Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,658 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

253 Commits

Author SHA1 Message Date
Josh Cummings e90a11b1c0
Add SecurityContextHolderStrategy to Saml2 
Issue gh-11060
 2022-10-05 23:50:55 -06:00
Josh Cummings 61c80bcac5
Move Saml2 Authentication Filters 
Closes gh-8819
 2022-09-20 17:18:05 -06:00
Rob Winch 48e31f87e4 Remove Deprecated OpenSAML 3 Support 
Closes gh-10556
 2022-09-20 16:57:38 -06:00
Marcus Da Coregio 00302c80ad
Move SAML Post inline javascript to script tag 
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility

Closes gh-11676
 2022-08-16 15:11:01 -06:00
Scott Shidlovsky 508f7d7b8a Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 2022-08-02 08:02:22 -06:00
Scott Shidlovsky 947445fcc5 Add ID to Saml2 Post and Redirect Requests 
Closes gh-11468
 2022-08-02 08:02:22 -06:00
Ulrich Grave 4393c2ea02
Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 18:04:39 -06:00
Josh Cummings e092ec780f
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:33:24 -06:00
Joe Grandja 7b18336c6a Change interface with constants to final class 
Closes gh-10960
 2022-07-13 15:51:58 -04:00
Josh Cummings 89fb075e2d
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:14:19 -06:00
Josh Cummings 3a41567a18
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:14:13 -06:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:50:33 -06:00
j3graham f3c96fa9cd Remove dependency on commons-codec by using java.util.Base64 
Closes gh-11318
 2022-06-09 06:49:39 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer 
Closes gh-8873
 2022-06-06 08:05:33 -06:00
Houssem BELHADJ AHMED 33104269d6 make SAML authentication request uri configurable 
Closes gh-10840
 2022-06-06 08:05:33 -06:00
Claudio Consolmagno b470f29cf8 Use 'md:' prefix with EntityDescriptor tag in the metadata xml 
Create the EntityDescriptor object with EntityDescriptor.DEFAULT_ELEMENT_NAME instead of EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag is marshalled to xml with the 'md:' prefix, consistent with all other metadata tags.

Closes #11283
 2022-05-31 17:06:00 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:42:54 -06:00
Josh Cummings bcd104763e
Remove duplicate check 
Closes gh-11192
 2022-05-23 16:01:37 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 15:30:07 -06:00
Ulrich Grave 7f5c31995e
Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest 
Closes gh-11195
 2022-05-17 16:41:44 -06:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations 
Closes gh-11077
 2022-05-06 10:15:42 -03:00
Josh Cummings c93c6b928e
Polish Relay State Resolver 
Issue gh-11065
 2022-05-05 17:42:02 -06:00
sebastiano f7a43e4989
Allow custom relay state 
Closes gh-11065
 2022-05-05 17:42:01 -06:00
Ulrich Grave c6038b1ea3 Add Jackson Support for Saml2AuthenticationException 
Closes gh-11169
 2022-05-02 16:24:43 -05:00
Marcus Da Coregio cfb1745906 Deprecate Saml2AuthenticationRequestFactory 
Closes gh-11080
 2022-04-08 09:33:41 -03:00
Steve Riesenberg 8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Josh Cummings 070514b9dd
Polish InResponseTo support 
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
 2022-03-15 13:06:32 -06:00
Elias Lousseief 4aa9420047
Add support for validation of InResponseTo 
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).

Closes gh-9174
 2022-03-15 13:06:32 -06:00
Elias Lousseief a17cf9e814
Refactored OpenSaml4AuthenticationProviderTests 
Factored out repeatedly used code for signing a request.
 2022-03-15 13:06:31 -06:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 10:40:26 -03:00
Josh Cummings 87828df9d5 Polish EntityDescriptor Customizer 
Issue gh-10839
 2022-03-04 10:40:30 -07:00
Ulrich Grave 3602eff1ac Add method to customize EntityDescriptor 
Closes gh-10839
 2022-03-04 10:40:30 -07:00
Josh Cummings 346038d66c Polish Formatting 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Sander van Schouwenburg c734b4b39e Preserve order of RelyingPartRegistration credentials 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Josh Cummings 5b9a45de01 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings 0b59e7797d Use RFC2045 Encoding for SAML 2.0 Logout 
Closes gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings 4ede1feae5 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Ulrich Grave 2334610fa9 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 14:17:17 -07:00
Filip Hanik 6e5bb71466 Change HashSet to LinkedHashSet 
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
 2022-02-28 15:01:58 -07:00
Josh Cummings 6dbd88a5a4 Remove WantAssertionsSigned 
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
 2022-02-22 08:14:05 -07:00
Josh Cummings b451ede189 Add Skipping Decryption Error Message 
Closes gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings c6e5781679 Correct Test 
Issue gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings 5cda362c47 Collect All Validation Errors 
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings b4dbcd6b2d Add OpenSamlAssertingPartyDetails 
Closes gh-10781
 2022-02-07 14:43:06 -07:00
Josh Cummings 28747ca89c Fix Checkstyle Error 
Issue gh-9696
 2022-02-04 20:07:41 -07:00
Josh Cummings e8be907edf Polish Testing for Custom Attributes Values 
- Moved construction and management of custom objects
into TestCustomOpenSamlObjects

Issue gh-9696
 2022-02-04 20:04:03 -07:00
pelesic f626d11c6e Add OpenSaml custom types to Saml2AuthenticatedPrincipal 
OpenSaml custom types are added to Saml2AutehnticatedPrincipal as
attributes.

Closes gh-9696
 2022-02-04 20:04:03 -07:00
Josh Cummings 965e689461 Add EntitiesDescriptor Support 
Closes gh-10782
 2022-01-31 13:32:12 -07:00
Josh Cummings 60eead9ceb Add Session Index Support 
Closes gh-10613
 2022-01-28 12:21:44 -07:00
Josh Cummings df3593f2dd Deprecate Saml2 AuthnRequest Classes 
Issue gh-10355
 2022-01-24 16:18:33 -07:00