9c599fa8d7
Fix formatting
2023-08-17 09:27:02 -03:00
3ba5cc0e40
Add CSRF Exception
...
Issue gh-13653
2023-08-16 16:54:50 -06:00
fb2b0a76e7
Fix typo
2023-08-07 15:01:52 -06:00
8d0e426654
Generate Shared Test SAML Response
...
Issue gh-13433
2023-07-11 10:36:06 -06:00
f2f19270da
Update to OpenSAML 4.3.0
...
Closes gh-13433
2023-07-10 17:56:42 -06:00
9b603b99ab
Using modern Java features
2023-06-22 11:24:25 -06:00
49366907e2
Merge branch '6.0.x'
...
Closes gh-13183
2023-05-15 17:31:48 -06:00
b438bc5384
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13182
2023-05-15 17:30:14 -06:00
f4915890cc
Use Spec Order for Verifying Signatures
...
Closes gh-12346
2023-05-15 17:24:22 -06:00
65baae78a9
Merge branch '6.0.x'
...
Closes gh-13142
2023-05-08 14:52:25 -03:00
0b6e84b8b7
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13141
2023-05-08 14:52:00 -03:00
8d5304f530
Use function definition instead of arrow function expression
...
Closes gh-13106
2023-05-08 14:43:06 -03:00
a44e91d044
fix javadoc typo
2023-04-24 16:41:17 -06:00
1a4a2a9055
Merge branch '5.8.x' into 6.0.x
2023-04-14 13:32:10 -03:00
54117d7d27
Fix test suffix to align with checkstyle
2023-04-14 13:29:15 -03:00
d4ed0ad0cf
Replace deprecated OpenSaml methods
2023-04-10 18:24:22 -06:00
7e305dd003
Don't use raw xml saml authentication request for response validation
...
closes gh-12961
2023-04-03 15:11:08 -06:00
46a40e7b38
Merge branch '6.0.x'
...
Closes gh-12937
2023-03-27 16:42:28 -06:00
20358e769d
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12936
2023-03-27 16:39:48 -06:00
c15589ede1
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12935
2023-03-27 16:35:46 -06:00
a106188add
Add nameIdFormat processing to OpenSamlAuthenticationRequestResolver
...
Closes gh-12825
2023-03-27 16:33:11 -06:00
fd4541be0c
Add AuthnRequstsSigned to OpenSaml implementations
...
Issue gh-12841
2023-03-20 14:20:30 -06:00
fd6aecf8da
Polish AuthnRequestsSigned support
...
Issue gh-12604
2023-03-20 14:20:30 -06:00
21d919169a
Add support for AuthnRequestsSigned setting
...
closes gh-12604
2023-03-20 14:20:30 -06:00
a7562ad950
Update io.spring.javaformat to 0.0.38
...
Closes gh-12891
2023-03-20 10:44:35 -06:00
3ad6c6ce06
Use EntityId-lookup Components
...
Closes gh-12880
2023-03-17 18:00:02 -06:00
dbdf04f151
SAML Response Reads EntityId
...
Closes gh-10243
2023-03-17 18:00:02 -06:00
3f2816f745
Logout Request Reads EntityId
...
Closes gh-12843
Closes gh-12845
2023-03-17 18:00:02 -06:00
785123eb2a
Add Saml2MetadataResponseResolver
...
Closes gh-12846
2023-03-17 18:00:02 -06:00
7678523b73
Support Creating EntitiesDescriptor
...
Clsoes gh-12844
2023-03-17 18:00:02 -06:00
37b893a0f5
Extract Placeholder Resolution
...
Closes gh-12842
2023-03-17 18:00:02 -06:00
42cece21b4
Add OpenSamlRelyingPartyRegistration
...
Issue gh-12841
2023-03-17 18:00:02 -06:00
538db29bfe
Add RelyingPartyRegstration#mutate
...
Closes gh-12841
2023-03-17 18:00:02 -06:00
97d1a49daf
Add findUniqueByAssertingPartyEntityId
...
Closes gh-12848
2023-03-17 18:00:02 -06:00
8522e9abd6
Add Missing JavaDoc
...
Issue gh-12848
2023-03-17 18:00:02 -06:00
1409ef064a
Add InMemoryRelyingPartyRegistrationTests
...
Issue gh-12848
2023-03-17 18:00:02 -06:00
baf2c98c9f
Merge branch '6.0.x'
2023-03-01 11:25:47 -07:00
14ee873b74
Merge branch '5.8.x' into 6.0.x
2023-03-01 11:25:21 -07:00
e7b14b3ca2
Merge branch '5.7.x' into 5.8.x
2023-03-01 11:24:17 -07:00
66665344c5
Formatting
...
Issue gh-12664
2023-03-01 11:23:45 -07:00
6c7703789a
Ignore SPSSODescriptor elements
...
Closes gh-12664
2023-03-01 11:23:45 -07:00
41fadaecd3
Merge branch '6.0.x'
...
Closes gh-12800
2023-02-28 13:08:47 -07:00
e28ea6dbad
Preserve OpenSamlAssertingPartyDetails Instance
...
Closes gh-12667
2023-02-28 13:08:13 -07:00
735981192f
Merge branch '6.0.x'
...
Closes gh-12768
2023-02-22 10:22:47 -07:00
d3a65dbbbe
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12767
2023-02-22 10:22:11 -07:00
79887fa213
Closes gh-12472
2023-02-22 10:21:46 -07:00
a1b282ff03
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12693
2023-02-17 10:09:32 -07:00
2db4430dcd
Preserve OpenSamlAssertingPartyDetails Instance
...
Closes gh-12667
2023-02-17 10:02:17 -07:00
c1c28375d6
Add RelayStateResolver
...
Co-authored-by: ghaege <ghaege@qaepps.de>
Closes gh-12538
2023-02-16 12:25:55 -07:00
ab8337e371
Polish
...
Co-authored-by: ghaege <ghaege@qaepps.de>
Issue gh-12538
2023-02-16 12:25:55 -07:00
65b9dbf031
Merge branch '6.0.x'
...
Closes gh-12460
2022-12-23 15:56:15 -07:00
9c0a35a6f6
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12459
2022-12-23 15:55:43 -07:00
fda0e9a2b6
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12458
2022-12-23 15:54:37 -07:00
3cfaf0d11d
Avoid LinkedMultiValueMap in Serializable Object
...
Closes gh-11785
2022-12-23 15:54:00 -07:00
369bc71c81
Polish
...
Issue gh-11815
2022-12-05 10:30:05 -08:00
70249e536a
Add a new Saml2MetadataFilter constructor for RelyingPartyRegistrationRepository
...
Closes gh-11815
2022-12-05 10:30:05 -08:00
fa9cb82d4a
Merge branch '5.8.x'
2022-11-16 14:51:37 -03:00
3d0be9beba
Merge branch '5.7.x' into 5.8.x
2022-11-16 14:51:23 -03:00
2d19d972f4
Merge branch '5.6.x' into 5.7.x
2022-11-16 14:51:07 -03:00
d5aabd721a
Specify UTF8 for response content
...
This is needed because in some other platforms, like Windows, the default charset might be different
Issue gh-12026
2022-11-16 14:50:31 -03:00
a9ece433fe
Merge branch '5.8.x'
...
Closes gh-12223
2022-11-16 13:45:17 -03:00
9b6be3a556
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12222
2022-11-16 13:44:48 -03:00
8441e755d3
Merge branch '5.6.x' into 5.7.x
...
Closes gh-12221
2022-11-16 13:44:16 -03:00
53148dc7b5
Use UTF-8 in Saml2MetadataFilter response writer
...
Closes gh-12026
2022-11-16 13:43:46 -03:00
b3fdd00705
Merge branch '5.8.x'
...
Closes gh-12210
2022-11-14 18:17:30 -07:00
b81fbf024b
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12209
2022-11-14 18:17:02 -07:00
79483b2bc9
Merge branch '5.6.x' into 5.7.x
...
Closes gh-12208
2022-11-14 18:16:22 -07:00
ed3af6482d
Fix SAML logout log messages
...
Fixes SAML logout log messages incorrectly referring to logout
response instead of logout request and vice versa.
Closes gh-12129
2022-11-14 18:11:49 -07:00
d5f30755d1
Merge branch '5.8.x'
...
Closes gh-12149
2022-11-07 16:07:32 -07:00
9a1fae3e8e
Add createDefaultAssertionValidatorWithParameters
...
Closes gh-11675
2022-11-07 16:06:42 -07:00
e90a11b1c0
Add SecurityContextHolderStrategy to Saml2
...
Issue gh-11060
2022-10-05 23:50:55 -06:00
506e50bfd0
Move Saml2 Authentication Filters
...
Issue gh-8819
2022-09-26 10:44:27 -06:00
61c80bcac5
Move Saml2 Authentication Filters
...
Closes gh-8819
2022-09-20 17:18:05 -06:00
48e31f87e4
Remove Deprecated OpenSAML 3 Support
...
Closes gh-10556
2022-09-20 16:57:38 -06:00
0c96989cbe
Move script tag into body element
...
Closes gh-11879
2022-09-19 15:46:23 -03:00
00302c80ad
Move SAML Post inline javascript to script tag
...
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility
Closes gh-11676
2022-08-16 15:11:01 -06:00
7359bd5949
Move SAML Post inline javascript to script tag
...
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility
Closes gh-11676
2022-08-16 15:06:10 -06:00
508f7d7b8a
Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5
2022-08-02 08:02:22 -06:00
947445fcc5
Add ID to Saml2 Post and Redirect Requests
...
Closes gh-11468
2022-08-02 08:02:22 -06:00
4393c2ea02
Add hash-based Content-Security-Policy for SAML pages
...
Closes gh-11631
2022-07-27 18:04:39 -06:00
409998a3fe
Add hash-based Content-Security-Policy for SAML pages
...
Closes gh-11631
2022-07-27 17:59:42 -06:00
56a6133b20
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:43:25 -06:00
bced37f6a7
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:41:55 -06:00
561f65b34d
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:40:20 -06:00
e092ec780f
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:33:24 -06:00
7b18336c6a
Change interface with constants to final class
...
Closes gh-10960
2022-07-13 15:51:58 -04:00
3c8a80c364
Add SecurityContextHolderStrategy to Saml2
...
Issue gh-11060
2022-06-27 13:05:11 -06:00
2a3845a7ed
Update org.opensaml:opensaml-core4 to 4.1.1
...
Closes gh-11420
2022-06-20 14:50:24 -04:00
bca43af9bb
Update org.opensaml:opensaml-core4 to 4.1.1
...
Closes gh-11410
2022-06-20 12:08:07 -04:00
d22277ce36
Add missing KeyInfo
...
Closes gh-11354
2022-06-09 13:16:50 -06:00
bd60a0f8c9
Add OpenSamlSigningUtilsTests
...
Issue gh-11354
2022-06-09 13:16:49 -06:00
89fb075e2d
Add missing KeyInfo
...
Closes gh-11354
2022-06-09 13:14:19 -06:00
3a41567a18
Add OpenSamlSigningUtilsTests
...
Issue gh-11354
2022-06-09 13:14:13 -06:00
812bb0ead0
Add missing KeyInfo
...
Closes gh-11354
2022-06-09 13:12:52 -06:00
bb9c7d1b6e
Add OpenSamlSigningUtilsTests
...
Issue gh-11354
2022-06-09 13:12:33 -06:00
3ca4b06612
Support multiple SingleLogoutService bindings.
...
Closes gh-11286
2022-06-09 12:56:16 -06:00
89989722d0
Support multiple SingleLogoutService bindings.
...
Closes gh-11286
2022-06-09 12:50:33 -06:00
29ba67b6d7
Remove dependency on commons-codec by using java.util.Base64
...
Closes gh-11318
2022-06-09 06:50:01 -06:00
f3c96fa9cd
Remove dependency on commons-codec by using java.util.Base64
...
Closes gh-11318
2022-06-09 06:49:39 -06:00
fc653bb81a
make SAML authentication request uri configurable
...
Closes gh-10840
2022-06-06 12:49:29 -06:00
f4049c18b1
add SAML authentication request support to login configurer
...
Closes gh-8873
2022-06-06 08:05:33 -06:00
33104269d6
make SAML authentication request uri configurable
...
Closes gh-10840
2022-06-06 08:05:33 -06:00
e20323e0a8
Use Java 11 Toolchain for OpenSaml4 compile
...
Issue gh-10816
2022-06-02 19:24:42 +02:00
07f9afe057
Use 'md:' prefix in EntityDescriptor XML
...
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.
Closes #11283
2022-05-31 17:11:02 -06:00
c39d39b35f
Use 'md:' prefix in EntityDescriptor XML
...
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.
Closes #11283
2022-05-31 17:08:51 -06:00
b1004aff4e
Use 'md:' prefix in EntityDescriptor XML
...
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.
Closes #11283
2022-05-31 17:07:18 -06:00
b470f29cf8
Use 'md:' prefix with EntityDescriptor tag in the metadata xml
...
Create the EntityDescriptor object with EntityDescriptor.DEFAULT_ELEMENT_NAME instead of EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag is marshalled to xml with the 'md:' prefix, consistent with all other metadata tags.
Closes #11283
2022-05-31 17:06:00 -06:00
649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
...
Closes gh-11262
2022-05-25 12:06:27 -06:00
d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
...
Closes gh-11262
2022-05-25 12:02:13 -06:00
16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
...
Closes gh-11262
2022-05-25 11:43:50 -06:00
f2d6ead398
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
...
Closes gh-11262
2022-05-25 11:42:54 -06:00
bcd104763e
Remove duplicate check
...
Closes gh-11192
2022-05-23 16:01:37 -06:00
53e509f0c6
Remove duplicate check
...
Closes gh-11192
2022-05-23 16:00:15 -06:00
5cbc1a47da
Use original query string to verify signature
...
Closes gh-11235
2022-05-23 15:30:07 -06:00
b51c71c3b3
Use original query string to verify signature
...
Closes gh-11235
2022-05-23 13:56:28 -06:00
7f5c31995e
Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest
...
Closes gh-11195
2022-05-17 16:41:44 -06:00
9b874bcde2
Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest
...
Closes gh-11195
2022-05-17 16:21:54 -06:00
995b2918bb
Remove SAML Deprecations
...
Closes gh-11077
2022-05-06 10:15:42 -03:00
c93c6b928e
Polish Relay State Resolver
...
Issue gh-11065
2022-05-05 17:42:02 -06:00
f7a43e4989
Allow custom relay state
...
Closes gh-11065
2022-05-05 17:42:01 -06:00
13795cdec1
Polish Relay State Resolver
...
Issue gh-11065
2022-05-05 17:28:30 -06:00
4dfc349914
Allow custom relay state
...
Closes gh-11065
2022-05-05 17:26:39 -06:00
3cbb60750d
Add Jackson Support for Saml2AuthenticationException
...
Closes gh-11169
2022-05-02 17:41:52 -05:00
c6038b1ea3
Add Jackson Support for Saml2AuthenticationException
...
Closes gh-11169
2022-05-02 16:24:43 -05:00
cfb1745906
Deprecate Saml2AuthenticationRequestFactory
...
Closes gh-11080
2022-04-08 09:33:41 -03:00
bb0c336ae8
Deprecate Saml2AuthenticationRequestFactory
...
Closes gh-11080
2022-04-08 09:32:03 -03:00
8aa7029d07
Fix checkstyle errors
...
Issue gh-10989
2022-03-18 22:53:29 -05:00
cf29bf996c
Polish InResponseTo support
...
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once
Issue gh-9174
2022-03-15 14:06:58 -06:00
3c878549b5
Add support for validation of InResponseTo
...
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).
Closes gh-9174
2022-03-15 14:06:57 -06:00
836f203d44
Refactored OpenSaml4AuthenticationProviderTests
...
Factored out repeatedly used code for signing a request.
2022-03-15 14:06:57 -06:00
070514b9dd
Polish InResponseTo support
...
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once
Issue gh-9174
2022-03-15 13:06:32 -06:00
4aa9420047
Add support for validation of InResponseTo
...
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).
Closes gh-9174
2022-03-15 13:06:32 -06:00
a17cf9e814
Refactored OpenSaml4AuthenticationProviderTests
...
Factored out repeatedly used code for signing a request.
2022-03-15 13:06:31 -06:00
1cbe7a75d3
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 10:40:26 -03:00
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
ff87cfce3a
Polish EntityDescriptor Customizer
...
Issue gh-10839
2022-03-04 10:42:04 -07:00
d225205bf2
Add method to customize EntityDescriptor
...
Closes gh-10839
2022-03-04 10:42:04 -07:00
87828df9d5
Polish EntityDescriptor Customizer
...
Issue gh-10839
2022-03-04 10:40:30 -07:00
3602eff1ac
Add method to customize EntityDescriptor
...
Closes gh-10839
2022-03-04 10:40:30 -07:00
304e89041c
Polish Formatting
...
Issue gh-10799
2022-03-02 16:40:13 -07:00
f1a76efc2d
Preserve order of RelyingPartRegistration credentials
...
Issue gh-10799
2022-03-02 16:40:13 -07:00
963251314b
Replace Apache Commons Base64 Decoding
...
Issue gh-10923
2022-03-02 16:40:11 -07:00
ee061f3659
Use RFC2045 Encoding for SAML 2.0 Logout
...
Closes gh-10923
2022-03-02 16:39:31 -07:00
923c61e9d2
Polish Formatting
...
Issue gh-10799
2022-03-02 16:37:58 -07:00
14d0663ae2
Preserve order of RelyingPartRegistration credentials
...
Issue gh-10799
2022-03-02 16:37:58 -07:00
346038d66c
Polish Formatting
...
Issue gh-10799
2022-03-02 16:36:23 -07:00
c734b4b39e
Preserve order of RelyingPartRegistration credentials
...
Issue gh-10799
2022-03-02 16:36:23 -07:00
5b9a45de01
Replace Apache Commons Base64 Decoding
...
Issue gh-10923
2022-03-02 16:30:21 -07:00
0b59e7797d
Use RFC2045 Encoding for SAML 2.0 Logout
...
Closes gh-10923
2022-03-02 16:30:21 -07:00
7a02bd14c1
Replace Apache Commons Base64 Decoding
...
Issue gh-10923
2022-03-02 16:19:03 -07:00
Marcus Da Coregio
Josh Cummings
1993heqiang
Krzysztof Krason
lukasz.migdalek
SeasonPan
Brummolix
Liviu Gheorghe
Tatiana Slednikova
stnor
Dayan Kodippily
Mitja Kotnik
Sabina Palakova
Rob Winch
Scott Shidlovsky
Ulrich Grave
Joe Grandja
Jared Rufer
j3graham
Houssem BELHADJ AHMED
Claudio Consolmagno
Juny Tse
sebastiano
Steve Riesenberg
Elias Lousseief
Sander van Schouwenburg