root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Rename `singleSignOn` property to `singlesignon` 

Rename the SAML `singleSignOn` nested property to `singleSignOn` so
that we don't get problems when using uppercase environment variable
names.

See gh-20584
This commit is contained in:
Phillip Webb 2020-04-07 14:14:58 -07:00
parent 3ca896e63f
commit ed2d90248c
5 changed files with 31 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java
View File

@ -22,6 +22,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.DeprecatedConfigurationProperty;
import org.springframework.core.io.Resource; import org.springframework.core.io.Resource;
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding; import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
@ -120,12 +121,7 @@ public class Saml2RelyingPartyProperties {
*/ */
private String entityId; private String entityId;
/** private Singlesignon singlesignon = new Singlesignon();
* Remote endpoint to send authentication requests to.
*/
private String ssoUrl;
private SingleSignOn singleSignOn = new SingleSignOn();
private Verification verification = new Verification(); private Verification verification = new Verification();
@ -138,24 +134,28 @@ public class Saml2RelyingPartyProperties {
} }
@Deprecated @Deprecated
@DeprecatedConfigurationProperty(reason = "moved to 'singlesignon.url'")
public String getSsoUrl() { public String getSsoUrl() {
return this.getSingleSignOn().getUrl(); return this.singlesignon.getUrl();
} }
@Deprecated @Deprecated
public void setSsoUrl(String ssoUrl) { public void setSsoUrl(String ssoUrl) {
this.singleSignOn.setUrl(ssoUrl); this.singlesignon.setUrl(ssoUrl);
} }
public SingleSignOn getSingleSignOn() { public Singlesignon getSinglesignon() {
return this.singleSignOn; return this.singlesignon;
} }
public Verification getVerification() { public Verification getVerification() {
return this.verification; return this.verification;
} }
public static class SingleSignOn { /**
* Single sign on details for an Identity Provider.
*/
public static class Singlesignon {
/** /**
* Remote endpoint to send authentication requests to. * Remote endpoint to send authentication requests to.
@ -198,6 +198,9 @@ public class Saml2RelyingPartyProperties {
} }
/**
* Verification details for an Identity Provider.
*/
public static class Verification { public static class Verification {
/** /**

6
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java
View File

@ -66,16 +66,16 @@ class Saml2RelyingPartyRegistrationConfiguration {
} }
private RelyingPartyRegistration asRegistration(String id, Registration properties) { private RelyingPartyRegistration asRegistration(String id, Registration properties) {
boolean signRequest = properties.getIdentityprovider().getSingleSignOn().isSignRequest(); boolean signRequest = properties.getIdentityprovider().getSinglesignon().isSignRequest();
validateSigningCredentials(properties, signRequest); validateSigningCredentials(properties, signRequest);
RelyingPartyRegistration.Builder builder = RelyingPartyRegistration.withRegistrationId(id); RelyingPartyRegistration.Builder builder = RelyingPartyRegistration.withRegistrationId(id);
builder.assertionConsumerServiceUrlTemplate( builder.assertionConsumerServiceUrlTemplate(
"{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI); "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI);
builder.providerDetails( builder.providerDetails(
(details) -> details.webSsoUrl(properties.getIdentityprovider().getSingleSignOn().getUrl())); (details) -> details.webSsoUrl(properties.getIdentityprovider().getSinglesignon().getUrl()));
builder.providerDetails((details) -> details.entityId(properties.getIdentityprovider().getEntityId())); builder.providerDetails((details) -> details.entityId(properties.getIdentityprovider().getEntityId()));
builder.providerDetails( builder.providerDetails(
(details) -> details.binding(properties.getIdentityprovider().getSingleSignOn().getBinding())); (details) -> details.binding(properties.getIdentityprovider().getSinglesignon().getBinding()));
builder.providerDetails((details) -> details.signAuthNRequest(signRequest)); builder.providerDetails((details) -> details.signAuthNRequest(signRequest));
builder.credentials((credentials) -> credentials.addAll(asCredentials(properties))); builder.credentials((credentials) -> credentials.addAll(asCredentials(properties)));
return builder.build(); return builder.build();

12
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyAutoConfigurationTests.java
View File

@ -132,9 +132,9 @@ public class Saml2RelyingPartyAutoConfigurationTests {
private String[] getPropertyValuesWithoutSigningCredentials(boolean signRequests) { private String[] getPropertyValuesWithoutSigningCredentials(boolean signRequests) {
return new String[] { PREFIX return new String[] { PREFIX
+ ".foo.identityprovider.single-sign-on.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", + ".foo.identityprovider.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php",
PREFIX + ".foo.identityprovider.single-sign-on.binding=post", PREFIX + ".foo.identityprovider.singlesignon.binding=post",
PREFIX + ".foo.identityprovider.single-sign-on.sign-request=" + signRequests, PREFIX + ".foo.identityprovider.singlesignon.sign-request=" + signRequests,
PREFIX + ".foo.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", PREFIX + ".foo.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php",
PREFIX + ".foo.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; PREFIX + ".foo.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location" };
} }
@ -143,9 +143,9 @@ public class Saml2RelyingPartyAutoConfigurationTests {
return new String[] { return new String[] {
PREFIX + ".foo.signing.credentials[0].private-key-location=classpath:saml/private-key-location", PREFIX + ".foo.signing.credentials[0].private-key-location=classpath:saml/private-key-location",
PREFIX + ".foo.signing.credentials[0].certificate-location=classpath:saml/certificate-location", PREFIX + ".foo.signing.credentials[0].certificate-location=classpath:saml/certificate-location",
PREFIX + ".foo.identityprovider.single-sign-on.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php", PREFIX + ".foo.identityprovider.singlesignon.url=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php",
PREFIX + ".foo.identityprovider.single-sign-on.binding=post", PREFIX + ".foo.identityprovider.singlesignon.binding=post",
PREFIX + ".foo.identityprovider.single-sign-on.sign-request=false", PREFIX + ".foo.identityprovider.singlesignon.sign-request=false",
PREFIX + ".foo.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php", PREFIX + ".foo.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php",
PREFIX + ".foo.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location" }; PREFIX + ".foo.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location" };
} }

12
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyPropertiesTests.java
View File

@ -44,7 +44,7 @@ class Saml2RelyingPartyPropertiesTests {
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.url", bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.url",
"https://simplesaml-for-spring-saml/SSOService.php"); "https://simplesaml-for-spring-saml/SSOService.php");
assertThat( assertThat(
this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn().getUrl()) this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon().getUrl())
.isEqualTo("https://simplesaml-for-spring-saml/SSOService.php"); .isEqualTo("https://simplesaml-for-spring-saml/SSOService.php");
} }
@ -53,14 +53,14 @@ class Saml2RelyingPartyPropertiesTests {
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.url", bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.url",
"https://simplesaml-for-spring-saml/SSOService.php"); "https://simplesaml-for-spring-saml/SSOService.php");
assertThat( assertThat(
this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn().getUrl()) this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon().getUrl())
.isEqualTo("https://simplesaml-for-spring-saml/SSOService.php"); .isEqualTo("https://simplesaml-for-spring-saml/SSOService.php");
} }
@Test @Test
void customizeSsoBindingDefaultsToRedirect() { void customizeSsoBindingDefaultsToRedirect() {
this.properties.getRegistration().put("simplesamlphp", new Saml2RelyingPartyProperties.Registration()); this.properties.getRegistration().put("simplesamlphp", new Saml2RelyingPartyProperties.Registration());
assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn() assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon()
.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT); .getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
} }
@ -68,7 +68,7 @@ class Saml2RelyingPartyPropertiesTests {
void customizeSsoBinding() { void customizeSsoBinding() {
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.binding", bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.binding",
"post"); "post");
assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn() assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon()
.getBinding()).isEqualTo(Saml2MessageBinding.POST); .getBinding()).isEqualTo(Saml2MessageBinding.POST);
} }
@ -76,14 +76,14 @@ class Saml2RelyingPartyPropertiesTests {
void customizeSsoSignRequests() { void customizeSsoSignRequests() {
bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.sign-request", bind("spring.security.saml2.relyingparty.registration.simplesamlphp.identity-provider.single-sign-on.sign-request",
"false"); "false");
assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn() assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon()
.isSignRequest()).isEqualTo(false); .isSignRequest()).isEqualTo(false);
} }
@Test @Test
void customizeSsoSignRequestsIsTrueByDefault() { void customizeSsoSignRequestsIsTrueByDefault() {
this.properties.getRegistration().put("simplesamlphp", new Saml2RelyingPartyProperties.Registration()); this.properties.getRegistration().put("simplesamlphp", new Saml2RelyingPartyProperties.Registration());
assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSingleSignOn() assertThat(this.properties.getRegistration().get("simplesamlphp").getIdentityprovider().getSinglesignon()
.isSignRequest()).isEqualTo(true); .isSignRequest()).isEqualTo(true);
} }

4
spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-saml2-service-provider/src/main/resources/application.yml
View File

@ -13,7 +13,7 @@ spring:
credentials: credentials:
- certificate-location: "classpath:saml/certificate.txt" - certificate-location: "classpath:saml/certificate.txt"
entity-id: simplesaml entity-id: simplesaml
single-sign-on: singlesignon:
url: https://simplesaml-for-spring-saml/SSOService.php url: https://simplesaml-for-spring-saml/SSOService.php
okta: okta:
signing: signing:
@ -25,6 +25,6 @@ spring:
credentials: credentials:
- certificate-location: "classpath:saml/certificate.txt" - certificate-location: "classpath:saml/certificate.txt"
entity-id: okta-id-1234 entity-id: okta-id-1234
single-sign-on: singlesignon:
url: url:
https://okta-for-spring/saml2/idp/SSOService.php https://okta-for-spring/saml2/idp/SSOService.php