Polish Saml2AuthenticationRequestRepository

- Moved docs into AuthnRequest section, changed links to be more semantically valuable to search engines - Moved tests to be nearer to similar tests Issue gh-9185
2021-07-27 14:53:14 -06:00 · 2021-07-27 14:53:14 -06:00 · d5c953b106
parent 662ab10416
commit d5c953b106
3 changed files with 48 additions and 40 deletions
--- a/docs/manual/src/docs/asciidoc/_includes/servlet/saml2/saml2-login.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/servlet/saml2/saml2-login.adoc
@ -865,6 +865,37 @@ For example, if you were deployed to `https://rp.example.com` and you gave your
 and the result would be a redirect that included a `SAMLRequest` parameter containing the signed, deflated, and encoded `<saml2:AuthnRequest>`.
 [[servlet-saml2login-store-authn-request]]
 ==== Changing How the `<saml2:AuthnRequest>` Gets Stored
 `Saml2WebSsoAuthenticationRequestFilter` uses an `Saml2AuthenticationRequestRepository` to persist an `AbstractSaml2AuthenticationRequest` instance before <<servlet-saml2login-sp-initiated-factory,sending the `<saml2:AuthnRequest>`>> to the asserting party.
 Additionally, `Saml2WebSsoAuthenticationFilter` and `Saml2AuthenticationTokenConverter` use an `Saml2AuthenticationRequestRepository` to load any `AbstractSaml2AuthenticationRequest` as part of <<servlet-saml2login-authenticate-responses,authenticating the `<saml2:Response>`>>.
 By default, Spring Security uses an `HttpSessionSaml2AuthenticationRequestRepository`, which stores the `AbstractSaml2AuthenticationRequest` in the `HttpSession`.
 If you have a custom implementation of `Saml2AuthenticationRequestRepository`, you may configure it by exposing it as a `@Bean` as shown in the following example:
 ====
 .Java
 [source,java,role="primary"]
 ----
@Bean
 Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository() {
 	return new CustomSaml2AuthenticationRequestRepository();
 }
 ----
 .Kotlin
 [source,kotlin,role="secondary"]
 ----
@Bean
 open fun authenticationRequestRepository(): Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> {
    return CustomSaml2AuthenticationRequestRepository()
 }
 ----
 ====
 [[servlet-saml2login-sp-initiated-factory-signing]]
 ==== Changing How the `<saml2:AuthnRequest>` Gets Sent
@ -1610,33 +1641,3 @@ http {
 The success handler will send logout requests to the asserting party.
 The request matcher will detect logout requests from the asserting party.
 [[servlet-saml2login-store-authn-request]]
 === Storing the `AuthnRequest`
 The `Saml2AuthenticationRequestRepository` is responsible for the persistence of the `AuthnRequest` from the time the `AuthnRequest` <<servlet-saml2login-sp-initiated-factory,is initiated>> to the time the `SAMLResponse` <<servlet-saml2login-authenticate-responses,is received>>.
 The `Saml2AuthenticationTokenConverter` is responsible for loading the `AuthnRequest` from the `Saml2AuthenticationRequestRepository` and saving it into the `Saml2AuthenticationToken`.
 The default implementation of `Saml2AuthenticationRequestRepository` is `HttpSessionSaml2AuthenticationRequestRepository`, which stores the `AuthnRequest` in the `HttpSession`.
 If you have a custom implementation of `Saml2AuthenticationRequestRepository`, you may configure it by exposing it as a `@Bean` as shown in the following example:
 ====
 .Java
 [source,java,role="primary"]
 ----
@Bean
 Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository() {
 	return new CustomSaml2AuthenticationRequestRepository();
 }
 ----
 .Kotlin
 [source,kotlin,role="secondary"]
 ----
@Bean
 open fun authenticationRequestRepository(): Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> {
    return CustomSaml2AuthenticationRequestRepository()
 }
 ----
 ====
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilterTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilterTests.java
@ -114,17 +114,16 @@ public class Saml2WebSsoAuthenticationFilterTests {
 	@Test
 	public void setAuthenticationRequestRepositoryWhenExpectedAuthenticationConverterTypeThenSetLoaderIntoConverter() {
-		Saml2AuthenticationTokenConverter authenticationConverterMock = mock(Saml2AuthenticationTokenConverter.class);
+		Saml2AuthenticationTokenConverter authenticationConverter = mock(Saml2AuthenticationTokenConverter.class);
 		Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository = mock(
 				Saml2AuthenticationRequestRepository.class);
-		this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverterMock,
+		this.filter = new Saml2WebSsoAuthenticationFilter(authenticationConverter, "/some/other/path/{registrationId}");
 				"/some/other/path/{registrationId}");
 		this.filter.setAuthenticationRequestRepository(authenticationRequestRepository);
-		verify(authenticationConverterMock).setAuthenticationRequestRepository(authenticationRequestRepository);
+		verify(authenticationConverter).setAuthenticationRequestRepository(authenticationRequestRepository);
 	}
 	@Test
-	public void setAuthenticationRequestRepositoryWhenNotExpectedAuthenticationConverterTypeThenDontSet() {
+	public void setAuthenticationRequestRepositoryWhenNotExpectedAuthenticationConverterTypeThenDoNotSet() {
 		AuthenticationConverter authenticationConverter = mock(AuthenticationConverter.class);
 		Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> authenticationRequestRepository = mock(
 				Saml2AuthenticationRequestRepository.class);
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java
@ -141,11 +141,6 @@ public class Saml2AuthenticationTokenConverterTests {
 						(ex) -> assertThat(ex.getSaml2Error().getDescription()).isEqualTo("Unable to inflate string"));
 	}
 	@Test
 	public void constructorWhenResolverIsNullThenIllegalArgument() {
 		assertThatIllegalArgumentException().isThrownBy(() -> new Saml2AuthenticationTokenConverter(null));
 	}
 	@Test
 	public void convertWhenUsingSamlUtilsBase64ThenXmlIsValid() throws Exception {
 		Saml2AuthenticationTokenConverter converter = new Saml2AuthenticationTokenConverter(
@ -179,6 +174,19 @@ public class Saml2AuthenticationTokenConverterTests {
 		assertThat(token.getAuthenticationRequest()).isEqualTo(authenticationRequest);
 	}
 	@Test
 	public void constructorWhenResolverIsNullThenIllegalArgument() {
 		assertThatIllegalArgumentException().isThrownBy(() -> new Saml2AuthenticationTokenConverter(null));
 	}
 	@Test
 	public void setAuthenticationRequestRepositoryWhenNullThenIllegalArgument() {
 		Saml2AuthenticationTokenConverter converter = new Saml2AuthenticationTokenConverter(
 				this.relyingPartyRegistrationResolver);
 		assertThatExceptionOfType(IllegalArgumentException.class)
 				.isThrownBy(() -> converter.setAuthenticationRequestRepository(null));
 	}
 	private void validateSsoCircleXml(String xml) {
 		assertThat(xml).contains("InResponseTo=\"ARQ9a73ead-7dcf-45a8-89eb-26f3c9900c36\"")
 				.contains(" ID=\"s246d157446618e90e43fb79bdd4d9e9e19cf2c7c4\"")