Issue 288 javafx windows10 (oktadev#303)

* updated to javafx

* Removed reference to broken protocol handler

* Fixed compile errors by updating Maven pom to use the openjavafx libraries without runtime scope
updated to build on jdk11

* Bugfix: set the rolesArn's as key and principalArn's as value when parsing the available roles from the SAML token. The bug was that they were inverted and AWS STS refused the call because the role name was invalid.

* Added IntelliJ idea build configurations.
Updated gitignore with intellij recommended rules

* previous logic was assuming that always was refreshing a previous session and cookies were in place.
Added a condition that throws an exception to trigger authentication with user credentials if no cookies from a previous session
are present.
This avoids a crash when tool is fresh installed and no previous session cookies are present

* Fixed crash if no command line options were provided after okta command

* Created IntelliJ run configurations for list roles and sls commands

* Fixed maven broken dependency on javafx pom

* Disabled test tied to an specific AWS account

* Fixed bug in roles list parsing after bugfix to set the role arn and name in the RoleOption entity for the roles selection menu.
Reenabled test that was failing before

* Set openjdk11 in CI/CD

.gitignore

@@ -26,16 +26,63 @@ META-INF
 out/config.properties
 .okta-aws-cli-session
 
-.idea/workspace.xml
-
 /target/
 .classpath
 .settings
 .project
 dependency-reduced-pom.xml
-.idea
-*.iml
 move.bat
 .factorypath
 .vscode
 
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+.idea/**/aws.xml
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# File-based project format
+*.iws
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+gradle.xml

.travis.yml

@@ -1,5 +1,7 @@
 sudo: false
 language: java
+jdk:
+  - openjdk11
 services:
 - docker
 cache:

pom.xml

@@ -20,7 +20,8 @@
 
     <groupId>com.okta.developer</groupId>
     <artifactId>okta-aws-cli</artifactId>
-    <version>2.0.1-SNAPSHOT</version>
+    <version>2.0.2-SNAPSHOT</version>
+    <packaging>jar</packaging>
 
     <repositories>
         <repository>
@@ -42,7 +43,7 @@
         <jsoup.version>1.11.3</jsoup.version>
         <opensaml.version>3.4.2</opensaml.version>
         <slf4j.version>1.7.26</slf4j.version>
-        <openjfx.version>11.0.2</openjfx.version>
+        <openjfx.version>12.0.1</openjfx.version>
     </properties>
 
     <dependencies>
@@ -104,11 +105,41 @@
             <version>${slf4j.version}</version>
             <scope>runtime</scope>
         </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx</artifactId>
+            <version>${openjfx.version}</version>
+            <type>pom</type>
+        </dependency>
         <dependency>
             <groupId>org.openjfx</groupId>
             <artifactId>javafx-web</artifactId>
             <version>${openjfx.version}</version>
-            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-controls</artifactId>
+            <version>${openjfx.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-base</artifactId>
+            <version>${openjfx.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-graphics</artifactId>
+            <version>${openjfx.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-media</artifactId>
+            <version>${openjfx.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-fxml</artifactId>
+            <version>${openjfx.version}</version>
         </dependency>
 
         <!-- Test dependencies -->
@@ -150,8 +181,8 @@
                 <artifactId>maven-compiler-plugin</artifactId>
                 <version>3.8.0</version>
                 <configuration>
-                    <source>1.8</source>
-                    <target>1.8</target>
+                    <source>11</source>
+                    <target>11</target>
                 </configuration>
             </plugin>
             <plugin>
@@ -190,7 +221,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jar-plugin</artifactId>
-                <version>2.1</version>
+                <version>3.1.2</version>
                 <configuration>
                     <archive>
                         <manifest>
@@ -211,6 +242,14 @@
                     </includes>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.openjfx</groupId>
+                <artifactId>javafx-maven-plugin</artifactId>
+                <version>0.0.2</version>
+                <configuration>
+                    <mainClass>com.okta.tools.WithOkta</mainClass>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 </project>

src/main/java/com/okta/tools/WithOkta.java

@@ -34,7 +34,14 @@ public static void main(String[] args) throws Exception {
             awsEnvironment.put("AWS_ACCESS_KEY_ID", runResult.accessKeyId);
             awsEnvironment.put("AWS_SECRET_ACCESS_KEY", runResult.secretAccessKey);
             awsEnvironment.put("AWS_SESSION_TOKEN", runResult.sessionToken);
-            args = removeProfileArguments(args);
+        }
+        // Cleanup command line arguments if present
+        args = removeProfileArguments(args);
+
+        if(args.length == 0) {
+            logger.info("No additional command line arguments provided. Hint: okta-aws <aws cli command>");
+            System.exit(0);
+            return;
         }
         awsProcessBuilder.command(args);
         logger.fine(() -> "AWS CLI command line: " + awsProcessBuilder.command().toString());

src/main/java/com/okta/tools/helpers/RoleHelper.java

@@ -120,7 +120,7 @@ public AssumeRoleWithSAMLRequest chooseAwsRoleToAssume(String samlResponse) thro
     public List<AccountOption> getAvailableRoles(String samlResponse) throws IOException {
         Map<String, String> roles = AwsSamlRoleUtils.getRoles(samlResponse);
         if (roles.size() == 1) {
-            String roleArn = roles.keySet().iterator().next();
+            String roleArn = roles.values().iterator().next();
             return Collections.singletonList(
                     new AccountOption("Account:  (" + roleArn.substring("arn:aws:iam::".length(), "arn:aws:iam::".length() + 12) + ")",
                             Collections.singletonList(

src/main/java/com/okta/tools/io/LoginPageInterceptingProtocolHandler.java

@@ -17,17 +17,16 @@
 
 import com.okta.tools.OktaAwsCliEnvironment;
 
+
+
 import java.io.IOException;
-import java.net.Proxy;
-import java.net.URI;
-import java.net.URL;
-import java.net.URLConnection;
+import java.net.*;
 import java.util.Arrays;
 import java.util.List;
 import java.util.function.BiFunction;
 import java.util.logging.Logger;
 
-final class LoginPageInterceptingProtocolHandler extends sun.net.www.protocol.https.Handler {
+final class LoginPageInterceptingProtocolHandler extends URLStreamHandler {
     private static final Logger LOGGER = Logger.getLogger(LoginPageInterceptingProtocolHandler.class.getName());
     private final OktaAwsCliEnvironment environment;
     private final BiFunction<URL, URLConnection, URLConnection> filteringUrlConnectionFactory;
@@ -37,9 +36,13 @@ final class LoginPageInterceptingProtocolHandler extends sun.net.www.protocol.ht
         this.filteringUrlConnectionFactory = filteringUrlConnectionFactory;
     }
 
+
     @Override
-    protected URLConnection openConnection(URL url, Proxy proxy) throws IOException {
-        URLConnection urlConnection = super.openConnection(url, proxy);
+    protected URLConnection openConnection(URL url) throws IOException {
+        return this.openConnection(url,(Proxy)null);
+    }
+
+    private URLConnection handleOpenConnection(URL url, URLConnection urlConnection) throws IOException{
         URI oktaAwsAppUri = URI.create(environment.oktaAwsAppUrl);
         List<String> domainsToIntercept = Arrays.asList(
                 environment.oktaOrg,
@@ -51,7 +54,7 @@ protected URLConnection openConnection(URL url, Proxy proxy) throws IOException
                 "/auth/services/devicefingerprint"
         );
         if (domainsToIntercept.contains(url.getHost()) &&
-            requestPathsToIntercept.contains(url.getPath())
+                requestPathsToIntercept.contains(url.getPath())
         ) {
             LOGGER.finest(() -> String.format("[%s] Using filtering URLConnection", url));
             return filteringUrlConnectionFactory.apply(url, urlConnection);
@@ -60,4 +63,16 @@ protected URLConnection openConnection(URL url, Proxy proxy) throws IOException
             return urlConnection;
         }
     }
+
+    @Override
+    protected URLConnection openConnection(URL url, Proxy proxy) throws IOException {
+        URLConnection urlConnection = super.openConnection(url, proxy);
+        //URLConnection urlConnection = new HttpURLConnection(url, url.getHost(), url.getPort());
+        // default handler
+        //URLStreamHandler defaultHandler = new sun.net.www.protocol.https.Handler();
+        //URLConnection urlConnection = new HttpURLConnection(url, proxy, this);
+        //URLConnection urlConnection = HttpConnectionFactory.GetConnection(url,proxy,this);
+        //URLConnection = new HttpsURLConnection(url,proxy, this)
+        return handleOpenConnection(url, urlConnection);
+    }
 }

src/main/java/com/okta/tools/io/SubresourceIntegrityStrippingHack.java

@@ -29,12 +29,15 @@ private SubresourceIntegrityStrippingHack() {}
 
     public static void overrideHttpsProtocolHandler(OktaAwsCliEnvironment environment) {
         try {
+            LOGGER.finest("overrideHttpsProtocolHandler do nothing");
+            /*
             URL.setURLStreamHandlerFactory(protocol -> "https".equals(protocol) ?
                     new LoginPageInterceptingProtocolHandler(environment,
                             SubresourceIntegrityStrippingURLConnection::new) :
                     null
             );
             LOGGER.finest("Successfully registered custom protocol handler");
+             */
         } catch (Exception e) {
             LOGGER.warning(() -> {
                 ByteArrayOutputStream outputStream = new ByteArrayOutputStream();