Fixes #67

oharsta · oharsta · commit 93d29ab52171 · 2025-09-23T15:33:09.000+02:00
diff --git a/client/src/components/ClipBoardCopy.jsx b/client/src/components/ClipBoardCopy.jsx
@@ -1,21 +1,31 @@
-import React from "react";
+import React, {useState} from "react";
 import "./ClipBoardCopy.scss";
 import Duplicate from "@surfnet/sds//icons/functional-icons/duplicate.svg";
 import {CopyToClipboard} from "react-copy-to-clipboard";
+import I18n from "../locale/I18n";
 
 export default function ClipBoardCopy({txt}) {
+    const [copied, setCopied] = useState(false);
+
     return (
-        <CopyToClipboard text={txt}>
-            <section
-                className={`copy-to-clipboard`}
-                onClick={e => {
-                    const me = e.target;
-                    me.classList.add("copied");
-                    setTimeout(() => me.classList.remove("copied"), 1250);
-                }}>
-                <Duplicate/>
-            </section>
-        </CopyToClipboard>
+        <>
+            <CopyToClipboard text={txt}>
+                <section
+                    className="copy-to-clipboard"
+                    onClick={e => {
+                        const me = e.target;
+                        me.classList.add("copied");
+                        setCopied(true);
+                        setTimeout(() => {
+                            me.classList.remove("copied");
+                            setCopied(false);
+                        }, 1250);
+                    }}>
+                    <Duplicate/>
+                </section>
+            </CopyToClipboard>
+            <div className={`copied ${copied ? "" : "hidden"}`}>{I18n.t("forms.copied")}</div>
+        </>
     );
 
 }
diff --git a/client/src/components/ClipBoardCopy.scss b/client/src/components/ClipBoardCopy.scss
@@ -6,6 +6,7 @@ section.copy-to-clipboard {
     position: absolute;
     right: 10px;
     top: 14px;
+
     svg {
         margin: 0;
         width: 18px;
@@ -15,14 +16,30 @@ section.copy-to-clipboard {
         &:hover {
             color: var(--sds--color--black);
         }
-        transition: width .4s ease, color .4s ease ;
+
+        transition: color .4s ease;
     }
 
     &.copied, svg.copied {
-        width: 22px;
         color: var(--sds--color--green--400);
     }
 
 }
 
+div.copied {
+    position: absolute;
+    background-color: var(--sds--color--gray--300);
+    color: white;
+    font-size: 13px;
+    padding: 4px;
+    border-radius: $br;
+    right: -6px;
+    top: -20px;
+    transition: opacity .4s ease;
+
+    &.hidden {
+        opacity: 0;
+    }
+}
+
 
diff --git a/client/src/locale/en.js b/client/src/locale/en.js
@@ -758,6 +758,7 @@ const en = {
         moreLabel: "Show me more",
         lessLabel: "Show me less",
         you: "You",
+        copied: "Copied"
     },
     footer: {
         terms: "Terms of Use",
diff --git a/client/src/pages/Connection.jsx b/client/src/pages/Connection.jsx
@@ -32,7 +32,7 @@ export const Connection = () => {
     const {applicationId, tab = "overview"} = useParams();
     const {user, arp, privacy} = useAppStore(state => state);
 
-    const [application, setApplication] = useState({});
+    const [application, setApplication] = useState({organization: {}});
     const [profileOptions, setProfileOptions] = useState([]);
     const [currentTab, setCurrentTab] = useState(tab);
     const [connection, setConnection] = useState(null);
@@ -64,8 +64,8 @@ export const Connection = () => {
                     breadcrumbPaths: [
                         {path: "/home", value: I18n.t("breadCrumb.access"), menuItemName: "yourApps"},
                         {
-                            path: `/organization/${application.organization.id}`,
-                            value: application.organization.name,
+                            path: `/organization/${res.organization.id}`,
+                            value: res.organization.name,
                             menuItemName: "yourApps"
                         },
                         {path: `/application/${applicationId}`, value: I18n.t("breadCrumb.applications")},
diff --git a/server/src/main/java/access/api/ApplicationController.java b/server/src/main/java/access/api/ApplicationController.java
@@ -124,16 +124,17 @@ public ResponseEntity<Application> update(User user, @Validated @RequestBody App
         confirmApplicationMembership(user, organization, application, Authority.MEMBER);
 
         //If the metadata has changed, we must propagate this to manage
-        boolean metaDataHasChanged = application.getMetaData().equals(applicationData.getMetaData());
+        boolean metaDataHasChanged = !application.getMetaData().equals(applicationData.getMetaData());
         //However, we first need to merge the data; otherwise the outdated application metadata is used
         application.merge(applicationData);
         //Upload base64 encoded image to s3 storage if the logo has changed
         String logoUrl = application.getLogoUrl();
         if (StringUtils.hasText(logoUrl) && !logoUrl.startsWith("http")) {
             String url = s3Storage.uploadFile(logoUrl);
             application.setLogoUrl(url);
+            metaDataHasChanged = true;
         }
-        if (!metaDataHasChanged) {
+        if (metaDataHasChanged) {
             application.getConnections().forEach(connection -> {
                 Map<String, Object> provider = manage.saveProvider(connection);
                 connection.updateRemoteManageData(provider);
diff --git a/server/src/main/java/access/api/ConnectionController.java b/server/src/main/java/access/api/ConnectionController.java
@@ -43,6 +43,7 @@
 public class ConnectionController implements UserAccessRights {
 
     private static final Log LOG = LogFactory.getLog(ConnectionController.class);
+    private static final int SECRET_LENGTH = 36;
 
     private final ConnectionRepository connectionRepository;
     private final ApplicationRepository applicationRepository;
@@ -135,7 +136,7 @@ public Map<String, String> secret(User user, @PathVariable("connectionId") Long
         user = this.reinitializeUser(user, userRepository);
         confirmApplicationMembership(user, organization, application, Authority.MEMBER);
 
-        String secret = passwordGenerator.generatePassword(36, rules);
+        String secret = passwordGenerator.generatePassword(SECRET_LENGTH, rules);
         connection.getMetaData().put("secret", secret);
         saveConnection(connection);
 
@@ -217,16 +218,27 @@ public ResponseEntity<Map<String, Integer>> delete(User user, @PathVariable("con
     private Connection saveConnection(Connection connection) {
         //Put / Post to Manage only if the status is not OPEN
         if (!connection.getStatus().equals(ConnectionStatus.OPEN)) {
-            if (connection.getProtocol().equals(EntityType.oidc10_rp) &&
-                    !StringUtils.hasText((String) connection.getMetaData().get("secret")) &&
-                    connection.getMetaData().getOrDefault("pkce", false) == Boolean.FALSE) {
+            boolean isPublicRelyingParty = connection.getProtocol().equals(EntityType.oidc10_rp) &&
+                    connection.getMetaData().getOrDefault("pkce", false) == Boolean.FALSE;
+            boolean hasSecret = StringUtils.hasText((String) connection.getMetaData().get("secret")) ;
+            if (isPublicRelyingParty && !hasSecret) {
                 //generate secret but store the raw-text variant, because Manage encodes it
-                String secret = passwordGenerator.generatePassword(36, rules);
+                String secret = passwordGenerator.generatePassword(SECRET_LENGTH, rules);
                 connection.getMetaData().put("secret", secret);
+                connection.setSecretSet(true);
             }
 
             Map<String, Object> provider = manage.saveProvider(connection);
             connection.updateRemoteManageData(provider);
+            if (isPublicRelyingParty) {
+                //We must store the encrypted secret, otherwise manage will keep encrypting it again and again
+                Map<String, Object> data = (Map<String, Object>) provider.get("data");
+                Map<String, Object> metaDataFields = (Map<String, Object>) data.get("metaDataFields");
+                String secretFromManage = (String) metaDataFields.get("secret");
+                if (StringUtils.hasText(secretFromManage) && secretFromManage.length() != SECRET_LENGTH) {
+                    connection.getMetaData().put("secret", secretFromManage);
+                }
+            }
 
             List<Map<String, Object>> contactPersons = (List<Map<String, Object>>) connection.getMetaData().get("contactPersons");
             if (!CollectionUtils.isEmpty(contactPersons)) {
diff --git a/server/src/main/java/access/model/Connection.java b/server/src/main/java/access/model/Connection.java
@@ -61,6 +61,9 @@ public class Connection implements NameHolder {
     @NotNull
     private ConnectionStatus status = ConnectionStatus.OPEN;
 
+    @Column(name = "secret_set")
+    private boolean secretSet;
+
     @Column(name = "manage_identifier")
     private String manageIdentifier;
 
diff --git a/server/src/main/resources/db/mysql/migration/V3_0__connection_secret.sql b/server/src/main/resources/db/mysql/migration/V3_0__connection_secret.sql
@@ -0,0 +1,2 @@
+ALTER TABLE connections
+    ADD COLUMN secret_set BOOLEAN NOT NULL DEFAULT 0;

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+ALTER TABLE connections`
	`2`	`+ ADD COLUMN secret_set BOOLEAN NOT NULL DEFAULT 0;`