Remove Unneeded OpenSAML 4 References

This will reduce the number of components that need to be duplicated between the OpenSAML 4 and 5 support Issue gh-11658
2024-08-02 13:48:50 -06:00 · 2024-08-02 13:48:50 -06:00 · 54a4792b7a
parent ab842b74b9
commit 54a4792b7a
5 changed files with 7 additions and 23 deletions
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
@ -24,8 +24,6 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.function.Consumer;

-import org.opensaml.xmlsec.signature.support.SignatureConstants;
-
 import org.springframework.security.saml2.core.Saml2X509Credential;
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
@ -838,7 +836,7 @@ public class RelyingPartyRegistration {
 			 */
 			public AssertingPartyDetails build() {
 				List<String> signingAlgorithms = this.signingAlgorithms.isEmpty()
-						? Collections.singletonList(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256)
+						? Collections.singletonList("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
 						: Collections.unmodifiableList(this.signingAlgorithms);

 				return new AssertingPartyDetails(this.entityId, this.wantAuthnRequestsSigned, signingAlgorithms,
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java
@ -19,6 +19,7 @@ package org.springframework.security.saml2.core;
 import org.junit.jupiter.api.Test;
 import org.opensaml.core.config.ConfigurationService;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
+import org.opensaml.saml.saml2.core.AuthnRequest;

 import org.springframework.security.saml2.Saml2Exception;

@ -36,7 +37,7 @@ public class OpenSamlInitializationServiceTests {
 	public void initializeWhenInvokedMultipleTimesThenInitializesOnce() {
 		OpenSamlInitializationService.initialize();
 		XMLObjectProviderRegistry registry = ConfigurationService.get(XMLObjectProviderRegistry.class);
-		assertThat(registry.getParserPool()).isNotNull();
+		assertThat(registry.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME)).isNotNull();
 		assertThatExceptionOfType(Saml2Exception.class)
 			.isThrownBy(() -> OpenSamlInitializationService.requireInitialize((r) -> {
 			}))
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java
@ -18,14 +18,12 @@ package org.springframework.security.saml2.core;

 import java.io.ByteArrayInputStream;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyException;
 import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;

-import org.opensaml.security.crypto.KeySupport;
-
+import org.springframework.security.converter.RsaKeyConverters;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;

@ -84,12 +82,7 @@ public final class TestSaml2X509Credentials {
 	}

 	private static PrivateKey privateKey(String key) {
-		try {
-			return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
-		}
-		catch (KeyException ex) {
-			throw new Saml2Exception(ex);
-		}
+		return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
 	}

 	private static X509Certificate idpCertificate() {
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java
@ -18,14 +18,12 @@ package org.springframework.security.saml2.credentials;

 import java.io.ByteArrayInputStream;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyException;
 import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;

-import org.opensaml.security.crypto.KeySupport;
-
+import org.springframework.security.converter.RsaKeyConverters;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.security.saml2.core.Saml2X509Credential;

@ -74,12 +72,7 @@ public final class TestSaml2X509Credentials {
 	}

 	private static PrivateKey privateKey(String key) {
-		try {
-			return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
-		}
-		catch (KeyException ex) {
-			throw new Saml2Exception(ex);
-		}
+		return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
 	}

 	private static X509Certificate idpCertificate() {
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java
@ -198,7 +198,6 @@ public final class TestCustomOpenSamlObjects {
 		protected void processChildElement(@Nonnull XMLObject parentXMLObject, @Nonnull XMLObject childXMLObject)
 				throws UnmarshallingException {
 			final CustomOpenSamlObject customSamlObject = (CustomOpenSamlObject) parentXMLObject;
-			super.processChildElement(customSamlObject, childXMLObject);
 			customSamlObject.getUnknownXMLObjects().add(childXMLObject);
 		}