From 9241cd28929e80fe43a652740bdccd3c970eec66 Mon Sep 17 00:00:00 2001
From: Josh Cummings <josh.cummings@gmail.com>
Date: Fri, 17 Apr 2020 16:46:14 -0600
Subject: [PATCH] Move TestRelyingPartyRegistrations

Fixes gh-8551
---
 config/spring-security-config.gradle          |  1 +
 .../saml2/Saml2LoginConfigurerTests.java      |  7 ++--
 .../RelyingPartyRegistrationTests.java        | 41 ++++---------------
 .../TestRelyingPartyRegistrations.java        | 18 ++++----
 4 files changed, 19 insertions(+), 48 deletions(-)
 rename {config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2 => saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration}/TestRelyingPartyRegistrations.java (71%)

diff --git a/config/spring-security-config.gradle b/config/spring-security-config.gradle
index 5ff188ea77..d641eda0ab 100644
--- a/config/spring-security-config.gradle
+++ b/config/spring-security-config.gradle
@@ -41,6 +41,7 @@ dependencies {
 	testCompile project(path : ':spring-security-core', configuration : 'tests')
 	testCompile project(path : ':spring-security-oauth2-client', configuration : 'tests')
 	testCompile project(path : ':spring-security-oauth2-resource-server', configuration : 'tests')
+	testCompile project(path : ':spring-security-saml2-service-provider', configuration : 'tests')
 	testCompile project(path : ':spring-security-web', configuration : 'tests')
 	testCompile apachedsDependencies
 	testCompile powerMock2Dependencies
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
index 586781f5d5..186f9e3b15 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
@@ -69,7 +69,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
-import static org.springframework.security.config.annotation.web.configurers.saml2.TestRelyingPartyRegistrations.saml2AuthenticationConfiguration;
+import static org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations.relyingPartyRegistration;
 
 /**
  * Tests for different Java configuration for {@link Saml2LoginConfigurer}
@@ -253,9 +253,8 @@ public class Saml2LoginConfigurerTests {
 		@Bean
 		RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
 			RelyingPartyRegistrationRepository repository = mock(RelyingPartyRegistrationRepository.class);
-			when(repository.findByRegistrationId(anyString())).thenReturn(
-					saml2AuthenticationConfiguration()
-			);
+			when(repository.findByRegistrationId(anyString()))
+					.thenReturn(relyingPartyRegistration().build());
 			return repository;
 		}
 	}
diff --git a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java
index e3b8292c38..63ee9d55d4 100644
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java
@@ -18,18 +18,20 @@ package org.springframework.security.saml2.provider.service.registration;
 
 import org.junit.Test;
 
-import org.springframework.security.saml2.credentials.Saml2X509Credential;
 import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartySigningCredential;
-import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartyVerifyingCredential;
+import static org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding.POST;
+import static org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations.relyingPartyRegistration;
 
 public class RelyingPartyRegistrationTests {
 
 	@Test
 	public void withRelyingPartyRegistrationWorks() {
-		RelyingPartyRegistration registration = relyingPartyRegistration();
+		RelyingPartyRegistration registration = relyingPartyRegistration()
+				.providerDetails(p -> p.binding(POST))
+				.providerDetails(p -> p.signAuthNRequest(false))
+				.build();
 		RelyingPartyRegistration copy = RelyingPartyRegistration.withRelyingPartyRegistration(registration).build();
 		compareRegistrations(registration, copy);
 	}
@@ -58,38 +60,9 @@ public class RelyingPartyRegistrationTests {
 				.isEqualTo("https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php");
 		assertThat(copy.getProviderDetails().getBinding())
 				.isEqualTo(registration.getProviderDetails().getBinding())
-				.isEqualTo(Saml2MessageBinding.POST);
+				.isEqualTo(POST);
 		assertThat(copy.getProviderDetails().isSignAuthNRequest())
 				.isEqualTo(registration.getProviderDetails().isSignAuthNRequest())
 				.isFalse();
 	}
-
-
-	private RelyingPartyRegistration relyingPartyRegistration() {
-		//remote IDP entity ID
-		String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
-		//remote WebSSO Endpoint - Where to Send AuthNRequests to
-		String webSsoEndpoint = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php";
-		//local registration ID
-		String registrationId = "simplesamlphp";
-		//local entity ID - autogenerated based on URL
-		String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
-		//local signing (and decryption key)
-		Saml2X509Credential signingCredential = relyingPartySigningCredential();
-		//IDP certificate for verification of incoming messages
-		Saml2X509Credential idpVerificationCertificate = relyingPartyVerifyingCredential();
-		String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
-		return RelyingPartyRegistration.withRegistrationId(registrationId)
-				.providerDetails(c -> {
-					c.webSsoUrl(webSsoEndpoint);
-					c.binding(Saml2MessageBinding.POST);
-					c.signAuthNRequest(false);
-					c.entityId(idpEntityId);
-				})
-				.credentials(c -> c.add(signingCredential))
-				.credentials(c -> c.add(idpVerificationCertificate))
-				.localEntityIdTemplate(localEntityIdTemplate)
-				.assertionConsumerServiceUrlTemplate(acsUrlTemplate)
-				.build();
-	}
 }
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/TestRelyingPartyRegistrations.java b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/TestRelyingPartyRegistrations.java
similarity index 71%
rename from config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/TestRelyingPartyRegistrations.java
rename to saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/TestRelyingPartyRegistrations.java
index b69456e2bc..d8c9686d41 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/TestRelyingPartyRegistrations.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/TestRelyingPartyRegistrations.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,21 +14,20 @@
  * limitations under the License.
  */
 
-package org.springframework.security.config.annotation.web.configurers.saml2;
+package org.springframework.security.saml2.provider.service.registration;
 
 import org.springframework.security.saml2.credentials.Saml2X509Credential;
-import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
 
-import static org.springframework.security.config.annotation.web.configurers.saml2.TestSaml2Credentials.signingCredential;
-import static org.springframework.security.config.annotation.web.configurers.saml2.TestSaml2Credentials.verificationCertificate;
+import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartySigningCredential;
+import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartyVerifyingCredential;
 
 /**
  * Preconfigured test data for {@link RelyingPartyRegistration} objects
  */
 public class TestRelyingPartyRegistrations {
 
-	static RelyingPartyRegistration saml2AuthenticationConfiguration() {
+	public static RelyingPartyRegistration.Builder relyingPartyRegistration() {
 		//remote IDP entity ID
 		String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
 		//remote WebSSO Endpoint - Where to Send AuthNRequests to
@@ -38,9 +37,9 @@ public class TestRelyingPartyRegistrations {
 		//local entity ID - autogenerated based on URL
 		String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
 		//local signing (and decryption key)
-		Saml2X509Credential signingCredential = signingCredential();
+		Saml2X509Credential signingCredential = relyingPartySigningCredential();
 		//IDP certificate for verification of incoming messages
-		Saml2X509Credential idpVerificationCertificate = verificationCertificate();
+		Saml2X509Credential idpVerificationCertificate = relyingPartyVerifyingCredential();
 		String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
 		return RelyingPartyRegistration.withRegistrationId(registrationId)
 				.providerDetails(c -> c.entityId(idpEntityId))
@@ -48,8 +47,7 @@ public class TestRelyingPartyRegistrations {
 				.credentials(c -> c.add(signingCredential))
 				.credentials(c -> c.add(idpVerificationCertificate))
 				.localEntityIdTemplate(localEntityIdTemplate)
-				.assertionConsumerServiceUrlTemplate(acsUrlTemplate)
-				.build();
+				.assertionConsumerServiceUrlTemplate(acsUrlTemplate);
 	}