Closes gh-16042
This commit adds a static initializer block to both OpenSaml4AssertingPartyMetadataRepository
and OpenSaml5AssertingPartyMetadataRepository. This ensures OpenSAML is initialized upon class
loading, preventing failures when methods like withMetadataLocation are invoked without prior
initialization.
There was another flaky failure. While it seems clear what
needs to be done to repair it, this commit disables these
tests for now while the CI on a separate branch confirms
after a few days that the tests are stable again.
Issue gh-15395
The issue turned out to be that OpenSAML first sends two HEAD
requests before sending a GET to retrieve the metadata. The way
the MockWebServer dispatcher was configured, it would send back
the metadata on each request. This created a situation where sockets
were being closed by the client before the server had sent all the
response, resulting in a broken pipe.
The tests would succeed most of the time due to lucky timing between
the client closing the socket and the server having sent all of its
(unrequested) data.
This version sends an expected HEAD response when requested.
Issue gh-15395
The error between MockWebServer and OpenSAML still happens on
occasion. This commit uses MockWebServer's default queue dispatcher
to remove any customization that might be contributing to
the flakiness.
Issue gh-15395
This will be useful for exposing OpenSAML functionality at
a higher level. Each OpenSAML major version release should
provide a new implementation.
Issue gh-11658
Originally, Spring Security turned off various features
XML parsing feature for the underlying DocumentBuilderFactory
that OpenSAML uses.
Both OpenSAML 4 and 5 set these values by default, so we
can safely accept the defaults at this point.
Issue gh-11658
- MockWebServer seems to start failing to respond to connections
at a certain frequency of requests. This commit builds in a small
delay of 1 millisecond to address this.
Closes gh-15395
opensource
Josh Cummings
Marcus Hert Da Coregio
Sanghyuk Jung
James Howe