Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-25 18:57:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,293 Commits 42 Branches 354 Tags
Commit Graph

320 Commits

Author SHA1 Message Date
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Josh Cummings
7da352129c
Use PathPatternRequestMatcher in saml2 
Issue gh-16887
 2025-07-03 13:37:48 -06:00
Josh Cummings
98686a5139
Standardize Mock Request Paths 
Closes gh-17449
 2025-07-03 13:37:47 -06:00
Tran Ngoc Nhan
1583c90433 Remove Unused Method in TestOpenSamlObjects 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 13:15:44 -06:00
Tran Ngoc Nhan
a9e28a2ae9 Remove OpenSamlRelyingPartyRegistration 
Issue gh-17309

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 13:15:44 -06:00
Tran Ngoc Nhan
4d524b1fe1 Remove RelyingPartyRegistration Deprecations 
Closes gh-17309

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 13:15:44 -06:00
Josh Cummings
e8f920e0ee Polish JdbcAssertingPartyMetadataRepository 
- Remove GetBytes since it's not used yet
- Remove customizable RowMapper since this can be added
later
- Change signing_algorithms to be a String since the conversion
strategy is simple
- Standardize test names
- Simplify conversion of credentials using ThrowingFunction
- Change column names to match RelyingPartyRegistration
field names

Issue gh-16012
 2025-06-11 18:08:31 -06:00
Josh Cummings
2bd05128ec Add JdbcAssertingPartyMetadataRepository#save 
Issue gh-16012

Co-Authored-By: chao.wang <chao.wang@zatech.com>
 2025-06-11 18:08:31 -06:00
Josh Cummings
e2e42a5580 Fix Checkstyle 
Issue gh-16012
 2025-06-11 18:08:31 -06:00
chao.wang
16fd24c002 Add JdbcAssertingPartyMetadataRepository 
Closes gh-16012

Signed-off-by: chao.wang <chao.wang@zatech.com>
 2025-06-11 18:08:31 -06:00
Josh Cummings
9b724377ce Rework Saml2 Authentication Statement 
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.

Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.

As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.

Closes gh-10820
 2025-06-10 17:21:03 -06:00
Josh Cummings
aa3135169d Polish Documentation 
Closes gh-14635
 2025-06-09 16:49:36 -06:00
Liviu Gheorghe
3ddf201d66 Updated Copyrights 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
1livv
edfd7b9b43 Addressed review comments 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
Liviu Gheorghe
eaf8184142 Send saml logout response even when validation errors happen 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
Tran Ngoc Nhan
8953f464fb Add Switch for Processing GET Requests 
Closes gh-17099

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-06-03 13:10:45 -06:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository 
Closes gh-14793
 2025-04-03 17:43:48 -06:00
Josh Cummings
67c21de1cf
Support Continue Filter Chain When No Relying Party 
Closes gh-16000
 2025-04-03 15:32:23 -06:00
Josh Cummings
5436fd5574
Remove Unecessary Code 2025-04-03 14:28:54 -06:00
Josh Cummings
50ad378a29
Polish MockHttpServletRequest Usage 
This commit makes so that the requestURI is set to a value that makes
sense with the other properties being mocked.

Issue gh-16632
 2025-03-26 13:27:17 -06:00
Josh Cummings
4b5bacf71a
Make Saml2AuthenticationToken Serializable 
Issue gh-16286
 2025-01-30 18:05:17 -07:00
Josh Cummings
7e83fd54aa
Add Test Saml 2.0 Test Objects 2024-12-12 18:12:11 -07:00
Josh Cummings
726ab52e1a
DefaultSaml2AuthenticatedPrincipal Can Be a Map Key 
Closes gh-15346
 2024-10-25 14:02:06 -06:00
Josh Cummings
1da383b360
Add OpenSAML 5 Support 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
c6d6bfd74f
Move OpenSAML 4 Support to Separate Source Directory 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
1be596bb2f
Use OpenSAML API for registration 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
78a0173cc1
Use OpenSAML API for web 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
bf5b334531
Use OpenSAML API for web.authentication 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
51fc05630d
Use OpenSAML API for web.authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
ff9a925e88
Use OpenSAML API for metadata 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
80b31820cd
Use OpenSAML API in authentication 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
416859e70e
Use OpenSAML API in authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
54a4792b7a
Remove Unneeded OpenSAML 4 References 
This will reduce the number of components that need to be
duplicated between the OpenSAML 4 and 5 support

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Josh Cummings
335dff63c1
Fix Formatting 2024-07-29 14:54:08 -06:00
Josh Cummings
0b0ffa01f7
Repair Flaky Tests 
- MockWebServer seems to start failing to respond to connections
at a certain frequency of requests. This commit builds in a small
delay of 1 millisecond to address this.

Closes gh-15395
 2024-07-29 14:45:48 -06:00
Josh Cummings
9d8888c5f0 Use AssertingPartyMetadata 
Issue gh-15394
 2024-07-19 18:48:23 -07:00
Josh Cummings
dfa67fd8a1 Polish Tests 
- Use test objects
- Ensure assertThat is checked

Issue gh-11725
 2024-07-19 18:48:23 -07:00
Josh Cummings
e6dfb63bdf Add OpenSamlAssertingPartyMetadataRepository 
Closes gh-12116
Closes gh-15395
 2024-07-19 18:48:23 -07:00
Josh Cummings
7ad9ee93cf Add AssertingPartyMetadataRepository 
Closes gh-15394
 2024-07-19 18:48:23 -07:00
Josh Cummings
dcf5cc9e06
Extract EntityDescriptor to AssertingPartyDetails Logic 
Closes gh-15090
 2024-07-10 17:08:36 -06:00
Josh Cummings
7b39800606
Add CachingRelyingPartyRegistrationRepository 
Closes gh-15341
 2024-07-01 19:43:09 -06:00
Josh Cummings
672902a8f3
Add Metadata Content Type Test 
Issue gh-15147
 2024-06-21 16:01:29 -06:00
Josh Cummings
b73155df26
Merge branch '6.3.x' 2024-05-31 14:14:02 -06:00
Josh Cummings
1cc66faaef
Polish Update Signature Validator 
Issue gh-15022
 2024-05-31 14:13:23 -06:00
Max Batischev
801e808f67 Add support sign SAML metadata 
Closes gh-14801
 2024-05-31 12:43:19 -06:00
Josh Cummings
c97b2aa4e0
Merge branch '6.1.x' into 6.2.x 
Closes gh-14958
 2024-04-25 16:12:05 -06:00
Josh Cummings
d88f2e5133
Merge branch '5.8.x' into 6.1.x 
Closes gh-14957
 2024-04-25 16:08:47 -06:00
YoungKi Hong
6e45e65cac Update to return List of StatusCodes and add Saml2Error to result object and other formatting 2024-03-22 11:08:24 -06:00
youngkih
76331a5653 Add test for status code returning parent and child status code 2024-03-22 11:08:24 -06:00
Marcus Hert Da Coregio
e3ab1c94d7 Use assertj assertions 2023-11-17 09:04:50 -03:00