Wildcard classpath syntax breaks inside flow imports on Windows
Description
Environment
IdP: 4.1.2
OS: Windows Server 2016
Java: Amazon Corretto 11.0.11.9.1
Servlet Container: Tomcat 9.0.50
enabled modules:
idp.authn.MFA (MFA Authentication)
idp.authn.Password (Password Authentication)
idp.intercept.ContextCheck (Context Checking Interceptor)
idp.authn.DuoOIDC (Duo "Universal Prompt" OIDC-based Authentication)
idp.oidc.common.1 (Module to provide common OIDC processing)
installed plugins:
net.shibboleth.idp.plugin.authn.duo.nimbus Version 1.1.1
net.shibboleth.oidc.common Version 1.1.0
is related to
Activity
Added an idp-conf flow test for this in IDP-1844.
Added a unit test for the FlowRelativeResourceLoader in https://shibboleth.atlassian.net/browse/IDP-1840#icft=IDP-1840
Works running as an installed 4.1.3 IdP (swapping the entire lib dir over and rebuilding the war). Runs all the way to the Duo prompt (on the Duo site). Did not test the return as I have a registered security key which will not work in this context. But just getting it to load the factories is enough to prove this works.
The Duo plugin XML factories load correctly from Windows from within the testbed. I will try it from an installed IdP.
And stepped through the code to see the exception being thrown, caught, and the correct path being followed.
I guarded all the exists() code paths I found.
@Philip Smart, you should test with the 4.1.3 snapshot, and make sure spring-extensions is also bumped to 6.1.3-SNAPSHOT.
I am migrating from idp.authn.Duo to the idp.authn.DuoOIDC module. When the flow transfers from authn/Password to authn/DuoOIDC an exception is thrown.
ERROR {https-jsse-nio-443-exec-15} net.shibboleth.idp.authn:-2 Uncaught runtime exception
org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from URL [jar:war:file:/E:/Shibboleth/war/idp.war*/WEB-INF/lib/idp-plugin-duo-impl-1.1.1.jar!/META-INF/net/shibboleth/idp/flows/authn/DuoOIDC/duo-oidc-authn-beans.xml]; nested exception is java.nio.file.InvalidPathException: Illegal char <> at index 9: classpath:\net\shibboleth\idp\plugin\authn\duo\duo-client-factory-bean.xml
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:417)
Caused by: java.nio.file.InvalidPathException: Illegal char <> at index 9: classpath:\net\shibboleth\idp\plugin\authn\duo\duo-client-factory-bean.xml
at java.base/sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)