Polish SAML 2.0 Login Sample

Fixes gh-8163
2020-03-20 16:46:51 -06:00 · 2020-03-20 16:46:51 -06:00 · 1a1be6a946
parent d1dbd92903
commit 1a1be6a946
4 changed files with 26 additions and 42 deletions
--- a/samples/boot/saml2login/README.adoc
+++ b/samples/boot/saml2login/README.adoc
@ -1,26 +1,20 @@
 = OAuth 2.0 Login Sample

-This guide provides instructions on setting up the sample application with SAML 2.0 Login using
-Spring Security's `saml2Login()` feature.
+This guide provides instructions on setting up this SAML 2.0 Login sample application.

-The sample application uses Spring Boot 2.2.0.M5 and the `spring-security-saml2-service-provider`
+The sample application uses Spring Boot and the `spring-security-saml2-service-provider`
 module which is new in Spring Security 5.2.

 == Goals

-`saml2Login()` provides a very simple, basic, implementation of a Service Provider
-that can receive a SAML 2 Response XML object via the HTTP-POST and HTTP-REDIRECT bindings
-against a known SAML reference implementation by SimpleSAMLPhp.
+`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.

+The following features are implemented in the MVP:

-The following features are implemented in the MVP
-
-1. Receive and validate a SAML 2.0 Response object containing an assertion
-and create a valid authentication in Spring Security
-2. Send a SAML 2 AuthNRequest object to an Identity Provider
-3. Provide a framework for components used in SAML 2.0 authentication that can
-be swapped by configuration
-4. Sample working against the SimpleSAMLPhP reference implementation
+1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
+2. Send a SAML 2.0 AuthNRequest to an Identity Provider
+3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
+4. Work against the SimpleSAMLphp reference implementation

 == Run the Sample

@ -33,7 +27,7 @@ be swapped by configuration

 http://localhost:8080/

-You will be redirect to the SimpleSAMLPhp IDP
+You will be redirect to the SimpleSAMLphp IDP

 === Type in your credentials

--- a/samples/boot/saml2login/src/main/java/sample/IndexController.java
+++ b/samples/boot/saml2login/src/main/java/sample/IndexController.java
@ -19,15 +19,9 @@ package sample;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;

-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import sample.Saml2LoginApplication;
-
@Controller
 public class IndexController {

-	private static final Log logger = LogFactory.getLog(Saml2LoginApplication.class);
-
 	@GetMapping("/")
 	public String index() {
 		return "index";
--- a/samples/boot/saml2login/src/main/resources/application.yml
+++ b/samples/boot/saml2login/src/main/resources/application.yml
@ -4,13 +4,11 @@ spring:
      relyingparty:
        registration:
          simplesamlphp:
-            signing:
-              credentials:
-                - private-key-location: "classpath:credentials/rp-private.key"
-                  certificate-location: "classpath:credentials/rp-certificate.crt"
+            signing.credentials:
+              - private-key-location: "classpath:credentials/rp-private.key"
+                certificate-location: "classpath:credentials/rp-certificate.crt"
            identityprovider:
-              verification:
-                credentials:
-                  - certificate-location: "classpath:credentials/idp-certificate.crt"
              entity-id: https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php
+              verification.credentials:
+                - certificate-location: "classpath:credentials/idp-certificate.crt"
              sso-url: https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php
--- a/samples/boot/saml2login/src/main/resources/templates/index.html
+++ b/samples/boot/saml2login/src/main/resources/templates/index.html
@ -1,5 +1,5 @@
 <!--
-  ~ Copyright 2002-2019 the original author or authors.
+  ~ Copyright 2002-2020 the original author or authors.
  ~
  ~ Licensed under the Apache License, Version 2.0 (the "License");
  ~ you may not use this file except in compliance with the License.
@ -17,21 +17,19 @@
 <!doctype html>
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org" xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
 <head>
-	<title>Spring Security - SAML 2 Log In</title>
+	<title>Spring Security - SAML 2.0 Login</title>
 	<meta charset="utf-8" />
 </head>
 <body>
-    <h1>Success</h1>
-    <div>You are authenticated as <span sec:authentication="name"></span></div>
-    <ul>
-        <li>
-            <a th:href="@{/logout}">Log Out</a>
-        </li>
-        <li>
-            <a href="https://simplesaml-for-spring-saml.cfapps.io/module.php/core/authenticate.php?as=example-userpass&logout">
-                Log out of SimpleSAMLPhp
-            </a>
-        </li>
-    </ul>
+	<div>
+        <form th:action="@{/logout}" method="post">
+            <input type="submit" value="Logout" />
+        </form>
+        <a href="https://simplesaml-for-spring-saml.cfapps.io/module.php/core/authenticate.php?as=example-userpass&logout">
+            Log out of SimpleSAMLphp
+        </a>
+	</div>
+	<h1>SAML 2.0 Login with Spring Security</h1>
+	<div>You are successfully logged in as <span sec:authentication="name"></span></div>
 </body>
 </html>