root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Remove Unneeded OpenSAML 4 References 

This will reduce the number of components that need to be
duplicated between the OpenSAML 4 and 5 support

Issue gh-11658
This commit is contained in:
Josh Cummings 2024-08-02 13:48:50 -06:00
parent ab842b74b9
commit 54a4792b7a
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
5 changed files with 7 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
View File

@ -24,8 +24,6 @@ import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.function.Consumer; import java.util.function.Consumer;
import org.opensaml.xmlsec.signature.support.SignatureConstants;
import org.springframework.security.saml2.core.Saml2X509Credential; import org.springframework.security.saml2.core.Saml2X509Credential;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils; import org.springframework.util.CollectionUtils;
@ -838,7 +836,7 @@ public class RelyingPartyRegistration {
*/ */
public AssertingPartyDetails build() { public AssertingPartyDetails build() {
List<String> signingAlgorithms = this.signingAlgorithms.isEmpty() List<String> signingAlgorithms = this.signingAlgorithms.isEmpty()
? Collections.singletonList(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256) ? Collections.singletonList("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
: Collections.unmodifiableList(this.signingAlgorithms); : Collections.unmodifiableList(this.signingAlgorithms);
return new AssertingPartyDetails(this.entityId, this.wantAuthnRequestsSigned, signingAlgorithms, return new AssertingPartyDetails(this.entityId, this.wantAuthnRequestsSigned, signingAlgorithms,

3
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java
View File

@ -19,6 +19,7 @@ package org.springframework.security.saml2.core;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.opensaml.core.config.ConfigurationService; import org.opensaml.core.config.ConfigurationService;
import org.opensaml.core.xml.config.XMLObjectProviderRegistry; import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.Saml2Exception;
@ -36,7 +37,7 @@ public class OpenSamlInitializationServiceTests {
public void initializeWhenInvokedMultipleTimesThenInitializesOnce() { public void initializeWhenInvokedMultipleTimesThenInitializesOnce() {
OpenSamlInitializationService.initialize(); OpenSamlInitializationService.initialize();
XMLObjectProviderRegistry registry = ConfigurationService.get(XMLObjectProviderRegistry.class); XMLObjectProviderRegistry registry = ConfigurationService.get(XMLObjectProviderRegistry.class);
assertThat(registry.getParserPool()).isNotNull(); assertThat(registry.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME)).isNotNull();
assertThatExceptionOfType(Saml2Exception.class) assertThatExceptionOfType(Saml2Exception.class)
.isThrownBy(() -> OpenSamlInitializationService.requireInitialize((r) -> { .isThrownBy(() -> OpenSamlInitializationService.requireInitialize((r) -> {
})) }))

11
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java
View File

@ -18,14 +18,12 @@ package org.springframework.security.saml2.core;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.KeyException;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import org.opensaml.security.crypto.KeySupport; import org.springframework.security.converter.RsaKeyConverters;
import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.Saml2Exception;
import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType; import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;
@ -84,12 +82,7 @@ public final class TestSaml2X509Credentials {
} }
private static PrivateKey privateKey(String key) { private static PrivateKey privateKey(String key) {
try { return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
}
catch (KeyException ex) {
throw new Saml2Exception(ex);
}
} }
private static X509Certificate idpCertificate() { private static X509Certificate idpCertificate() {

11
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java
View File

@ -18,14 +18,12 @@ package org.springframework.security.saml2.credentials;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.KeyException;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import org.opensaml.security.crypto.KeySupport; import org.springframework.security.converter.RsaKeyConverters;
import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.Saml2Exception;
import org.springframework.security.saml2.core.Saml2X509Credential; import org.springframework.security.saml2.core.Saml2X509Credential;
@ -74,12 +72,7 @@ public final class TestSaml2X509Credentials {
} }
private static PrivateKey privateKey(String key) { private static PrivateKey privateKey(String key) {
try { return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
}
catch (KeyException ex) {
throw new Saml2Exception(ex);
}
} }
private static X509Certificate idpCertificate() { private static X509Certificate idpCertificate() {

1
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java
View File

@ -198,7 +198,6 @@ public final class TestCustomOpenSamlObjects {
protected void processChildElement(@Nonnull XMLObject parentXMLObject, @Nonnull XMLObject childXMLObject) protected void processChildElement(@Nonnull XMLObject parentXMLObject, @Nonnull XMLObject childXMLObject)
throws UnmarshallingException { throws UnmarshallingException {
final CustomOpenSamlObject customSamlObject = (CustomOpenSamlObject) parentXMLObject; final CustomOpenSamlObject customSamlObject = (CustomOpenSamlObject) parentXMLObject;
super.processChildElement(customSamlObject, childXMLObject);
customSamlObject.getUnknownXMLObjects().add(childXMLObject); customSamlObject.getUnknownXMLObjects().add(childXMLObject);
} }