diff --git a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java index 3c53693c089..03fcd338293 100644 --- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java @@ -136,10 +136,10 @@ class ManagementWebSecurityAutoConfigurationTests { void backOffIfSaml2RelyingPartyAutoConfigurationPresent() { this.contextRunner.withConfiguration(AutoConfigurations.of(Saml2RelyingPartyAutoConfiguration.class)) .withPropertyValues( - "spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.single-sign-on.url=https://simplesaml-for-spring-saml/SSOService.php", - "spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.single-sign-on.sign-request=false", - "spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", - "spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.verification.credentials[0].certificate-location=classpath:saml/certificate-location") + "spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.single-sign-on.url=https://simplesaml-for-spring-saml/SSOService.php", + "spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.single-sign-on.sign-request=false", + "spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", + "spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.verification.credentials[0].certificate-location=classpath:saml/certificate-location") .run((context) -> assertThat(context).doesNotHaveBean(ManagementWebSecurityAutoConfiguration.class) .doesNotHaveBean(MANAGEMENT_SECURITY_FILTER_CHAIN_BEAN)); } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java index 65ecdd1e192..719b8e81bc8 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java @@ -68,7 +68,7 @@ public class Saml2RelyingPartyProperties { /** * Remote SAML Identity Provider. */ - private final AssertingParty assertingParty = new AssertingParty(); + private final AssertingParty assertingparty = new AssertingParty(); public String getEntityId() { return this.entityId; @@ -90,8 +90,8 @@ public class Saml2RelyingPartyProperties { return this.decryption; } - public AssertingParty getAssertingParty() { - return this.assertingParty; + public AssertingParty getAssertingparty() { + return this.assertingparty; } public static class Acs { diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java index f38c7dd581a..4d951d9ff4b 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java @@ -73,19 +73,19 @@ class Saml2RelyingPartyRegistrationConfiguration { } private RelyingPartyRegistration asRegistration(String id, Registration properties) { - boolean usingMetadata = StringUtils.hasText(properties.getAssertingParty().getMetadataUri()); + boolean usingMetadata = StringUtils.hasText(properties.getAssertingparty().getMetadataUri()); Builder builder = (usingMetadata) ? RelyingPartyRegistrations - .fromMetadataLocation(properties.getAssertingParty().getMetadataUri()).registrationId(id) + .fromMetadataLocation(properties.getAssertingparty().getMetadataUri()).registrationId(id) : RelyingPartyRegistration.withRegistrationId(id); builder.assertionConsumerServiceLocation(properties.getAcs().getLocation()); builder.assertionConsumerServiceBinding(properties.getAcs().getBinding()); - builder.assertingPartyDetails(mapAssertingParty(properties.getAssertingParty(), usingMetadata)); + builder.assertingPartyDetails(mapAssertingParty(properties.getAssertingparty(), usingMetadata)); builder.signingX509Credentials((credentials) -> properties.getSigning().getCredentials().stream() .map(this::asSigningCredential).forEach(credentials::add)); builder.decryptionX509Credentials((credentials) -> properties.getDecryption().getCredentials().stream() .map(this::asDecryptionCredential).forEach(credentials::add)); builder.assertingPartyDetails((details) -> details - .verificationX509Credentials((credentials) -> properties.getAssertingParty().getVerification() + .verificationX509Credentials((credentials) -> properties.getAssertingparty().getVerification() .getCredentials().stream().map(this::asVerificationCredential).forEach(credentials::add))); builder.entityId(properties.getEntityId()); RelyingPartyRegistration registration = builder.build(); diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java index b94a4e49819..6c779d06e73 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java @@ -126,7 +126,7 @@ class Saml2RelyingPartyAutoConfigurationTests { server.start(); String metadataUrl = server.url("").toString(); setupMockResponse(server, new ClassPathResource("saml/idp-metadata")); - this.contextRunner.withPropertyValues(PREFIX + ".foo.asserting-party.metadata-uri=" + metadataUrl) + this.contextRunner.withPropertyValues(PREFIX + ".foo.assertingparty.metadata-uri=" + metadataUrl) .run((context) -> { assertThat(context).hasSingleBean(RelyingPartyRegistrationRepository.class); assertThat(server.getRequestCount()).isEqualTo(1); @@ -140,7 +140,7 @@ class Saml2RelyingPartyAutoConfigurationTests { server.start(); String metadataUrl = server.url("").toString(); setupMockResponse(server, new ClassPathResource("saml/idp-metadata")); - this.contextRunner.withPropertyValues(PREFIX + ".foo.asserting-party.metadata-uri=" + metadataUrl) + this.contextRunner.withPropertyValues(PREFIX + ".foo.assertingparty.metadata-uri=" + metadataUrl) .run((context) -> { RelyingPartyRegistrationRepository repository = context .getBean(RelyingPartyRegistrationRepository.class); @@ -157,8 +157,8 @@ class Saml2RelyingPartyAutoConfigurationTests { server.start(); String metadataUrl = server.url("").toString(); setupMockResponse(server, new ClassPathResource("saml/idp-metadata")); - this.contextRunner.withPropertyValues(PREFIX + ".foo.asserting-party.metadata-uri=" + metadataUrl, - PREFIX + ".foo.asserting-party.singlesignon.binding=redirect").run((context) -> { + this.contextRunner.withPropertyValues(PREFIX + ".foo.assertingparty.metadata-uri=" + metadataUrl, + PREFIX + ".foo.assertingparty.singlesignon.binding=redirect").run((context) -> { RelyingPartyRegistrationRepository repository = context .getBean(RelyingPartyRegistrationRepository.class); RelyingPartyRegistration registration = repository.findByRegistrationId("foo"); @@ -216,19 +216,19 @@ class Saml2RelyingPartyAutoConfigurationTests { private String[] getPropertyValuesWithoutSigningCredentials(boolean signRequests) { return new String[] { PREFIX - + ".foo.asserting-party.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", - PREFIX + ".foo.asserting-party.singlesignon.binding=post", - PREFIX + ".foo.asserting-party.singlesignon.sign-request=" + signRequests, - PREFIX + ".foo.asserting-party.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", - PREFIX + ".foo.asserting-party.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; + + ".foo.assertingparty.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", + PREFIX + ".foo.assertingparty.singlesignon.binding=post", + PREFIX + ".foo.assertingparty.singlesignon.sign-request=" + signRequests, + PREFIX + ".foo.assertingparty.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", + PREFIX + ".foo.assertingparty.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; } private String[] getPropertyValuesWithoutSsoBinding() { return new String[] { PREFIX - + ".foo.asserting-party.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", - PREFIX + ".foo.asserting-party.singlesignon.sign-request=false", - PREFIX + ".foo.asserting-party.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", - PREFIX + ".foo.asserting-party.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; + + ".foo.assertingparty.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", + PREFIX + ".foo.assertingparty.singlesignon.sign-request=false", + PREFIX + ".foo.assertingparty.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", + PREFIX + ".foo.assertingparty.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; } private String[] getPropertyValues() { @@ -237,11 +237,11 @@ class Saml2RelyingPartyAutoConfigurationTests { PREFIX + ".foo.signing.credentials[0].certificate-location=classpath:saml/certificate-location", PREFIX + ".foo.decryption.credentials[0].private-key-location=classpath:saml/private-key-location", PREFIX + ".foo.decryption.credentials[0].certificate-location=classpath:saml/certificate-location", - PREFIX + ".foo.asserting-party.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", - PREFIX + ".foo.asserting-party.singlesignon.binding=post", - PREFIX + ".foo.asserting-party.singlesignon.sign-request=false", - PREFIX + ".foo.asserting-party.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", - PREFIX + ".foo.asserting-party.verification.credentials[0].certificate-location=classpath:saml/certificate-location", + PREFIX + ".foo.assertingparty.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", + PREFIX + ".foo.assertingparty.singlesignon.binding=post", + PREFIX + ".foo.assertingparty.singlesignon.sign-request=false", + PREFIX + ".foo.assertingparty.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", + PREFIX + ".foo.assertingparty.verification.credentials[0].certificate-location=classpath:saml/certificate-location", PREFIX + ".foo.entity-id={baseUrl}/saml2/foo-entity-id", PREFIX + ".foo.acs.location={baseUrl}/login/saml2/foo-entity-id", PREFIX + ".foo.acs.binding=redirect" }; diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java index 9dd72654389..1f9b921d72f 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java @@ -41,26 +41,26 @@ class Saml2RelyingPartyPropertiesTests { @Test void customizeSsoUrl() { - bind("spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.single-sign-on.url", + bind("spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.single-sign-on.url", "https://simplesaml-for-spring-saml/SSOService.php"); assertThat( - this.properties.getRegistration().get("simplesamlphp").getAssertingParty().getSinglesignon().getUrl()) + this.properties.getRegistration().get("simplesamlphp").getAssertingparty().getSinglesignon().getUrl()) .isEqualTo("https://simplesaml-for-spring-saml/SSOService.php"); } @Test void customizeSsoBinding() { - bind("spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.single-sign-on.binding", + bind("spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.single-sign-on.binding", "post"); - assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingParty().getSinglesignon() + assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingparty().getSinglesignon() .getBinding()).isEqualTo(Saml2MessageBinding.POST); } @Test void customizeSsoSignRequests() { - bind("spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.single-sign-on.sign-request", + bind("spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.single-sign-on.sign-request", "false"); - assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingParty().getSinglesignon() + assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingparty().getSinglesignon() .isSignRequest()).isEqualTo(false); } @@ -80,16 +80,16 @@ class Saml2RelyingPartyPropertiesTests { @Test void customizeAssertingPartyMetadataUri() { - bind("spring.security.saml2.relyingparty.registration.simplesamlphp.asserting-party.metadata-uri", + bind("spring.security.saml2.relyingparty.registration.simplesamlphp.assertingparty.metadata-uri", "https://idp.example.org/metadata"); - assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingParty().getMetadataUri()) + assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingparty().getMetadataUri()) .isEqualTo("https://idp.example.org/metadata"); } @Test void customizeSsoSignRequestsIsTrueByDefault() { this.properties.getRegistration().put("simplesamlphp", new Saml2RelyingPartyProperties.Registration()); - assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingParty().getSinglesignon() + assertThat(this.properties.getRegistration().get("simplesamlphp").getAssertingparty().getSinglesignon() .isSignRequest()).isEqualTo(true); } diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/web/spring-security.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/web/spring-security.adoc index c7c95443d17..e82be551803 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/web/spring-security.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/web/spring-security.adoc @@ -262,7 +262,7 @@ You can register multiple relying parties under the `spring.security.saml2.relyi credentials: - private-key-location: "path-to-private-key" certificate-location: "path-to-certificate" - asserting-party: + assertingparty: verification: credentials: - certificate-location: "path-to-verification-cert" @@ -278,7 +278,7 @@ You can register multiple relying parties under the `spring.security.saml2.relyi credentials: - private-key-location: "path-to-private-key" certificate-location: "path-to-certificate" - asserting-party: + assertingparty: verification: credentials: - certificate-location: "path-to-other-verification-cert" diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-saml2-service-provider/src/main/resources/application.yml b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-saml2-service-provider/src/main/resources/application.yml index 83ac8e90b39..2f40f2db78b 100644 --- a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-saml2-service-provider/src/main/resources/application.yml +++ b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-saml2-service-provider/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: credentials: - private-key-location: "classpath:saml/privatekey.txt" certificate-location: "classpath:saml/certificate.txt" - asserting-party: + assertingparty: verification: credentials: - certificate-location: "classpath:saml/certificate.txt" @@ -21,7 +21,7 @@ spring: credentials: - private-key-location: "classpath:saml/privatekey.txt" certificate-location: "classpath:saml/certificate.txt" - asserting-party: + assertingparty: verification: credentials: - certificate-location: "classpath:saml/certificate.txt"