diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java index e18c9499bc..9927c3a9c1 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java @@ -24,8 +24,6 @@ import java.util.LinkedList; import java.util.List; import java.util.function.Consumer; -import org.opensaml.xmlsec.signature.support.SignatureConstants; - import org.springframework.security.saml2.core.Saml2X509Credential; import org.springframework.util.Assert; import org.springframework.util.CollectionUtils; @@ -838,7 +836,7 @@ public class RelyingPartyRegistration { */ public AssertingPartyDetails build() { List signingAlgorithms = this.signingAlgorithms.isEmpty() - ? Collections.singletonList(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256) + ? Collections.singletonList("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256") : Collections.unmodifiableList(this.signingAlgorithms); return new AssertingPartyDetails(this.entityId, this.wantAuthnRequestsSigned, signingAlgorithms, diff --git a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java index 2329fc2100..bcbe81f4b6 100644 --- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java +++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java @@ -19,6 +19,7 @@ package org.springframework.security.saml2.core; import org.junit.jupiter.api.Test; import org.opensaml.core.config.ConfigurationService; import org.opensaml.core.xml.config.XMLObjectProviderRegistry; +import org.opensaml.saml.saml2.core.AuthnRequest; import org.springframework.security.saml2.Saml2Exception; @@ -36,7 +37,7 @@ public class OpenSamlInitializationServiceTests { public void initializeWhenInvokedMultipleTimesThenInitializesOnce() { OpenSamlInitializationService.initialize(); XMLObjectProviderRegistry registry = ConfigurationService.get(XMLObjectProviderRegistry.class); - assertThat(registry.getParserPool()).isNotNull(); + assertThat(registry.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME)).isNotNull(); assertThatExceptionOfType(Saml2Exception.class) .isThrownBy(() -> OpenSamlInitializationService.requireInitialize((r) -> { })) diff --git a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java index 54b681842e..6e0b858624 100644 --- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java +++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java @@ -18,14 +18,12 @@ package org.springframework.security.saml2.core; import java.io.ByteArrayInputStream; import java.nio.charset.StandardCharsets; -import java.security.KeyException; import java.security.PrivateKey; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import org.opensaml.security.crypto.KeySupport; - +import org.springframework.security.converter.RsaKeyConverters; import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType; @@ -84,12 +82,7 @@ public final class TestSaml2X509Credentials { } private static PrivateKey privateKey(String key) { - try { - return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]); - } - catch (KeyException ex) { - throw new Saml2Exception(ex); - } + return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8))); } private static X509Certificate idpCertificate() { diff --git a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java index 37fa9ca915..ef7fef3b58 100644 --- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java +++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java @@ -18,14 +18,12 @@ package org.springframework.security.saml2.credentials; import java.io.ByteArrayInputStream; import java.nio.charset.StandardCharsets; -import java.security.KeyException; import java.security.PrivateKey; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; -import org.opensaml.security.crypto.KeySupport; - +import org.springframework.security.converter.RsaKeyConverters; import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.core.Saml2X509Credential; @@ -74,12 +72,7 @@ public final class TestSaml2X509Credentials { } private static PrivateKey privateKey(String key) { - try { - return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]); - } - catch (KeyException ex) { - throw new Saml2Exception(ex); - } + return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8))); } private static X509Certificate idpCertificate() { diff --git a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java index 5f80fca9a1..ae6c0cc244 100644 --- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java +++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java @@ -198,7 +198,6 @@ public final class TestCustomOpenSamlObjects { protected void processChildElement(@Nonnull XMLObject parentXMLObject, @Nonnull XMLObject childXMLObject) throws UnmarshallingException { final CustomOpenSamlObject customSamlObject = (CustomOpenSamlObject) parentXMLObject; - super.processChildElement(customSamlObject, childXMLObject); customSamlObject.getUnknownXMLObjects().add(childXMLObject); }