Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 12:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '6.4.x'

Browse Source
This commit is contained in:
Josh Cummings 2025-01-30 18:06:01 -07:00
commit 5af4b9a2ad
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
9 changed files with 38 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
View File

@ -178,14 +178,21 @@ import org.springframework.security.oauth2.server.resource.introspection.OAuth2I
import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionException;
import org.springframework.security.saml2.Saml2Exception;
import org.springframework.security.saml2.core.Saml2Error;
import org.springframework.security.saml2.core.Saml2X509Credential;
import org.springframework.security.saml2.credentials.TestSaml2X509Credentials;
import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal;
import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException;
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken;
import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
import org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationTokens;
import org.springframework.security.saml2.provider.service.authentication.TestSaml2Authentications;
import org.springframework.security.saml2.provider.service.authentication.TestSaml2PostAuthenticationRequests;
import org.springframework.security.saml2.provider.service.authentication.TestSaml2RedirectAuthenticationRequests;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails;
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations;
import org.springframework.security.web.PortResolverImpl;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
@ -507,6 +514,16 @@ class SpringSecurityCoreVersionSerializableTests {
(r) -> TestSaml2PostAuthenticationRequests.create());
generatorByClassName.put(Saml2RedirectAuthenticationRequest.class,
(r) -> TestSaml2RedirectAuthenticationRequests.create());
generatorByClassName.put(Saml2X509Credential.class,
(r) -> TestSaml2X509Credentials.relyingPartyVerifyingCredential());
generatorByClassName.put(AssertingPartyDetails.class,
(r) -> TestRelyingPartyRegistrations.full().build().getAssertingPartyMetadata());
generatorByClassName.put(RelyingPartyRegistration.class, (r) -> TestRelyingPartyRegistrations.full().build());
generatorByClassName.put(Saml2AuthenticationToken.class, (r) -> {
Saml2AuthenticationToken token = TestSaml2AuthenticationTokens.tokenRequested();
token.setDetails(details);
return token;
});
// web
generatorByClassName.put(AnonymousAuthenticationToken.class, (r) -> {

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.core.Saml2X509Credential.serialized Normal file
View File

Binary file not shown.

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken.serialized Normal file
View File

Binary file not shown.

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration$AssertingPartyDetails.serialized Normal file
View File

Binary file not shown.

BIN
config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.serialized Normal file
View File

Binary file not shown.

7
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,6 +16,7 @@
package org.springframework.security.saml2.core;
import java.io.Serializable;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
@ -35,7 +36,9 @@ import org.springframework.util.Assert;
* @author Josh Cummings
* @since 5.4
*/
public final class Saml2X509Credential {
public final class Saml2X509Credential implements Serializable {
private static final long serialVersionUID = -1015853414272603517L;
private final PrivateKey privateKey;

3
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/AssertingPartyMetadata.java
View File

@ -16,6 +16,7 @@
package org.springframework.security.saml2.provider.service.registration;
import java.io.Serializable;
import java.util.Collection;
import java.util.List;
import java.util.function.Consumer;
@ -28,7 +29,7 @@ import org.springframework.security.saml2.core.Saml2X509Credential;
* @author Josh Cummings
* @since 6.4
*/
public interface AssertingPartyMetadata {
public interface AssertingPartyMetadata extends Serializable {
/**
* Get the asserting party's <a href=

9
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2023 the original author or authors.
* Copyright 2002-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,6 +16,7 @@
package org.springframework.security.saml2.provider.service.registration;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@ -66,7 +67,9 @@ import org.springframework.util.CollectionUtils;
* @author Josh Cummings
* @since 5.2
*/
public class RelyingPartyRegistration {
public class RelyingPartyRegistration implements Serializable {
private static final long serialVersionUID = -2718908121120942813L;
private final String registrationId;
@ -456,6 +459,8 @@ public class RelyingPartyRegistration {
*/
public static class AssertingPartyDetails implements AssertingPartyMetadata {
private static final long serialVersionUID = 8728930758311995475L;
private final String entityId;
private final boolean wantAuthnRequestsSigned;

7
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/TestSaml2AuthenticationTokens.java
View File

@ -35,4 +35,11 @@ public final class TestSaml2AuthenticationTokens {
return new Saml2AuthenticationToken(relyingPartyRegistration, "saml2-xml-response-object");
}
public static Saml2AuthenticationToken tokenRequested() {
RelyingPartyRegistration relyingPartyRegistration = TestRelyingPartyRegistrations.relyingPartyRegistration()
.build();
return new Saml2AuthenticationToken(relyingPartyRegistration, "saml2-xml-response-object",
TestSaml2PostAuthenticationRequests.create());
}
}