From: Thijs Kinkhorst Date: Fri, 23 Feb 2024 14:24:26 +0100 Subject: [PATCH 2/3] Return non-legacy app name in lifecycle result --- server/src/main/java/access/lifecycle/LifeCycleResult.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/src/main/java/access/lifecycle/LifeCycleResult.java b/server/src/main/java/access/lifecycle/LifeCycleResult.java index 210e3842..d1a3eaaa 100644 --- a/server/src/main/java/access/lifecycle/LifeCycleResult.java +++ b/server/src/main/java/access/lifecycle/LifeCycleResult.java @@ -13,7 +13,7 @@ public class LifeCycleResult { private final String status = "OK"; - private final String name = "OpenConext-access-server"; + private final String name = "OpenConext-invite-server"; private List data = new ArrayList<>(); public void setData(List data) { From 058c32bebc12f6e0fbece9537ae60c5ff41cb108 Mon Sep 17 00:00:00 2001 From: Thijs Kinkhorst Date: Fri, 23 Feb 2024 14:24:45 +0100 Subject: [PATCH 3/3] Rename confusingly misspelled lifecy(c)le config --- server/src/main/java/access/security/SecurityConfig.java | 4 ++-- server/src/main/resources/application.yml | 4 ++-- .../java/access/lifecycle/UserLifeCycleControllerTest.java | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/server/src/main/java/access/security/SecurityConfig.java b/server/src/main/java/access/security/SecurityConfig.java index fb804f0a..1e0ee14d 100644 --- a/server/src/main/java/access/security/SecurityConfig.java +++ b/server/src/main/java/access/security/SecurityConfig.java @@ -73,8 +73,8 @@ public SecurityConfig(ClientRegistrationRepository clientRegistrationRepository, @Value("${oidcng.resource-server-secret}") String secret, @Value("${voot.user}") String vootUser, @Value("${voot.password}") String vootPassword, - @Value("${lifecyle.user}") String lifeCycleUser, - @Value("${lifecyle.password}") String lifeCyclePassword, + @Value("${lifecycle.user}") String lifeCycleUser, + @Value("${lifecycle.password}") String lifeCyclePassword, @Value("${teams.user}") String teamsUser, @Value("${teams.password}") String teamsPassword, @Value("${attribute-aggregation.user}") String attributeAggregationUser, diff --git a/server/src/main/resources/application.yml b/server/src/main/resources/application.yml index 0b53c7f3..3ba2d066 100644 --- a/server/src/main/resources/application.yml +++ b/server/src/main/resources/application.yml @@ -125,8 +125,8 @@ attribute-aggregation: user: aa password: secret -lifecyle: - user: lifecyle +lifecycle: + user: lifecycle password: secret email: diff --git a/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java b/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java index 2bd469c1..e7e7ac72 100644 --- a/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java +++ b/server/src/test/java/access/lifecycle/UserLifeCycleControllerTest.java @@ -19,7 +19,7 @@ class UserLifeCycleControllerTest extends AbstractTest { void preview() { LifeCycleResult lifeCycleResult = given() .when() - .auth().basic("lifecyle", "secret") + .auth().basic("lifecycle", "secret") .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) @@ -49,7 +49,7 @@ void lifeCycleRole() { void dryRun() { LifeCycleResult lifeCycleResult = given() .when() - .auth().basic("lifecyle", "secret") + .auth().basic("lifecycle", "secret") .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB) @@ -72,7 +72,7 @@ void deprovision() throws JsonProcessingException { super.stubForDeleteScimUser(); LifeCycleResult lifeCycleResult = given() .when() - .auth().basic("lifecyle", "secret") + .auth().basic("lifecycle", "secret") .accept(ContentType.JSON) .contentType(ContentType.JSON) .pathParam("sub", GUEST_SUB)