- Extracted common logic from setState() and replace() into modifyState()
- Removed redundant code from createNode() because exceptions are handled on the caller side
- NodeExistsException and InterruptedException are handled in setState() and replace()
- Also used KeeperException's subclasses instead of KeeperException.code()
This closes#7324
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit ac80b9d900221fedb59142e4a4802bf4ab2a17f4)
* NIFI-10904 Changed the font color for dropdown menus to avoid the appearance of menu items being disabled
* NIFI-10904 Changed the CSS tag used to set the color of the dropdown menu text
* NIFI-10904 Used a new css class to set the color of dropdown options
* nifi-10904 Changed the css class for create/reference drop down menu items.
Merged #7502 into main.
- Added nifi-security-cert for reusable components without dependencies
- Added nifi-security-cert-builder for certificate generation
NIFI-12001: Changes related to backporting
Signed-off-by: Matt Burgess <mattyb149@apache.org>
- Moved StringUtils from nifi-properties to nifi-property-utils
- Moved Peer Identity methods from CertificateUtils to specific Site-to-Site classes
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#6977.
* NIFI-11303 Added a go-to entry on the right click context menu for the provenance lineage tree to take you to the specified component in the graph
* nifi-11303 Removed unused variable.
Merged #7461 into main.
When waiting for all controller services to reach the desired status in the ClusterReplicationComponentLifecycle component, return immediately if there are no services to wait for. Otherwise, request that referencing components not be included in the return value of the Controller Services
This closes#7493
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 7405dcb510d0740d7e0eaf3200ed2d8900f5b3f0)
- Added StandardOidcUserService supporting fallback claim names
- Updated StandardClientRegistrationProvider to use standard Subject claim
- Updated OIDC Security Configuration to use customized OidcUserService for claim handling
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#7468.
- Replaced Jetty KeyStoreScanner and custom TrustStoreScanner with shared StoreScanner
- New StoreScanner uses TLS Configuration to reload SSLContext instead of relying on Jetty SslContextFactory properties
This closes#7446
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit a85ef2c1f49780be93b49ec6cb077a61c8cc063e)
- Removed hamcrest-all from default dependencies
- Added groovy-test to selected modules with Groovy test classes
- Added junit-vintage-engine to selected modules with JUnit 4 test classes
- Corrected references to JUnit 4 assertions in JUnit 5 test classes
- Removed several unnecessary test classes from nifi-socket-utils
- Removed duplicative Registry toolkit test classes
- Removed Kudu integration tests
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#7233
(cherry picked from commit ca6c7f704164e922e11d72e7c972a50ac46e6b0e)
* NIFI-11464 Improvements for importing nested versioned flows
- Introduce FlowSnapshotContainer to return root snapshot + children
- Introduce ControllerServiceResolver to extract logic from service facade
- Update resolution logic to correctly consider all services in the hierarchy
- Merge additional parameter contexts and parameter providers from child to parent
- Add unit test for controller service resolver
- Replace use of emptSet/emptyMap with new set/map instance
* NIFI-11287: detect dependent properties when the property it depends on references a parameter
* address review feedback
* address more review comments
* - loadProperties checks type before getting the parameter context
- retrieve the parameter context with ajax call from inside the class
* add type parameter to all places calling loadProperties
* get reference parameters by invoking provided callbacks from the client
* check for user permissions before requesting for referenced parameters
* address review feedback
This closes#7117
This closes#7124
Co-authored-by: David Handermann <exceptionfactory@apache.org>
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 5811a9c579a11aa8fc8358851df33d0456a5e10c)
- Restored previous behavior of sending openid and email scopes for OpenID Connect token requests
- Added offline_access scope as the default value in nifi.properties to support Refresh Tokens
This closes#7168
Signed-off-by: Paul Grey <greyp@apache.org>
* NIFI-11461 Improved User and Group Tenants Search
- Added searchTenants method to NiFiServiceFacade and removed unnecessary object creation
- Updated TenantsResource to use delegated NiFiServiceFacade.searchTenants method
- Changed autocomplete delay from default 300 ms to 500 ms
* NIFI-11461 Adjusted implementation to use EntityFactory.createTenantEntity
This closes#7181
(cherry picked from commit bdff3abcd6d072a61e6399e694e3213732696561)
- Added StandardOidcIdTokenDecoderFactory based on Spring Security OidcIdTokenDecoderFactory with custom REST Operations
Merged #7108 into main.
(cherry picked from commit e4f0508c90f7f354b4210dd80f3dbed5b3254bcd)
- Added Authorization Request Resolver with support for building the base redirect URI using allowed proxy headers
This closes#7104
(cherry picked from commit 75eb449a312815b84545c1ee157144255b8fc97d)
- Fixed system tests so that they work properly in Clustered version of RegistryClientIT
- Fixed system test - ensure that we wait for processors to become valid before attempting to start them; also added an additional system test around Controller Services in versioned flows
This closes#7095
Signed-off-by: David Handermann <exceptionfactory@apache.org>
* NIFI-4890 Refactored OIDC with support for Refresh Tokens
- Implemented OIDC Authorization Code Grant Flow using Spring Security Filters
- Implemented OIDC RP-Initiated Logout 1.0
- Implemented OAuth2 Token Revocation RFC 7009 for Refresh Tokens
- Added OIDC Bearer Token Refresh Filter for updating application Bearer Tokens from Refresh Token exchanges
- Added configurable Token Refresh Window to application properties
- Removed original implementation and supporting classes
* NIFI-4890 Set Bearer Token expiration based on Access Token
* NIFI-4890 Corrected spelling and naming issues based on feedback
This closes#7013
