Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-06 18:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ISSUE-11725] Add secondary statusCode messages on error

Browse Source
This commit is contained in:
YoungKi Hong 2024-03-13 23:50:59 +09:00 committed by Josh Cummings
parent e1c5dc0e66
commit 01e2971085
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProvider.java
View File

@ -26,6 +26,9 @@ import java.util.HashMap;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set;
import java.util.HashSet;
import java.util.Arrays;
import java.util.function.Consumer; import java.util.function.Consumer;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
@ -94,6 +97,8 @@ import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import static org.opensaml.saml.saml2.core.StatusCode.*;
/** /**
* Implementation of {@link AuthenticationProvider} for SAML authentications when * Implementation of {@link AuthenticationProvider} for SAML authentications when
* receiving a {@code Response} object containing an {@code Assertion}. This * receiving a {@code Response} object containing an {@code Assertion}. This
@ -621,7 +626,17 @@ public final class OpenSaml4AuthenticationProvider implements AuthenticationProv
if (response.getStatus().getStatusCode() == null) { if (response.getStatus().getStatusCode() == null) {
return StatusCode.SUCCESS; return StatusCode.SUCCESS;
} }
return response.getStatus().getStatusCode().getValue();
Set<String> statusCodes = new HashSet<>(Arrays.asList(REQUESTER, RESPONDER, VERSION_MISMATCH));
StatusCode parentStatusCode = response.getStatus().getStatusCode();
String parentStatusCodeValue = parentStatusCode.getValue();
if (statusCodes.contains(parentStatusCodeValue)) {
StatusCode childStatusCode = parentStatusCode.getStatusCode();
String childStatusCodeValue = childStatusCode.getValue();
return parentStatusCodeValue + childStatusCodeValue;
}
return parentStatusCodeValue;
} }
private Converter<AssertionToken, Saml2ResponseValidatorResult> createDefaultAssertionSignatureValidator() { private Converter<AssertionToken, Saml2ResponseValidatorResult> createDefaultAssertionSignatureValidator() {