Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 01:02:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Deprecate OpenID 2.0 support

Browse Source 
Deprecate OpenID 2.0 support
This commit is contained in:
Rob Winch 2020-05-12 09:37:56 -05:00 committed by GitHub
commit e5d2aaf6fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
37 changed files with 200 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

@ -233,7 +233,9 @@ public final class HttpSecurity extends
* </pre> * </pre>
* *
* @return the {@link OpenIDLoginConfigurer} for further customizations. * @return the {@link OpenIDLoginConfigurer} for further customizations.
* * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @throws Exception * @throws Exception
* @see OpenIDLoginConfigurer * @see OpenIDLoginConfigurer
*/ */
@ -355,6 +357,9 @@ public final class HttpSecurity extends
* *
* @param openidLoginCustomizer the {@link Customizer} to provide more options for * @param openidLoginCustomizer the {@link Customizer} to provide more options for
* the {@link OpenIDLoginConfigurer} * the {@link OpenIDLoginConfigurer}
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @throws Exception
*/ */

3
config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
View File

@ -118,6 +118,9 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
* </ul> * </ul>
* *
* @author Rob Winch * @author Rob Winch
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @since 3.2 * @since 3.2
*/ */
public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> extends public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> extends

105
config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
View File

@ -350,51 +350,7 @@ final class AuthenticationConfigBuilder {
RootBeanDefinition openIDFilter = null; RootBeanDefinition openIDFilter = null;
if (openIDLoginElt != null) { if (openIDLoginElt != null) {
FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser( openIDFilter = parseOpenIDFilter(sessionStrategy, openIDLoginElt);
"/login/openid", null,
OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS, requestCache,
sessionStrategy, allowSessionCreation, portMapper, portResolver);
parser.parse(openIDLoginElt, pc);
openIDFilter = parser.getFilterBean();
openIDEntryPoint = parser.getEntryPointBean();
openidLoginProcessingUrl = parser.getLoginProcessingUrl();
openIDLoginPage = parser.getLoginPage();
List<Element> attrExElts = DomUtils.getChildElementsByTagName(openIDLoginElt,
Elements.OPENID_ATTRIBUTE_EXCHANGE);
if (!attrExElts.isEmpty()) {
// Set up the consumer with the required attribute list
BeanDefinitionBuilder consumerBldr = BeanDefinitionBuilder
.rootBeanDefinition(OPEN_ID_CONSUMER_CLASS);
BeanDefinitionBuilder axFactory = BeanDefinitionBuilder
.rootBeanDefinition(OPEN_ID_ATTRIBUTE_FACTORY_CLASS);
ManagedMap<String, ManagedList<BeanDefinition>> axMap = new ManagedMap<>();
for (Element attrExElt : attrExElts) {
String identifierMatch = attrExElt.getAttribute("identifier-match");
if (!StringUtils.hasText(identifierMatch)) {
if (attrExElts.size() > 1) {
pc.getReaderContext().error(
"You must supply an identifier-match attribute if using more"
+ " than one "
+ Elements.OPENID_ATTRIBUTE_EXCHANGE
+ " element", attrExElt);
}
// Match anything
identifierMatch = ".*";
}
axMap.put(identifierMatch, parseOpenIDAttributes(attrExElt));
}
axFactory.addConstructorArgValue(axMap);
consumerBldr.addConstructorArgValue(axFactory.getBeanDefinition());
openIDFilter.getPropertyValues().addPropertyValue("consumer",
consumerBldr.getBeanDefinition());
}
} }
if (openIDFilter != null) { if (openIDFilter != null) {
@ -412,6 +368,65 @@ final class AuthenticationConfigBuilder {
} }
} }
/**
* Parses OpenID 1.0 and 2.0 - related parts of configuration xmls
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @param sessionStrategy sessionStrategy
* @param openIDLoginElt the element from the xml file
* @return the parsed filter as rootBeanDefinition
*/
private RootBeanDefinition parseOpenIDFilter( BeanReference sessionStrategy, Element openIDLoginElt ) {
RootBeanDefinition openIDFilter;
FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser(
"/login/openid", null,
OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS, requestCache,
sessionStrategy, allowSessionCreation, portMapper, portResolver);
parser.parse(openIDLoginElt, pc);
openIDFilter = parser.getFilterBean();
openIDEntryPoint = parser.getEntryPointBean();
openidLoginProcessingUrl = parser.getLoginProcessingUrl();
openIDLoginPage = parser.getLoginPage();
List<Element> attrExElts = DomUtils.getChildElementsByTagName(openIDLoginElt,
Elements.OPENID_ATTRIBUTE_EXCHANGE);
if (!attrExElts.isEmpty()) {
// Set up the consumer with the required attribute list
BeanDefinitionBuilder consumerBldr = BeanDefinitionBuilder
.rootBeanDefinition(OPEN_ID_CONSUMER_CLASS);
BeanDefinitionBuilder axFactory = BeanDefinitionBuilder
.rootBeanDefinition(OPEN_ID_ATTRIBUTE_FACTORY_CLASS);
ManagedMap<String, ManagedList<BeanDefinition>> axMap = new ManagedMap<>();
for (Element attrExElt : attrExElts) {
String identifierMatch = attrExElt.getAttribute("identifier-match");
if (!StringUtils.hasText(identifierMatch)) {
if (attrExElts.size() > 1) {
pc.getReaderContext().error(
"You must supply an identifier-match attribute if using more"
+ " than one "
+ Elements.OPENID_ATTRIBUTE_EXCHANGE
+ " element", attrExElt);
}
// Match anything
identifierMatch = ".*";
}
axMap.put(identifierMatch, parseOpenIDAttributes(attrExElt));
}
axFactory.addConstructorArgValue(axMap);
consumerBldr.addConstructorArgValue(axFactory.getBeanDefinition());
openIDFilter.getPropertyValues().addPropertyValue("consumer",
consumerBldr.getBeanDefinition());
}
return openIDFilter;
}
private ManagedList<BeanDefinition> parseOpenIDAttributes(Element attrExElt) { private ManagedList<BeanDefinition> parseOpenIDAttributes(Element attrExElt) {
ManagedList<BeanDefinition> attributes = new ManagedList<>(); ManagedList<BeanDefinition> attributes = new ManagedList<>();
for (Element attElt : DomUtils.getChildElementsByTagName(attrExElt, for (Element attElt : DomUtils.getChildElementsByTagName(attrExElt,

4
config/src/main/resources/org/springframework/security/config/spring-security-5.4.rnc
View File

@ -615,7 +615,7 @@ opaque-token.attlist &=
attribute introspector-ref {xsd:token}? attribute introspector-ref {xsd:token}?
openid-login = openid-login =
## Sets up form login for authentication with an Open ID identity ## Sets up form login for authentication with an Open ID identity. NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
element openid-login {form-login.attlist, user-service-ref?, attribute-exchange*} element openid-login {form-login.attlist, user-service-ref?, attribute-exchange*}
attribute-exchange = attribute-exchange =
@ -627,7 +627,7 @@ attribute-exchange.attlist &=
attribute identifier-match {xsd:token}? attribute identifier-match {xsd:token}?
openid-attribute = openid-attribute =
## Attributes used when making an OpenID AX Fetch Request ## Attributes used when making an OpenID AX Fetch Request. NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
element openid-attribute {openid-attribute.attlist} element openid-attribute {openid-attribute.attlist}
openid-attribute.attlist &= openid-attribute.attlist &=

12
config/src/main/resources/org/springframework/security/config/spring-security-5.4.xsd
View File

@ -960,7 +960,11 @@
<xs:element ref="security:oauth2-resource-server"/> <xs:element ref="security:oauth2-resource-server"/>
<xs:element name="openid-login"> <xs:element name="openid-login">
<xs:annotation> <xs:annotation>
<xs:documentation>Sets up form login for authentication with an Open ID identity <xs:documentation>Sets up form login for authentication with an Open ID identity. NOTE: The OpenID 1.0 and
2.0 protocols have been deprecated and users are &lt;a
href="https://openid.net/specs/openid-connect-migration-1_0.html"&gt;encouraged to
migrate&lt;/a&gt; to &lt;a href="https://openid.net/connect/"&gt;OpenID Connect&lt;/a&gt;, which is
supported by &lt;code&gt;spring-security-oauth2&lt;/code&gt;.
</xs:documentation> </xs:documentation>
</xs:annotation> </xs:annotation>
<xs:complexType> <xs:complexType>
@ -1905,7 +1909,11 @@
</xs:attributeGroup> </xs:attributeGroup>
<xs:element name="openid-attribute"> <xs:element name="openid-attribute">
<xs:annotation> <xs:annotation>
<xs:documentation>Attributes used when making an OpenID AX Fetch Request <xs:documentation>Attributes used when making an OpenID AX Fetch Request. NOTE: The OpenID 1.0 and 2.0
protocols have been deprecated and users are &lt;a
href="https://openid.net/specs/openid-connect-migration-1_0.html"&gt;encouraged to
migrate&lt;/a&gt; to &lt;a href="https://openid.net/connect/"&gt;OpenID Connect&lt;/a&gt;, which is
supported by &lt;code&gt;spring-security-oauth2&lt;/code&gt;.
</xs:documentation> </xs:documentation>
</xs:annotation> </xs:annotation>
<xs:complexType> <xs:complexType>

2
docs/articles/src/docbook/codebase-structure.xml
View File

@ -146,7 +146,7 @@
<entry valign="middle">spring-security-openid</entry> <entry valign="middle">spring-security-openid</entry>
<entry>OpenID web authentication support.</entry> <entry>OpenID web authentication support.</entry>
<entry>If you need to authenticate users against an external OpenID <entry>If you need to authenticate users against an external OpenID
server.</entry> server. (Deprecated)</entry>
<entry><literal>org.springframework.security.openid</literal></entry> <entry><literal>org.springframework.security.openid</literal></entry>
</row> </row>
</tbody> </tbody>

3
docs/manual/src/docs/asciidoc/_includes/about/modules.adoc
View File

@ -102,6 +102,9 @@ The top-level package is `org.springframework.security.cas`.
[[spring-security-openid]] [[spring-security-openid]]
== OpenID -- `spring-security-openid.jar` == OpenID -- `spring-security-openid.jar`
[NOTE]
The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported by spring-security-oauth2.
This module contains OpenID web authentication support. This module contains OpenID web authentication support.
It is used to authenticate users against an external OpenID server. It is used to authenticate users against an external OpenID server.
The top-level package is `org.springframework.security.openid`. The top-level package is `org.springframework.security.openid`.

4
docs/manual/src/docs/asciidoc/_includes/servlet/authentication/openid.adoc
View File

@ -1,5 +1,9 @@
[[servlet-openid]] [[servlet-openid]]
== OpenID Support == OpenID Support
[NOTE]
The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported by spring-security-oauth2.
The namespace supports https://openid.net/[OpenID] login either instead of, or in addition to normal form-based login, with a simple change: The namespace supports https://openid.net/[OpenID] login either instead of, or in addition to normal form-based login, with a simple change:
[source,xml] [source,xml]

4
openid/spring-security-openid.gradle
View File

@ -1,3 +1,7 @@
// NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
// <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
// to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
apply plugin: 'io.spring.convention.spring-module' apply plugin: 'io.spring.convention.spring-module'
dependencies { dependencies {

3
openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
View File

@ -20,6 +20,9 @@ import org.springframework.security.core.AuthenticationException;
/** /**
* Indicates that OpenID authentication was cancelled * Indicates that OpenID authentication was cancelled
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */
public class AuthenticationCancelledException extends AuthenticationException { public class AuthenticationCancelledException extends AuthenticationException {

3
openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
View File

@ -24,6 +24,9 @@ import java.util.List;
* This allows the list of attributes for a fetch request to be tailored for different * This allows the list of attributes for a fetch request to be tailored for different
* OpenID providers, since they do not all support the same attributes. * OpenID providers, since they do not all support the same attributes.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.1 * @since 3.1
*/ */

3
openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
View File

@ -19,6 +19,9 @@ import java.util.Collections;
import java.util.List; import java.util.List;
/** /**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.1 * @since 3.1
*/ */

3
openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java
View File

@ -41,6 +41,9 @@ import org.openid4java.message.ax.FetchResponse;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
/** /**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Ray Krueger * @author Ray Krueger
* @author Luke Taylor * @author Luke Taylor
*/ */

3
openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
View File

@ -27,6 +27,9 @@ import org.springframework.util.Assert;
* should be requested during a fetch request, or to hold values for an attribute which * should be requested during a fetch request, or to hold values for an attribute which
* are returned during the authentication process. * are returned during the authentication process.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.0 * @since 3.0
*/ */

3
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
View File

@ -59,6 +59,9 @@ import java.util.*;
* where it should (normally) be processed by an <tt>OpenIDAuthenticationProvider</tt> in * where it should (normally) be processed by an <tt>OpenIDAuthenticationProvider</tt> in
* order to load the authorities for the user. * order to load the authorities for the user.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley * @author Robin Bramley
* @author Ray Krueger * @author Ray Krueger
* @author Luke Taylor * @author Luke Taylor

3
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
View File

@ -44,6 +44,9 @@ import org.springframework.util.Assert;
* {@code Authentication} token, so additional properties such as email addresses, * {@code Authentication} token, so additional properties such as email addresses,
* telephone numbers etc can easily be stored. * telephone numbers etc can easily be stored.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley, Opsera Ltd. * @author Robin Bramley, Opsera Ltd.
* @author Luke Taylor * @author Luke Taylor
*/ */

3
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
View File

@ -18,6 +18,9 @@ package org.springframework.security.openid;
/** /**
* Authentication status codes, based on JanRain status codes * Authentication status codes, based on JanRain status codes
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author JanRain Inc. * @author JanRain Inc.
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
* @author Luke Taylor * @author Luke Taylor

3
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
View File

@ -26,6 +26,9 @@ import org.springframework.security.core.SpringSecurityCoreVersion;
/** /**
* OpenID Authentication Token * OpenID Authentication Token
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley * @author Robin Bramley
*/ */
public class OpenIDAuthenticationToken extends AbstractAuthenticationToken { public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {

3
openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
View File

@ -20,6 +20,9 @@ import javax.servlet.http.HttpServletRequest;
/** /**
* An interface for OpenID library implementations * An interface for OpenID library implementations
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Ray Krueger * @author Ray Krueger
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */

3
openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
View File

@ -18,6 +18,9 @@ package org.springframework.security.openid;
/** /**
* Thrown by an OpenIDConsumer if it cannot process a request * Thrown by an OpenIDConsumer if it cannot process a request
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */
public class OpenIDConsumerException extends Exception { public class OpenIDConsumerException extends Exception {

4
openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
View File

@ -22,7 +22,9 @@ import java.util.Map;
import java.util.regex.Pattern; import java.util.regex.Pattern;
/** /**
* * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.1 * @since 3.1
*/ */

8
openid/src/main/java/org/springframework/security/openid/package.html
View File

@ -1,5 +1,9 @@
<html> <html>
<body> <body>
Authenticates standard web browser users via <a href="https://openid.net">OpenID</a>. <p>Authenticates standard web browser users via <a href="https://openid.net">OpenID</a>.</p>
<p>NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.</p>
</body> </body>
</html> </html>

6
openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
View File

@ -15,12 +15,12 @@
*/ */
package org.springframework.security.openid; package org.springframework.security.openid;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.openid.OpenIDConsumer;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
/** /**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */
public class MockOpenIDConsumer implements OpenIDConsumer { public class MockOpenIDConsumer implements OpenIDConsumer {

3
openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
View File

@ -40,6 +40,9 @@ import org.springframework.mock.web.MockHttpServletRequest;
import java.util.*; import java.util.*;
/** /**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
*/ */
public class OpenID4JavaConsumerTests { public class OpenID4JavaConsumerTests {

5
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java
View File

@ -31,6 +31,11 @@ import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
/**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
*/
public class OpenIDAuthenticationFilterTests { public class OpenIDAuthenticationFilterTests {
OpenIDAuthenticationFilter filter; OpenIDAuthenticationFilter filter;

3
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
View File

@ -35,6 +35,9 @@ import org.springframework.security.core.userdetails.UserDetailsService;
/** /**
* Tests {@link OpenIDAuthenticationProvider} * Tests {@link OpenIDAuthenticationProvider}
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Robin Bramley, Opsera Ltd * @author Robin Bramley, Opsera Ltd
*/ */
public class OpenIDAuthenticationProviderTests { public class OpenIDAuthenticationProviderTests {

4
openid/src/test/resources/logback-test.xml
View File

@ -1,3 +1,7 @@
<!-- NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>. -->
<configuration> <configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder> <encoder>

3
samples/javaconfig/openid/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java
View File

@ -20,6 +20,9 @@ import org.springframework.security.web.context.AbstractSecurityWebApplicationIn
/** /**
* No customizations of {@link AbstractSecurityWebApplicationInitializer} are necessary. * No customizations of {@link AbstractSecurityWebApplicationInitializer} are necessary.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Rob Winch * @author Rob Winch
*/ */
public class MessageSecurityWebApplicationInitializer extends public class MessageSecurityWebApplicationInitializer extends

5
samples/javaconfig/openid/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
View File

@ -20,6 +20,11 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.samples.security.CustomUserDetailsService; import org.springframework.security.samples.security.CustomUserDetailsService;
/**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
*/
@EnableWebSecurity @EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off

5
samples/javaconfig/openid/src/main/java/org/springframework/security/samples/mvc/UserController.java
View File

@ -21,6 +21,11 @@ import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
/**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
*/
@Controller @Controller
@RequestMapping("/user/") @RequestMapping("/user/")
public class UserController { public class UserController {

7
samples/javaconfig/openid/src/main/java/org/springframework/security/samples/security/CustomUserDetailsService.java
View File

@ -22,6 +22,11 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.openid.OpenIDAuthenticationToken; import org.springframework.security.openid.OpenIDAuthenticationToken;
/**
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
*/
public class CustomUserDetailsService implements public class CustomUserDetailsService implements
AuthenticationUserDetailsService<OpenIDAuthenticationToken> { AuthenticationUserDetailsService<OpenIDAuthenticationToken> {
public UserDetails loadUserDetails(OpenIDAuthenticationToken token) public UserDetails loadUserDetails(OpenIDAuthenticationToken token)
@ -29,4 +34,4 @@ public class CustomUserDetailsService implements
return new User(token.getName(), "", return new User(token.getName(), "",
AuthorityUtils.createAuthorityList("ROLE_USER")); AuthorityUtils.createAuthorityList("ROLE_USER"));
} }
} }

7
samples/javaconfig/openid/src/main/resources/views/login.html
View File

@ -7,6 +7,11 @@
<body th:include="layout :: body" th:with="content=~{::content}"> <body th:include="layout :: body" th:with="content=~{::content}">
<div th:fragment="content"> <div th:fragment="content">
<form name="f" th:action="@{/login/openid}" method="post" id="openid_form"> <form name="f" th:action="@{/login/openid}" method="post" id="openid_form">
<p><strong>
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
</strong></p>
<input type="hidden" name="action" value="verify" /> <input type="hidden" name="action" value="verify" />
<fieldset> <fieldset>
<legend>Sign-in or Create New Account</legend> <legend>Sign-in or Create New Account</legend>
@ -43,4 +48,4 @@
</script> </script>
</div> </div>
</body> </body>
</html> </html>

3
samples/xml/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetails.java
View File

@ -23,6 +23,9 @@ import org.springframework.security.core.userdetails.User;
/** /**
* Customized {@code UserDetails} implementation. * Customized {@code UserDetails} implementation.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.1 * @since 3.1
*/ */

3
samples/xml/openid/src/main/java/org/springframework/security/samples/openid/CustomUserDetailsService.java
View File

@ -32,6 +32,9 @@ import org.springframework.security.openid.OpenIDAuthenticationToken;
* Custom UserDetailsService which accepts any OpenID user, "registering" new users in a * Custom UserDetailsService which accepts any OpenID user, "registering" new users in a
* map so they can be welcomed back to the site on subsequent logins. * map so they can be welcomed back to the site on subsequent logins.
* *
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
* @author Luke Taylor * @author Luke Taylor
* @since 3.1 * @since 3.1
*/ */

4
samples/xml/openid/src/main/resources/logback.xml
View File

@ -1,3 +1,7 @@
<!-- NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>. -->
<configuration> <configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder> <encoder>

6
samples/xml/openid/src/main/webapp/index.jsp
View File

@ -6,6 +6,12 @@
<h1>OpenID Sample Home Page</h1> <h1>OpenID Sample Home Page</h1>
<p><strong>
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
</strong></p>
<sec:authentication property='principal.newUser' var='isNew' /> <sec:authentication property='principal.newUser' var='isNew' />
<p> <p>
Welcome<c:if test="${!isNew}"> back,</c:if> <sec:authentication property='principal.name' />! Welcome<c:if test="${!isNew}"> back,</c:if> <sec:authentication property='principal.name' />!

6
samples/xml/openid/src/main/webapp/openidlogin.jsp
View File

@ -29,6 +29,12 @@
<body> <body>
<p><strong>
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
</strong></p>
<c:if test="${not empty param.login_error}"> <c:if test="${not empty param.login_error}">
<font color="red"> <font color="red">
Your login attempt was not successful, try again.<br/><br/> Your login attempt was not successful, try again.<br/><br/>