MODLOGSAML-199: Remove legacy token support by steveellis · Pull Request #196 · folio-org/mod-login-saml

steveellis · 2025-02-18T21:37:44Z

https://folio-org.atlassian.net/browse/MODLOGSAML-199

Add @Deprecated to SamlConfiguration.useSecureTokens.
Remove all calls to legacy /token endpoint.
Let /callback and /callback-with-expiry when called return expiring token cookies (they should already).
Remove dependence on useSecureTokens because we no longer need a boolean flag to determine if legacy tokens should be used on the /callback endpoint (see MODLOGSAML-192 for background).
Remove IdpLegacyTest because it works only with the old tokens.
Rename mock_..._legacy.json in mock files to _callback etc since /callback isn't "legacy" or deprecated anymore.
Keep useSecureTokens in mocks since it is likely to be present for the time being in configuration.
Fix DAO tests since they grab config directly out JSON response. Use @JsonIgnore to keep from being written.
Keep calls to old /token endpoint in mocks but change response to 404.

@deprecated

- Made useSecureTokens @deprecated and removed get and set to prevent re-serialization - Removed useSecureTokens from schema - Removed many _legacy tests - Forced /callback and /callback-with-expiry to return expiring tokens TODO - Remove legacy json data - Find all references to /token and remove

…llback isn't legacy anymore. Marking `useSecureTokens` as @JsonIgnore to fix DAO tests of new config and ensure that property is no longer persisted to db config.

barbaraloehle · 2025-03-06T17:31:22Z

+  public void callbackEndpointTestDeprecatedUseSecureTokens() {
+    // Ensure that when the deprecated property useSecureTokens is present in the configuration, things
+    // still work as expected.
+    mock.setMockContent("mock_content_callback.json");


After using an new mock configuration,
here mock.setMockContent("mock_content_callback.json"); ,
it is necessary to use
dataMigrationHelper.dataMigrationCompleted(vertx, context, false);
to overwrite the data in the database.
Otherwise the data of
public void setUp(TestContext context)
are used.

barbaraloehle · 2025-03-06T17:31:29Z

-    mock.setMockContent("mock_content_legacy.json");
+  public void putConfigurationWithCallback() {
+    mock.setMockContent("mock_content_callback.json");



After using an new mock configuration,
here mock.setMockContent("mock_content_callback.json"); ,
it is necessary to use
dataMigrationHelper.dataMigrationCompleted(vertx, context, false);
to overwrite the data in the database.
Otherwise the data of
public void setUp(TestContext context)
are used.

barbaraloehle

After using an new mock configuration in the class SamlAPITest
the method
dataMigrationHelper.dataMigrationCompleted(vertx, context, false);
has to be added to overwrite the data in the database.

This has further to be applied to the methods:
public void putConfiguration()
--> public void putConfiguration(context)
and
private void testCallbackErrorCases(String callbackUrl, String relayState, ???
String cookie) -->
private void testCallbackErrorCases(String callbackUrl, String relayState, ???
String cookie, TestContext context)

barbaraloehle · 2025-03-07T15:47:45Z

In the description of MODLOGSAML-199 the following is mentioned :
"Use /saml/callback by default when enabling mod-login-saml for a tenant the first time."
How can this be garanteed?
Eeventually this could be garanteed by generating a configuration with "saml.callback": "callback" in the class TenantRefAPI using the method

  Future<Integer> loadData(TenantAttributes attributes, String tenantId,
      Map<String, String> headers, Context vertxContext) {
    log.info("TenantRefAPI::loadData");
    return super.loadData(attributes, tenantId, headers, vertxContext)
        .compose(result -> {
          **if (attributes.getModuleFrom() == null) {               
            return Future.succeededFuture(0);
          }**
          return configurationsMigration(headers, vertxContext);
        });
  }

sonarqubecloud · 2025-05-15T19:44:23Z

Quality Gate failed

Failed conditions
B Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqubecloud · 2025-12-12T18:49:14Z

Quality Gate failed

Failed conditions
B Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

steveellis added 2 commits February 17, 2025 17:00

Removing more refs to "legacy" and replacing with "callback" since ca…

cf2fcda

…llback isn't legacy anymore. Marking `useSecureTokens` as @JsonIgnore to fix DAO tests of new config and ensure that property is no longer persisted to db config.

steveellis changed the title ~~MODLOGSAML-99: Remove legacy token support~~ MODLOGSAML-199: Remove legacy token support Feb 18, 2025

steveellis added 2 commits February 18, 2025 16:43

Removing unused method

ed04b3f

Removing unused import

07690e2

steveellis requested review from barbaraloehle and julianladisch February 19, 2025 15:41

Adding to properties to mock_content_with_delete.json

b5c9a4a

julianladisch reviewed Feb 20, 2025

View reviewed changes

Comment thread src/main/java/org/folio/rest/impl/SamlAPI.java

Removing authtoken requires

a98fb02

steveellis requested a review from julianladisch February 27, 2025 17:37