Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-05 18:22:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add NameID to SAML 2.0 Authentication Info

Browse Source 
Issue gh-10820
This commit is contained in:
Christian Schuster 2022-06-06 20:35:46 +02:00 committed by Josh Cummings
parent 36c7b91fb9
commit 02a8c416aa
3 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticatedPrincipal.java
View File

@ -77,6 +77,11 @@ public interface Saml2AuthenticatedPrincipal extends AuthenticatedPrincipal, Sam
return null; return null;
} }
@Override
default String getNameId() {
return getName();
}
@Override @Override
default List<String> getSessionIndexes() { default List<String> getSessionIndexes() {
return Collections.emptyList(); return Collections.emptyList();

7
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationInfo.java
View File

@ -18,6 +18,7 @@ package org.springframework.security.saml2.provider.service.authentication;
import java.util.List; import java.util.List;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.SessionIndex; import org.opensaml.saml.saml2.core.SessionIndex;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -41,6 +42,12 @@ public interface Saml2AuthenticationInfo {
*/ */
String getRelyingPartyRegistrationId(); String getRelyingPartyRegistrationId();
/**
* Get the {@link NameID} value of the authenticated principal
* @return the {@link NameID} value of the authenticated principal
*/
String getNameId();
/** /**
* Get the {@link SessionIndex} values of the authenticated principal * Get the {@link SessionIndex} values of the authenticated principal
* @return the {@link SessionIndex} values of the authenticated principal * @return the {@link SessionIndex} values of the authenticated principal

5
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/BaseOpenSamlLogoutRequestResolver.java
View File

@ -147,16 +147,19 @@ final class BaseOpenSamlLogoutRequestResolver implements Saml2LogoutRequestResol
issuer.setValue(entityId); issuer.setValue(entityId);
logoutRequest.setIssuer(issuer); logoutRequest.setIssuer(issuer);
NameID nameId = this.nameIdBuilder.buildObject(); NameID nameId = this.nameIdBuilder.buildObject();
nameId.setValue(authentication.getName());
logoutRequest.setNameID(nameId); logoutRequest.setNameID(nameId);
Saml2AuthenticationInfo info = Saml2AuthenticationInfo.fromAuthentication(authentication); Saml2AuthenticationInfo info = Saml2AuthenticationInfo.fromAuthentication(authentication);
if (info != null) { if (info != null) {
nameId.setValue(info.getNameId());
for (String index : info.getSessionIndexes()) { for (String index : info.getSessionIndexes()) {
SessionIndex sessionIndex = this.sessionIndexBuilder.buildObject(); SessionIndex sessionIndex = this.sessionIndexBuilder.buildObject();
sessionIndex.setValue(index); sessionIndex.setValue(index);
logoutRequest.getSessionIndexes().add(sessionIndex); logoutRequest.getSessionIndexes().add(sessionIndex);
} }
} }
else {
nameId.setValue(authentication.getName());
}
logoutRequest.setIssueInstant(Instant.now(this.clock)); logoutRequest.setIssueInstant(Instant.now(this.clock));
this.parametersConsumer this.parametersConsumer
.accept(new LogoutRequestParameters(request, registration, authentication, logoutRequest)); .accept(new LogoutRequestParameters(request, registration, authentication, logoutRequest));