root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Fix handling of deprecated identityprovider verification.credentials 

Fixes gh-34525
This commit is contained in:
Andy Wilkinson 2023-03-09 10:33:41 +00:00
parent 4bd0f75119
commit 1e5169846f
2 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java
View File

@ -32,6 +32,7 @@ import org.apache.commons.logging.LogFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty.Verification;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty.Verification.Credential;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Decryption;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Registration;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Registration.Signing;
@ -52,6 +53,7 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations;
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
/**
@ -102,12 +104,11 @@ class Saml2RelyingPartyRegistrationConfiguration {
.stream()
.map(this::asDecryptionCredential)
.forEach(credentials::add));
builder.assertingPartyDetails(
(details) -> details.verificationX509Credentials((credentials) -> assertingParty.getVerification()
.getCredentials()
.stream()
.map(this::asVerificationCredential)
.forEach(credentials::add)));
builder.assertingPartyDetails((details) -> details
.verificationX509Credentials((credentials) -> assertingParty.getVerificationCredentials()
.stream()
.map(this::asVerificationCredential)
.forEach(credentials::add)));
builder.singleLogoutServiceLocation(properties.getSinglelogout().getUrl());
builder.singleLogoutServiceResponseLocation(properties.getSinglelogout().getResponseUrl());
builder.singleLogoutServiceBinding(properties.getSinglelogout().getBinding());
@ -200,8 +201,8 @@ class Saml2RelyingPartyRegistrationConfiguration {
return get("metadata-uri", AssertingParty::getMetadataUri);
}
Verification getVerification() {
return get("verification", AssertingParty::getVerification);
List<Credential> getVerificationCredentials() {
return get("verification.credentials", (property) -> property.getVerification().getCredentials());
}
String getEntityId() {
@ -235,7 +236,7 @@ class Saml2RelyingPartyRegistrationConfiguration {
@SuppressWarnings("deprecation")
private <T> T get(String name, Function<AssertingParty, T> getter) {
T newValue = getter.apply(this.registration.getAssertingparty());
if (newValue != null) {
if (!ObjectUtils.isEmpty(newValue)) {
return newValue;
}
T deprecatedValue = getter.apply(this.registration.getIdentityprovider());

2
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java
View File

@ -145,7 +145,7 @@ class Saml2RelyingPartyAutoConfigurationTests {
assertThat(registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()).isEqualTo(false);
assertThat(registration.getSigningX509Credentials()).hasSize(1);
assertThat(registration.getDecryptionX509Credentials()).hasSize(1);
assertThat(registration.getAssertingPartyDetails().getVerificationX509Credentials()).isNotNull();
assertThat(registration.getAssertingPartyDetails().getVerificationX509Credentials()).hasSize(1);
assertThat(registration.getEntityId()).isEqualTo("{baseUrl}/saml2/foo-entity-id");
assertThat(registration.getSingleLogoutServiceLocation())
.isEqualTo("https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SLOService.php");