search

OpenConext / OpenConext-manage

Stores and publishes metadata of all entities known to OpenConext
Apache License 2.0
7 stars 10 forks source link

3.0.5: SP Metadata import fails #12

Closed tvdijen closed 6 years ago

tvdijen commented 6 years ago

I'm trying to bootstrap OC-dashboard, but both metadata-import (tested both XML and URL) fail with an error-message that doesn't make much sense to me:

Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.boot.actuate.endpoint.mvc.EndpointHandlerMapping Looking up handler method for path /client/import/endpoint/xml/saml20_sp Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.boot.actuate.endpoint.mvc.EndpointHandlerMapping Did not find handler method for [/client/import/endpoint/xml/saml20_sp] Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping Looking up handler method for path /client/import/endpoint/xml/saml20_sp Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping Returning handler method [public java.util.Map<java.lang.String, java.lang.Object> manage.control.ImportController.importXMLUrl(java.lang.String,manage.model.Import)] Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.beans.factory.support.DefaultListableBeanFactory Returning cached instance of singleton bean 'importController' Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor Read [class manage.model.Import] as "application/json;charset=UTF-8" with [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@67ab1c47] Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.method.annotation.ExceptionHandlerExceptionResolver Resolving exception from handler [public java.util.Map<java.lang.String, java.lang.Object> manage.control.ImportController.importXMLUrl(java.lang.String,manage.model.Import)]: java.lang.IllegalStateException: Duplicate key urn:mace:dir:attribute-def:displayName Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.annotation.ResponseStatusExceptionResolver Resolving exception from handler [public java.util.Map<java.lang.String, java.lang.Object> manage.control.ImportController.importXMLUrl(java.lang.String,manage.model.Import)]: java.lang.IllegalStateException: Duplicate key urn:mace:dir:attribute-def:displayName Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.mvc.support.DefaultHandlerExceptionResolver Resolving exception from handler [public java.util.Map<java.lang.String, java.lang.Object> manage.control.ImportController.importXMLUrl(java.lang.String,manage.model.Import)]: java.lang.IllegalStateException: Duplicate key urn:mace:dir:attribute-def:displayName Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.DispatcherServlet Could not complete request Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.boot.web.filter.OrderedRequestContextFilter Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@792c583a Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/manage/api].[dispatcherServlet] Servlet.service() for servlet [dispatcherServlet] in context with path [/manage/api] threw exception [Request processing failed; nested exception is java.lang.IllegalStateException: Duplicate key urn:mace:dir:attribute-def:displayName] with root cause Aug 18 15:57:10 webapp-4.ext.moo-archive.nl MANAGE: [http-nio-9393-exec-9] org.springframework.web.servlet.DispatcherServlet DispatcherServlet with name 'dispatcherServlet' processing POST request for [/manage/api/error]

I've attached a copy of the metadata I'm trying to import: Metadata.txt

oharsta commented 6 years ago

With Manage version 3.0.5 I can import the Metadata you have attached with both the Import XML and Import XML URL without any problems. I suspect you have a different metadata_configuration. Can you attach the saml20_sp.schema.json file you use? And the error message you have posted is not the stacktrace with line numbers. Can you provide this as well?

oharsta commented 6 years ago

I can reproduce the problem by changing the saml20_sp.schema.json and configure duplicate arp aliases. 

    "arp": {
      "type": "object",
      "sources": [
        "idp",
        "orcid",
        "sab",
        "voot",
        "pseudo_email",
        "surfmarket_entitlements"
      ],
      "properties": {
        "enabled": {
          "type": "boolean"
        },
        "attributes": {
          "properties": {
            "urn:mace:dir:attribute-def:eduPersonTargetedID": {
              "$ref": "#/definitions/ArpAttribute",
              "alias": "urn:mace:dir:attribute-def:displayName"
            },
            "urn:mace:dir:attribute-def:eduPersonPrincipalName": {
              "$ref": "#/definitions/ArpAttribute",
              "alias": "urn:mace:dir:attribute-def:displayName"
            },

This is currently not allowed.

tvdijen commented 6 years ago

saml20_sp.schema.txt

I must be missing something, because I don’t see any duplicates...

oharsta commented 6 years ago

I see the problem. Because there are no aliases and the code assumes there is otherwise it's uses a default. The default is the cause of the duplicate. This commit resolves this: https://github.com/OpenConext/OpenConext-manage/commit/ca1f5c67589ece152a1dd6a32747c845da5b034a#diff-496a452304aaa61f08361c0a664b8459

oharsta commented 6 years ago

Now those arp attributes without alias are filtered out when constructing the alias map. See https://github.com/OpenConext/OpenConext-manage/commit/7fb20afa473c2b8487e71a71ab2b8469bc7f0cd4

tvdijen commented 6 years ago

Thanks! This is just a default file I downloaded somewhere when I first started using Manage. Probably from the deploy project..

tvdijen commented 6 years ago

I see deploy has aliases in place for all arp attributes. Perhaps it needs mentioning in the changelog when the semantics of these files change