Merge pull request #29263 from terminux

* pr/29263: Polish "Stop configuring a default user with SAML 2.0 Login" Stop configuring a default user with SAML 2.0 Login Closes gh-29263
2022-01-10 16:28:27 +01:00 · 2022-01-10 16:28:27 +01:00 · 27857f095a
parent b7de02d908 e92e35d56f
commit 27857f095a
2 changed files with 13 additions and 3 deletions
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2021 the original author or authors.
+ * Copyright 2012-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -61,7 +61,8 @@ import org.springframework.util.StringUtils;
 				AuthenticationManagerResolver.class },
 		type = { "org.springframework.security.oauth2.jwt.JwtDecoder",
 				"org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector",
-				"org.springframework.security.oauth2.client.registration.ClientRegistrationRepository" })
+				"org.springframework.security.oauth2.client.registration.ClientRegistrationRepository",
+				"org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository" })
 public class UserDetailsServiceAutoConfiguration {

 	private static final String NOOP_PASSWORD_PREFIX = "{noop}";
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfigurationTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2021 the original author or authors.
+ * Copyright 2012-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -46,6 +46,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;

 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
@ -156,6 +157,14 @@ class UserDetailsServiceAutoConfigurationTests {
 				.run(((context) -> assertThat(context).doesNotHaveBean(InMemoryUserDetailsManager.class)));
 	}

+	@Test
+	void userDetailsServiceWhenRelyingPartyRegistrationRepositoryBeanPresent() {
+		this.contextRunner
+				.withBean(RelyingPartyRegistrationRepository.class,
+						() -> mock(RelyingPartyRegistrationRepository.class))
+				.run(((context) -> assertThat(context).doesNotHaveBean(InMemoryUserDetailsManager.class)));
+	}
+
 	@Test
 	void generatedPasswordShouldNotBePrintedIfAuthenticationManagerBuilderIsUsed(CapturedOutput output) {
 		this.contextRunner.withUserConfiguration(TestConfigWithAuthenticationManagerBuilder.class)