Polish SAML 2.0 Login Sample

Fixes gh-8163

samples/boot/saml2login/README.adoc

@@ -1,26 +1,20 @@
 = OAuth 2.0 Login Sample
 
-This guide provides instructions on setting up the sample application with SAML 2.0 Login using
+This guide provides instructions on setting up this SAML 2.0 Login sample application.
-Spring Security's `saml2Login()` feature.
 
-The sample application uses Spring Boot 2.2.0.M5 and the `spring-security-saml2-service-provider`
+The sample application uses Spring Boot and the `spring-security-saml2-service-provider`
 module which is new in Spring Security 5.2.
 
 == Goals
 
-`saml2Login()` provides a very simple, basic, implementation of a Service Provider
+`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
-that can receive a SAML 2 Response XML object via the HTTP-POST and HTTP-REDIRECT bindings
-against a known SAML reference implementation by SimpleSAMLPhp.
 
+The following features are implemented in the MVP:
 
-The following features are implemented in the MVP
+1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
-
+2. Send a SAML 2.0 AuthNRequest to an Identity Provider
-1. Receive and validate a SAML 2.0 Response object containing an assertion
+3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
-and create a valid authentication in Spring Security
+4. Work against the SimpleSAMLphp reference implementation
-2. Send a SAML 2 AuthNRequest object to an Identity Provider
-3. Provide a framework for components used in SAML 2.0 authentication that can
-be swapped by configuration
-4. Sample working against the SimpleSAMLPhP reference implementation
 
 == Run the Sample
 
@@ -33,7 +27,7 @@ be swapped by configuration
 
 http://localhost:8080/
 
-You will be redirect to the SimpleSAMLPhp IDP
+You will be redirect to the SimpleSAMLphp IDP
 
 === Type in your credentials
 

samples/boot/saml2login/src/main/java/sample/IndexController.java

@@ -19,15 +19,9 @@ package sample;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import sample.Saml2LoginApplication;
-
 @Controller
 public class IndexController {
 
-	private static final Log logger = LogFactory.getLog(Saml2LoginApplication.class);
-
 	@GetMapping("/")
 	public String index() {
 		return "index";

samples/boot/saml2login/src/main/resources/application.yml

@@ -4,13 +4,11 @@ spring:
       relyingparty:
         registration:
           simplesamlphp:
-            signing:
+            signing.credentials:
-              credentials:
               - private-key-location: "classpath:credentials/rp-private.key"
                 certificate-location: "classpath:credentials/rp-certificate.crt"
             identityprovider:
-              verification:
-                credentials:
-                  - certificate-location: "classpath:credentials/idp-certificate.crt"
               entity-id: https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php
+              verification.credentials:
+                - certificate-location: "classpath:credentials/idp-certificate.crt"
               sso-url: https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SSOService.php

samples/boot/saml2login/src/main/resources/templates/index.html

@@ -1,5 +1,5 @@
 <!--
-  ~ Copyright 2002-2019 the original author or authors.
+  ~ Copyright 2002-2020 the original author or authors.
   ~
   ~ Licensed under the Apache License, Version 2.0 (the "License");
   ~ you may not use this file except in compliance with the License.
@@ -17,21 +17,19 @@
 <!doctype html>
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org" xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
 <head>
-	<title>Spring Security - SAML 2 Log In</title>
+	<title>Spring Security - SAML 2.0 Login</title>
 	<meta charset="utf-8" />
 </head>
 <body>
-    <h1>Success</h1>
+	<div>
-    <div>You are authenticated as <span sec:authentication="name"></span></div>
+        <form th:action="@{/logout}" method="post">
-    <ul>
+            <input type="submit" value="Logout" />
-        <li>
+        </form>
-            <a th:href="@{/logout}">Log Out</a>
-        </li>
-        <li>
         <a href="https://simplesaml-for-spring-saml.cfapps.io/module.php/core/authenticate.php?as=example-userpass&logout">
-                Log out of SimpleSAMLPhp
+            Log out of SimpleSAMLphp
         </a>
-        </li>
+	</div>
-    </ul>
+	<h1>SAML 2.0 Login with Spring Security</h1>
+	<div>You are successfully logged in as <span sec:authentication="name"></span></div>
 </body>
 </html>