root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Align relying party entity ID property with Spring Security 

Closes gh-23745
This commit is contained in:
Andy Wilkinson 2020-10-19 12:07:23 +01:00
parent 3657c6c85d
commit 4a38401cef
4 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java
View File

@ -51,11 +51,10 @@ public class Saml2RelyingPartyProperties {
public static class Registration {
/**
* Relying party's entity ID template. Can generate its entity ID based on
* possible variables of "baseUrl", "registrationId", "baseScheme", "baseHost",
* and "basePort".
* Relying party's entity ID. The value may contain a number of placeholders. They
* are "baseUrl", "registrationId", "baseScheme", "baseHost", and "basePort".
*/
private String relyingPartyEntityId = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
private String entityId = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
private final Signing signing = new Signing();
@ -64,12 +63,12 @@ public class Saml2RelyingPartyProperties {
*/
private final Identityprovider identityprovider = new Identityprovider();
public String getRelyingPartyEntityId() {
return this.relyingPartyEntityId;
public String getEntityId() {
return this.entityId;
}
public void setRelyingPartyEntityId(String entityId) {
this.relyingPartyEntityId = entityId;
public void setEntityId(String entityId) {
this.entityId = entityId;
}
public Signing getSigning() {

2
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java
View File

@ -82,7 +82,7 @@ class Saml2RelyingPartyRegistrationConfiguration {
builder.assertingPartyDetails((details) -> details
.verificationX509Credentials((credentials) -> properties.getIdentityprovider().getVerification()
.getCredentials().stream().map(this::asVerificationCredential).forEach(credentials::add)));
builder.entityId(properties.getRelyingPartyEntityId());
builder.entityId(properties.getEntityId());
RelyingPartyRegistration registration = builder.build();
boolean signRequest = registration.getAssertingPartyDetails().getWantAuthnRequestsSigned();
validateSigningCredentials(properties, signRequest);

2
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java
View File

@ -186,7 +186,7 @@ class Saml2RelyingPartyAutoConfigurationTests {
PREFIX + ".foo.identityprovider.singlesignon.sign-request=false",
PREFIX + ".foo.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php",
PREFIX + ".foo.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location",
PREFIX + ".foo.relying-party-entity-id={baseUrl}/saml2/foo-entity-id" };
PREFIX + ".foo.entity-id={baseUrl}/saml2/foo-entity-id" };
}
private boolean hasFilter(AssertableWebApplicationContext context, Class<? extends Filter> filter) {

6
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java
View File

@ -90,16 +90,16 @@ class Saml2RelyingPartyPropertiesTests {
@Test
void customizeRelyingPartyEntityId() {
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.relying-party-entity-id",
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.entity-id",
"{baseUrl}/saml2/custom-entity-id");
assertThat(this.properties.getRegistration().get("simplesamlphp").getRelyingPartyEntityId())
assertThat(this.properties.getRegistration().get("simplesamlphp").getEntityId())
.isEqualTo("{baseUrl}/saml2/custom-entity-id");
}
@Test
void customizeRelyingPartyEntityIdDefaultsToServiceProviderMetadata() {
assertThat(RelyingPartyRegistration.withRegistrationId("id")).extracting("entityId")
.isEqualTo(new Saml2RelyingPartyProperties.Registration().getRelyingPartyEntityId());
.isEqualTo(new Saml2RelyingPartyProperties.Registration().getEntityId());
}
@Test