From 71c1b0074713dd11abb780aa501c1b16a894dc68 Mon Sep 17 00:00:00 2001 From: Andrea Ceccanti Date: Thu, 18 Nov 2021 08:23:46 +0100 Subject: [PATCH 1/5] wip --- .../resources-filtered/application.properties | 5 +- .../db/migration/test/V100000___test_data.sql | 48 +++++++++++++++---- 2 files changed, 43 insertions(+), 10 deletions(-) diff --git a/iam-login-service/src/main/resources-filtered/application.properties b/iam-login-service/src/main/resources-filtered/application.properties index 37aa83149..3d14238b0 100644 --- a/iam-login-service/src/main/resources-filtered/application.properties +++ b/iam-login-service/src/main/resources-filtered/application.properties @@ -30,6 +30,9 @@ logging.level.root=WARN logging.level.it.infn.mw=INFO logging.level.org.opensaml.saml2.metadata.provider=INFO +# Turn off scary JAR scanning WARN exception at service startup +logging.level.org.apache.tomcat.util.scan.StandardJarScanner=ERROR + #logging.level.=DEBUG #logging.level.root=DEBUG @@ -37,7 +40,7 @@ logging.level.org.opensaml.saml2.metadata.provider=INFO #logging.level.org.eclipse.persistence=DEBUG # Test logging -logging.level.org.springframework.test.web.servlet.result=DEBUG +# logging.level.org.springframework.test.web.servlet.result=DEBUG #logging.level.org.apache.jasper.servlet.TldScanner=DEBUG diff --git a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql index 9380476d8..84eff8387 100644 --- a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql +++ b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql @@ -216,20 +216,42 @@ AVvzyPxJtpwk4yy4V+juBZib2SImBWJ7C5VHuHLMAOxtNV84CIXpdvLKfA1Bjf3W UMrcvhN03L72j9IR0WEZlFMfYbxv1gbNbo+fhVo3itHI3lTl0K0BD5bOP0LqtARL gZ9zFVlxWHcKUqQ41ZQXNg7U -----END CERTIFICATE-----', -CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),1); +CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),1), +('test0 cert', 'CN=test0,O=IGI,C=IT', 'CN=Test CA,O=IGI,C=IT',true, +'-----BEGIN CERTIFICATE----- +MIIDnjCCAoagAwIBAgIBCTANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM +MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTEyMDkyNjE1MzkzNFoX +DTIyMDkyNDE1MzkzNFowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoTA0lHSTEOMAwG +A1UEAxMFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKxtrw +hoZ27SxxISjlRqWmBWB6U+N/xW2kS1uUfrQRav6auVtmtEW45J44VTi3WW6Y113R +BwmS6oW+3lzyBBZVPqnhV9/VkTxLp83gGVVvHATgGgkjeTxIsOE+TkPKAoZJ/QFc +CfPh3WdZ3ANI14WYkAM9VXsSbh2okCsWGa4o6pzt3Pt1zKkyO4PW0cBkletDImJK +2vufuDVNm7Iz/y3/8pY8p3MoiwbF/PdSba7XQAxBWUJMoaleh8xy8HSROn7tF2al +xoDLH4QWhp6UDn2rvOWseBqUMPXFjsUi1/rkw1oHAjMroTk5lL15GI0LGd5dTVop +kKXFbTTYxSkPz1MLAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU +fLdB5+jO9LyWN2/VCNYgMa0jvHEwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG +CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF +BQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0ojohFJxjAnBgNVHREEIDAe +gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB +AQANYtWXetheSeVpCfnId9TkKyKTAp8RahNZl4XFrWWn2S9We7ACK/G7u1DebJYx +d8POo8ClscoXyTO2BzHHZLxauEKIzUv7g2GehI+SckfZdjFyRXjD0+wMGwzX7MDu +SL3CG2aWsYpkBnj6BMlr0P3kZEMqV5t2+2Tj0+aXppBPVwzJwRhnrSJiO5WIZAZf +49YhMn61sQIrepvhrKEUR4XVorH2Bj8ek1/iLlgcmFMBOds+PrehSRR8Gn0IjlEg +C68EY6KPE+FKySuS7Ur7lTAjNdddfdAgKV6hJyST6/dx8ymIkb8nxCPnxCcT2I2N +vDxcPMc/wmnMa+smNal0sJ6m +-----END CERTIFICATE-----', +CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),2); + + +INSERT INTO iam_account_authority(account_id, authority_id) VALUES +(2,2); +-- test groups INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) VALUES (1, 'Production', 'c617d586-54e6-411d-8e38-64967798fa8a', 'The production group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (2, 'Analysis', '6a384bcd-d4b3-4b7f-a2fe-7d897ada0dd1', 'The analysis group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); -INSERT INTO iam_account_group(account_id, group_id) VALUES -(2,1), -(2,2); - -INSERT INTO iam_account_authority(account_id, authority_id) VALUES -(2,2); --- Other test groups INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) VALUES (101, 'Test-001', 'c617d586-54e6-411d-8e38-649677980001', 'Test group-001', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (102, 'Test-002', 'c617d586-54e6-411d-8e38-649677980002', 'Test group-002', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), @@ -250,7 +272,15 @@ INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) (117, 'Test-017', 'c617d586-54e6-411d-8e38-649677980017', 'Test group-017', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (118, 'Test-018', 'c617d586-54e6-411d-8e38-649677980018', 'Test group-018', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (119, 'Test-019', 'c617d586-54e6-411d-8e38-649677980019', 'Test group-019', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), -(120, 'Test-020', 'c617d586-54e6-411d-8e38-649677980020', 'Test group-020', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); +(120, 'Test-020', 'c617d586-54e6-411d-8e38-649677980020', 'Test group-020', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), +(121, 'indigo-dc', 'ff8b5c1e-c0d2-40d1-8216-9896f2570077', 'indigo-dc root group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); + + +INSERT INTO iam_account_group(account_id, group_id) VALUES +(2,1), +(2,2), +(2,121); + -- Other test users INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED) VALUES From 9157be91a65c4c7c502fc73d4f7f7372d2efd2e2 Mon Sep 17 00:00:00 2001 From: Andrea Ceccanti Date: Fri, 19 Nov 2021 09:00:58 +0100 Subject: [PATCH 2/5] Added voms-test profile for easier voms-aa testing --- .../main/resources/application-voms-test.yml | 46 +++++++++++ .../src/main/resources/logback-test.xml | 26 ++++++ .../h2/V34_2___RemoveOrphanTokens.java | 2 +- .../mysql/V34_2___RemoveOrphanTokens.java | 2 +- .../test/V100000_3___RemoveOrphanTokens.java | 2 +- .../migrations}/RemoveOrphanTokens.java | 4 +- .../db/migration/test/V100000___test_data.sql | 48 +++-------- .../voms-test/V100000___voms_test_data.sql | 81 +++++++++++++++++++ 8 files changed, 166 insertions(+), 45 deletions(-) create mode 100644 iam-login-service/src/main/resources/application-voms-test.yml create mode 100644 iam-login-service/src/main/resources/logback-test.xml rename iam-persistence/src/main/java/{db/migration/tasks => it/infn/mw/iam/persistence/migrations}/RemoveOrphanTokens.java (95%) create mode 100644 iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql diff --git a/iam-login-service/src/main/resources/application-voms-test.yml b/iam-login-service/src/main/resources/application-voms-test.yml new file mode 100644 index 000000000..232acac6f --- /dev/null +++ b/iam-login-service/src/main/resources/application-voms-test.yml @@ -0,0 +1,46 @@ +# +# Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2019 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +spring: + profiles: + include: mysql + datasource: + dataSourceClassName: com.mysql.jdbc.jdbc2.optional.MysqlDataSource + url: jdbc:mysql://${IAM_DB_HOST:dev.local.io}:${IAM_DB_PORT:3306}/${IAM_DB_NAME:iam}?useSSL=${IAM_DB_USE_SSL:false} + username: ${IAM_DB_USERNAME:iam} + password: ${IAM_DB_PASSWORD:pwd} + max-active: 5 + min-idle: 1 + max-idle: 1 + initial-size: 2 + test-while-idle: true + test-on-borrow: true + validation-query: SELECT 1 + time-between-eviction-runs-millis: 5000 + min-evictable-idle-time-millis: 5000 + +notification: + disable: true + +flyway: + locations: + - classpath:db/migration/mysql + - classpath:db/migration/voms-test + +management: + health: + mail: + enabled: false \ No newline at end of file diff --git a/iam-login-service/src/main/resources/logback-test.xml b/iam-login-service/src/main/resources/logback-test.xml new file mode 100644 index 000000000..afa38e9b5 --- /dev/null +++ b/iam-login-service/src/main/resources/logback-test.xml @@ -0,0 +1,26 @@ + + + + + + + + + diff --git a/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java index 404441238..24e1e14da 100644 --- a/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java +++ b/iam-persistence/src/main/java/db/migration/h2/V34_2___RemoveOrphanTokens.java @@ -17,8 +17,8 @@ import org.springframework.jdbc.core.JdbcTemplate; -import db.migration.tasks.RemoveOrphanTokens; import it.infn.mw.iam.persistence.migrations.BaseJdbcTemplateFlywayMigration; +import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens; public class V34_2___RemoveOrphanTokens extends BaseJdbcTemplateFlywayMigration { diff --git a/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java index d4d0ead39..9fe646f31 100644 --- a/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java +++ b/iam-persistence/src/main/java/db/migration/mysql/V34_2___RemoveOrphanTokens.java @@ -17,8 +17,8 @@ import org.springframework.jdbc.core.JdbcTemplate; -import db.migration.tasks.RemoveOrphanTokens; import it.infn.mw.iam.persistence.migrations.BaseJdbcTemplateFlywayMigration; +import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens; public class V34_2___RemoveOrphanTokens extends BaseJdbcTemplateFlywayMigration { diff --git a/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java b/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java index b50f81973..38ed0db49 100644 --- a/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java +++ b/iam-persistence/src/main/java/db/migration/test/V100000_3___RemoveOrphanTokens.java @@ -18,7 +18,7 @@ import org.flywaydb.core.api.migration.spring.SpringJdbcMigration; import org.springframework.jdbc.core.JdbcTemplate; -import db.migration.tasks.RemoveOrphanTokens; +import it.infn.mw.iam.persistence.migrations.RemoveOrphanTokens; public class V100000_3___RemoveOrphanTokens implements SpringJdbcMigration { diff --git a/iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java similarity index 95% rename from iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java rename to iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java index 538635e0d..9a1cf6a27 100644 --- a/iam-persistence/src/main/java/db/migration/tasks/RemoveOrphanTokens.java +++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java @@ -13,14 +13,12 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package db.migration.tasks; +package it.infn.mw.iam.persistence.migrations; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.jdbc.core.JdbcTemplate; -import it.infn.mw.iam.persistence.migrations.BaseJdbcTemplateFlywayMigration; - public class RemoveOrphanTokens extends BaseJdbcTemplateFlywayMigration { public static final Logger LOG = LoggerFactory.getLogger(RemoveOrphanTokens.class); diff --git a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql index 84eff8387..9380476d8 100644 --- a/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql +++ b/iam-persistence/src/main/resources/db/migration/test/V100000___test_data.sql @@ -216,42 +216,20 @@ AVvzyPxJtpwk4yy4V+juBZib2SImBWJ7C5VHuHLMAOxtNV84CIXpdvLKfA1Bjf3W UMrcvhN03L72j9IR0WEZlFMfYbxv1gbNbo+fhVo3itHI3lTl0K0BD5bOP0LqtARL gZ9zFVlxWHcKUqQ41ZQXNg7U -----END CERTIFICATE-----', -CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),1), -('test0 cert', 'CN=test0,O=IGI,C=IT', 'CN=Test CA,O=IGI,C=IT',true, -'-----BEGIN CERTIFICATE----- -MIIDnjCCAoagAwIBAgIBCTANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM -MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTEyMDkyNjE1MzkzNFoX -DTIyMDkyNDE1MzkzNFowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoTA0lHSTEOMAwG -A1UEAxMFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKxtrw -hoZ27SxxISjlRqWmBWB6U+N/xW2kS1uUfrQRav6auVtmtEW45J44VTi3WW6Y113R -BwmS6oW+3lzyBBZVPqnhV9/VkTxLp83gGVVvHATgGgkjeTxIsOE+TkPKAoZJ/QFc -CfPh3WdZ3ANI14WYkAM9VXsSbh2okCsWGa4o6pzt3Pt1zKkyO4PW0cBkletDImJK -2vufuDVNm7Iz/y3/8pY8p3MoiwbF/PdSba7XQAxBWUJMoaleh8xy8HSROn7tF2al -xoDLH4QWhp6UDn2rvOWseBqUMPXFjsUi1/rkw1oHAjMroTk5lL15GI0LGd5dTVop -kKXFbTTYxSkPz1MLAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU -fLdB5+jO9LyWN2/VCNYgMa0jvHEwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG -CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF -BQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0ojohFJxjAnBgNVHREEIDAe -gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB -AQANYtWXetheSeVpCfnId9TkKyKTAp8RahNZl4XFrWWn2S9We7ACK/G7u1DebJYx -d8POo8ClscoXyTO2BzHHZLxauEKIzUv7g2GehI+SckfZdjFyRXjD0+wMGwzX7MDu -SL3CG2aWsYpkBnj6BMlr0P3kZEMqV5t2+2Tj0+aXppBPVwzJwRhnrSJiO5WIZAZf -49YhMn61sQIrepvhrKEUR4XVorH2Bj8ek1/iLlgcmFMBOds+PrehSRR8Gn0IjlEg -C68EY6KPE+FKySuS7Ur7lTAjNdddfdAgKV6hJyST6/dx8ymIkb8nxCPnxCcT2I2N -vDxcPMc/wmnMa+smNal0sJ6m ------END CERTIFICATE-----', -CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),2); - - -INSERT INTO iam_account_authority(account_id, authority_id) VALUES -(2,2); +CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),1); --- test groups INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) VALUES (1, 'Production', 'c617d586-54e6-411d-8e38-64967798fa8a', 'The production group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (2, 'Analysis', '6a384bcd-d4b3-4b7f-a2fe-7d897ada0dd1', 'The analysis group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); +INSERT INTO iam_account_group(account_id, group_id) VALUES +(2,1), +(2,2); + +INSERT INTO iam_account_authority(account_id, authority_id) VALUES +(2,2); +-- Other test groups INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) VALUES (101, 'Test-001', 'c617d586-54e6-411d-8e38-649677980001', 'Test group-001', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (102, 'Test-002', 'c617d586-54e6-411d-8e38-649677980002', 'Test group-002', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), @@ -272,15 +250,7 @@ INSERT INTO iam_group(id, name, uuid, description, creationtime, lastupdatetime) (117, 'Test-017', 'c617d586-54e6-411d-8e38-649677980017', 'Test group-017', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (118, 'Test-018', 'c617d586-54e6-411d-8e38-649677980018', 'Test group-018', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), (119, 'Test-019', 'c617d586-54e6-411d-8e38-649677980019', 'Test group-019', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), -(120, 'Test-020', 'c617d586-54e6-411d-8e38-649677980020', 'Test group-020', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), -(121, 'indigo-dc', 'ff8b5c1e-c0d2-40d1-8216-9896f2570077', 'indigo-dc root group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); - - -INSERT INTO iam_account_group(account_id, group_id) VALUES -(2,1), -(2,2), -(2,121); - +(120, 'Test-020', 'c617d586-54e6-411d-8e38-649677980020', 'Test group-020', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()); -- Other test users INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED) VALUES diff --git a/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql new file mode 100644 index 000000000..f23ae847e --- /dev/null +++ b/iam-persistence/src/main/resources/db/migration/voms-test/V100000___voms_test_data.sql @@ -0,0 +1,81 @@ +INSERT INTO client_details (id, client_id, client_secret, client_name, dynamically_registered, + refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection, + token_endpoint_auth_method, require_auth_time) VALUES + (1, 'client', 'secret', 'Test Client', false, null, 3600, 600, true, 'SECRET_BASIC',false); + +INSERT INTO client_scope (owner_id, scope) VALUES + (1, 'openid'), + (1, 'profile'), + (1, 'email'), + (1, 'address'), + (1, 'phone'), + (1, 'offline_access'), + (1, 'read-tasks'), + (1, 'write-tasks'), + (1, 'read:/'), + (1, 'write:/'), + (1, 'attr'); + +INSERT INTO client_grant_type (owner_id, grant_type) VALUES + (1, 'authorization_code'), + (1, 'urn:ietf:params:oauth:grant_type:redelegate'), + (1, 'implicit'), + (1, 'refresh_token'); + +INSERT INTO iam_user_info(ID,GIVENNAME,FAMILYNAME, EMAIL, EMAILVERIFIED, BIRTHDATE, GENDER) VALUES +(2, 'Test', 'User', 'test@iam.test', true, '1950-01-01','M'); + +INSERT INTO iam_account(id, uuid, username, password, user_info_id, creationtime, lastupdatetime, active) VALUES +(2, '80e5fb8d-b7c8-451a-89ba-346ae278a66f', 'test', '$2a$10$UZeOZKD1.dj5oiTsZKD03OETA9FXCKGqBuuijhsxYygZpOPtWMUni', 2, CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), true); + +INSERT INTO iam_oidc_id(issuer, subject, account_id) VALUES +('https://accounts.google.com', '105440632287425289613', 2), +('urn:test-oidc-issuer', 'test-user', 2); + +INSERT INTO iam_saml_id(idpid, attribute_id, userid, account_id) VALUES +('https://idptestbed/idp/shibboleth', 'urn:oid:0.9.2342.19200300.100.1.3', 'andrea.ceccanti@example.org',2), +('https://idptestbed/idp/shibboleth', 'urn:oid:1.3.6.1.4.1.5923.1.1.1.13', '78901@idptestbed',2); + +INSERT INTO iam_x509_cert(label,subject_dn,issuer_dn, is_primary,certificate,creation_time, last_update_time,account_id) VALUES +('test0 cert', 'CN=test0,O=IGI,C=IT', 'CN=Test CA,O=IGI,C=IT',true, +'-----BEGIN CERTIFICATE----- +MIIDnjCCAoagAwIBAgIBCTANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM +MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTEyMDkyNjE1MzkzNFoX +DTIyMDkyNDE1MzkzNFowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoTA0lHSTEOMAwG +A1UEAxMFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKxtrw +hoZ27SxxISjlRqWmBWB6U+N/xW2kS1uUfrQRav6auVtmtEW45J44VTi3WW6Y113R +BwmS6oW+3lzyBBZVPqnhV9/VkTxLp83gGVVvHATgGgkjeTxIsOE+TkPKAoZJ/QFc +CfPh3WdZ3ANI14WYkAM9VXsSbh2okCsWGa4o6pzt3Pt1zKkyO4PW0cBkletDImJK +2vufuDVNm7Iz/y3/8pY8p3MoiwbF/PdSba7XQAxBWUJMoaleh8xy8HSROn7tF2al +xoDLH4QWhp6UDn2rvOWseBqUMPXFjsUi1/rkw1oHAjMroTk5lL15GI0LGd5dTVop +kKXFbTTYxSkPz1MLAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU +fLdB5+jO9LyWN2/VCNYgMa0jvHEwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG +CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF +BQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0ojohFJxjAnBgNVHREEIDAe +gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB +AQANYtWXetheSeVpCfnId9TkKyKTAp8RahNZl4XFrWWn2S9We7ACK/G7u1DebJYx +d8POo8ClscoXyTO2BzHHZLxauEKIzUv7g2GehI+SckfZdjFyRXjD0+wMGwzX7MDu +SL3CG2aWsYpkBnj6BMlr0P3kZEMqV5t2+2Tj0+aXppBPVwzJwRhnrSJiO5WIZAZf +49YhMn61sQIrepvhrKEUR4XVorH2Bj8ek1/iLlgcmFMBOds+PrehSRR8Gn0IjlEg +C68EY6KPE+FKySuS7Ur7lTAjNdddfdAgKV6hJyST6/dx8ymIkb8nxCPnxCcT2I2N +vDxcPMc/wmnMa+smNal0sJ6m +-----END CERTIFICATE-----', +CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(),2); + + +INSERT INTO iam_account_authority(account_id, authority_id) VALUES +(2,2); + +-- test groups +INSERT INTO iam_group(id, parent_group_id, name, uuid, description, creationtime, lastupdatetime) VALUES +(1, null, 'indigo-dc', 'ff8b5c1e-c0d2-40d1-8216-9896f2570077', 'indigo-dc root group', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), +(2, 1, 'indigo-dc/subgroup', '28c829f0-9c16-43e7-82a0-ea893ec4fce5', 'indigo-dc subgroup', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), +(3, 1, 'indigo-dc/another-subgroup', 'e17ca24b-4772-4e64-a30e-49b394c91503', 'indigo-dc another-subgroup', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), +(4, 1, 'indigo-dc/production', 'e9dd63e1-af45-4691-99c4-2d2b5bf5d66a', 'indigo-dc production role', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP()), +(5, 2, 'indigo-dc/subgroup/production', '5bea3ff8-64a6-43a9-a1f5-3354587f68b9', 'indigo-dc subgroup production role', CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP())); + +-- test groups membership +INSERT INTO iam_account_group(account_id, group_id) VALUES +(2,1); + + From e5f52470c6925328e54f6c3f4108c32290438e65 Mon Sep 17 00:00:00 2001 From: Andrea Ceccanti Date: Thu, 2 Dec 2021 16:57:40 +0100 Subject: [PATCH 3/5] wip --- pom.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pom.xml b/pom.xml index 1b228ce2b..d59173ce5 100644 --- a/pom.xml +++ b/pom.xml @@ -38,6 +38,7 @@ 2.9.0 2.2.0 + 4.2.1 4.0 2.2.0 @@ -205,6 +206,13 @@ + + org.flywaydb + flyway-core + ${flyway.version} + test + + org.flywaydb.flyway-test-extensions flyway-spring-test From cead8d09a0e9a221f52ec029c3d08bf6dea69d15 Mon Sep 17 00:00:00 2001 From: Andrea Ceccanti Date: Fri, 3 Dec 2021 11:32:59 +0100 Subject: [PATCH 4/5] Upgrade to flyway 4.2.0 As this will manage the upgrade to later versions more gracefully --- pom.xml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index d59173ce5..5448bd256 100644 --- a/pom.xml +++ b/pom.xml @@ -38,7 +38,7 @@ 2.9.0 2.2.0 - 4.2.1 + 4.2.0 4.0 2.2.0 @@ -210,7 +210,6 @@ org.flywaydb flyway-core ${flyway.version} - test From d2c977ded86b3b005972f8e4db342b5378d3f562 Mon Sep 17 00:00:00 2001 From: Andrea Ceccanti Date: Fri, 3 Dec 2021 12:09:43 +0100 Subject: [PATCH 5/5] Fix missing license issues --- iam-login-service/src/main/resources/logback-test.xml | 3 +-- .../infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/iam-login-service/src/main/resources/logback-test.xml b/iam-login-service/src/main/resources/logback-test.xml index afa38e9b5..b0c61c2d5 100644 --- a/iam-login-service/src/main/resources/logback-test.xml +++ b/iam-login-service/src/main/resources/logback-test.xml @@ -1,7 +1,7 @@ - diff --git a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java index 9a1cf6a27..bf5a25230 100644 --- a/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java +++ b/iam-persistence/src/main/java/it/infn/mw/iam/persistence/migrations/RemoveOrphanTokens.java @@ -1,5 +1,5 @@ /** - * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2018 + * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2016-2019 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.