Commit Graph

248 Commits

Author SHA1 Message Date
Marcus Da Coregio 8441e755d3 Merge branch '5.6.x' into 5.7.x
Closes gh-12221
2022-11-16 13:44:16 -03:00
Marcus Da Coregio 53148dc7b5 Use UTF-8 in Saml2MetadataFilter response writer
Closes gh-12026
2022-11-16 13:43:46 -03:00
Josh Cummings 79483b2bc9
Merge branch '5.6.x' into 5.7.x
Closes gh-12208
2022-11-14 18:16:22 -07:00
Sabina Palakova ed3af6482d Fix SAML logout log messages
Fixes SAML logout log messages incorrectly referring to logout
response instead of logout request and vice versa.

Closes gh-12129
2022-11-14 18:11:49 -07:00
Josh Cummings 56a6133b20
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:43:25 -06:00
Josh Cummings bced37f6a7
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:41:55 -06:00
Joe Grandja 2a3845a7ed Update org.opensaml:opensaml-core4 to 4.1.1
Closes gh-11420
2022-06-20 14:50:24 -04:00
Joe Grandja bca43af9bb Update org.opensaml:opensaml-core4 to 4.1.1
Closes gh-11410
2022-06-20 12:08:07 -04:00
Josh Cummings d22277ce36
Add missing KeyInfo
Closes gh-11354
2022-06-09 13:16:50 -06:00
Josh Cummings bd60a0f8c9
Add OpenSamlSigningUtilsTests
Issue gh-11354
2022-06-09 13:16:49 -06:00
Claudio Consolmagno 07f9afe057
Use 'md:' prefix in EntityDescriptor XML
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
2022-05-31 17:11:02 -06:00
Claudio Consolmagno c39d39b35f
Use 'md:' prefix in EntityDescriptor XML
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
2022-05-31 17:08:51 -06:00
Juny Tse 649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 12:06:27 -06:00
Juny Tse d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 12:02:13 -06:00
Marcus Da Coregio bb0c336ae8 Deprecate Saml2AuthenticationRequestFactory
Closes gh-11080
2022-04-08 09:32:03 -03:00
Josh Cummings cf29bf996c
Polish InResponseTo support
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
2022-03-15 14:06:58 -06:00
Elias Lousseief 3c878549b5
Add support for validation of InResponseTo
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).

Closes gh-9174
2022-03-15 14:06:57 -06:00
Elias Lousseief 836f203d44
Refactored OpenSaml4AuthenticationProviderTests
Factored out repeatedly used code for signing a request.
2022-03-15 14:06:57 -06:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 09:18:01 -03:00
Josh Cummings ff87cfce3a Polish EntityDescriptor Customizer
Issue gh-10839
2022-03-04 10:42:04 -07:00
Ulrich Grave d225205bf2 Add method to customize EntityDescriptor
Closes gh-10839
2022-03-04 10:42:04 -07:00
Josh Cummings 304e89041c Polish Formatting
Issue gh-10799
2022-03-02 16:40:13 -07:00
Sander van Schouwenburg f1a76efc2d Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:40:13 -07:00
Josh Cummings 963251314b Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:40:11 -07:00
Josh Cummings ee061f3659 Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:39:31 -07:00
Josh Cummings 923c61e9d2 Polish Formatting
Issue gh-10799
2022-03-02 16:37:58 -07:00
Sander van Schouwenburg 14d0663ae2 Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:37:58 -07:00
Josh Cummings 7a02bd14c1 Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:19:03 -07:00
Josh Cummings 238616da80 Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:18:34 -07:00
Josh Cummings 6c3d183a94 Polish Saml2 Jackson Support
Issue gh-10905
2022-03-01 13:56:02 -07:00
Ulrich Grave df84826c95 Add Jackson Support for Saml2 Module
Closes gh-10905
2022-03-01 12:07:55 -07:00
Filip Hanik 47871562ca Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 15:02:03 -07:00
Filip Hanik 70b52a001b Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 14:57:04 -07:00
Josh Cummings 3d878549f4 Remove WantAssertionsSigned
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
2022-02-18 11:43:25 -07:00
Josh Cummings 97c18478e5 Add Skipping Decryption Error Message
Closes gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 399562b2a8 Correct Test
Issue gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 836335dc89 Collect All Validation Errors
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
2022-02-16 16:10:19 -07:00
Josh Cummings 541a1e48b3 Add OpenSamlAssertingPartyDetails
Closes gh-10781
2022-02-07 14:42:17 -07:00
Josh Cummings 5c4178beb7 Fix Checkstyle Error
Issue gh-9696
2022-02-04 20:07:17 -07:00
Josh Cummings 70bb588a25 Polish Testing for Custom Attributes Values
- Moved construction and management of custom objects
into TestCustomOpenSamlObjects

Issue gh-9696
2022-02-04 19:57:54 -07:00
pelesic 3cc7f384e6 Add OpenSaml custom types to Saml2AuthenticatedPrincipal
OpenSaml custom types are added to Saml2AutehnticatedPrincipal as
attributes.

Closes gh-9696
2022-02-04 13:41:41 -07:00
Josh Cummings 4095d89bb3 Add EntitiesDescriptor Support
Closes gh-10782
2022-01-31 13:13:21 -07:00
Josh Cummings b1a905befe Add Session Index Support
Closes gh-10613
2022-01-28 12:14:06 -07:00
Josh Cummings 620081ea9a Deprecate Saml2 AuthnRequest Classes
Issue gh-10355
2022-01-24 15:16:15 -07:00
Josh Cummings d538423f98 Add Saml2AuthenticationRequestResolver
Closes gh-10355
2022-01-24 15:09:45 -07:00
Marcus Da Coregio cca35bdd93 Make Saml2AuthenticationRequests serializable
Closes gh-10550
2022-01-24 08:55:26 -03:00
Rob Winch c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
Issue gh-10501
2022-01-19 15:32:12 -06:00
Rob Winch 8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
Issue gh-10501
2022-01-19 14:33:53 -06:00
Josh Cummings 20c252982e Remove SAML 2.0 Logout Default
Closes gh-10607
2022-01-14 15:29:50 -07:00
Josh Cummings 3c45d46bd7 Polish LogoutRequest#EncryptedID Support
Issue gh-10663
2022-01-14 14:44:24 -07:00