Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Saml2LogoutRequestMixin relayState property should be binding 

Closes gh-12539
This commit is contained in:
Marcus Da Coregio 2023-01-26 11:20:08 -03:00 committed by Marcus Hert Da Coregio
parent ece5089cc8
commit 64270f28e4
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/jackson2/Saml2LogoutRequestMixin.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2022 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -53,7 +53,7 @@ class Saml2LogoutRequestMixin {
@JsonCreator
Saml2LogoutRequestMixin(@JsonProperty("location") String location,
@JsonProperty("relayState") Saml2MessageBinding relayState,
@JsonProperty("binding") Saml2MessageBinding binding,
@JsonProperty("parameters") Map<String, String> parameters, @JsonProperty("id") String id,
@JsonProperty("relyingPartyRegistrationId") String relyingPartyRegistrationId) {
}

17
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/jackson2/Saml2LogoutRequestMixinTests.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2022 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,6 +19,8 @@ package org.springframework.security.saml2.jackson2;
import java.util.HashMap;
import java.util.Map;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@ -52,6 +54,19 @@ class Saml2LogoutRequestMixinTests {
@Test
void shouldDeserialize() throws Exception {
deserializeAndAssertRequest();
}
// gh-12539
@Test
void shouldDeserializeWhenFailOnMissingCreatorPropertiesEnabled() throws Exception {
// Jackson will use reflection to initialize the binding property if this is not
// enabled
this.mapper.configure(DeserializationFeature.FAIL_ON_MISSING_CREATOR_PROPERTIES, true);
deserializeAndAssertRequest();
}
private void deserializeAndAssertRequest() throws JsonProcessingException {
Saml2LogoutRequest logoutRequest = this.mapper.readValue(TestSaml2JsonPayloads.DEFAULT_LOGOUT_REQUEST_JSON,
Saml2LogoutRequest.class);