From 179dfed51e2eaef2666e57aecd9dcff9f4bf4449 Mon Sep 17 00:00:00 2001
From: shimingxy <shimingxy@163.com>
Date: Sat, 25 Apr 2020 14:43:49 +0800
Subject: [PATCH] SAML FIX

---
 .../maxkey/domain/apps/AppsSAML20Details.java | 46 ++++++++++++-----
 .../xml/mysql/AppsSaml20DetailsMapper.xml     |  2 +
 .../resources/messages/message.properties     |  2 +
 .../resources/messages/message_en.properties  |  2 +
 .../templates/views/apps/saml20/appAdd.ftl    | 43 ++++++++++++++--
 .../templates/views/apps/saml20/appUpdate.ftl | 51 ++++++++++++++++---
 6 files changed, 120 insertions(+), 26 deletions(-)

diff --git a/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsSAML20Details.java b/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsSAML20Details.java
index 0cd3486e0..d2b9c6e09 100644
--- a/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsSAML20Details.java
+++ b/maxkey-core/src/main/java/org/maxkey/domain/apps/AppsSAML20Details.java
@@ -32,6 +32,10 @@ public class AppsSAML20Details extends Apps {
     @Column
     private String certExpiration;
     @Column
+    private String signature;
+    @Column
+    private String digestMethod;
+    @Column
     private byte[] keyStore;
     @Column
     private String entityId;
@@ -290,19 +294,35 @@ public class AppsSAML20Details extends Apps {
         this.nameIdConvert = nameIdConvert;
     }
 
-    /*
-     * (non-Javadoc)
-     * 
-     * @see java.lang.Object#toString()
-     */
-    @Override
-    public String toString() {
-        return "SAMLBaseDetails [certIssuer=" + certIssuer + ", certSubject=" + certSubject + ", certExpiration="
-                + certExpiration + ", keyStore=" + Arrays.toString(keyStore) + ", entityId=" + entityId + ", spAcsUrl="
-                + spAcsUrl + ", issuer=" + issuer + ", audience=" + audience + ", nameidFormat=" + nameidFormat
-                + ", validityInterval=" + validityInterval + ", binding=" + binding + ", encrypted=" + encrypted
-                + ", certMetaFile=" + certMetaFile + ", fileType=" + fileType + ", nameIdConvert=" + nameIdConvert
-                + "]";
+    public String getSignature() {
+        return signature;
     }
 
+    public void setSignature(String signature) {
+        this.signature = signature;
+    }
+
+    public String getDigestMethod() {
+        return digestMethod;
+    }
+
+    public void setDigestMethod(String digestMethod) {
+        this.digestMethod = digestMethod;
+    }
+
+    @Override
+    public String toString() {
+        final int maxLen = 40;
+        return "AppsSAML20Details [id=" + id + ", certIssuer=" + certIssuer + ", certSubject=" + certSubject
+                + ", certExpiration=" + certExpiration + ", signature=" + signature + ", keyStore="
+                + (keyStore != null ? Arrays.toString(Arrays.copyOf(keyStore, Math.min(keyStore.length, maxLen)))
+                        : null)
+                + ", entityId=" + entityId + ", spAcsUrl=" + spAcsUrl + ", issuer=" + issuer + ", audience=" + audience
+                + ", nameidFormat=" + nameidFormat + ", validityInterval=" + validityInterval + ", binding=" + binding
+                + ", encrypted=" + encrypted + ", certMetaFile=" + certMetaFile + ", fileType=" + fileType
+                + ", nameIdConvert=" + nameIdConvert + "]";
+    }
+
+ 
+
 }
diff --git a/maxkey-dao/src/main/resources/org/maxkey/dao/persistence/xml/mysql/AppsSaml20DetailsMapper.xml b/maxkey-dao/src/main/resources/org/maxkey/dao/persistence/xml/mysql/AppsSaml20DetailsMapper.xml
index 437e1c6a7..0e984d497 100644
--- a/maxkey-dao/src/main/resources/org/maxkey/dao/persistence/xml/mysql/AppsSaml20DetailsMapper.xml
+++ b/maxkey-dao/src/main/resources/org/maxkey/dao/persistence/xml/mysql/AppsSaml20DetailsMapper.xml
@@ -17,6 +17,8 @@
     		SVD.ENCRYPTED,
     		SVD.BINDING,
     		SVD.NAMEIDCONVERT,
+    		SVD.SIGNATURE,
+    		SVD.DIGESTMETHOD,
 			APP.*
     	FROM 
     		APPS_SAML_V20_DETAILS SVD,
diff --git a/maxkey-web-manage/src/main/resources/messages/message.properties b/maxkey-web-manage/src/main/resources/messages/message.properties
index 5ce7df92b..157173328 100644
--- a/maxkey-web-manage/src/main/resources/messages/message.properties
+++ b/maxkey-web-manage/src/main/resources/messages/message.properties
@@ -359,6 +359,8 @@ apps.saml.encrypted.yes=\u52A0\u5BC6
 apps.saml.metadata.emailAddress=\u7535\u5B50\u90AE\u7BB1
 apps.saml.nameidFormat=Nameid Format
 apps.saml.v1.1.info=SAML 1.1 \u8BA4\u8BC1\u914D\u7F6E
+apps.saml.signature=\u7B7E\u540D\u7B97\u6CD5
+apps.saml.digestMethod=\u6458\u8981\u65B9\u6CD5
 #oauth
 apps.oauth.approvalPrompt.force=\u5F3A\u5236
 apps.oauth.accessTokenValiditySeconds=accessToken\u6709\u6548\u671F
diff --git a/maxkey-web-manage/src/main/resources/messages/message_en.properties b/maxkey-web-manage/src/main/resources/messages/message_en.properties
index c12eee6f5..7ade3de7f 100644
--- a/maxkey-web-manage/src/main/resources/messages/message_en.properties
+++ b/maxkey-web-manage/src/main/resources/messages/message_en.properties
@@ -358,6 +358,8 @@ apps.saml.encrypted.yes=yes
 apps.saml.metadata.emailAddress=emailAddress
 apps.saml.nameidFormat=Nameid Format
 apps.saml.v1.1.info=SAML 1.1 Info
+apps.saml.signature=Signature
+apps.saml.digestMethod=Digest Method
 #oauth
 apps.oauth.approvalPrompt.force=force
 apps.oauth.accessTokenValiditySeconds=accessTokenValiditySeconds
diff --git a/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appAdd.ftl b/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appAdd.ftl
index f8bf6b3e6..13a6f7503 100644
--- a/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appAdd.ftl
+++ b/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appAdd.ftl
@@ -51,16 +51,49 @@ $(function(){
 				</tr>
 				<tr>
 					<th><@locale code="apps.saml.issuer" />：</th>
-					<td colspan =3>
+					<td>
 						<input type="text" class="form-control"   id="issuer" name="issuer"  title="" value=""  required="" />
 					</td>
+					<th><@locale code="apps.saml.audience" />：</th>
+                    <td >
+                        <input type="text" class="form-control"   id="audience" name="audience"  title="" value="" required="" />
+                    </td>
 				</tr>
 				<tr>
-					<th><@locale code="apps.saml.audience" />：</th>
-					<td colspan =3>
-						<input type="text" class="form-control"   id="audience" name="audience"  title="" value="" required="" />
+					<th><@locale code="apps.saml.signature" />：</th>
+					<td>
+						  <select  id="signature" name="signature"  class="form-control" >
+                            <option value="RSAwithSHA1"  selected>RSAwithSHA1</option>
+                            <option value="RSAwithSHA256" >RSAwithSHA256</option>
+                            <option value="RSAwithSHA384" >RSAwithSHA384</option>
+                            <option value="RSAwithSHA512" >RSAwithSHA512</option>
+                            <option value="RSAwithMD5" >RSAwithMD5</option>
+                            <option value="RSAwithRIPEMD160" >RSAwithRIPEMD160</option>
+                            <option value="DSAwithSHA1" >DSAwithSHA1</option>
+                            <option value="ECDSAwithSHA1" >ECDSAwithSHA1</option>
+                            <option value="ECDSAwithSHA256"  >ECDSAwithSHA256</option>
+                            <option value="ECDSAwithSHA384" >ECDSAwithSHA384</option>
+                            <option value="ECDSAwithSHA512" >ECDSAwithSHA512</option>
+                            <option value="HMAC-MD5"  >HMAC-MD5</option>
+                            <option value="HMAC-SHA1"  >HMAC-SHA1</option>
+                            <option value="HMAC-SHA256"  >HMAC-SHA256</option>
+                            <option value="HMAC-SHA384"  >HMAC-SHA384</option>
+                            <option value="HMAC-SHA512"  >HMAC-SHA512</option>
+                            <option value="HMAC-RIPEMD160"  >HMAC-RIPEMD160</option>
+                          </select>
 					</td>
-				</tr>
+					<th><@locale code="apps.saml.digestMethod" />：</th>
+                    <td>
+                        <select  id="digestMethod" name="digestMethod"  class="form-control" >
+                            <option value="MD5"         >MD5</option>
+                            <option value="SHA1"        selected>SHA1</option>
+                            <option value="SHA256"      >SHA256</option>
+                            <option value="SHA384"      >SHA384</option>
+                            <option value="SHA512"      >SHA512</option>
+                            <option value="RIPEMD-160"  >RIPEMD-160</option>
+                        </select>
+                    </td>
+				</tr>				
 				<tr>
 					
 					<th><@locale code="apps.saml.nameidFormat" />：</th>
diff --git a/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appUpdate.ftl b/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appUpdate.ftl
index 3c4d995d0..6742f074e 100644
--- a/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appUpdate.ftl
+++ b/maxkey-web-manage/src/main/resources/templates/views/apps/saml20/appUpdate.ftl
@@ -58,24 +58,59 @@ $(function(){
                 </tr>
 				<tr>
 					<th><@locale code="apps.saml.entityId" />：</th>
-					<td  colspan =3>
+					<td >
 						<input type="text" class="form-control"  id="entityId" name="entityId"  title="" value="${model.entityId!}"  required="" />
 					</td>
+					<td></td>
+                    <td  >
+                        <a target="_blank" href="${maxKeyURI}/metadata/saml20/${model.id}.xml"> SAML MetaData</a>
+                    </td>
 				</tr>
 				<tr>
 					<th><@locale code="apps.saml.issuer" />：</th>
-					<td  colspan =3>
+					<td >
 						<input type="text" class="form-control"  id="issuer" name="issuer"  title="" value="${model.issuer!}"  required="" />
 					</td>
+					<th><@locale code="apps.saml.audience" />：</th>
+                    <td  colspan =2>
+                        <input type="text" class="form-control"  id="audience" name="audience"  title="" value="${model.audience!}"  required="" />
+                    </td>
 				</tr>
 				<tr>
-					<th><@locale code="apps.saml.audience" />：</th>
-					<td  colspan =2>
-						<input type="text" class="form-control"  id="audience" name="audience"  title="" value="${model.audience!}"  required="" />
-					</td>
-					<td  >
-						<a target="_blank" href="${maxKeyURI}/metadata/saml20/${model.id}.xml"> SAML MetaData</a>
+					<th><@locale code="apps.saml.signature" />：</th>
+					<td>
+						<select  id="signature" name="signature"  class="form-control" >
+                            <option value="RSAwithSHA1"  <#if 'RSAwithSHA1'==model.signature>selected</#if>>RSAwithSHA1</option>
+                            <option value="RSAwithSHA256" <#if 'RSAwithSHA256'==model.signature>selected</#if>>RSAwithSHA256</option>
+                            <option value="RSAwithSHA384" <#if 'RSAwithSHA384'==model.signature>selected</#if>>RSAwithSHA384</option>
+                            <option value="RSAwithSHA512" <#if 'RSAwithSHA512'==model.signature>selected</#if>>RSAwithSHA512</option>
+                            <option value="RSAwithMD5" <#if 'RSAwithMD5'==model.signature>selected</#if>>RSAwithMD5</option>
+                            <option value="RSAwithRIPEMD160" <#if 'RSAwithRIPEMD160'==model.signature>selected</#if>>RSAwithRIPEMD160</option>
+                            <option value="DSAwithSHA1" <#if 'DSAwithSHA1'==model.signature>selected</#if>>DSAwithSHA1</option>
+                            <option value="ECDSAwithSHA1" <#if 'ECDSAwithSHA1'==model.signature>selected</#if>>ECDSAwithSHA1</option>
+                            <option value="ECDSAwithSHA256"  <#if 'ECDSAwithSHA256'==model.signature>selected</#if>>ECDSAwithSHA256</option>
+                            <option value="ECDSAwithSHA384" <#if 'ECDSAwithSHA384'==model.signature>selected</#if>>ECDSAwithSHA384</option>
+                            <option value="ECDSAwithSHA512" <#if 'ECDSAwithSHA512'==model.signature>selected</#if>>ECDSAwithSHA512</option>
+                            <option value="HMAC-MD5"  <#if 'HMAC-MD5'==model.signature>selected</#if>>HMAC-MD5</option>
+                            <option value="HMAC-SHA1"  <#if 'HMAC-SHA1'==model.signature>selected</#if>>HMAC-SHA1</option>
+                            <option value="HMAC-SHA256"  <#if 'HMAC-SHA256'==model.signature>selected</#if>>HMAC-SHA256</option>
+                            <option value="HMAC-SHA384"  <#if 'HMAC-SHA384'==model.signature>selected</#if>>HMAC-SHA384</option>
+                            <option value="HMAC-SHA512"  <#if 'HMAC-SHA512'==model.signature>selected</#if>>HMAC-SHA512</option>
+                            <option value="HMAC-RIPEMD160"  <#if 'HMAC-RIPEMD160'==model.signature>selected</#if>>HMAC-RIPEMD160</option>
+                          </select>
 					</td>
+					<th><@locale code="apps.saml.digestMethod" />：</th>
+                    <td>
+                        <select  id="digestMethod" name="digestMethod"  class="form-control" >
+                            <option value="MD5"         <#if 'MD5'==model.digestMethod>selected</#if>>MD5</option>
+                            <option value="SHA1"        <#if 'SHA1'==model.digestMethod>selected</#if>>SHA1</option>
+                            <option value="SHA256"      <#if 'SHA256'==model.digestMethod>selected</#if>>SHA256</option>
+                            <option value="SHA384"      <#if 'SHA384'==model.digestMethod>selected</#if>>SHA384</option>
+                            <option value="SHA512"      <#if 'SHA512'==model.digestMethod>selected</#if>>SHA512</option>
+                            <option value="RIPEMD-160"  <#if 'RIPEMD-160'==model.digestMethod>selected</#if>>RIPEMD-160</option>
+                            
+                        </select>
+                    </td>
 				</tr>
 				<tr>
 					<th style="width:15%;"><@locale code="apps.saml.nameidFormat" />：</th>