Joe Grandja
bca43af9bb
Update org.opensaml:opensaml-core4 to 4.1.1
...
Closes gh-11410
2022-06-20 12:08:07 -04:00
Josh Cummings
d22277ce36
Add missing KeyInfo
...
Closes gh-11354
2022-06-09 13:16:50 -06:00
Josh Cummings
bd60a0f8c9
Add OpenSamlSigningUtilsTests
...
Issue gh-11354
2022-06-09 13:16:49 -06:00
Claudio Consolmagno
c39d39b35f
Use 'md:' prefix in EntityDescriptor XML
...
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.
Closes #11283
2022-05-31 17:08:51 -06:00
Juny Tse
d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
...
Closes gh-11262
2022-05-25 12:02:13 -06:00
Marcus Da Coregio
bb0c336ae8
Deprecate Saml2AuthenticationRequestFactory
...
Closes gh-11080
2022-04-08 09:32:03 -03:00
Josh Cummings
cf29bf996c
Polish InResponseTo support
...
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once
Issue gh-9174
2022-03-15 14:06:58 -06:00
Elias Lousseief
3c878549b5
Add support for validation of InResponseTo
...
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).
Closes gh-9174
2022-03-15 14:06:57 -06:00
Elias Lousseief
836f203d44
Refactored OpenSaml4AuthenticationProviderTests
...
Factored out repeatedly used code for signing a request.
2022-03-15 14:06:57 -06:00
Marcus Da Coregio
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
Josh Cummings
ff87cfce3a
Polish EntityDescriptor Customizer
...
Issue gh-10839
2022-03-04 10:42:04 -07:00
Ulrich Grave
d225205bf2
Add method to customize EntityDescriptor
...
Closes gh-10839
2022-03-04 10:42:04 -07:00
Josh Cummings
923c61e9d2
Polish Formatting
...
Issue gh-10799
2022-03-02 16:37:58 -07:00
Sander van Schouwenburg
14d0663ae2
Preserve order of RelyingPartRegistration credentials
...
Issue gh-10799
2022-03-02 16:37:58 -07:00
Josh Cummings
7a02bd14c1
Replace Apache Commons Base64 Decoding
...
Issue gh-10923
2022-03-02 16:19:03 -07:00
Josh Cummings
238616da80
Use RFC2045 Encoding for SAML 2.0 Logout
...
Closes gh-10923
2022-03-02 16:18:34 -07:00
Josh Cummings
6c3d183a94
Polish Saml2 Jackson Support
...
Issue gh-10905
2022-03-01 13:56:02 -07:00
Ulrich Grave
df84826c95
Add Jackson Support for Saml2 Module
...
Closes gh-10905
2022-03-01 12:07:55 -07:00
Filip Hanik
70b52a001b
Change HashSet to LinkedHashSet
...
For various RelyingPartyRegistration.credentials to preserve order of insertion.
Issue gh-10799
2022-02-28 14:57:04 -07:00
Josh Cummings
3d878549f4
Remove WantAssertionsSigned
...
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.
Closes gh-10844
2022-02-18 11:43:25 -07:00
Josh Cummings
97c18478e5
Add Skipping Decryption Error Message
...
Closes gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings
399562b2a8
Correct Test
...
Issue gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings
836335dc89
Collect All Validation Errors
...
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception
Issue gh-10220
2022-02-16 16:10:19 -07:00
Josh Cummings
541a1e48b3
Add OpenSamlAssertingPartyDetails
...
Closes gh-10781
2022-02-07 14:42:17 -07:00
Josh Cummings
5c4178beb7
Fix Checkstyle Error
...
Issue gh-9696
2022-02-04 20:07:17 -07:00
Josh Cummings
70bb588a25
Polish Testing for Custom Attributes Values
...
- Moved construction and management of custom objects
into TestCustomOpenSamlObjects
Issue gh-9696
2022-02-04 19:57:54 -07:00
pelesic
3cc7f384e6
Add OpenSaml custom types to Saml2AuthenticatedPrincipal
...
OpenSaml custom types are added to Saml2AutehnticatedPrincipal as
attributes.
Closes gh-9696
2022-02-04 13:41:41 -07:00
Josh Cummings
4095d89bb3
Add EntitiesDescriptor Support
...
Closes gh-10782
2022-01-31 13:13:21 -07:00
Josh Cummings
b1a905befe
Add Session Index Support
...
Closes gh-10613
2022-01-28 12:14:06 -07:00
Josh Cummings
620081ea9a
Deprecate Saml2 AuthnRequest Classes
...
Issue gh-10355
2022-01-24 15:16:15 -07:00
Josh Cummings
d538423f98
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 15:09:45 -07:00
Marcus Da Coregio
cca35bdd93
Make Saml2AuthenticationRequests serializable
...
Closes gh-10550
2022-01-24 08:55:26 -03:00
Rob Winch
8f64bb6c8c
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 14:33:53 -06:00
Josh Cummings
3c45d46bd7
Polish LogoutRequest#EncryptedID Support
...
Issue gh-10663
2022-01-14 14:44:24 -07:00
Robert Stoiber
700cae8d3b
Enabled SAML LogoutRequests with EncryptedID
...
The OpenSamlLogoutRequestValidator validates the subject to be logged out.
Formerly this was done only using the NameID from the OpenSamlLogoutRequest.
Now the EncryptedID is also supported, Since the SAML2 Standard also allows
the EncryptedID as subject identifiers,
- added EncryptedID as valid subject in OpenSamlLogoutRequestValidator
- added test
Closes gh-10663
2022-01-14 14:44:11 -07:00
Josh Cummings
6b54afe9a3
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 12:54:22 -07:00
Josh Cummings
b9453da343
Support No SingleLogoutServiceLocation
...
Closes gh-10674
2022-01-03 12:54:18 -07:00
Arnaud Mergey
dbe4d704f8
Add SP NameIDFormat Support
...
closes gh-9115
2021-12-01 13:23:30 -07:00
Vladimir Surcov
7330ec41e4
Adding keyInfo section to LogoutRequest from RP side
...
Issue gh-10438
2021-10-29 11:00:19 -06:00
Emil Sierżęga
04b47c5928
Fixed various broken links in Javadocs
2021-10-21 11:47:04 +02:00
Rob Winch
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
Marcus Da Coregio
00084cf986
Add saml2.ValidIssuers parameter
...
Adds the saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators
Closes gh-10335
2021-10-14 09:21:43 -06:00
Marcus Da Coregio
02b2fcc6f0
Restore ManagementConfigurationPlugin
...
Issue gh-9615
2021-10-05 11:23:29 -03:00
Marcus Da Coregio
d2e5f2ae0d
Update Gradle to 7.2
...
Closes gh-9615
2021-10-04 15:19:40 -03:00
Marcus Da Coregio
7112ee3eaa
Allow SAML 2.0 loginProcessingURL without registrationId
...
Closes gh-10176
2021-10-04 09:54:40 -03:00
Marcus Da Coregio
e36e2b2a97
Move Saml2AuthnRequestRepository to web package
...
Moving to solve package tangles
Issue gh-9185
2021-09-29 14:10:39 -03:00
Daniel Garnier-Moiroux
2fb8e66bc8
Saml2WebSsoAuthenticationFilter adds authentication details
...
Closes gh-7722
2021-09-27 11:44:30 -03:00
Josh Cummings
194993ad1a
Add Saml2ParameterNames
...
Closes gh-10270
2021-09-14 17:40:12 -06:00
Josh Cummings
c63d618b26
Add Single Logout Support
...
Closes gh-8731
2021-09-13 16:39:48 -06:00
Josh Cummings
6488295cad
Add RelyingPartyRegistrationResolver
...
Closes gh-9486
2021-09-13 16:39:48 -06:00