mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-05-31 17:22:13 +00:00
Move Saml2 Authentication Filters
Closes gh-8819
This commit is contained in:
Josh Cummings
parent
48e31f87e4
commit
61c80bcac5
@ -85,7 +85,7 @@ final class FilterOrderRegistration {
|
|||||||
"org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
|
"org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
|
||||||
order.next());
|
order.next());
|
||||||
this.filterToOrder.put(
|
this.filterToOrder.put(
|
||||||
"org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter",
|
"org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter",
|
||||||
order.next());
|
order.next());
|
||||||
put(X509AuthenticationFilter.class, order.next());
|
put(X509AuthenticationFilter.class, order.next());
|
||||||
put(AbstractPreAuthenticatedProcessingFilter.class, order.next());
|
put(AbstractPreAuthenticatedProcessingFilter.class, order.next());
|
||||||
@ -93,7 +93,7 @@ final class FilterOrderRegistration {
|
|||||||
this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
|
this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
|
||||||
order.next());
|
order.next());
|
||||||
this.filterToOrder.put(
|
this.filterToOrder.put(
|
||||||
"org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter",
|
"org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter",
|
||||||
order.next());
|
order.next());
|
||||||
put(UsernamePasswordAuthenticationFilter.class, order.next());
|
put(UsernamePasswordAuthenticationFilter.class, order.next());
|
||||||
order.next(); // gh-8105
|
order.next(); // gh-8105
|
||||||
|
|||||||
@ -33,15 +33,15 @@ import org.springframework.security.saml2.provider.service.authentication.Abstra
|
|||||||
import org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider;
|
import org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
|
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter;
|
|
||||||
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
|
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
|
||||||
import org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository;
|
import org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository;
|
||||||
import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
|
import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
|
||||||
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository;
|
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository;
|
||||||
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter;
|
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter;
|
||||||
|
import org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter;
|
||||||
import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
|
import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
|
||||||
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
||||||
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||||
import org.springframework.security.web.authentication.AuthenticationConverter;
|
import org.springframework.security.web.authentication.AuthenticationConverter;
|
||||||
import org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint;
|
||||||
|
|||||||
@ -39,8 +39,8 @@ import org.springframework.core.ResolvableType;
|
|||||||
import org.springframework.security.config.Elements;
|
import org.springframework.security.config.Elements;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
|
import org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter;
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
|||||||
@ -40,7 +40,7 @@ import org.springframework.security.saml2.provider.service.registration.InMemory
|
|||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository
|
||||||
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations
|
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
|
||||||
import org.springframework.security.web.SecurityFilterChain
|
import org.springframework.security.web.SecurityFilterChain
|
||||||
import org.springframework.test.web.servlet.MockMvc
|
import org.springframework.test.web.servlet.MockMvc
|
||||||
import org.springframework.test.web.servlet.get
|
import org.springframework.test.web.servlet.get
|
||||||
|
|||||||
@ -11,3 +11,5 @@ Use the OpenSaml 4 Support instead.
|
|||||||
* https://github.com/spring-projects/spring-security/issues/8980[gh-8980] - Remove unsafe/deprecated `Encryptors.querableText(CharSequence,CharSequence)`.
|
* https://github.com/spring-projects/spring-security/issues/8980[gh-8980] - Remove unsafe/deprecated `Encryptors.querableText(CharSequence,CharSequence)`.
|
||||||
Instead use data storage to encrypt values.
|
Instead use data storage to encrypt values.
|
||||||
* https://github.com/spring-projects/spring-security/issues/11520[gh-11520] - Remember Me uses SHA256 by default
|
* https://github.com/spring-projects/spring-security/issues/11520[gh-11520] - Remember Me uses SHA256 by default
|
||||||
|
* https://github.com/spring-projects/spring-security/issues/8819 - Move filters to web package
|
||||||
|
Reorganize imports
|
||||||
|
|||||||
@ -20,6 +20,7 @@ import java.util.Collections;
|
|||||||
|
|
||||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||||
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -42,9 +43,8 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
|
|||||||
* Creates a {@link Saml2AuthenticationToken} with the provided parameters.
|
* Creates a {@link Saml2AuthenticationToken} with the provided parameters.
|
||||||
*
|
*
|
||||||
* Note that the given {@link RelyingPartyRegistration} should have all its templates
|
* Note that the given {@link RelyingPartyRegistration} should have all its templates
|
||||||
* resolved at this point. See
|
* resolved at this point. See {@link Saml2WebSsoAuthenticationFilter} for an example
|
||||||
* {@link org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter}
|
* of performing that resolution.
|
||||||
* for an example of performing that resolution.
|
|
||||||
* @param relyingPartyRegistration the resolved {@link RelyingPartyRegistration} to
|
* @param relyingPartyRegistration the resolved {@link RelyingPartyRegistration} to
|
||||||
* use
|
* use
|
||||||
* @param saml2Response the SAML 2.0 response to authenticate
|
* @param saml2Response the SAML 2.0 response to authenticate
|
||||||
@ -66,9 +66,8 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
|
|||||||
* Creates a {@link Saml2AuthenticationToken} with the provided parameters
|
* Creates a {@link Saml2AuthenticationToken} with the provided parameters
|
||||||
*
|
*
|
||||||
* Note that the given {@link RelyingPartyRegistration} should have all its templates
|
* Note that the given {@link RelyingPartyRegistration} should have all its templates
|
||||||
* resolved at this point. See
|
* resolved at this point. See {@link Saml2WebSsoAuthenticationFilter} for an example
|
||||||
* {@link org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter}
|
* of performing that resolution.
|
||||||
* for an example of performing that resolution.
|
|
||||||
* @param relyingPartyRegistration the resolved {@link RelyingPartyRegistration} to
|
* @param relyingPartyRegistration the resolved {@link RelyingPartyRegistration} to
|
||||||
* use
|
* use
|
||||||
* @param saml2Response the SAML 2.0 response to authenticate
|
* @param saml2Response the SAML 2.0 response to authenticate
|
||||||
|
|||||||
@ -14,7 +14,7 @@
|
|||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.springframework.security.saml2.provider.service.servlet.filter;
|
package org.springframework.security.saml2.provider.service.web;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
@ -30,8 +30,6 @@ import org.springframework.security.saml2.provider.service.authentication.Abstra
|
|||||||
import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
|
import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
|
||||||
import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
|
import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||||
import org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository;
|
|
||||||
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository;
|
|
||||||
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
@ -14,7 +14,7 @@
|
|||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.springframework.security.saml2.provider.service.servlet.filter;
|
package org.springframework.security.saml2.provider.service.web.authentication;
|
||||||
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
@ -20,7 +20,7 @@ import org.junit.jupiter.api.Test;
|
|||||||
|
|
||||||
import org.springframework.security.saml2.core.Saml2X509Credential;
|
import org.springframework.security.saml2.core.Saml2X509Credential;
|
||||||
import org.springframework.security.saml2.core.TestSaml2X509Credentials;
|
import org.springframework.security.saml2.core.TestSaml2X509Credentials;
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
|
||||||
|
|||||||
@ -18,7 +18,7 @@ package org.springframework.security.saml2.provider.service.registration;
|
|||||||
|
|
||||||
import org.springframework.security.saml2.core.Saml2X509Credential;
|
import org.springframework.security.saml2.core.Saml2X509Credential;
|
||||||
import org.springframework.security.saml2.credentials.TestSaml2X509Credentials;
|
import org.springframework.security.saml2.credentials.TestSaml2X509Credentials;
|
||||||
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Preconfigured test data for {@link RelyingPartyRegistration} objects
|
* Preconfigured test data for {@link RelyingPartyRegistration} objects
|
||||||
|
|||||||
@ -14,7 +14,7 @@
|
|||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.springframework.security.saml2.provider.service.servlet.filter;
|
package org.springframework.security.saml2.provider.service.web;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
@ -37,7 +37,6 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
|
|||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||||
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
|
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
|
||||||
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations;
|
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations;
|
||||||
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository;
|
|
||||||
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
|
||||||
import org.springframework.web.util.HtmlUtils;
|
import org.springframework.web.util.HtmlUtils;
|
||||||
import org.springframework.web.util.UriUtils;
|
import org.springframework.web.util.UriUtils;
|
||||||
@ -14,7 +14,7 @@
|
|||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package org.springframework.security.saml2.provider.service.servlet.filter;
|
package org.springframework.security.saml2.provider.service.web.authentication;
|
||||||
|
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
import org.junit.jupiter.api.Assertions;
|
import org.junit.jupiter.api.Assertions;
|
||||||
Loading…
x
Reference in New Issue
Block a user