Cwikius-Spring
/
Spring-Security-Samples
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: Cwikius-Spring:main
Branches Tags
Cwikius-Spring:main
Cwikius-Spring:5.8.x
Cwikius-Spring:5.6.x
Cwikius-Spring:5.7.x
Cwikius-Spring:5.5.x
Cwikius-Spring:6.0.x
Cwikius-Spring:guides
Cwikius-Spring:5.5.0
...
pull from: Cwikius-Spring:6.0.x
Branches Tags
Cwikius-Spring:5.8.x
Cwikius-Spring:main
Cwikius-Spring:5.6.x
Cwikius-Spring:5.7.x
Cwikius-Spring:5.5.x
Cwikius-Spring:6.0.x
Cwikius-Spring:guides
Cwikius-Spring:5.5.0

1 Commits
main ... 6.0.x

Author SHA1 Message Date
Josh Cummings 88f886e646
Simplify SAML configuration 2022-03-31 12:51:40 -06:00
2 changed files with 18 additions and 25 deletions
Show Stats Expand all files Collapse all files

10
servlet/spring-boot/java/saml2/login-single-tenant/src/main/java/example/SecurityConfiguration.java
View File

@ -81,15 +81,13 @@ public class SecurityConfiguration {
@Bean
RelyingPartyRegistrationRepository repository(
@Value("classpath:credentials/rp-private.key") RSAPrivateKey privateKey) {
Saml2X509Credential signing = Saml2X509Credential.signing(privateKey, relyingPartyCertificate());
RelyingPartyRegistration two = RelyingPartyRegistrations
.fromMetadataLocation("https://dev-05937739.okta.com/app/exk4842vmapcMkohr5d7/sso/saml/metadata")
.registrationId("two")
.signingX509Credentials(
(c) -> c.add(Saml2X509Credential.signing(privateKey, relyingPartyCertificate())))
.singleLogoutServiceLocation(
"https://dev-05937739.okta.com/app/dev-05937739_springsecuritysaml2idptwo_1/exk4842vmapcMkohr5d7/slo/saml")
.singleLogoutServiceResponseLocation("http://localhost:8080/logout/saml2/slo")
.singleLogoutServiceBinding(Saml2MessageBinding.POST).build();
.signingX509Credentials((c) -> c.add(signing))
.singleLogoutServiceLocation("http://localhost:8080/logout/saml2/slo")
.build();
return new InMemoryRelyingPartyRegistrationRepository(two);
}

33
servlet/spring-boot/java/saml2/login/src/main/java/example/SecurityConfiguration.java
View File

@ -35,7 +35,6 @@ import org.springframework.security.saml2.provider.service.registration.InMemory
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations;
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter;
@ -44,6 +43,8 @@ import org.springframework.security.web.SecurityFilterChain;
@Configuration
public class SecurityConfiguration {
@Value("classpath:credentials/rp-private.key") RSAPrivateKey privateKey;
@Bean
SecurityFilterChain app(HttpSecurity http) throws Exception {
// @formatter:off
@ -73,29 +74,23 @@ public class SecurityConfiguration {
}
@Bean
RelyingPartyRegistrationRepository repository(
@Value("classpath:credentials/rp-private.key") RSAPrivateKey privateKey) {
RelyingPartyRegistration one = RelyingPartyRegistrations
RelyingPartyRegistrationRepository repository() {
RelyingPartyRegistration one = addRelyingPartyDetails(RelyingPartyRegistrations
.fromMetadataLocation("https://dev-05937739.okta.com/app/exk46xofd8NZvFCpS5d7/sso/saml/metadata")
.registrationId("one")
.signingX509Credentials(
(c) -> c.add(Saml2X509Credential.signing(privateKey, relyingPartyCertificate())))
.singleLogoutServiceLocation(
"https://dev-05937739.okta.com/app/dev-05937739_springgsecuritysaml2idp_1/exk46xofd8NZvFCpS5d7/slo/saml")
.singleLogoutServiceResponseLocation("http://localhost:8080/logout/saml2/slo")
.singleLogoutServiceBinding(Saml2MessageBinding.POST).build();
RelyingPartyRegistration two = RelyingPartyRegistrations
.registrationId("one")).build();
RelyingPartyRegistration two = addRelyingPartyDetails(RelyingPartyRegistrations
.fromMetadataLocation("https://dev-05937739.okta.com/app/exk4842vmapcMkohr5d7/sso/saml/metadata")
.registrationId("two")
.signingX509Credentials(
(c) -> c.add(Saml2X509Credential.signing(privateKey, relyingPartyCertificate())))
.singleLogoutServiceLocation(
"https://dev-05937739.okta.com/app/dev-05937739_springsecuritysaml2idptwo_1/exk4842vmapcMkohr5d7/slo/saml")
.singleLogoutServiceResponseLocation("http://localhost:8080/logout/saml2/slo")
.singleLogoutServiceBinding(Saml2MessageBinding.POST).build();
.registrationId("two")).build();
return new InMemoryRelyingPartyRegistrationRepository(one, two);
}
RelyingPartyRegistration.Builder addRelyingPartyDetails(RelyingPartyRegistration.Builder builder) {
Saml2X509Credential signing = Saml2X509Credential.signing(this.privateKey, relyingPartyCertificate());
return builder
.signingX509Credentials((c) -> c.add(signing))
.singleLogoutServiceLocation("http://localhost:8080/logout/saml2/slo");
}
X509Certificate relyingPartyCertificate() {
Resource resource = new ClassPathResource("credentials/rp-certificate.crt");
try (InputStream is = resource.getInputStream()) {