mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-10-24 11:18:45 +00:00
Add Skipping Decryption Error Message
Closes gh-10220
This commit is contained in:
parent
c6e5781679
commit
b451ede189
@ -491,6 +491,10 @@ public final class OpenSaml4AuthenticationProvider implements AuthenticationProv
|
|||||||
if (responseSigned) {
|
if (responseSigned) {
|
||||||
this.responseElementsDecrypter.accept(responseToken);
|
this.responseElementsDecrypter.accept(responseToken);
|
||||||
}
|
}
|
||||||
|
else if (!response.getEncryptedAssertions().isEmpty()) {
|
||||||
|
result = result.concat(new Saml2Error(Saml2ErrorCodes.INVALID_SIGNATURE,
|
||||||
|
"Did not decrypt response [" + response.getID() + "] since it is not signed"));
|
||||||
|
}
|
||||||
result = result.concat(this.responseValidator.convert(responseToken));
|
result = result.concat(this.responseValidator.convert(responseToken));
|
||||||
boolean allAssertionsSigned = true;
|
boolean allAssertionsSigned = true;
|
||||||
for (Assertion assertion : response.getAssertions()) {
|
for (Assertion assertion : response.getAssertions()) {
|
||||||
|
@ -280,7 +280,7 @@ public class OpenSaml4AuthenticationProviderTests {
|
|||||||
Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
|
Saml2AuthenticationToken token = token(response, decrypting(verifying(registration())));
|
||||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||||
.isThrownBy(() -> this.provider.authenticate(token))
|
.isThrownBy(() -> this.provider.authenticate(token))
|
||||||
.satisfies(errorOf(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
.satisfies(errorOf(Saml2ErrorCodes.INVALID_SIGNATURE, "Did not decrypt response"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
Loading…
x
Reference in New Issue
Block a user