Merge b91034f1d2 into 725745defd

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -134,7 +134,7 @@ public class Saml2LoginConfigurerTests {
 
 	private static final RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials()
 		.signingX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartySigningCredential()))
-		.assertingPartyDetails((party) -> party
+		.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 		.build();
 
@@ -170,7 +170,7 @@ public class Saml2LoginConfigurerTests {
 	@BeforeAll
 	static void createResponse() throws Exception {
 		String destination = registration.getAssertionConsumerServiceLocation();
-		String assertingPartyEntityId = registration.getAssertingPartyDetails().getEntityId();
+		String assertingPartyEntityId = registration.getAssertingPartyMetadata().getEntityId();
 		String relyingPartyEntityId = registration.getEntityId();
 		Response response = TestOpenSamlObjects.response(destination, assertingPartyEntityId);
 		Assertion assertion = TestOpenSamlObjects.assertion("test@saml.user", assertingPartyEntityId,
@@ -365,7 +365,7 @@ public class Saml2LoginConfigurerTests {
 		request.queryParam("entityId", registration.getRegistrationId());
 		MvcResult result = this.mvc.perform(request).andExpect(status().isFound()).andReturn();
 		String redirectedUrl = result.getResponse().getRedirectedUrl();
-		assertThat(redirectedUrl).startsWith(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+		assertThat(redirectedUrl).startsWith(registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 	}
 
 	@Test

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java

@@ -731,14 +731,14 @@ public class Saml2LogoutConfigurerTests {
 			Saml2X509Credential verification = TestSaml2X509Credentials.relyingPartyVerifyingCredential();
 			RelyingPartyRegistration.Builder withCreds = TestRelyingPartyRegistrations.noCredentials()
 				.signingX509Credentials(credential(signing))
-				.assertingPartyDetails((party) -> party.verificationX509Credentials(credential(verification)));
+				.assertingPartyMetadata((party) -> party.verificationX509Credentials(credential(verification)));
 			RelyingPartyRegistration post = withCreds.build();
 			RelyingPartyRegistration get = withCreds.registrationId("get")
 				.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT)
 				.build();
 			RelyingPartyRegistration ap = withCreds.registrationId("ap")
 				.entityId("ap-entity-id")
-				.assertingPartyDetails(
+				.assertingPartyMetadata(
 						(party) -> party.singleLogoutServiceLocation("https://rp.example.org/logout/saml2/request")
 							.singleLogoutServiceResponseLocation("https://rp.example.org/logout/saml2/response"))
 				.build();

config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -98,7 +98,7 @@ public class Saml2LoginBeanDefinitionParserTests {
 
 	private static final RelyingPartyRegistration registration = TestRelyingPartyRegistrations.noCredentials()
 		.signingX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartySigningCredential()))
-		.assertingPartyDetails((party) -> party
+		.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 		.build();
 
@@ -141,7 +141,7 @@ public class Saml2LoginBeanDefinitionParserTests {
 	@BeforeAll
 	static void createResponse() throws Exception {
 		String destination = registration.getAssertionConsumerServiceLocation();
-		String assertingPartyEntityId = registration.getAssertingPartyDetails().getEntityId();
+		String assertingPartyEntityId = registration.getAssertingPartyMetadata().getEntityId();
 		String relyingPartyEntityId = registration.getEntityId();
 		Response response = TestOpenSamlObjects.response(destination, assertingPartyEntityId);
 		Assertion assertion = TestOpenSamlObjects.assertion("test@saml.user", assertingPartyEntityId,

config/src/test/java/org/springframework/security/config/saml2/RelyingPartyRegistrationsBeanDefinitionParserTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,6 +31,7 @@ import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
+import org.springframework.security.saml2.provider.service.registration.AssertingPartyMetadata;
 import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
@@ -151,8 +152,7 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 			.isInstanceOf(InMemoryRelyingPartyRegistrationRepository.class);
 		RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationRepository
 			.findByRegistrationId("one");
-		RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails = relyingPartyRegistration
+		AssertingPartyMetadata assertingPartyMetadata = relyingPartyRegistration.getAssertingPartyMetadata();
-			.getAssertingPartyDetails();
 		assertThat(relyingPartyRegistration).isNotNull();
 		assertThat(relyingPartyRegistration.getRegistrationId()).isEqualTo("one");
 		assertThat(relyingPartyRegistration.getEntityId())
@@ -160,15 +160,15 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 		assertThat(relyingPartyRegistration.getAssertionConsumerServiceLocation())
 			.isEqualTo("{baseUrl}/login/saml2/sso/{registrationId}");
 		assertThat(relyingPartyRegistration.getAssertionConsumerServiceBinding()).isEqualTo(Saml2MessageBinding.POST);
-		assertThat(assertingPartyDetails.getEntityId())
+		assertThat(assertingPartyMetadata.getEntityId())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php");
-		assertThat(assertingPartyDetails.getWantAuthnRequestsSigned()).isFalse();
+		assertThat(assertingPartyMetadata.getWantAuthnRequestsSigned()).isFalse();
-		assertThat(assertingPartyDetails.getVerificationX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getVerificationX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getEncryptionX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getEncryptionX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getSingleSignOnServiceLocation())
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceLocation())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/SSOService.php");
-		assertThat(assertingPartyDetails.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
-		assertThat(assertingPartyDetails.getSigningAlgorithms())
+		assertThat(assertingPartyMetadata.getSigningAlgorithms())
 			.containsExactly("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
 	}
 
@@ -186,8 +186,7 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 			.isInstanceOf(InMemoryRelyingPartyRegistrationRepository.class);
 		RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationRepository
 			.findByRegistrationId("one");
-		RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails = relyingPartyRegistration
+		AssertingPartyMetadata assertingPartyMetadata = relyingPartyRegistration.getAssertingPartyMetadata();
-			.getAssertingPartyDetails();
 		assertThat(relyingPartyRegistration).isNotNull();
 		assertThat(relyingPartyRegistration.getRegistrationId()).isEqualTo("one");
 		assertThat(relyingPartyRegistration.getEntityId()).isEqualTo("https://rp.example.org");
@@ -195,15 +194,15 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 			.isEqualTo("https://rp.example.org/location");
 		assertThat(relyingPartyRegistration.getAssertionConsumerServiceBinding())
 			.isEqualTo(Saml2MessageBinding.REDIRECT);
-		assertThat(assertingPartyDetails.getEntityId())
+		assertThat(assertingPartyMetadata.getEntityId())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php");
-		assertThat(assertingPartyDetails.getWantAuthnRequestsSigned()).isFalse();
+		assertThat(assertingPartyMetadata.getWantAuthnRequestsSigned()).isFalse();
-		assertThat(assertingPartyDetails.getVerificationX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getVerificationX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getEncryptionX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getEncryptionX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getSingleSignOnServiceLocation())
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceLocation())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/SSOService.php");
-		assertThat(assertingPartyDetails.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
-		assertThat(assertingPartyDetails.getSigningAlgorithms())
+		assertThat(assertingPartyMetadata.getSigningAlgorithms())
 			.containsExactly("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
 	}
 
@@ -214,8 +213,7 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 			.isInstanceOf(InMemoryRelyingPartyRegistrationRepository.class);
 		RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationRepository
 			.findByRegistrationId("one");
-		RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails = relyingPartyRegistration
+		AssertingPartyMetadata assertingPartyMetadata = relyingPartyRegistration.getAssertingPartyMetadata();
-			.getAssertingPartyDetails();
 		assertThat(relyingPartyRegistration).isNotNull();
 		assertThat(relyingPartyRegistration.getRegistrationId()).isEqualTo("one");
 		assertThat(relyingPartyRegistration.getEntityId())
@@ -224,14 +222,14 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 			.isEqualTo("{baseUrl}/login/saml2/sso/{registrationId}");
 		assertThat(relyingPartyRegistration.getAssertionConsumerServiceBinding())
 			.isEqualTo(Saml2MessageBinding.REDIRECT);
-		assertThat(assertingPartyDetails.getEntityId()).isEqualTo("https://accounts.google.com/o/saml2/idp/entity-id");
+		assertThat(assertingPartyMetadata.getEntityId()).isEqualTo("https://accounts.google.com/o/saml2/idp/entity-id");
-		assertThat(assertingPartyDetails.getWantAuthnRequestsSigned()).isTrue();
+		assertThat(assertingPartyMetadata.getWantAuthnRequestsSigned()).isTrue();
-		assertThat(assertingPartyDetails.getSingleSignOnServiceLocation())
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceLocation())
 			.isEqualTo("https://accounts.google.com/o/saml2/idp/sso-url");
-		assertThat(assertingPartyDetails.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.POST);
+		assertThat(assertingPartyMetadata.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.POST);
-		assertThat(assertingPartyDetails.getVerificationX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getVerificationX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getEncryptionX509Credentials()).hasSize(1);
+		assertThat(assertingPartyMetadata.getEncryptionX509Credentials()).hasSize(1);
-		assertThat(assertingPartyDetails.getSigningAlgorithms())
+		assertThat(assertingPartyMetadata.getSigningAlgorithms())
 			.containsExactly("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
 	}
 
@@ -241,9 +239,9 @@ public class RelyingPartyRegistrationsBeanDefinitionParserTests {
 		assertThat(this.relyingPartyRegistrationRepository)
 			.isInstanceOf(InMemoryRelyingPartyRegistrationRepository.class);
 		RelyingPartyRegistration one = this.relyingPartyRegistrationRepository.findByRegistrationId("one");
-		RelyingPartyRegistration.AssertingPartyDetails google = one.getAssertingPartyDetails();
+		AssertingPartyMetadata google = one.getAssertingPartyMetadata();
 		RelyingPartyRegistration two = this.relyingPartyRegistrationRepository.findByRegistrationId("two");
-		RelyingPartyRegistration.AssertingPartyDetails simpleSaml = two.getAssertingPartyDetails();
+		AssertingPartyMetadata simpleSaml = two.getAssertingPartyMetadata();
 		assertThat(one).isNotNull();
 		assertThat(one.getRegistrationId()).isEqualTo("one");
 		assertThat(one.getEntityId()).isEqualTo("{baseUrl}/saml2/service-provider-metadata/{registrationId}");

config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt

@@ -106,13 +106,13 @@ class Saml2DslTests {
                             InMemoryRelyingPartyRegistrationRepository(
                                     RelyingPartyRegistration.withRegistrationId("samlId")
                                             .assertionConsumerServiceLocation("{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI)
-                                            .assertingPartyDetails { a -> a
+                                            .assertingPartyMetadata { a -> a
                                                 .verificationX509Credentials { c -> c
                                                     .add(Saml2X509Credential(loadCert("rod.cer"), Saml2X509Credential.Saml2X509CredentialType.VERIFICATION))
                                                 }
                                             }
-                                            .assertingPartyDetails { c -> c.singleSignOnServiceLocation("ssoUrl") }
+                                            .assertingPartyMetadata { c -> c.singleSignOnServiceLocation("ssoUrl") }
-                                            .assertingPartyDetails { c -> c.entityId("entityId") }
+                                            .assertingPartyMetadata { c -> c.entityId("entityId") }
                                             .build()
                             )
                 }
@@ -152,7 +152,7 @@ class Saml2DslTests {
             this.mockMvc.perform(request).andExpect(MockMvcResultMatchers.status().isFound()).andReturn()
         val redirectedUrl = result.response.redirectedUrl
         Assertions.assertThat(redirectedUrl)
-            .startsWith(registration.assertingPartyDetails.singleSignOnServiceLocation)
+            .startsWith(registration.assertingPartyMetadata.singleSignOnServiceLocation)
     }
 
     @Configuration

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java

@@ -1,190 +0,0 @@
-/*
- * Copyright 2002-2022 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.saml2.provider.service.registration;
-
-import java.util.Collection;
-import java.util.function.Consumer;
-
-import org.opensaml.saml.saml2.metadata.EntityDescriptor;
-
-import org.springframework.security.saml2.core.Saml2X509Credential;
-
-/**
- * An OpenSAML implementation of {@link RelyingPartyRegistration} that contains OpenSAML
- * objects like {@link EntityDescriptor}.
- *
- * @author Josh Cummings
- * @since 6.1
- * @deprecated This class no longer is needed in order to transmit the
- * {@link EntityDescriptor} to {@link OpenSamlAssertingPartyDetails}. Instead of doing:
- * <pre>
- * 	if (registration instanceof OpenSamlRelyingPartyRegistration openSamlRegistration) {
- * 	    EntityDescriptor descriptor = openSamlRegistration.getAssertingPartyDetails.getEntityDescriptor();
- * 	}
- * </pre> do instead: <pre>
- * 	if (registration.getAssertingPartyMetadata() instanceof openSamlAssertingPartyDetails) {
- * 	    EntityDescriptor descriptor = openSamlAssertingPartyDetails.getEntityDescriptor();
- * 	}
- * </pre>
- */
-@Deprecated
-public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration {
-
-	OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) {
-		super(registration.getRegistrationId(), registration.getEntityId(),
-				registration.getAssertionConsumerServiceLocation(), registration.getAssertionConsumerServiceBinding(),
-				registration.getSingleLogoutServiceLocation(), registration.getSingleLogoutServiceResponseLocation(),
-				registration.getSingleLogoutServiceBindings(), registration.getAssertingPartyDetails(),
-				registration.getNameIdFormat(), registration.isAuthnRequestsSigned(),
-				registration.getDecryptionX509Credentials(), registration.getSigningX509Credentials());
-	}
-
-	/**
-	 * {@inheritDoc}
-	 */
-	@Override
-	public OpenSamlRelyingPartyRegistration.Builder mutate() {
-		OpenSamlAssertingPartyDetails party = getAssertingPartyDetails();
-		return new Builder(party).registrationId(getRegistrationId())
-			.entityId(getEntityId())
-			.signingX509Credentials((c) -> c.addAll(getSigningX509Credentials()))
-			.decryptionX509Credentials((c) -> c.addAll(getDecryptionX509Credentials()))
-			.assertionConsumerServiceLocation(getAssertionConsumerServiceLocation())
-			.assertionConsumerServiceBinding(getAssertionConsumerServiceBinding())
-			.singleLogoutServiceLocation(getSingleLogoutServiceLocation())
-			.singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
-			.singleLogoutServiceBindings((c) -> c.addAll(getSingleLogoutServiceBindings()))
-			.nameIdFormat(getNameIdFormat())
-			.authnRequestsSigned(isAuthnRequestsSigned());
-	}
-
-	/**
-	 * {@inheritDoc}
-	 */
-	@Override
-	public OpenSamlAssertingPartyDetails getAssertingPartyDetails() {
-		return (OpenSamlAssertingPartyDetails) super.getAssertingPartyDetails();
-	}
-
-	/**
-	 * Create a {@link Builder} from an entity descriptor
-	 * @param entityDescriptor the asserting party's {@link EntityDescriptor}
-	 * @return an {@link Builder}
-	 */
-	public static OpenSamlRelyingPartyRegistration.Builder withAssertingPartyEntityDescriptor(
-			EntityDescriptor entityDescriptor) {
-		return new Builder(entityDescriptor);
-	}
-
-	/**
-	 * An OpenSAML version of
-	 * {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder}
-	 * that contains the underlying {@link EntityDescriptor}
-	 */
-	public static final class Builder extends RelyingPartyRegistration.Builder {
-
-		private Builder(EntityDescriptor entityDescriptor) {
-			super(entityDescriptor.getEntityID(), OpenSamlAssertingPartyDetails.withEntityDescriptor(entityDescriptor));
-		}
-
-		Builder(OpenSamlAssertingPartyDetails details) {
-			super(details.getEntityDescriptor().getEntityID(), details.mutate());
-		}
-
-		@Override
-		public Builder registrationId(String id) {
-			return (Builder) super.registrationId(id);
-		}
-
-		public Builder entityId(String entityId) {
-			return (Builder) super.entityId(entityId);
-		}
-
-		public Builder signingX509Credentials(Consumer<Collection<Saml2X509Credential>> credentialsConsumer) {
-			return (Builder) super.signingX509Credentials(credentialsConsumer);
-		}
-
-		@Override
-		public Builder decryptionX509Credentials(Consumer<Collection<Saml2X509Credential>> credentialsConsumer) {
-			return (Builder) super.decryptionX509Credentials(credentialsConsumer);
-		}
-
-		@Override
-		public Builder assertionConsumerServiceLocation(String assertionConsumerServiceLocation) {
-			return (Builder) super.assertionConsumerServiceLocation(assertionConsumerServiceLocation);
-		}
-
-		@Override
-		public Builder assertionConsumerServiceBinding(Saml2MessageBinding assertionConsumerServiceBinding) {
-			return (Builder) super.assertionConsumerServiceBinding(assertionConsumerServiceBinding);
-		}
-
-		@Override
-		public Builder singleLogoutServiceBinding(Saml2MessageBinding singleLogoutServiceBinding) {
-			return singleLogoutServiceBindings((saml2MessageBindings) -> {
-				saml2MessageBindings.clear();
-				saml2MessageBindings.add(singleLogoutServiceBinding);
-			});
-		}
-
-		@Override
-		public Builder singleLogoutServiceBindings(Consumer<Collection<Saml2MessageBinding>> bindingsConsumer) {
-			return (Builder) super.singleLogoutServiceBindings(bindingsConsumer);
-		}
-
-		@Override
-		public Builder singleLogoutServiceLocation(String singleLogoutServiceLocation) {
-			return (Builder) super.singleLogoutServiceLocation(singleLogoutServiceLocation);
-		}
-
-		public Builder singleLogoutServiceResponseLocation(String singleLogoutServiceResponseLocation) {
-			return (Builder) super.singleLogoutServiceResponseLocation(singleLogoutServiceResponseLocation);
-		}
-
-		@Override
-		public Builder nameIdFormat(String nameIdFormat) {
-			return (Builder) super.nameIdFormat(nameIdFormat);
-		}
-
-		@Override
-		public Builder authnRequestsSigned(Boolean authnRequestsSigned) {
-			return (Builder) super.authnRequestsSigned(authnRequestsSigned);
-		}
-
-		@Override
-		public Builder assertingPartyDetails(Consumer<AssertingPartyDetails.Builder> assertingPartyDetails) {
-			return (Builder) super.assertingPartyDetails(assertingPartyDetails);
-		}
-
-		@Override
-		public Builder assertingPartyMetadata(Consumer<AssertingPartyMetadata.Builder<?>> assertingPartyMetadata) {
-			return (Builder) super.assertingPartyMetadata(assertingPartyMetadata);
-		}
-
-		/**
-		 * Build an {@link OpenSamlRelyingPartyRegistration}
-		 * {@link org.springframework.security.saml2.provider.service.registration.OpenSamlRelyingPartyRegistration}
-		 * @return an {@link OpenSamlRelyingPartyRegistration}
-		 */
-		@Override
-		public OpenSamlRelyingPartyRegistration build() {
-			return new OpenSamlRelyingPartyRegistration(super.build());
-		}
-
-	}
-
-}

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@ import org.springframework.util.CollectionUtils;
  *	String registrationId = "simplesamlphp";
  *
  * 	String relyingPartyEntityId = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
- *	String assertionConsumerServiceLocation = "{baseUrl}/login/saml2/sso/{registrationId}";
+ *	String assertingConsumerServiceLocation = "{baseUrl}/login/saml2/sso/{registrationId}";
  *	Saml2X509Credential relyingPartySigningCredential = ...;
  *
  *	String assertingPartyEntityId = "https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php";
@@ -56,10 +56,10 @@ import org.springframework.util.CollectionUtils;
  * 			.entityId(relyingPartyEntityId)
  * 			.assertionConsumerServiceLocation(assertingConsumerServiceLocation)
  * 		 	.signingX509Credentials((c) -> c.add(relyingPartySigningCredential))
- * 			.assertingPartyDetails((details) -> details
+ * 			.assertingPartyMetadata((details) -> details
- * 				.entityId(assertingPartyEntityId));
+ * 				.entityId(assertingPartyEntityId)
- * 				.singleSignOnServiceLocation(singleSignOnServiceLocation))
+ * 				.singleSignOnServiceLocation(singleSignOnServiceLocation)
- * 				.verifyingX509Credentials((c) -> c.add(assertingPartyVerificationCredential))
+ * 				.verificationX509Credentials((c) -> c.add(assertingPartyVerificationCredential)))
  * 			.build();
  * </pre>
  *
@@ -352,19 +352,6 @@ public class RelyingPartyRegistration implements Serializable {
 		return this.signingX509Credentials;
 	}
 
-	/**
-	 * Get the configuration details for the Asserting Party
-	 * @return the {@link AssertingPartyDetails}
-	 * @since 5.4
-	 * @deprecated Use {@link #getAssertingPartyMetadata()} instead
-	 */
-	@Deprecated
-	public AssertingPartyDetails getAssertingPartyDetails() {
-		Assert.isInstanceOf(AssertingPartyDetails.class, this.assertingPartyMetadata,
-				"This class was initialized with an AssertingPartyMetadata, please call #getAssertingPartyMetadata instead");
-		return (AssertingPartyDetails) this.assertingPartyMetadata;
-	}
-
 	/**
 	 * Get the metadata for the Asserting Party
 	 * @return the {@link AssertingPartyDetails}
@@ -385,17 +372,6 @@ public class RelyingPartyRegistration implements Serializable {
 		return new Builder(registrationId, new AssertingPartyDetails.Builder());
 	}
 
-	/**
-	 * @param assertingPartyDetails the asserting party metadata
-	 * @return {@code Builder} to create a {@code RelyingPartyRegistration} object
-	 * @deprecated Use {@link #withAssertingPartyMetadata} instead
-	 */
-	@Deprecated(forRemoval = true, since = "6.4")
-	public static Builder withAssertingPartyDetails(AssertingPartyDetails assertingPartyDetails) {
-		Assert.notNull(assertingPartyDetails, "assertingPartyDetails cannot be null");
-		return new Builder(assertingPartyDetails.getEntityId(), assertingPartyDetails.mutate());
-	}
-
 	/**
 	 * Creates a {@code RelyingPartyRegistration} {@link Builder} with a
 	 * {@code registrationId} equivalent to the asserting party entity id. Also
@@ -415,43 +391,6 @@ public class RelyingPartyRegistration implements Serializable {
 		return new Builder(metadata.getEntityId(), metadata.mutate());
 	}
 
-	/**
-	 * Creates a {@code RelyingPartyRegistration} {@link Builder} based on an existing
-	 * object
-	 * @param registration the {@code RelyingPartyRegistration}
-	 * @return {@code Builder} to create a {@code RelyingPartyRegistration} object
-	 * @deprecated Use {@link #mutate()} instead
-	 */
-	@Deprecated(forRemoval = true, since = "6.1")
-	public static Builder withRelyingPartyRegistration(RelyingPartyRegistration registration) {
-		Assert.notNull(registration, "registration cannot be null");
-		return withRegistrationId(registration.getRegistrationId()).entityId(registration.getEntityId())
-			.signingX509Credentials((c) -> c.addAll(registration.getSigningX509Credentials()))
-			.decryptionX509Credentials((c) -> c.addAll(registration.getDecryptionX509Credentials()))
-			.assertionConsumerServiceLocation(registration.getAssertionConsumerServiceLocation())
-			.assertionConsumerServiceBinding(registration.getAssertionConsumerServiceBinding())
-			.singleLogoutServiceLocation(registration.getSingleLogoutServiceLocation())
-			.singleLogoutServiceResponseLocation(registration.getSingleLogoutServiceResponseLocation())
-			.singleLogoutServiceBindings((c) -> c.addAll(registration.getSingleLogoutServiceBindings()))
-			.nameIdFormat(registration.getNameIdFormat())
-			.authnRequestsSigned(registration.isAuthnRequestsSigned())
-			.assertingPartyDetails((assertingParty) -> assertingParty
-				.entityId(registration.getAssertingPartyDetails().getEntityId())
-				.wantAuthnRequestsSigned(registration.getAssertingPartyDetails().getWantAuthnRequestsSigned())
-				.signingAlgorithms((algorithms) -> algorithms
-					.addAll(registration.getAssertingPartyDetails().getSigningAlgorithms()))
-				.verificationX509Credentials(
-						(c) -> c.addAll(registration.getAssertingPartyDetails().getVerificationX509Credentials()))
-				.encryptionX509Credentials(
-						(c) -> c.addAll(registration.getAssertingPartyDetails().getEncryptionX509Credentials()))
-				.singleSignOnServiceLocation(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation())
-				.singleSignOnServiceBinding(registration.getAssertingPartyDetails().getSingleSignOnServiceBinding())
-				.singleLogoutServiceLocation(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation())
-				.singleLogoutServiceResponseLocation(
-						registration.getAssertingPartyDetails().getSingleLogoutServiceResponseLocation())
-				.singleLogoutServiceBinding(registration.getAssertingPartyDetails().getSingleLogoutServiceBinding()));
-	}
-
 	/**
 	 * The configuration metadata of the Asserting party
 	 *
@@ -1056,7 +995,7 @@ public class RelyingPartyRegistration implements Serializable {
 
 		/**
 		 * Set the NameID format
-		 * @param nameIdFormat
+		 * @param nameIdFormat the given NameID format
 		 * @return the {@link Builder} for further configuration
 		 * @since 5.7
 		 */
@@ -1083,21 +1022,6 @@ public class RelyingPartyRegistration implements Serializable {
 			return this;
 		}
 
-		/**
-		 * Apply this {@link Consumer} to further configure the Asserting Party details
-		 * @param assertingPartyDetails The {@link Consumer} to apply
-		 * @return the {@link Builder} for further configuration
-		 * @since 5.4
-		 * @deprecated Use {@link #assertingPartyMetadata} instead
-		 */
-		@Deprecated(forRemoval = true, since = "6.4")
-		public Builder assertingPartyDetails(Consumer<AssertingPartyDetails.Builder> assertingPartyDetails) {
-			Assert.isInstanceOf(AssertingPartyDetails.Builder.class, this.assertingPartyMetadataBuilder,
-					"This class was constructed with an AssertingPartyMetadata instance, as such, please use #assertingPartyMetadata");
-			assertingPartyDetails.accept((AssertingPartyDetails.Builder) this.assertingPartyMetadataBuilder);
-			return this;
-		}
-
 		/**
 		 * Apply this {@link Consumer} to further configure the Asserting Party metadata
 		 * @param assertingPartyMetadata The {@link Consumer} to apply

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrations.java

@@ -221,7 +221,7 @@ public final class RelyingPartyRegistrations {
 				OpenSamlAssertingPartyDetails assertingParty = OpenSamlAssertingPartyDetails
 					.withEntityDescriptor(descriptor)
 					.build();
-				builders.add(new OpenSamlRelyingPartyRegistration.Builder(assertingParty));
+				builders.add(RelyingPartyRegistration.withAssertingPartyMetadata(assertingParty));
 			}
 		}
 		if (builders.isEmpty()) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProviderTests.java

@@ -996,11 +996,11 @@ public class OpenSaml4AuthenticationProviderTests {
 		return TestRelyingPartyRegistrations.noCredentials()
 			.entityId(RELYING_PARTY_ENTITY_ID)
 			.assertionConsumerServiceLocation(DESTINATION)
-			.assertingPartyDetails((party) -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
+			.assertingPartyMetadata((party) -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSaml4LogoutRequestValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSaml4LogoutRequestValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = registration()
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		LogoutRequest logoutRequest = TestOpenSamlObjects.assertingPartyLogoutRequest(registration);
 		Saml2LogoutRequest request = redirect(logoutRequest, registration,
@@ -167,7 +167,7 @@ public class OpenSaml4LogoutRequestValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder decrypting(RelyingPartyRegistration.Builder builder) {
@@ -176,12 +176,12 @@ public class OpenSaml4LogoutRequestValidatorTests {
 	}
 
 	private RelyingPartyRegistration.Builder encrypting(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.encryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyEncryptingCredential())));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -213,7 +213,7 @@ public class OpenSaml4LogoutRequestValidatorTests {
 
 	private void sign(LogoutRequest logoutRequest, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutRequest, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSaml4LogoutResponseValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -63,7 +63,7 @@ public class OpenSaml4LogoutResponseValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = signing(verifying(registration()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration)
 			.id("id")
@@ -150,11 +150,11 @@ public class OpenSaml4LogoutResponseValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -180,7 +180,7 @@ public class OpenSaml4LogoutResponseValidatorTests {
 
 	private void sign(LogoutResponse logoutResponse, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutResponse, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutRequestValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSamlLogoutRequestValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = registration()
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		LogoutRequest logoutRequest = TestOpenSamlObjects.assertingPartyLogoutRequest(registration);
 		Saml2LogoutRequest request = redirect(logoutRequest, registration,
@@ -167,7 +167,7 @@ public class OpenSamlLogoutRequestValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder decrypting(RelyingPartyRegistration.Builder builder) {
@@ -176,12 +176,12 @@ public class OpenSamlLogoutRequestValidatorTests {
 	}
 
 	private RelyingPartyRegistration.Builder encrypting(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.encryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyEncryptingCredential())));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -213,7 +213,7 @@ public class OpenSamlLogoutRequestValidatorTests {
 
 	private void sign(LogoutRequest logoutRequest, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutRequest, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutResponseValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -63,7 +63,7 @@ public class OpenSamlLogoutResponseValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = signing(verifying(registration()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration)
 			.id("id")
@@ -150,11 +150,11 @@ public class OpenSamlLogoutResponseValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -180,7 +180,7 @@ public class OpenSamlLogoutResponseValidatorTests {
 
 	private void sign(LogoutResponse logoutResponse, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutResponse, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/metadata/OpenSaml4MetadataResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSaml4MetadataResolverTests {
 	@Test
 	public void resolveWhenRelyingPartyNoCredentialsThenMetadataMatches() {
 		RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((party) -> party
+			.assertingPartyMetadata((party) -> party
 				.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 			.build();
 		OpenSaml4MetadataResolver OpenSaml4MetadataResolver = new OpenSaml4MetadataResolver();

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/metadata/OpenSamlMetadataResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSamlMetadataResolverTests {
 	@Test
 	public void resolveWhenRelyingPartyNoCredentialsThenMetadataMatches() {
 		RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((party) -> party
+			.assertingPartyMetadata((party) -> party
 				.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 			.build();
 		OpenSamlMetadataResolver openSamlMetadataResolver = new OpenSamlMetadataResolver();

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/registration/OpenSaml4AssertingPartyMetadataRepositoryTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -224,7 +224,7 @@ public class OpenSaml4AssertingPartyMetadataRepositoryTests {
 			.withTrustedMetadataLocation(web.url(endpoint).toString())
 			.verificationCredentials((c) -> c.add(credential))
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	@Test
@@ -256,7 +256,7 @@ public class OpenSaml4AssertingPartyMetadataRepositoryTests {
 		AssertingPartyMetadataRepository parties = OpenSaml4AssertingPartyMetadataRepository
 			.withTrustedMetadataLocation(web.url(endpoint).toString())
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	@Test
@@ -295,7 +295,7 @@ public class OpenSaml4AssertingPartyMetadataRepositoryTests {
 		AssertingPartyMetadataRepository parties = new OpenSaml4AssertingPartyMetadataRepository(resolver);
 		parties.iterator()
 			.forEachRemaining((p) -> assertThat(p.getEntityId())
-				.isEqualTo(registration.getAssertingPartyDetails().getEntityId()));
+				.isEqualTo(registration.getAssertingPartyMetadata().getEntityId()));
 		verify(((IterableMetadataSource) resolver)).iterator();
 	}
 
@@ -336,7 +336,7 @@ public class OpenSaml4AssertingPartyMetadataRepositoryTests {
 			.withMetadataLocation(web.url(endpoint).toString())
 			.verificationCredentials((c) -> c.add(credential))
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	private static String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSaml4AuthenticationRequestResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,13 +56,13 @@ public class OpenSaml4AuthenticationRequestResolverTests {
 		Saml2RedirectAuthenticationRequest authnRequest = resolver.resolve(this.request);
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 	}
 
 	@Test
 	void resolveWhenPostThenSaml2PostAuthenticationRequest() {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full()
-			.assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		RelyingPartyRegistrationResolver relyingParties = mock(RelyingPartyRegistrationResolver.class);
 		given(relyingParties.resolve(any(), any())).willReturn(registration);
@@ -70,7 +70,7 @@ public class OpenSaml4AuthenticationRequestResolverTests {
 		Saml2PostAuthenticationRequest authnRequest = resolver.resolve(this.request);
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.POST);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 	}
 
 	@Test
@@ -97,7 +97,7 @@ public class OpenSaml4AuthenticationRequestResolverTests {
 
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 
 	}
 

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSaml4SigningUtilsTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,7 +56,7 @@ public class OpenSaml4SigningUtilsTests {
 				c.add(TestSaml2X509Credentials.relyingPartySigningCredential());
 				c.add(TestSaml2X509Credentials.assertingPartySigningCredential());
 			})
-			.assertingPartyDetails((c) -> c.entityId("https://some.idp.example.com/entity-id")
+			.assertingPartyMetadata((c) -> c.entityId("https://some.idp.example.com/entity-id")
 				.singleSignOnServiceLocation("https://some.idp.example.com/service-location"))
 			.build();
 	}

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/web/authentication/logout/OpenSaml4LogoutResponseResolverTests.java

@@ -65,7 +65,7 @@ public class OpenSaml4LogoutResponseResolverTests {
 		logoutResponseResolver.setParametersConsumer(parametersConsumer);
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration()
-			.assertingPartyDetails(
+			.assertingPartyMetadata(
 					(party) -> party.singleLogoutServiceResponseLocation("https://ap.example.com/logout"))
 			.build();
 		Authentication authentication = new TestingAuthenticationToken("user", "password");

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml5AuthenticationProviderTests.java

@@ -1082,11 +1082,11 @@ public class OpenSaml5AuthenticationProviderTests {
 		return TestRelyingPartyRegistrations.noCredentials()
 			.entityId(RELYING_PARTY_ENTITY_ID)
 			.assertionConsumerServiceLocation(DESTINATION)
-			.assertingPartyDetails((party) -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
+			.assertingPartyMetadata((party) -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSaml5LogoutRequestValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSaml5LogoutRequestValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = registration()
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		LogoutRequest logoutRequest = TestOpenSamlObjects.assertingPartyLogoutRequest(registration);
 		Saml2LogoutRequest request = redirect(logoutRequest, registration,
@@ -167,7 +167,7 @@ public class OpenSaml5LogoutRequestValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder decrypting(RelyingPartyRegistration.Builder builder) {
@@ -176,12 +176,12 @@ public class OpenSaml5LogoutRequestValidatorTests {
 	}
 
 	private RelyingPartyRegistration.Builder encrypting(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.encryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyEncryptingCredential())));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -213,7 +213,7 @@ public class OpenSaml5LogoutRequestValidatorTests {
 
 	private void sign(LogoutRequest logoutRequest, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutRequest, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSaml5LogoutResponseValidatorTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -63,7 +63,7 @@ public class OpenSaml5LogoutResponseValidatorTests {
 	@Test
 	public void handleWhenRedirectBindingThenValidatesSignatureParameter() {
 		RelyingPartyRegistration registration = signing(verifying(registration()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 			.build();
 		Saml2LogoutRequest logoutRequest = Saml2LogoutRequest.withRelyingPartyRegistration(registration)
 			.id("id")
@@ -150,11 +150,11 @@ public class OpenSaml5LogoutResponseValidatorTests {
 
 	private RelyingPartyRegistration.Builder registration() {
 		return signing(verifying(TestRelyingPartyRegistrations.noCredentials()))
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST));
 	}
 
 	private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-		return builder.assertingPartyDetails((party) -> party
+		return builder.assertingPartyMetadata((party) -> party
 			.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
 	}
 
@@ -180,7 +180,7 @@ public class OpenSaml5LogoutResponseValidatorTests {
 
 	private void sign(LogoutResponse logoutResponse, RelyingPartyRegistration registration) {
 		TestOpenSamlObjects.signed(logoutResponse, registration.getSigningX509Credentials().iterator().next(),
-				registration.getAssertingPartyDetails().getEntityId());
+				registration.getAssertingPartyMetadata().getEntityId());
 	}
 
 	private String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/metadata/OpenSaml5MetadataResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,7 +79,7 @@ public class OpenSaml5MetadataResolverTests {
 	@Test
 	public void resolveWhenRelyingPartyNoCredentialsThenMetadataMatches() {
 		RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((party) -> party
+			.assertingPartyMetadata((party) -> party
 				.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 			.build();
 		OpenSaml5MetadataResolver OpenSaml4MetadataResolver = new OpenSaml5MetadataResolver();

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/registration/OpenSaml5AssertingPartyMetadataRepositoryTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -224,7 +224,7 @@ public class OpenSaml5AssertingPartyMetadataRepositoryTests {
 			.withTrustedMetadataLocation(web.url(endpoint).toString())
 			.verificationCredentials((c) -> c.add(credential))
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	@Test
@@ -256,7 +256,7 @@ public class OpenSaml5AssertingPartyMetadataRepositoryTests {
 		AssertingPartyMetadataRepository parties = OpenSaml5AssertingPartyMetadataRepository
 			.withTrustedMetadataLocation(web.url(endpoint).toString())
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	@Test
@@ -295,7 +295,7 @@ public class OpenSaml5AssertingPartyMetadataRepositoryTests {
 		AssertingPartyMetadataRepository parties = new OpenSaml5AssertingPartyMetadataRepository(resolver);
 		parties.iterator()
 			.forEachRemaining((p) -> assertThat(p.getEntityId())
-				.isEqualTo(registration.getAssertingPartyDetails().getEntityId()));
+				.isEqualTo(registration.getAssertingPartyMetadata().getEntityId()));
 		verify(((IterableMetadataSource) resolver)).iterator();
 	}
 
@@ -336,7 +336,7 @@ public class OpenSaml5AssertingPartyMetadataRepositoryTests {
 			.withMetadataLocation(web.url(endpoint).toString())
 			.verificationCredentials((c) -> c.add(credential))
 			.build();
-		assertThat(parties.findByEntityId(registration.getAssertingPartyDetails().getEntityId())).isNotNull();
+		assertThat(parties.findByEntityId(registration.getAssertingPartyMetadata().getEntityId())).isNotNull();
 	}
 
 	private static String serialize(XMLObject object) {

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSaml5AuthenticationRequestResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,13 +56,13 @@ public class OpenSaml5AuthenticationRequestResolverTests {
 		Saml2RedirectAuthenticationRequest authnRequest = resolver.resolve(this.request);
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 	}
 
 	@Test
 	void resolveWhenPostThenSaml2PostAuthenticationRequest() {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full()
-			.assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		RelyingPartyRegistrationResolver relyingParties = mock(RelyingPartyRegistrationResolver.class);
 		given(relyingParties.resolve(any(), any())).willReturn(registration);
@@ -70,7 +70,7 @@ public class OpenSaml5AuthenticationRequestResolverTests {
 		Saml2PostAuthenticationRequest authnRequest = resolver.resolve(this.request);
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.POST);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 	}
 
 	@Test
@@ -97,7 +97,7 @@ public class OpenSaml5AuthenticationRequestResolverTests {
 
 		assertThat(authnRequest.getBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
 		assertThat(authnRequest.getAuthenticationRequestUri())
-			.isEqualTo(this.registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+			.isEqualTo(this.registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 
 	}
 

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSaml5SigningUtilsTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,7 +56,7 @@ public class OpenSaml5SigningUtilsTests {
 				c.add(TestSaml2X509Credentials.relyingPartySigningCredential());
 				c.add(TestSaml2X509Credentials.assertingPartySigningCredential());
 			})
-			.assertingPartyDetails((c) -> c.entityId("https://some.idp.example.com/entity-id")
+			.assertingPartyMetadata((c) -> c.entityId("https://some.idp.example.com/entity-id")
 				.singleSignOnServiceLocation("https://some.idp.example.com/service-location"))
 			.build();
 	}

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/web/authentication/logout/OpenSaml5LogoutResponseResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,7 +56,7 @@ public class OpenSaml5LogoutResponseResolverTests {
 		logoutResponseResolver.setParametersConsumer(parametersConsumer);
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration()
-			.assertingPartyDetails(
+			.assertingPartyMetadata(
 					(party) -> party.singleLogoutServiceResponseLocation("https://ap.example.com/logout"))
 			.build();
 		Authentication authentication = new TestingAuthenticationToken("user", "password");

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/jackson2/TestSaml2JsonPayloads.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -147,7 +147,7 @@ final class TestSaml2JsonPayloads {
 		return Saml2PostAuthenticationRequest
 			.withRelyingPartyRegistration(TestRelyingPartyRegistrations.full()
 				.registrationId(RELYINGPARTY_REGISTRATION_ID)
-				.assertingPartyDetails((party) -> party.singleSignOnServiceLocation(AUTHENTICATION_REQUEST_URI))
+				.assertingPartyMetadata((party) -> party.singleSignOnServiceLocation(AUTHENTICATION_REQUEST_URI))
 				.build())
 			.samlRequest(SAML_REQUEST)
 			.relayState(RELAY_STATE)
@@ -159,7 +159,7 @@ final class TestSaml2JsonPayloads {
 		return Saml2RedirectAuthenticationRequest
 			.withRelyingPartyRegistration(TestRelyingPartyRegistrations.full()
 				.registrationId(RELYINGPARTY_REGISTRATION_ID)
-				.assertingPartyDetails((party) -> party.singleSignOnServiceLocation(AUTHENTICATION_REQUEST_URI))
+				.assertingPartyMetadata((party) -> party.singleSignOnServiceLocation(AUTHENTICATION_REQUEST_URI))
 				.build())
 			.samlRequest(SAML_REQUEST)
 			.relayState(RELAY_STATE)
@@ -173,7 +173,7 @@ final class TestSaml2JsonPayloads {
 		return Saml2LogoutRequest
 			.withRelyingPartyRegistration(TestRelyingPartyRegistrations.full()
 				.registrationId(RELYINGPARTY_REGISTRATION_ID)
-				.assertingPartyDetails((party) -> party.singleLogoutServiceLocation(LOCATION)
+				.assertingPartyMetadata((party) -> party.singleLogoutServiceLocation(LOCATION)
 					.singleLogoutServiceBinding(Saml2MessageBinding.REDIRECT))
 				.build())
 			.id(ID)

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestOpenSamlObjects.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -416,7 +416,7 @@ public final class TestOpenSamlObjects {
 		logoutRequest.setNameID(nameId);
 		IssuerBuilder issuerBuilder = new IssuerBuilder();
 		Issuer issuer = issuerBuilder.buildObject();
-		issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
+		issuer.setValue(registration.getAssertingPartyMetadata().getEntityId());
 		logoutRequest.setIssuer(issuer);
 		logoutRequest.setDestination(registration.getSingleLogoutServiceLocation());
 		return logoutRequest;
@@ -430,7 +430,7 @@ public final class TestOpenSamlObjects {
 		NameID nameId = nameIdBuilder.buildObject();
 		nameId.setValue("user");
 		logoutRequest.setNameID(null);
-		Saml2X509Credential credential = registration.getAssertingPartyDetails()
+		Saml2X509Credential credential = registration.getAssertingPartyMetadata()
 			.getEncryptionX509Credentials()
 			.iterator()
 			.next();
@@ -438,7 +438,7 @@ public final class TestOpenSamlObjects {
 		logoutRequest.setEncryptedID(encrypted);
 		IssuerBuilder issuerBuilder = new IssuerBuilder();
 		Issuer issuer = issuerBuilder.buildObject();
-		issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
+		issuer.setValue(registration.getAssertingPartyMetadata().getEntityId());
 		logoutRequest.setIssuer(issuer);
 		logoutRequest.setDestination(registration.getSingleLogoutServiceLocation());
 		return logoutRequest;
@@ -457,39 +457,23 @@ public final class TestOpenSamlObjects {
 		logoutResponse.setStatus(status);
 		IssuerBuilder issuerBuilder = new IssuerBuilder();
 		Issuer issuer = issuerBuilder.buildObject();
-		issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
+		issuer.setValue(registration.getAssertingPartyMetadata().getEntityId());
 		logoutResponse.setIssuer(issuer);
 		logoutResponse.setDestination(registration.getSingleLogoutServiceResponseLocation());
 		return logoutResponse;
 	}
 
-	public static LogoutRequest relyingPartyLogoutRequest(RelyingPartyRegistration registration) {
-		LogoutRequestBuilder logoutRequestBuilder = new LogoutRequestBuilder();
-		LogoutRequest logoutRequest = logoutRequestBuilder.buildObject();
-		logoutRequest.setID("id");
-		NameIDBuilder nameIdBuilder = new NameIDBuilder();
-		NameID nameId = nameIdBuilder.buildObject();
-		nameId.setValue("user");
-		logoutRequest.setNameID(nameId);
-		IssuerBuilder issuerBuilder = new IssuerBuilder();
-		Issuer issuer = issuerBuilder.buildObject();
-		issuer.setValue(registration.getAssertingPartyDetails().getEntityId());
-		logoutRequest.setIssuer(issuer);
-		logoutRequest.setDestination(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
-		return logoutRequest;
-	}
-
 	public static EntityDescriptor entityDescriptor(RelyingPartyRegistration registration) {
 		EntityDescriptorBuilder entityDescriptorBuilder = new EntityDescriptorBuilder();
 		EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
-		entityDescriptor.setEntityID(registration.getAssertingPartyDetails().getEntityId());
+		entityDescriptor.setEntityID(registration.getAssertingPartyMetadata().getEntityId());
 		IDPSSODescriptorBuilder idpssoDescriptorBuilder = new IDPSSODescriptorBuilder();
 		IDPSSODescriptor idpssoDescriptor = idpssoDescriptorBuilder.buildObject();
 		idpssoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
 		SingleSignOnServiceBuilder singleSignOnServiceBuilder = new SingleSignOnServiceBuilder();
 		SingleSignOnService singleSignOnService = singleSignOnServiceBuilder.buildObject();
 		singleSignOnService.setBinding(Saml2MessageBinding.POST.getUrn());
-		singleSignOnService.setLocation(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
+		singleSignOnService.setLocation(registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation());
 		idpssoDescriptor.getSingleSignOnServices().add(singleSignOnService);
 		KeyDescriptorBuilder keyDescriptorBuilder = new KeyDescriptorBuilder();
 		KeyDescriptor keyDescriptor = keyDescriptorBuilder.buildObject();

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/InMemoryRelyingPartyRegistrationRepositoryTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -47,7 +47,7 @@ public class InMemoryRelyingPartyRegistrationRepositoryTests {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().build();
 		InMemoryRelyingPartyRegistrationRepository registrations = new InMemoryRelyingPartyRegistrationRepository(
 				registration);
-		String assertingPartyEntityId = registration.getAssertingPartyDetails().getEntityId();
+		String assertingPartyEntityId = registration.getAssertingPartyMetadata().getEntityId();
 		assertThat(registrations.findUniqueByAssertingPartyEntityId(assertingPartyEntityId)).isEqualTo(registration);
 	}
 
@@ -56,7 +56,7 @@ public class InMemoryRelyingPartyRegistrationRepositoryTests {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration().build();
 		InMemoryRelyingPartyRegistrationRepository registrations = new InMemoryRelyingPartyRegistrationRepository(
 				registration);
-		String assertingPartyEntityId = registration.getAssertingPartyDetails().getEntityId();
+		String assertingPartyEntityId = registration.getAssertingPartyMetadata().getEntityId();
 		assertThat(registrations.findUniqueByAssertingPartyEntityId(assertingPartyEntityId + "wrong")).isNull();
 	}
 

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -102,7 +102,7 @@ public class OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverterTests {
 		RelyingPartyRegistration registration = this.converter.read(RelyingPartyRegistration.Builder.class, response)
 			.registrationId("one")
 			.build();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getWantAuthnRequestsSigned()).isFalse();
 		assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("sso-location");
 		assertThat(details.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
@@ -128,7 +128,7 @@ public class OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverterTests {
 		RelyingPartyRegistration registration = this.converter.read(RelyingPartyRegistration.Builder.class, response)
 			.registrationId("one")
 			.build();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getWantAuthnRequestsSigned()).isFalse();
 		assertThat(details.getSingleSignOnServiceLocation()).isEqualTo("sso-location");
 		assertThat(details.getSingleSignOnServiceBinding()).isEqualTo(Saml2MessageBinding.REDIRECT);
@@ -149,7 +149,7 @@ public class OpenSamlRelyingPartyRegistrationBuilderHttpMessageConverterTests {
 		RelyingPartyRegistration registration = this.converter.read(RelyingPartyRegistration.Builder.class, response)
 			.registrationId("one")
 			.build();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getVerificationX509Credentials().iterator().next().getCertificate())
 			.isEqualTo(x509Certificate(CERTIFICATE));
 		assertThat(details.getEncryptionX509Credentials()).hasSize(1);

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,7 +24,6 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.security.saml2.core.Saml2X509Credential;
 import org.springframework.security.saml2.core.TestSaml2X509Credentials;
-import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails;
 import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -37,12 +36,12 @@ public class RelyingPartyRegistrationTests {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration()
 			.nameIdFormat("format")
 			.authnRequestsSigned(true)
-			.assertingPartyDetails((a) -> a.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((a) -> a.singleSignOnServiceBinding(Saml2MessageBinding.POST))
-			.assertingPartyDetails((a) -> a.wantAuthnRequestsSigned(false))
+			.assertingPartyMetadata((a) -> a.wantAuthnRequestsSigned(false))
-			.assertingPartyDetails((a) -> a.signingAlgorithms((algs) -> algs.add("alg")))
+			.assertingPartyMetadata((a) -> a.signingAlgorithms((algs) -> algs.add("alg")))
 			.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT)
 			.build();
-		RelyingPartyRegistration copy = RelyingPartyRegistration.withRelyingPartyRegistration(registration).build();
+		RelyingPartyRegistration copy = registration.mutate().build();
 		compareRegistrations(registration, copy);
 	}
 
@@ -50,9 +49,9 @@ public class RelyingPartyRegistrationTests {
 	void mutateWhenInvokedThenCreatesCopy() {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.relyingPartyRegistration()
 			.nameIdFormat("format")
-			.assertingPartyDetails((a) -> a.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((a) -> a.singleSignOnServiceBinding(Saml2MessageBinding.POST))
-			.assertingPartyDetails((a) -> a.wantAuthnRequestsSigned(false))
+			.assertingPartyMetadata((a) -> a.wantAuthnRequestsSigned(false))
-			.assertingPartyDetails((a) -> a.signingAlgorithms((algs) -> algs.add("alg")))
+			.assertingPartyMetadata((a) -> a.signingAlgorithms((algs) -> algs.add("alg")))
 			.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT)
 			.build();
 		RelyingPartyRegistration copy = registration.mutate().build();
@@ -61,8 +60,8 @@ public class RelyingPartyRegistrationTests {
 
 	private void compareRegistrations(RelyingPartyRegistration registration, RelyingPartyRegistration copy) {
 		assertThat(copy.getRegistrationId()).isEqualTo(registration.getRegistrationId()).isEqualTo("simplesamlphp");
-		assertThat(copy.getAssertingPartyDetails().getEntityId())
+		assertThat(copy.getAssertingPartyMetadata().getEntityId())
-			.isEqualTo(registration.getAssertingPartyDetails().getEntityId())
+			.isEqualTo(registration.getAssertingPartyMetadata().getEntityId())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php");
 		assertThat(copy.getAssertionConsumerServiceLocation())
 			.isEqualTo(registration.getAssertionConsumerServiceLocation())
@@ -73,25 +72,25 @@ public class RelyingPartyRegistrationTests {
 			.isEqualTo(copy.getEntityId())
 			.isEqualTo(registration.getEntityId())
 			.isEqualTo("{baseUrl}/saml2/service-provider-metadata/{registrationId}");
-		assertThat(copy.getAssertingPartyDetails().getSingleSignOnServiceLocation())
+		assertThat(copy.getAssertingPartyMetadata().getSingleSignOnServiceLocation())
-			.isEqualTo(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation())
+			.isEqualTo(registration.getAssertingPartyMetadata().getSingleSignOnServiceLocation())
 			.isEqualTo("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/SSOService.php");
-		assertThat(copy.getAssertingPartyDetails().getSingleSignOnServiceBinding())
+		assertThat(copy.getAssertingPartyMetadata().getSingleSignOnServiceBinding())
-			.isEqualTo(registration.getAssertingPartyDetails().getSingleSignOnServiceBinding())
+			.isEqualTo(registration.getAssertingPartyMetadata().getSingleSignOnServiceBinding())
 			.isEqualTo(Saml2MessageBinding.POST);
-		assertThat(copy.getAssertingPartyDetails().getWantAuthnRequestsSigned())
+		assertThat(copy.getAssertingPartyMetadata().getWantAuthnRequestsSigned())
-			.isEqualTo(registration.getAssertingPartyDetails().getWantAuthnRequestsSigned())
+			.isEqualTo(registration.getAssertingPartyMetadata().getWantAuthnRequestsSigned())
 			.isFalse();
 		assertThat(copy.getAssertionConsumerServiceBinding())
 			.isEqualTo(registration.getAssertionConsumerServiceBinding());
 		assertThat(copy.getDecryptionX509Credentials()).isEqualTo(registration.getDecryptionX509Credentials());
 		assertThat(copy.getSigningX509Credentials()).isEqualTo(registration.getSigningX509Credentials());
-		assertThat(copy.getAssertingPartyDetails().getEncryptionX509Credentials())
+		assertThat(copy.getAssertingPartyMetadata().getEncryptionX509Credentials())
-			.isEqualTo(registration.getAssertingPartyDetails().getEncryptionX509Credentials());
+			.isEqualTo(registration.getAssertingPartyMetadata().getEncryptionX509Credentials());
-		assertThat(copy.getAssertingPartyDetails().getVerificationX509Credentials())
+		assertThat(copy.getAssertingPartyMetadata().getVerificationX509Credentials())
-			.isEqualTo(registration.getAssertingPartyDetails().getVerificationX509Credentials());
+			.isEqualTo(registration.getAssertingPartyMetadata().getVerificationX509Credentials());
-		assertThat(copy.getAssertingPartyDetails().getSigningAlgorithms())
+		assertThat(copy.getAssertingPartyMetadata().getSigningAlgorithms())
-			.isEqualTo(registration.getAssertingPartyDetails().getSigningAlgorithms());
+			.isEqualTo(registration.getAssertingPartyMetadata().getSigningAlgorithms());
 		assertThat(copy.getNameIdFormat()).isEqualTo(registration.getNameIdFormat());
 		assertThat(copy.isAuthnRequestsSigned()).isEqualTo(registration.isAuthnRequestsSigned());
 	}
@@ -101,7 +100,7 @@ public class RelyingPartyRegistrationTests {
 		RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("id")
 			.entityId("entity-id")
 			.assertionConsumerServiceLocation("location")
-			.assertingPartyDetails((assertingParty) -> assertingParty.entityId("entity-id")
+			.assertingPartyMetadata((assertingParty) -> assertingParty.entityId("entity-id")
 				.singleSignOnServiceLocation("location")
 				.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 			.build();
@@ -119,7 +118,7 @@ public class RelyingPartyRegistrationTests {
 
 		// Test with the alt credentials first
 		RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((assertingParty) -> assertingParty.verificationX509Credentials((c) -> {
+			.assertingPartyMetadata((assertingParty) -> assertingParty.verificationX509Credentials((c) -> {
 				c.add(altApCredential);
 				c.add(verifyingCredential);
 			}).encryptionX509Credentials((c) -> {
@@ -139,14 +138,14 @@ public class RelyingPartyRegistrationTests {
 				signingCredential);
 		assertThat(relyingPartyRegistration.getDecryptionX509Credentials()).containsExactly(altRpCredential,
 				decryptionCredential);
-		assertThat(relyingPartyRegistration.getAssertingPartyDetails().getVerificationX509Credentials())
+		assertThat(relyingPartyRegistration.getAssertingPartyMetadata().getVerificationX509Credentials())
 			.containsExactly(altApCredential, verifyingCredential);
-		assertThat(relyingPartyRegistration.getAssertingPartyDetails().getEncryptionX509Credentials())
+		assertThat(relyingPartyRegistration.getAssertingPartyMetadata().getEncryptionX509Credentials())
 			.containsExactly(altApCredential, encryptingCredential);
 
 		// Test with the alt credentials last
 		relyingPartyRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((assertingParty) -> assertingParty.verificationX509Credentials((c) -> {
+			.assertingPartyMetadata((assertingParty) -> assertingParty.verificationX509Credentials((c) -> {
 				c.add(verifyingCredential);
 				c.add(altApCredential);
 			}).encryptionX509Credentials((c) -> {
@@ -166,9 +165,9 @@ public class RelyingPartyRegistrationTests {
 				altRpCredential);
 		assertThat(relyingPartyRegistration.getDecryptionX509Credentials()).containsExactly(decryptionCredential,
 				altRpCredential);
-		assertThat(relyingPartyRegistration.getAssertingPartyDetails().getVerificationX509Credentials())
+		assertThat(relyingPartyRegistration.getAssertingPartyMetadata().getVerificationX509Credentials())
 			.containsExactly(verifyingCredential, altApCredential);
-		assertThat(relyingPartyRegistration.getAssertingPartyDetails().getEncryptionX509Credentials())
+		assertThat(relyingPartyRegistration.getAssertingPartyMetadata().getEncryptionX509Credentials())
 			.containsExactly(encryptingCredential, altApCredential);
 	}
 
@@ -203,10 +202,12 @@ public class RelyingPartyRegistrationTests {
 		AssertingPartyMetadata metadata = new CustomAssertingPartyMetadata();
 		assertThatExceptionOfType(IllegalArgumentException.class)
 			.isThrownBy(() -> RelyingPartyRegistration.withAssertingPartyMetadata(metadata)
-				.assertingPartyDetails((a) -> a.entityId("entity-id"))
+				.assertingPartyMetadata((a) -> a.entityId("entity-id"))
 				.build());
-		assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(
+		assertThatExceptionOfType(IllegalArgumentException.class)
-				() -> RelyingPartyRegistration.withAssertingPartyMetadata(metadata).build().getAssertingPartyDetails());
+			.isThrownBy(() -> RelyingPartyRegistration.withAssertingPartyMetadata(metadata)
+				.build()
+				.getAssertingPartyMetadata());
 	}
 
 	@Test
@@ -218,9 +219,9 @@ public class RelyingPartyRegistrationTests {
 			.assertingPartyMetadata((a) -> a.signingAlgorithms((algs) -> algs.add("alg")))
 			.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT)
 			.build();
-		AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
-		RelyingPartyRegistration copied = RelyingPartyRegistration.withAssertingPartyDetails(details)
+		RelyingPartyRegistration copied = RelyingPartyRegistration.withAssertingPartyMetadata(details)
-			.assertingPartyDetails((a) -> a.entityId(details.getEntityId()))
+			.assertingPartyMetadata((a) -> a.entityId(details.getEntityId()))
 			.registrationId(registration.getRegistrationId())
 			.entityId(registration.getEntityId())
 			.signingX509Credentials((c) -> c.addAll(registration.getSigningX509Credentials()))

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationsTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -65,7 +65,7 @@ public class RelyingPartyRegistrationsTests {
 				.fromMetadataLocation(server.url("/").toString())
 				.entityId("rp")
 				.build();
-			RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+			AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 			assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 			assertThat(details.getSingleSignOnServiceLocation())
 				.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -103,7 +103,7 @@ public class RelyingPartyRegistrationsTests {
 			.fromMetadataLocation("file:" + file.getAbsolutePath())
 			.entityId("rp")
 			.build();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 		assertThat(details.getSingleSignOnServiceLocation())
 			.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -124,7 +124,7 @@ public class RelyingPartyRegistrationsTests {
 			RelyingPartyRegistration registration = RelyingPartyRegistrations.fromMetadata(source)
 				.entityId("rp")
 				.build();
-			RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+			AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 			assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 			assertThat(details.getSingleSignOnServiceLocation())
 				.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -153,7 +153,7 @@ public class RelyingPartyRegistrationsTests {
 				.collect(Collectors.toList());
 			assertThat(registrations).hasSize(2);
 			RelyingPartyRegistration first = registrations.get(0);
-			RelyingPartyRegistration.AssertingPartyDetails details = first.getAssertingPartyDetails();
+			AssertingPartyMetadata details = first.getAssertingPartyMetadata();
 			assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 			assertThat(details.getSingleSignOnServiceLocation())
 				.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -161,7 +161,7 @@ public class RelyingPartyRegistrationsTests {
 			assertThat(details.getVerificationX509Credentials()).hasSize(1);
 			assertThat(details.getEncryptionX509Credentials()).hasSize(1);
 			RelyingPartyRegistration second = registrations.get(1);
-			details = second.getAssertingPartyDetails();
+			details = second.getAssertingPartyMetadata();
 			assertThat(details.getEntityId()).isEqualTo("https://ap.example.org/idp/shibboleth");
 			assertThat(details.getSingleSignOnServiceLocation())
 				.isEqualTo("https://ap.example.org/idp/profile/SAML2/POST/SSO");
@@ -201,7 +201,7 @@ public class RelyingPartyRegistrationsTests {
 			.map((r) -> r.entityId("rp").build())
 			.findFirst()
 			.get();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 		assertThat(details.getSingleSignOnServiceLocation())
 			.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -219,7 +219,7 @@ public class RelyingPartyRegistrationsTests {
 			.map((r) -> r.entityId("rp").build())
 			.findFirst()
 			.get();
-		RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+		AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 		assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 		assertThat(details.getSingleSignOnServiceLocation())
 			.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -242,7 +242,7 @@ public class RelyingPartyRegistrationsTests {
 				.map((r) -> r.entityId("rp").build())
 				.findFirst()
 				.get();
-			RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+			AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 			assertThat(details.getEntityId()).isEqualTo("https://idp.example.com/idp/shibboleth");
 			assertThat(details.getSingleSignOnServiceLocation())
 				.isEqualTo("https://idp.example.com/idp/profile/SAML2/POST/SSO");
@@ -253,17 +253,16 @@ public class RelyingPartyRegistrationsTests {
 	}
 
 	@Test
-	public void fromMetadataLocationWhenResolvableThenUsesEntityIdAndOpenSamlRelyingPartyRegistration()
+	public void fromMetadataLocationWhenResolvableThenUsesEntityIdAndOpenSamlAssertingPartyDetails() throws Exception {
-			throws Exception {
 		try (MockWebServer server = new MockWebServer()) {
 			server.enqueue(new MockResponse().setBody(this.metadata).setResponseCode(200));
 			RelyingPartyRegistration registration = RelyingPartyRegistrations
 				.fromMetadataLocation(server.url("/").toString())
 				.entityId("rp")
 				.build();
-			RelyingPartyRegistration.AssertingPartyDetails details = registration.getAssertingPartyDetails();
+			AssertingPartyMetadata details = registration.getAssertingPartyMetadata();
 			assertThat(registration.getRegistrationId()).isEqualTo(details.getEntityId());
-			assertThat(registration).isInstanceOf(OpenSamlRelyingPartyRegistration.class);
+			assertThat(details).isInstanceOf(OpenSamlAssertingPartyDetails.class);
 		}
 	}
 

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/TestRelyingPartyRegistrations.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@ public final class TestRelyingPartyRegistrations {
 			.assertionConsumerServiceLocation(assertionConsumerServiceLocation)
 			.singleLogoutServiceLocation(singleLogoutServiceLocation)
 			.signingX509Credentials((c) -> c.add(signingCredential))
-			.assertingPartyDetails((a) -> a.entityId(apEntityId)
+			.assertingPartyMetadata((a) -> a.entityId(apEntityId)
 				.singleSignOnServiceLocation(singleSignOnServiceLocation)
 				.verificationX509Credentials((c) -> c.add(verificationCertificate)));
 	}
@@ -55,7 +55,7 @@ public final class TestRelyingPartyRegistrations {
 			.singleLogoutServiceLocation("https://rp.example.org/logout/saml2/request")
 			.singleLogoutServiceResponseLocation("https://rp.example.org/logout/saml2/response")
 			.assertionConsumerServiceLocation("https://rp.example.org/acs")
-			.assertingPartyDetails((party) -> party.entityId("ap-entity-id")
+			.assertingPartyMetadata((party) -> party.entityId("ap-entity-id")
 				.singleSignOnServiceLocation("https://ap.example.org/sso")
 				.singleLogoutServiceLocation("https://ap.example.org/logout/saml2/request")
 				.singleLogoutServiceResponseLocation("https://ap.example.org/logout/saml2/response"));
@@ -67,7 +67,7 @@ public final class TestRelyingPartyRegistrations {
 				.add(org.springframework.security.saml2.core.TestSaml2X509Credentials.relyingPartySigningCredential()))
 			.decryptionX509Credentials((c) -> c.add(org.springframework.security.saml2.core.TestSaml2X509Credentials
 				.relyingPartyDecryptingCredential()))
-			.assertingPartyDetails((party) -> party.verificationX509Credentials(
+			.assertingPartyMetadata((party) -> party.verificationX509Credentials(
 					(c) -> c.add(org.springframework.security.saml2.core.TestSaml2X509Credentials
 						.relyingPartyVerifyingCredential())));
 	}

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -100,7 +100,7 @@ public class Saml2MetadataFilterTests {
 	public void doFilterWhenRelyingPartyRegistrationFoundThenInvokesMetadataResolver() throws Exception {
 		MockHttpServletRequest request = uri("/saml2/service-provider-metadata/validRegistration");
 		RelyingPartyRegistration validRegistration = TestRelyingPartyRegistrations.noCredentials()
-			.assertingPartyDetails((party) -> party
+			.assertingPartyMetadata((party) -> party
 				.verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
 			.build();
 		String generatedMetadata = "<xml>test</xml>";

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2WebSsoAuthenticationRequestFilterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -84,8 +84,8 @@ public class Saml2WebSsoAuthenticationRequestFilterTests {
 			}
 		};
 		this.rpBuilder = RelyingPartyRegistration.withRegistrationId("registration-id")
-			.assertingPartyDetails((c) -> c.entityId("idp-entity-id"))
+			.assertingPartyMetadata((c) -> c.entityId("idp-entity-id"))
-			.assertingPartyDetails((c) -> c.singleSignOnServiceLocation(IDP_SSO_URL))
+			.assertingPartyMetadata((c) -> c.singleSignOnServiceLocation(IDP_SSO_URL))
 			.assertionConsumerServiceLocation("template")
 			.signingX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyPrivateCredential()))
 			.decryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.assertingPartyPrivateCredential()));
@@ -168,7 +168,7 @@ public class Saml2WebSsoAuthenticationRequestFilterTests {
 		String relayStateValue = "https://my-relay-state.example.com?with=param&other=param&javascript{alert('1');}";
 		String relayStateEncoded = HtmlUtils.htmlEscape(relayStateValue);
 		RelyingPartyRegistration registration = this.rpBuilder
-			.assertingPartyDetails((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		Saml2PostAuthenticationRequest request = Saml2PostAuthenticationRequest
 			.withRelyingPartyRegistration(registration)
@@ -213,7 +213,7 @@ public class Saml2WebSsoAuthenticationRequestFilterTests {
 	@Test
 	public void doFilterWhenPostThenSaveRedirectRequest() throws ServletException, IOException {
 		RelyingPartyRegistration registration = this.rpBuilder
-			.assertingPartyDetails((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((asserting) -> asserting.singleSignOnServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		Saml2PostAuthenticationRequest request = Saml2PostAuthenticationRequest
 			.withRelyingPartyRegistration(registration)

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutRequestFilterTests.java

@@ -93,13 +93,13 @@ public class Saml2LogoutRequestFilterTests {
 		String content = response.getHeader("Location");
 		assertThat(content).contains(Saml2ParameterNames.SAML_RESPONSE);
 		assertThat(content)
-			.startsWith(registration.getAssertingPartyDetails().getSingleLogoutServiceResponseLocation());
+			.startsWith(registration.getAssertingPartyMetadata().getSingleLogoutServiceResponseLocation());
 	}
 
 	@Test
 	public void doFilterWhenSamlRequestThenPosts() throws Exception {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full()
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		Authentication authentication = new TestingAuthenticationToken("user", "password");
 		given(this.securityContextHolderStrategy.getContext()).willReturn(new SecurityContextImpl(authentication));
@@ -270,7 +270,7 @@ public class Saml2LogoutRequestFilterTests {
 	private void checkResponse(String responseContent, RelyingPartyRegistration registration) {
 		assertThat(responseContent).contains(Saml2ParameterNames.SAML_RESPONSE);
 		assertThat(responseContent)
-			.contains(registration.getAssertingPartyDetails().getSingleLogoutServiceResponseLocation());
+			.contains(registration.getAssertingPartyMetadata().getSingleLogoutServiceResponseLocation());
 		assertThat(responseContent).contains(
 				"<meta http-equiv=\"Content-Security-Policy\" content=\"script-src 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c='\">");
 		assertThat(responseContent)

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2RelyingPartyInitiatedLogoutSuccessHandlerTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,13 +79,13 @@ public class Saml2RelyingPartyInitiatedLogoutSuccessHandlerTests {
 		this.logoutRequestSuccessHandler.onLogoutSuccess(request, response, authentication);
 		String content = response.getHeader("Location");
 		assertThat(content).contains(Saml2ParameterNames.SAML_REQUEST);
-		assertThat(content).startsWith(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
+		assertThat(content).startsWith(registration.getAssertingPartyMetadata().getSingleLogoutServiceLocation());
 	}
 
 	@Test
 	public void onLogoutSuccessWhenPostThenPostsToAssertingParty() throws Exception {
 		RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full()
-			.assertingPartyDetails((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST))
+			.assertingPartyMetadata((party) -> party.singleLogoutServiceBinding(Saml2MessageBinding.POST))
 			.build();
 		Authentication authentication = authentication(registration);
 		SecurityContextHolder.getContext().setAuthentication(authentication);
@@ -99,7 +99,7 @@ public class Saml2RelyingPartyInitiatedLogoutSuccessHandlerTests {
 		this.logoutRequestSuccessHandler.onLogoutSuccess(request, response, authentication);
 		String content = response.getContentAsString();
 		assertThat(content).contains(Saml2ParameterNames.SAML_REQUEST);
-		assertThat(content).contains(registration.getAssertingPartyDetails().getSingleLogoutServiceLocation());
+		assertThat(content).contains(registration.getAssertingPartyMetadata().getSingleLogoutServiceLocation());
 		assertThat(content).contains(
 				"<meta http-equiv=\"Content-Security-Policy\" content=\"script-src 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c='\">");
 		assertThat(content).contains("<script>window.onload = function() { document.forms[0].submit(); }</script>");