Commit Graph

492 Commits

Author SHA1 Message Date
Josh Cummings fda0e9a2b6
Merge branch '5.7.x' into 5.8.x
Closes gh-12458
2022-12-23 15:54:37 -07:00
Josh Cummings 3cfaf0d11d
Avoid LinkedMultiValueMap in Serializable Object
Closes gh-11785
2022-12-23 15:54:00 -07:00
Marcus Da Coregio 369bc71c81 Polish
Issue gh-11815
2022-12-05 10:30:05 -08:00
Mitja Kotnik 70249e536a Add a new Saml2MetadataFilter constructor for RelyingPartyRegistrationRepository
Closes gh-11815
2022-12-05 10:30:05 -08:00
Marcus Da Coregio fa9cb82d4a Merge branch '5.8.x' 2022-11-16 14:51:37 -03:00
Marcus Da Coregio 3d0be9beba Merge branch '5.7.x' into 5.8.x 2022-11-16 14:51:23 -03:00
Marcus Da Coregio 2d19d972f4 Merge branch '5.6.x' into 5.7.x 2022-11-16 14:51:07 -03:00
Marcus Da Coregio d5aabd721a Specify UTF8 for response content
This is needed because in some other platforms, like Windows, the default charset might be different

Issue gh-12026
2022-11-16 14:50:31 -03:00
Marcus Da Coregio a9ece433fe Merge branch '5.8.x'
Closes gh-12223
2022-11-16 13:45:17 -03:00
Marcus Da Coregio 9b6be3a556 Merge branch '5.7.x' into 5.8.x
Closes gh-12222
2022-11-16 13:44:48 -03:00
Marcus Da Coregio 8441e755d3 Merge branch '5.6.x' into 5.7.x
Closes gh-12221
2022-11-16 13:44:16 -03:00
Marcus Da Coregio 53148dc7b5 Use UTF-8 in Saml2MetadataFilter response writer
Closes gh-12026
2022-11-16 13:43:46 -03:00
Josh Cummings b3fdd00705
Merge branch '5.8.x'
Closes gh-12210
2022-11-14 18:17:30 -07:00
Josh Cummings b81fbf024b
Merge branch '5.7.x' into 5.8.x
Closes gh-12209
2022-11-14 18:17:02 -07:00
Josh Cummings 79483b2bc9
Merge branch '5.6.x' into 5.7.x
Closes gh-12208
2022-11-14 18:16:22 -07:00
Sabina Palakova ed3af6482d Fix SAML logout log messages
Fixes SAML logout log messages incorrectly referring to logout
response instead of logout request and vice versa.

Closes gh-12129
2022-11-14 18:11:49 -07:00
Josh Cummings d5f30755d1
Merge branch '5.8.x'
Closes gh-12149
2022-11-07 16:07:32 -07:00
Josh Cummings 9a1fae3e8e
Add createDefaultAssertionValidatorWithParameters
Closes gh-11675
2022-11-07 16:06:42 -07:00
Josh Cummings e90a11b1c0
Add SecurityContextHolderStrategy to Saml2
Issue gh-11060
2022-10-05 23:50:55 -06:00
Josh Cummings 506e50bfd0
Move Saml2 Authentication Filters
Issue gh-8819
2022-09-26 10:44:27 -06:00
Josh Cummings 61c80bcac5
Move Saml2 Authentication Filters
Closes gh-8819
2022-09-20 17:18:05 -06:00
Rob Winch 48e31f87e4 Remove Deprecated OpenSAML 3 Support
Closes gh-10556
2022-09-20 16:57:38 -06:00
Marcus Da Coregio 0c96989cbe Move script tag into body element
Closes gh-11879
2022-09-19 15:46:23 -03:00
Marcus Da Coregio 00302c80ad
Move SAML Post inline javascript to script tag
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility

Closes gh-11676
2022-08-16 15:11:01 -06:00
Marcus Da Coregio 7359bd5949 Move SAML Post inline javascript to script tag
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility

Closes gh-11676
2022-08-16 15:06:10 -06:00
Scott Shidlovsky 508f7d7b8a Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 2022-08-02 08:02:22 -06:00
Scott Shidlovsky 947445fcc5 Add ID to Saml2 Post and Redirect Requests
Closes gh-11468
2022-08-02 08:02:22 -06:00
Ulrich Grave 4393c2ea02
Add hash-based Content-Security-Policy for SAML pages
Closes gh-11631
2022-07-27 18:04:39 -06:00
Ulrich Grave 409998a3fe Add hash-based Content-Security-Policy for SAML pages
Closes gh-11631
2022-07-27 17:59:42 -06:00
Josh Cummings 56a6133b20
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:43:25 -06:00
Josh Cummings bced37f6a7
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:41:55 -06:00
Josh Cummings 561f65b34d
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:40:20 -06:00
Josh Cummings e092ec780f
Merge Same-named Attribute Elements
Closes gh-11042
2022-07-20 18:33:24 -06:00
Joe Grandja 7b18336c6a Change interface with constants to final class
Closes gh-10960
2022-07-13 15:51:58 -04:00
Josh Cummings 3c8a80c364
Add SecurityContextHolderStrategy to Saml2
Issue gh-11060
2022-06-27 13:05:11 -06:00
Joe Grandja 2a3845a7ed Update org.opensaml:opensaml-core4 to 4.1.1
Closes gh-11420
2022-06-20 14:50:24 -04:00
Joe Grandja bca43af9bb Update org.opensaml:opensaml-core4 to 4.1.1
Closes gh-11410
2022-06-20 12:08:07 -04:00
Josh Cummings d22277ce36
Add missing KeyInfo
Closes gh-11354
2022-06-09 13:16:50 -06:00
Josh Cummings bd60a0f8c9
Add OpenSamlSigningUtilsTests
Issue gh-11354
2022-06-09 13:16:49 -06:00
Josh Cummings 89fb075e2d
Add missing KeyInfo
Closes gh-11354
2022-06-09 13:14:19 -06:00
Josh Cummings 3a41567a18
Add OpenSamlSigningUtilsTests
Issue gh-11354
2022-06-09 13:14:13 -06:00
Josh Cummings 812bb0ead0
Add missing KeyInfo
Closes gh-11354
2022-06-09 13:12:52 -06:00
Josh Cummings bb9c7d1b6e
Add OpenSamlSigningUtilsTests
Issue gh-11354
2022-06-09 13:12:33 -06:00
Jared Rufer 3ca4b06612
Support multiple SingleLogoutService bindings.
Closes gh-11286
2022-06-09 12:56:16 -06:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings.
Closes gh-11286
2022-06-09 12:50:33 -06:00
j3graham 29ba67b6d7 Remove dependency on commons-codec by using java.util.Base64
Closes gh-11318
2022-06-09 06:50:01 -06:00
j3graham f3c96fa9cd Remove dependency on commons-codec by using java.util.Base64
Closes gh-11318
2022-06-09 06:49:39 -06:00
Houssem BELHADJ AHMED fc653bb81a
make SAML authentication request uri configurable
Closes gh-10840
2022-06-06 12:49:29 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer
Closes gh-8873
2022-06-06 08:05:33 -06:00
Houssem BELHADJ AHMED 33104269d6 make SAML authentication request uri configurable
Closes gh-10840
2022-06-06 08:05:33 -06:00
Marcus Da Coregio e20323e0a8 Use Java 11 Toolchain for OpenSaml4 compile
Issue gh-10816
2022-06-02 19:24:42 +02:00
Claudio Consolmagno 07f9afe057
Use 'md:' prefix in EntityDescriptor XML
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
2022-05-31 17:11:02 -06:00
Claudio Consolmagno c39d39b35f
Use 'md:' prefix in EntityDescriptor XML
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
2022-05-31 17:08:51 -06:00
Claudio Consolmagno b1004aff4e
Use 'md:' prefix in EntityDescriptor XML
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
2022-05-31 17:07:18 -06:00
Claudio Consolmagno b470f29cf8 Use 'md:' prefix with EntityDescriptor tag in the metadata xml
Create the EntityDescriptor object with EntityDescriptor.DEFAULT_ELEMENT_NAME instead of EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag is marshalled to xml with the 'md:' prefix, consistent with all other metadata tags.

Closes #11283
2022-05-31 17:06:00 -06:00
Juny Tse 649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 12:06:27 -06:00
Juny Tse d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 12:02:13 -06:00
Juny Tse 16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 11:43:50 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 11:42:54 -06:00
Josh Cummings bcd104763e
Remove duplicate check
Closes gh-11192
2022-05-23 16:01:37 -06:00
Josh Cummings 53e509f0c6
Remove duplicate check
Closes gh-11192
2022-05-23 16:00:15 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature
Closes gh-11235
2022-05-23 15:30:07 -06:00
Josh Cummings b51c71c3b3
Use original query string to verify signature
Closes gh-11235
2022-05-23 13:56:28 -06:00
Ulrich Grave 7f5c31995e
Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest
Closes gh-11195
2022-05-17 16:41:44 -06:00
Ulrich Grave 9b874bcde2 Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest
Closes gh-11195
2022-05-17 16:21:54 -06:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations
Closes gh-11077
2022-05-06 10:15:42 -03:00
Josh Cummings c93c6b928e
Polish Relay State Resolver
Issue gh-11065
2022-05-05 17:42:02 -06:00
sebastiano f7a43e4989
Allow custom relay state
Closes gh-11065
2022-05-05 17:42:01 -06:00
Josh Cummings 13795cdec1
Polish Relay State Resolver
Issue gh-11065
2022-05-05 17:28:30 -06:00
sebastiano 4dfc349914
Allow custom relay state
Closes gh-11065
2022-05-05 17:26:39 -06:00
Ulrich Grave 3cbb60750d Add Jackson Support for Saml2AuthenticationException
Closes gh-11169
2022-05-02 17:41:52 -05:00
Ulrich Grave c6038b1ea3 Add Jackson Support for Saml2AuthenticationException
Closes gh-11169
2022-05-02 16:24:43 -05:00
Marcus Da Coregio cfb1745906 Deprecate Saml2AuthenticationRequestFactory
Closes gh-11080
2022-04-08 09:33:41 -03:00
Marcus Da Coregio bb0c336ae8 Deprecate Saml2AuthenticationRequestFactory
Closes gh-11080
2022-04-08 09:32:03 -03:00
Steve Riesenberg 8aa7029d07 Fix checkstyle errors
Issue gh-10989
2022-03-18 22:53:29 -05:00
Josh Cummings cf29bf996c
Polish InResponseTo support
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
2022-03-15 14:06:58 -06:00
Elias Lousseief 3c878549b5
Add support for validation of InResponseTo
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).

Closes gh-9174
2022-03-15 14:06:57 -06:00
Elias Lousseief 836f203d44
Refactored OpenSaml4AuthenticationProviderTests
Factored out repeatedly used code for signing a request.
2022-03-15 14:06:57 -06:00
Josh Cummings 070514b9dd
Polish InResponseTo support
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
2022-03-15 13:06:32 -06:00
Elias Lousseief 4aa9420047
Add support for validation of InResponseTo
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).

Closes gh-9174
2022-03-15 13:06:32 -06:00
Elias Lousseief a17cf9e814
Refactored OpenSaml4AuthenticationProviderTests
Factored out repeatedly used code for signing a request.
2022-03-15 13:06:31 -06:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 10:40:26 -03:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 09:18:01 -03:00
Josh Cummings ff87cfce3a Polish EntityDescriptor Customizer
Issue gh-10839
2022-03-04 10:42:04 -07:00
Ulrich Grave d225205bf2 Add method to customize EntityDescriptor
Closes gh-10839
2022-03-04 10:42:04 -07:00
Josh Cummings 87828df9d5 Polish EntityDescriptor Customizer
Issue gh-10839
2022-03-04 10:40:30 -07:00
Ulrich Grave 3602eff1ac Add method to customize EntityDescriptor
Closes gh-10839
2022-03-04 10:40:30 -07:00
Josh Cummings 304e89041c Polish Formatting
Issue gh-10799
2022-03-02 16:40:13 -07:00
Sander van Schouwenburg f1a76efc2d Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:40:13 -07:00
Josh Cummings 963251314b Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:40:11 -07:00
Josh Cummings ee061f3659 Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:39:31 -07:00
Josh Cummings 923c61e9d2 Polish Formatting
Issue gh-10799
2022-03-02 16:37:58 -07:00
Sander van Schouwenburg 14d0663ae2 Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:37:58 -07:00
Josh Cummings 346038d66c Polish Formatting
Issue gh-10799
2022-03-02 16:36:23 -07:00
Sander van Schouwenburg c734b4b39e Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:36:23 -07:00
Josh Cummings 5b9a45de01 Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:30:21 -07:00
Josh Cummings 0b59e7797d Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:30:21 -07:00
Josh Cummings 7a02bd14c1 Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:19:03 -07:00
Josh Cummings 238616da80 Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:18:34 -07:00
Josh Cummings 4ede1feae5 Polish Saml2 Jackson Support
Issue gh-10905
2022-03-01 14:17:17 -07:00
Ulrich Grave 2334610fa9 Add Jackson Support for Saml2 Module
Closes gh-10905
2022-03-01 14:17:17 -07:00
Josh Cummings 6c3d183a94 Polish Saml2 Jackson Support
Issue gh-10905
2022-03-01 13:56:02 -07:00
Ulrich Grave df84826c95 Add Jackson Support for Saml2 Module
Closes gh-10905
2022-03-01 12:07:55 -07:00
Filip Hanik 47871562ca Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 15:02:03 -07:00
Filip Hanik 6e5bb71466 Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 15:01:58 -07:00
Filip Hanik 70b52a001b Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 14:57:04 -07:00
Josh Cummings 6dbd88a5a4 Remove WantAssertionsSigned
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
2022-02-22 08:14:05 -07:00
Josh Cummings 3d878549f4 Remove WantAssertionsSigned
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
2022-02-18 11:43:25 -07:00
Josh Cummings b451ede189 Add Skipping Decryption Error Message
Closes gh-10220
2022-02-16 16:43:31 -07:00
Josh Cummings c6e5781679 Correct Test
Issue gh-10220
2022-02-16 16:43:31 -07:00
Josh Cummings 5cda362c47 Collect All Validation Errors
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
2022-02-16 16:43:31 -07:00
Josh Cummings 97c18478e5 Add Skipping Decryption Error Message
Closes gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 399562b2a8 Correct Test
Issue gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 836335dc89 Collect All Validation Errors
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
2022-02-16 16:10:19 -07:00
Josh Cummings b4dbcd6b2d Add OpenSamlAssertingPartyDetails
Closes gh-10781
2022-02-07 14:43:06 -07:00
Josh Cummings 541a1e48b3 Add OpenSamlAssertingPartyDetails
Closes gh-10781
2022-02-07 14:42:17 -07:00
Josh Cummings 28747ca89c Fix Checkstyle Error
Issue gh-9696
2022-02-04 20:07:41 -07:00
Josh Cummings 5c4178beb7 Fix Checkstyle Error
Issue gh-9696
2022-02-04 20:07:17 -07:00
Josh Cummings e8be907edf Polish Testing for Custom Attributes Values
- Moved construction and management of custom objects
into TestCustomOpenSamlObjects

Issue gh-9696
2022-02-04 20:04:03 -07:00
pelesic f626d11c6e Add OpenSaml custom types to Saml2AuthenticatedPrincipal
OpenSaml custom types are added to Saml2AutehnticatedPrincipal as
attributes.

Closes gh-9696
2022-02-04 20:04:03 -07:00
Josh Cummings 70bb588a25 Polish Testing for Custom Attributes Values
- Moved construction and management of custom objects
into TestCustomOpenSamlObjects

Issue gh-9696
2022-02-04 19:57:54 -07:00
pelesic 3cc7f384e6 Add OpenSaml custom types to Saml2AuthenticatedPrincipal
OpenSaml custom types are added to Saml2AutehnticatedPrincipal as
attributes.

Closes gh-9696
2022-02-04 13:41:41 -07:00
Josh Cummings 965e689461 Add EntitiesDescriptor Support
Closes gh-10782
2022-01-31 13:32:12 -07:00
Josh Cummings 4095d89bb3 Add EntitiesDescriptor Support
Closes gh-10782
2022-01-31 13:13:21 -07:00
Josh Cummings 60eead9ceb Add Session Index Support
Closes gh-10613
2022-01-28 12:21:44 -07:00
Josh Cummings b1a905befe Add Session Index Support
Closes gh-10613
2022-01-28 12:14:06 -07:00
Josh Cummings df3593f2dd Deprecate Saml2 AuthnRequest Classes
Issue gh-10355
2022-01-24 16:18:33 -07:00
Josh Cummings 5a2556879a Add Saml2AuthenticationRequestResolver
Closes gh-10355
2022-01-24 16:18:33 -07:00
Josh Cummings 620081ea9a Deprecate Saml2 AuthnRequest Classes
Issue gh-10355
2022-01-24 15:16:15 -07:00
Josh Cummings d538423f98 Add Saml2AuthenticationRequestResolver
Closes gh-10355
2022-01-24 15:09:45 -07:00
Marcus Da Coregio 861368bda5 Make Saml2AuthenticationRequests serializable
Closes gh-10550
2022-01-24 09:24:33 -03:00
Marcus Da Coregio cca35bdd93 Make Saml2AuthenticationRequests serializable
Closes gh-10550
2022-01-24 08:55:26 -03:00
Rob Winch c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
Issue gh-10501
2022-01-19 15:32:12 -06:00
Rob Winch 8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
Issue gh-10501
2022-01-19 14:33:53 -06:00
Josh Cummings 20c252982e Remove SAML 2.0 Logout Default
Closes gh-10607
2022-01-14 15:29:50 -07:00
Josh Cummings d493598e17 Polish LogoutRequest#EncryptedID Support
Issue gh-10663
2022-01-14 14:47:45 -07:00
Robert Stoiber c1bea329ba Enabled SAML LogoutRequests with EncryptedID
The OpenSamlLogoutRequestValidator validates the subject to be logged out.
Formerly this was done only using the NameID from the OpenSamlLogoutRequest.
Now the EncryptedID is also supported, Since the SAML2 Standard also allows
the EncryptedID as subject identifiers,

- added EncryptedID as valid subject in OpenSamlLogoutRequestValidator
- added test

Closes gh-10663
2022-01-14 14:47:36 -07:00
Josh Cummings 3c45d46bd7 Polish LogoutRequest#EncryptedID Support
Issue gh-10663
2022-01-14 14:44:24 -07:00
Robert Stoiber 700cae8d3b Enabled SAML LogoutRequests with EncryptedID
The OpenSamlLogoutRequestValidator validates the subject to be logged out.
Formerly this was done only using the NameID from the OpenSamlLogoutRequest.
Now the EncryptedID is also supported, Since the SAML2 Standard also allows
the EncryptedID as subject identifiers,

- added EncryptedID as valid subject in OpenSamlLogoutRequestValidator
- added test

Closes gh-10663
2022-01-14 14:44:11 -07:00
Josh Cummings c664fbc1a3 Support No SingleLogoutServiceLocation
Closes gh-10674
2022-01-03 13:38:47 -07:00
Josh Cummings 45b7fed884 Remove SAML 2.0 Logout Default
Closes gh-10607
2022-01-03 13:14:12 -07:00
Josh Cummings cb008fa062 Support No SingleLogoutServiceLocation
Closes gh-10674
2022-01-03 13:14:06 -07:00
Josh Cummings 6b54afe9a3 Remove SAML 2.0 Logout Default
Closes gh-10607
2022-01-03 12:54:22 -07:00
Josh Cummings b9453da343 Support No SingleLogoutServiceLocation
Closes gh-10674
2022-01-03 12:54:18 -07:00
Josh Cummings cbf0e1da68 Remove commons-logging from saml2
Issue gh-10499
2021-12-16 10:15:58 -07:00
Arnaud Mergey dbe4d704f8 Add SP NameIDFormat Support
closes gh-9115
2021-12-01 13:23:30 -07:00
Arnaud Mergey a17dfb8456 Add SP NameIDFormat Support
closes gh-9115
2021-12-01 13:02:20 -07:00
Marcus Da Coregio db60df2f9c Update to Spring Framework 6.0
Issue gh-10360
2021-11-01 09:02:42 -03:00
Marcus Da Coregio 010f719344 Upgrade to JDK 17
Closes gh-10343
2021-11-01 09:02:42 -03:00
Vladimir Surcov 7330ec41e4 Adding keyInfo section to LogoutRequest from RP side
Issue gh-10438
2021-10-29 11:00:19 -06:00
Emil Sierżęga 04b47c5928 Fixed various broken links in Javadocs 2021-10-21 11:47:04 +02:00
Rob Winch f836897190 Checkstyle Fixes
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
2021-10-18 21:03:35 -05:00
Marcus Da Coregio 00084cf986 Add saml2.ValidIssuers parameter
Adds the saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators

Closes gh-10335
2021-10-14 09:21:43 -06:00
Marcus Da Coregio 02b2fcc6f0 Restore ManagementConfigurationPlugin
Issue gh-9615
2021-10-05 11:23:29 -03:00
Marcus Da Coregio d2e5f2ae0d Update Gradle to 7.2
Closes gh-9615
2021-10-04 15:19:40 -03:00
Marcus Da Coregio 7112ee3eaa Allow SAML 2.0 loginProcessingURL without registrationId
Closes gh-10176
2021-10-04 09:54:40 -03:00
Marcus Da Coregio e36e2b2a97 Move Saml2AuthnRequestRepository to web package
Moving to solve package tangles

Issue gh-9185
2021-09-29 14:10:39 -03:00
Daniel Garnier-Moiroux 2fb8e66bc8 Saml2WebSsoAuthenticationFilter adds authentication details
Closes gh-7722
2021-09-27 11:44:30 -03:00
Josh Cummings 194993ad1a Add Saml2ParameterNames
Closes gh-10270
2021-09-14 17:40:12 -06:00
Josh Cummings c63d618b26 Add Single Logout Support
Closes gh-8731
2021-09-13 16:39:48 -06:00
Josh Cummings 6488295cad Add RelyingPartyRegistrationResolver
Closes gh-9486
2021-09-13 16:39:48 -06:00
Josh Cummings f5a525e740 Add Registration to Saml2Authentication
Closes gh-9487
2021-09-13 16:39:48 -06:00
Josh Cummings 822e59af45 useJUnitPlatform for SAML 2.0 Tests
Issue gh-9467
2021-09-13 16:39:48 -06:00
Russell Allen 1806cebd64 Fix Assertion
Closes gh-10055
2021-08-09 10:09:06 -03:00
Josh Cummings d5c953b106
Polish Saml2AuthenticationRequestRepository
- Moved docs into AuthnRequest section, changed links to be more
semantically valuable to search engines
- Moved tests to be nearer to similar tests

Issue gh-9185
2021-07-27 14:56:23 -06:00
Marcus Da Coregio 16e17d242e Add Saml2AuthenticationRequestRepository
Closes gh-9185
2021-07-27 14:55:53 -06:00
Rob Winch f73f213f50 Remove DependencySetPlugin
Closes gh-10070
2021-07-12 15:31:38 -05:00
Rob Winch 3e93b024d6 openrewrite Junit Migration 2021-07-09 14:32:52 -05:00
Daniel Garnier-Moiroux 298068503b Fix Saml2WebSsoAuthenticationRequestFilter javadoc 2021-06-30 13:41:52 +02:00
Marcus Hert da Coregio 03ded987af Allow Defining Custom SAML Response Validator
Add a setter method into OpenSaml4AuthenticationProvider that allows defining a custom ResponseValidator

Closes gh-9721
2021-06-30 08:26:42 -03:00
Marcus Hert da Coregio 6474a9e76e Allow Creating RelyingPartyRegistration from Metadata InputStream
Update SAML2 Login reference documentation to reflect the changes

Closes gh-9558
2021-06-30 08:02:24 -03:00
Josh Cummings 8e0a91d12f
Rebase OpenSamlSigningUtils and Tests
Issue gh-9865
2021-06-07 12:38:56 -06:00
Filip Hanik adad2da964
Provide KeyInfo in Signature for AuthnRequests
Closes gh-9856
2021-06-07 12:38:55 -06:00
Rob Winch 1491f2e0b6 Fix saml javadoc 2021-05-17 22:39:34 -05:00
Rob Winch eda38b8f88 opensaml fixes 2021-05-17 15:51:55 -05:00
Marcus Hert da Coregio ef0d933a65 Update SAML JavaDoc to reference specification
Closes gh-9510
2021-05-13 10:45:23 -06:00
Josh Cummings 457c2a2d06
Add Response Status Check
Closes gh-9718
2021-05-04 09:45:37 -06:00
Josh Cummings 8c92eddbe5
Revert "Add Registration to Saml2Authentication"
This reverts commit efe42b93ce.
2021-04-12 14:44:36 -06:00
Josh Cummings 55047fd996
Revert "Add RelyingPartyRegistrationResolver"
This reverts commit 2f734a0975.
2021-04-12 14:44:19 -06:00
Josh Cummings 37b40476e7
Revert "Add Single Logout Support"
This reverts commit e807fae869.
2021-04-12 14:44:04 -06:00
Josh Cummings 7da6077727
Update to commons-codec:1.15
Closes gh-9575
2021-04-10 10:11:32 -06:00
Josh Cummings e807fae869
Add Single Logout Support
Closes gh-8731
2021-04-10 00:25:34 -06:00
Josh Cummings 2f734a0975
Add RelyingPartyRegistrationResolver
Closes gh-9486
2021-04-10 00:12:38 -06:00
Josh Cummings efe42b93ce
Add Registration to Saml2Authentication
Closes gh-9487
2021-04-10 00:12:38 -06:00
Josh Cummings 88c1475a3b
Polish OpenSAML 4 support
Issue gh-9095
2021-04-10 00:12:15 -06:00
Josh Cummings a8a7ab4ffa
Restore spring-security-web Dependency
Issue gh-9095
2021-04-09 12:42:04 -06:00
Josh Cummings 6f79921750
Default to OpenSAML 3
- To make upgrade passive

Issue gh-9095
2021-04-06 17:11:33 -06:00
Josh Cummings 951202e797
Polish SAML 2.0 Artifacts
- Produce sources jar
- Produce Javadoc jar

Issue gh-9095
2021-04-06 17:10:53 -06:00
Rob Winch 60d3db5798 add management platform(project(":spring-security-dependencies"))
Closes gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch de1b3e9d30 Remove DepencencyManagementPlugin
Issue gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch 0f0e8eded4 Add spring-security-dependencies
Issue gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch 1a76ee7442 Update Gradle configuration names
Closes gh-9540
2021-04-05 10:36:36 -05:00
Josh Cummings 4b351b1472
Remove SpringSecurityAuthnRequestBuilder
- We don't want to have public top-level classes extending or
implementing OpenSAML classes

Issue gh-9095
2021-03-30 11:40:57 -06:00
Josh Cummings 404e9e153a
Fix Javadoc Errors
Closes gh-9530
2021-03-30 11:37:42 -06:00
Josh Cummings d0d0a8d958 Add OpenSAML 4 Support
Closes gh-9095
2021-03-23 19:07:23 -06:00
Josh Cummings a015b8b000 Add Saml2MessageBinding#from
Closes gh-9515
2021-03-23 19:07:23 -06:00
Eleftheria Stein 4a492846f1 Revert "Lock dependencies for 2.5.0-M3"
This reverts commit f05cc6269c.
2021-03-15 23:18:45 +01:00
Eleftheria Stein f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Josh Cummings c860076ef5
Fix Saml2MetadataFilter Test
Issue gh-9281
2021-03-02 16:32:17 -07:00
Han YanJing f3fa8e8800
Polish
Issue gh-9310
2021-03-02 12:04:22 -07:00