Explorar o código

property config importer updates

Jason Rivard %!s(int64=6) %!d(string=hai) anos
pai
achega
105becaa89

+ 67 - 42
server/src/main/java/password/pwm/util/PropertyConfigurationImporter.java

@@ -59,28 +59,42 @@ public class PropertyConfigurationImporter
 
     public enum PropertyKey
     {
-        TEMPLATE_LDAP,
-        DISPLAY_THEME,
-
-        ID_VAULT_HOST,
-        ID_VAULT_LDAPS_PORT,
-        ID_VAULT_ADMIN_LDAP,
-        ID_VAULT_PASSWORD,
-        UA_SERVER_HOST,
-        UA_ADMIN,
-
-        SSPR_SERVER_HOST,
-        SSPR_SERVER_PORT,
-        USER_CONTAINER,
-        SSO_SERVER_HOST,
-        SSO_SERVER_SSL_PORT,
-        SSO_SERVICE_PWD,
-
-        CONFIGURATION_PWD,
-
-        LDAP_SERVERCERTS,
-        OAUTH_IDSERVER_SERVERCERTS,
-        AUDIT_SERVERCERTS,;
+        TEMPLATE_LDAP( "NOVL_IDM" ),
+        DISPLAY_THEME( null ),
+
+        ID_VAULT_HOST( null ),
+        ID_VAULT_LDAPS_PORT( "636" ),
+        ID_VAULT_ADMIN_LDAP( null ),
+        ID_VAULT_PASSWORD( null ),
+        UA_SERVER_HOST( null ),
+        UA_SERVER_SSL_PORT( "443" ),
+        UA_ADMIN( null ),
+        RPT_ADMIN( null ),
+
+        SSPR_SERVER_HOST( null ),
+        SSPR_SERVER_SSL_PORT( "443" ),
+        USER_CONTAINER( null ),
+        SSO_SERVER_HOST( null ),
+        SSO_SERVER_SSL_PORT( "443" ),
+        SSO_SERVICE_PWD( null ),
+
+        CONFIGURATION_PWD( null ),
+
+        LDAP_SERVERCERTS( null ),
+        OAUTH_IDSERVER_SERVERCERTS( null ),
+        AUDIT_SERVERCERTS( null ),;
+
+        private final String defaultValue;
+
+        PropertyKey( final String defaultValue )
+        {
+            this.defaultValue = defaultValue;
+        }
+
+        public String getDefaultValue()
+        {
+            return defaultValue;
+        }
     }
 
     public PropertyConfigurationImporter()
@@ -104,21 +118,21 @@ public class PropertyConfigurationImporter
 
         final StoredConfigurationImpl storedConfiguration = StoredConfigurationImpl.newStoredConfiguration( );
         storedConfiguration.initNewRandomSecurityKey( );
-        storedConfiguration.writeConfigProperty( 
+        storedConfiguration.writeConfigProperty(
                 ConfigurationProperty.CONFIG_IS_EDITABLE, Boolean.toString( false ) );
-        storedConfiguration.writeConfigProperty( 
+        storedConfiguration.writeConfigProperty(
                 ConfigurationProperty.CONFIG_EPOCH, String.valueOf( 0 ) );
         storedConfiguration.writeConfigProperty(
                 ConfigurationProperty.IMPORT_LDAP_CERTIFICATES, Boolean.toString( true ) );
 
         // static values
-        storedConfiguration.writeSetting( PwmSetting.TEMPLATE_LDAP, new StringValue( 
-                        inputMap.getOrDefault( PropertyKey.TEMPLATE_LDAP.name( ), "NOVL_IDM" ) ),
+        storedConfiguration.writeSetting( PwmSetting.TEMPLATE_LDAP, new StringValue(
+                        inputMap.getOrDefault( PropertyKey.TEMPLATE_LDAP.name( ), PropertyKey.TEMPLATE_LDAP.getDefaultValue() ) ),
                 null );
 
         if ( inputMap.containsKey( PropertyKey.DISPLAY_THEME.name( ) ) )
         {
-            storedConfiguration.writeSetting( PwmSetting.PASSWORD_POLICY_SOURCE, new StringValue( 
+            storedConfiguration.writeSetting( PwmSetting.PASSWORD_POLICY_SOURCE, new StringValue(
                             inputMap.get( PropertyKey.DISPLAY_THEME.name( ) ) ),
                     null );
         }
@@ -190,28 +204,28 @@ public class PropertyConfigurationImporter
 
     private String makeOAuthBaseUrl( )
     {
-        return "https://" + inputMap.get( PropertyKey.UA_SERVER_HOST.name( ) )
-                + ":" + inputMap.get( PropertyKey.SSO_SERVER_SSL_PORT.name( ) )
+        return "https://" + inputMap.get( PropertyKey.SSO_SERVER_HOST.name( ) )
+                + ":" + inputMap.getOrDefault( PropertyKey.SSO_SERVER_SSL_PORT.name( ), PropertyKey.SSO_SERVER_SSL_PORT.getDefaultValue() )
                 + "/osp/a/idm/auth/oauth2";
     }
 
     private StringArrayValue makeWhitelistUrl( )
     {
         return new StringArrayValue( Collections.singletonList( "https://" + inputMap.get( PropertyKey.SSO_SERVER_HOST.name( ) )
-                + ":" + inputMap.get( PropertyKey.SSO_SERVER_SSL_PORT.name( ) ) ) );
+                + ":" + inputMap.getOrDefault( PropertyKey.SSO_SERVER_SSL_PORT.name( ), PropertyKey.SSO_SERVER_SSL_PORT.getDefaultValue() ) ) );
     }
 
     private StoredValue makeSelfUrl( )
     {
-        return new StringValue( "https://" + inputMap.get( PropertyKey.SSO_SERVER_HOST.name( ) )
-                + ":" + inputMap.getOrDefault( PropertyKey.SSPR_SERVER_PORT.name( ), "9443" )
+        return new StringValue( "https://" + inputMap.get( PropertyKey.SSPR_SERVER_HOST.name( ) )
+                + ":" + inputMap.getOrDefault( PropertyKey.SSPR_SERVER_SSL_PORT.name( ), PropertyKey.SSPR_SERVER_SSL_PORT.getDefaultValue() )
                 + "/sspr" );
     }
 
     private StoredValue makeForwardUrl( )
     {
-        return new StringValue( "https://" + inputMap.get( PropertyKey.SSPR_SERVER_HOST.name( ) )
-                + ":" + inputMap.get( PropertyKey.SSO_SERVER_SSL_PORT.name( ) )
+        return new StringValue( "https://" + inputMap.get( PropertyKey.UA_SERVER_HOST.name( ) )
+                + ":" + inputMap.getOrDefault( PropertyKey.UA_SERVER_SSL_PORT.name( ), PropertyKey.UA_SERVER_SSL_PORT.getDefaultValue() )
                 + "/idmdash/#/landing" );
     }
 
@@ -220,7 +234,7 @@ public class PropertyConfigurationImporter
         final String targetValue = makeSelfUrl().toNativeObject().toString();
 
         return new StringValue( "https://" + inputMap.get( PropertyKey.SSO_SERVER_HOST.name( ) )
-                + ":" + inputMap.get( PropertyKey.SSO_SERVER_SSL_PORT.name( ) )
+                + ":" + inputMap.getOrDefault( PropertyKey.SSO_SERVER_SSL_PORT.name( ), PropertyKey.SSO_SERVER_SSL_PORT.getDefaultValue() )
                 + "/osp/a/idm/auth/app/logout?target="
                 + StringUtil.urlEncode( targetValue ) );
     }
@@ -228,28 +242,39 @@ public class PropertyConfigurationImporter
     private StoredValue makeLdapServerUrlValue( )
     {
         final String ldapUrl = "ldaps://" + inputMap.get( PropertyKey.ID_VAULT_HOST.name( ) )
-                + ":" + inputMap.get( PropertyKey.ID_VAULT_LDAPS_PORT.name( ) );
+                + ":" + inputMap.getOrDefault( PropertyKey.ID_VAULT_LDAPS_PORT.name( ), PropertyKey.ID_VAULT_LDAPS_PORT.getDefaultValue() );
         return new StringArrayValue( Collections.singletonList( ldapUrl ) );
     }
 
     private StoredValue makeAdminPermissions( )
     {
+        final List<PropertyKey> interestedProperties = new ArrayList<>();
+        interestedProperties.add( PropertyKey.ID_VAULT_ADMIN_LDAP );
+        interestedProperties.add( PropertyKey.UA_ADMIN );
+        interestedProperties.add( PropertyKey.RPT_ADMIN );
+
         final String filter = "( objectclass=* )";
         final List<UserPermission> permissions = new ArrayList<>( );
-        permissions.add( new UserPermission( UserPermission.Type.ldapQuery, LDAP_PROFILE, filter,
-                inputMap.get( PropertyKey.ID_VAULT_ADMIN_LDAP.name( ) ) ) );
-        permissions.add( new UserPermission( UserPermission.Type.ldapQuery, LDAP_PROFILE, filter,
-                inputMap.get( PropertyKey.UA_ADMIN.name( ) ) ) );
+
+        for ( final PropertyKey propertyKey : interestedProperties )
+        {
+            final String value = inputMap.get( propertyKey.name() );
+            if ( !StringUtil.isEmpty( value ) )
+            {
+                permissions.add( new UserPermission( UserPermission.Type.ldapQuery, LDAP_PROFILE, filter, value ) );
+            }
+        }
+
         return new UserPermissionValue( permissions );
     }
 
     private void stripValueDelimiters( final Map<String, String> map )
     {
-        final Pattern pattern = Pattern.compile( "^'|'$" );
+        final Pattern pattern = Pattern.compile( "^'|'$|^\"|\"$" );
         map.replaceAll( ( key, value ) -> pattern.matcher( value ).replaceAll( "" ) );
     }
 
-    private Optional<Collection<X509Certificate>> readCertificate( 
+    private Optional<Collection<X509Certificate>> readCertificate(
             final PropertyKey propertyKey
     )
             throws IOException