Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
Improve handling of IOException to report an
AuthenticationServiceExceptionThere are many reasons that a
DefaultReactiveOAuth2UserService might fail due to an IOException
(i.e. SSLHandshakeException). In those cases we should use a
AuthenticationServiceException so that users are aware there is likely
some misconfiguration.
Fixes gh-7370
Dirties the WebSession by putting the amended AUTHORIZATION_REQUEST map into
the WebSession even it was already in the map. This causes common SessionRepository
implementations like Redis to persist the updated attribute.
Fixes gh-7327
Author: Andreas Kluth <mail@andreaskluth.net>
First version of replacing streams
fix wwwAuthenticate and codestyle
fix errors in implementation to pass tests
Fix review notes
Remove uneccessary final to align with cb
Short circuit way to authorize
Simplify error message, make code readably
Return error while duplicate key found
Delete check for duplicate, checkstyle issues
Return duplicate error
Fixes gh-7154
RequestContextSubscriber could cause NPE if Mono/Flux.subscribe()
was invoked outside of Web Context.
In addition it replaced source Context with its own without respect
to old data.
Now Request Context Data is Propagated within holder class and
it is added to existing reactor Context if Holder is not empty.
Fixes gh-7228
