Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 13:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move TestRelyingPartyRegistrations

Browse Source 
Fixes gh-8551
This commit is contained in:
Josh Cummings 2020-04-17 16:46:14 -06:00
parent 7c7934c052
commit 9241cd2892
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
4 changed files with 19 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/spring-security-config.gradle
View File

@ -41,6 +41,7 @@ dependencies {
testCompile project(path : ':spring-security-core', configuration : 'tests') testCompile project(path : ':spring-security-core', configuration : 'tests')
testCompile project(path : ':spring-security-oauth2-client', configuration : 'tests') testCompile project(path : ':spring-security-oauth2-client', configuration : 'tests')
testCompile project(path : ':spring-security-oauth2-resource-server', configuration : 'tests') testCompile project(path : ':spring-security-oauth2-resource-server', configuration : 'tests')
testCompile project(path : ':spring-security-saml2-service-provider', configuration : 'tests')
testCompile project(path : ':spring-security-web', configuration : 'tests') testCompile project(path : ':spring-security-web', configuration : 'tests')
testCompile apachedsDependencies testCompile apachedsDependencies
testCompile powerMock2Dependencies testCompile powerMock2Dependencies

7
config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
View File

@ -69,7 +69,7 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
import static org.springframework.security.config.annotation.web.configurers.saml2.TestRelyingPartyRegistrations.saml2AuthenticationConfiguration; import static org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations.relyingPartyRegistration;
/** /**
* Tests for different Java configuration for {@link Saml2LoginConfigurer} * Tests for different Java configuration for {@link Saml2LoginConfigurer}
@ -253,9 +253,8 @@ public class Saml2LoginConfigurerTests {
@Bean @Bean
RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() { RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
RelyingPartyRegistrationRepository repository = mock(RelyingPartyRegistrationRepository.class); RelyingPartyRegistrationRepository repository = mock(RelyingPartyRegistrationRepository.class);
when(repository.findByRegistrationId(anyString())).thenReturn( when(repository.findByRegistrationId(anyString()))
saml2AuthenticationConfiguration() .thenReturn(relyingPartyRegistration().build());
);
return repository; return repository;
} }
} }

41
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationTests.java
View File

@ -18,18 +18,20 @@ package org.springframework.security.saml2.provider.service.registration;
import org.junit.Test; import org.junit.Test;
import org.springframework.security.saml2.credentials.Saml2X509Credential;
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter; import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartySigningCredential; import static org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding.POST;
import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartyVerifyingCredential; import static org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations.relyingPartyRegistration;
public class RelyingPartyRegistrationTests { public class RelyingPartyRegistrationTests {
@Test @Test
public void withRelyingPartyRegistrationWorks() { public void withRelyingPartyRegistrationWorks() {
RelyingPartyRegistration registration = relyingPartyRegistration(); RelyingPartyRegistration registration = relyingPartyRegistration()
.providerDetails(p -> p.binding(POST))
.providerDetails(p -> p.signAuthNRequest(false))
.build();
RelyingPartyRegistration copy = RelyingPartyRegistration.withRelyingPartyRegistration(registration).build(); RelyingPartyRegistration copy = RelyingPartyRegistration.withRelyingPartyRegistration(registration).build();
compareRegistrations(registration, copy); compareRegistrations(registration, copy);
} }
@ -58,38 +60,9 @@ public class RelyingPartyRegistrationTests {
.isEqualTo("https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php"); .isEqualTo("https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php");
assertThat(copy.getProviderDetails().getBinding()) assertThat(copy.getProviderDetails().getBinding())
.isEqualTo(registration.getProviderDetails().getBinding()) .isEqualTo(registration.getProviderDetails().getBinding())
.isEqualTo(Saml2MessageBinding.POST); .isEqualTo(POST);
assertThat(copy.getProviderDetails().isSignAuthNRequest()) assertThat(copy.getProviderDetails().isSignAuthNRequest())
.isEqualTo(registration.getProviderDetails().isSignAuthNRequest()) .isEqualTo(registration.getProviderDetails().isSignAuthNRequest())
.isFalse(); .isFalse();
} }
private RelyingPartyRegistration relyingPartyRegistration() {
//remote IDP entity ID
String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
//remote WebSSO Endpoint - Where to Send AuthNRequests to
String webSsoEndpoint = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php";
//local registration ID
String registrationId = "simplesamlphp";
//local entity ID - autogenerated based on URL
String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
//local signing (and decryption key)
Saml2X509Credential signingCredential = relyingPartySigningCredential();
//IDP certificate for verification of incoming messages
Saml2X509Credential idpVerificationCertificate = relyingPartyVerifyingCredential();
String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
return RelyingPartyRegistration.withRegistrationId(registrationId)
.providerDetails(c -> {
c.webSsoUrl(webSsoEndpoint);
c.binding(Saml2MessageBinding.POST);
c.signAuthNRequest(false);
c.entityId(idpEntityId);
})
.credentials(c -> c.add(signingCredential))
.credentials(c -> c.add(idpVerificationCertificate))
.localEntityIdTemplate(localEntityIdTemplate)
.assertionConsumerServiceUrlTemplate(acsUrlTemplate)
.build();
}
} }

18
config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/TestRelyingPartyRegistrations.java → saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/registration/TestRelyingPartyRegistrations.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2019 the original author or authors. * Copyright 2002-2020 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,21 +14,20 @@
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.config.annotation.web.configurers.saml2; package org.springframework.security.saml2.provider.service.registration;
import org.springframework.security.saml2.credentials.Saml2X509Credential; import org.springframework.security.saml2.credentials.Saml2X509Credential;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter; import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
import static org.springframework.security.config.annotation.web.configurers.saml2.TestSaml2Credentials.signingCredential; import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartySigningCredential;
import static org.springframework.security.config.annotation.web.configurers.saml2.TestSaml2Credentials.verificationCertificate; import static org.springframework.security.saml2.credentials.TestSaml2X509Credentials.relyingPartyVerifyingCredential;
/** /**
* Preconfigured test data for {@link RelyingPartyRegistration} objects * Preconfigured test data for {@link RelyingPartyRegistration} objects
*/ */
public class TestRelyingPartyRegistrations { public class TestRelyingPartyRegistrations {
static RelyingPartyRegistration saml2AuthenticationConfiguration() { public static RelyingPartyRegistration.Builder relyingPartyRegistration() {
//remote IDP entity ID //remote IDP entity ID
String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php"; String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
//remote WebSSO Endpoint - Where to Send AuthNRequests to //remote WebSSO Endpoint - Where to Send AuthNRequests to
@ -38,9 +37,9 @@ public class TestRelyingPartyRegistrations {
//local entity ID - autogenerated based on URL //local entity ID - autogenerated based on URL
String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}"; String localEntityIdTemplate = "{baseUrl}/saml2/service-provider-metadata/{registrationId}";
//local signing (and decryption key) //local signing (and decryption key)
Saml2X509Credential signingCredential = signingCredential(); Saml2X509Credential signingCredential = relyingPartySigningCredential();
//IDP certificate for verification of incoming messages //IDP certificate for verification of incoming messages
Saml2X509Credential idpVerificationCertificate = verificationCertificate(); Saml2X509Credential idpVerificationCertificate = relyingPartyVerifyingCredential();
String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI; String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
return RelyingPartyRegistration.withRegistrationId(registrationId) return RelyingPartyRegistration.withRegistrationId(registrationId)
.providerDetails(c -> c.entityId(idpEntityId)) .providerDetails(c -> c.entityId(idpEntityId))
@ -48,8 +47,7 @@ public class TestRelyingPartyRegistrations {
.credentials(c -> c.add(signingCredential)) .credentials(c -> c.add(signingCredential))
.credentials(c -> c.add(idpVerificationCertificate)) .credentials(c -> c.add(idpVerificationCertificate))
.localEntityIdTemplate(localEntityIdTemplate) .localEntityIdTemplate(localEntityIdTemplate)
.assertionConsumerServiceUrlTemplate(acsUrlTemplate) .assertionConsumerServiceUrlTemplate(acsUrlTemplate);
.build();
} }