Commit Graph

230 Commits

Author SHA1 Message Date
Josh Cummings 822e59af45 useJUnitPlatform for SAML 2.0 Tests
Issue gh-9467
2021-09-13 16:39:48 -06:00
Russell Allen 1806cebd64 Fix Assertion
Closes gh-10055
2021-08-09 10:09:06 -03:00
Josh Cummings d5c953b106
Polish Saml2AuthenticationRequestRepository
- Moved docs into AuthnRequest section, changed links to be more
semantically valuable to search engines
- Moved tests to be nearer to similar tests

Issue gh-9185
2021-07-27 14:56:23 -06:00
Marcus Da Coregio 16e17d242e Add Saml2AuthenticationRequestRepository
Closes gh-9185
2021-07-27 14:55:53 -06:00
Rob Winch f73f213f50 Remove DependencySetPlugin
Closes gh-10070
2021-07-12 15:31:38 -05:00
Rob Winch 3e93b024d6 openrewrite Junit Migration 2021-07-09 14:32:52 -05:00
Daniel Garnier-Moiroux 298068503b Fix Saml2WebSsoAuthenticationRequestFilter javadoc 2021-06-30 13:41:52 +02:00
Marcus Hert da Coregio 03ded987af Allow Defining Custom SAML Response Validator
Add a setter method into OpenSaml4AuthenticationProvider that allows defining a custom ResponseValidator

Closes gh-9721
2021-06-30 08:26:42 -03:00
Marcus Hert da Coregio 6474a9e76e Allow Creating RelyingPartyRegistration from Metadata InputStream
Update SAML2 Login reference documentation to reflect the changes

Closes gh-9558
2021-06-30 08:02:24 -03:00
Josh Cummings 8e0a91d12f
Rebase OpenSamlSigningUtils and Tests
Issue gh-9865
2021-06-07 12:38:56 -06:00
Filip Hanik adad2da964
Provide KeyInfo in Signature for AuthnRequests
Closes gh-9856
2021-06-07 12:38:55 -06:00
Rob Winch 1491f2e0b6 Fix saml javadoc 2021-05-17 22:39:34 -05:00
Rob Winch eda38b8f88 opensaml fixes 2021-05-17 15:51:55 -05:00
Marcus Hert da Coregio ef0d933a65 Update SAML JavaDoc to reference specification
Closes gh-9510
2021-05-13 10:45:23 -06:00
Josh Cummings 457c2a2d06
Add Response Status Check
Closes gh-9718
2021-05-04 09:45:37 -06:00
Josh Cummings 8c92eddbe5
Revert "Add Registration to Saml2Authentication"
This reverts commit efe42b93ce.
2021-04-12 14:44:36 -06:00
Josh Cummings 55047fd996
Revert "Add RelyingPartyRegistrationResolver"
This reverts commit 2f734a0975.
2021-04-12 14:44:19 -06:00
Josh Cummings 37b40476e7
Revert "Add Single Logout Support"
This reverts commit e807fae869.
2021-04-12 14:44:04 -06:00
Josh Cummings 7da6077727
Update to commons-codec:1.15
Closes gh-9575
2021-04-10 10:11:32 -06:00
Josh Cummings e807fae869
Add Single Logout Support
Closes gh-8731
2021-04-10 00:25:34 -06:00
Josh Cummings 2f734a0975
Add RelyingPartyRegistrationResolver
Closes gh-9486
2021-04-10 00:12:38 -06:00
Josh Cummings efe42b93ce
Add Registration to Saml2Authentication
Closes gh-9487
2021-04-10 00:12:38 -06:00
Josh Cummings 88c1475a3b
Polish OpenSAML 4 support
Issue gh-9095
2021-04-10 00:12:15 -06:00
Josh Cummings a8a7ab4ffa
Restore spring-security-web Dependency
Issue gh-9095
2021-04-09 12:42:04 -06:00
Josh Cummings 6f79921750
Default to OpenSAML 3
- To make upgrade passive

Issue gh-9095
2021-04-06 17:11:33 -06:00
Josh Cummings 951202e797
Polish SAML 2.0 Artifacts
- Produce sources jar
- Produce Javadoc jar

Issue gh-9095
2021-04-06 17:10:53 -06:00
Rob Winch 60d3db5798 add management platform(project(":spring-security-dependencies"))
Closes gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch de1b3e9d30 Remove DepencencyManagementPlugin
Issue gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch 0f0e8eded4 Add spring-security-dependencies
Issue gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch 1a76ee7442 Update Gradle configuration names
Closes gh-9540
2021-04-05 10:36:36 -05:00
Josh Cummings 4b351b1472
Remove SpringSecurityAuthnRequestBuilder
- We don't want to have public top-level classes extending or
implementing OpenSAML classes

Issue gh-9095
2021-03-30 11:40:57 -06:00
Josh Cummings 404e9e153a
Fix Javadoc Errors
Closes gh-9530
2021-03-30 11:37:42 -06:00
Josh Cummings d0d0a8d958 Add OpenSAML 4 Support
Closes gh-9095
2021-03-23 19:07:23 -06:00
Josh Cummings a015b8b000 Add Saml2MessageBinding#from
Closes gh-9515
2021-03-23 19:07:23 -06:00
Eleftheria Stein 4a492846f1 Revert "Lock dependencies for 2.5.0-M3"
This reverts commit f05cc6269c.
2021-03-15 23:18:45 +01:00
Eleftheria Stein f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Josh Cummings c860076ef5
Fix Saml2MetadataFilter Test
Issue gh-9281
2021-03-02 16:32:17 -07:00
Han YanJing f3fa8e8800
Polish
Issue gh-9310
2021-03-02 12:04:22 -07:00
Han YanJing 6e41246a2b
Throw Saml2AuthenticationException
Closes gh-9310
2021-03-02 12:04:22 -07:00
Josh Cummings 3e8ad4bc2b
Polish Test
Issue gh-9281
2021-03-02 08:24:34 -07:00
Han YanJing c0fa3f906d
Encode the Content-Disposition header following RFC 8187
Closes gh-9281
2021-03-02 08:24:34 -07:00
Han YanJing fb391c5dcd
Add setMetadataFilename method to Saml2MetadataFilter
Closes gh-9317
2021-03-02 08:24:34 -07:00
Josh Cummings c4be1c6a56
Revert "Lock Dependencies"
This reverts commit a85caa4098.
2021-02-11 15:49:59 -07:00
Josh Cummings a85caa4098
Lock Dependencies 2021-02-11 15:00:38 -07:00
Josh Cummings 76229cfab7
Migrate SAML 2.0 Tests and Docs to PCFOne
Issue gh-9362
2021-01-22 15:14:03 -07:00
Josh Cummings 7dde7cffda
Add Status Check
Closes gh-8955
2021-01-05 17:32:47 -07:00
Joe Grandja b95e1aa209 Revert "Lock dependencies for 5.5.0-M1"
This reverts commit 25a7482c8c.
2020-11-03 19:53:28 -05:00
Josh Cummings aba0e904f0
Read SigningMethod Elements
Closes gh-9177
2020-11-02 11:27:23 -07:00
Josh Cummings e1826a0bd8
Polish Signature Algorithm Support
- Changed name to signatureAlgorithms since method and algorithm are
synonymous
- Re-ordered methods to follow typical IDPSSODescriptor order
- Adjusted JavaDoc to refer to IDPSSODescriptor terminology

Issue gh-8952
2020-11-02 11:27:23 -07:00
Arnaud Mergey 9900658c92
support configurable signature algorithm
Closes gh-8952
2020-11-02 11:27:23 -07:00
Rob Winch 25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Josh Cummings 5699670a43
Polish OpenSamlAuthenticationProvider
Remove deprecated usage

Issue gh-8769
2020-10-14 16:49:37 -06:00
Josh Cummings c8cbf06d8d
Add EncryptedAttribute support
Closes gh-9131
2020-10-14 14:58:42 -06:00
Josh Cummings d0581c9a26
Polish Configurable SAML Decryption Support
- Renamed to setResponseElementsDecrypter and
setAssertionElementsDecrypter to align with ResponseToken and
AssertionToken
- Changed contract of setAssertionElementsDecrypter to use
AssertionToken
- Changed assertions in unit test to use isEqualTo

Issue gh-9044
2020-10-14 14:58:42 -06:00
ryan.cassar 535ae3e27d
Add Configurable SAML Response Decryption
Closes gh-9044
2020-10-14 10:38:05 -06:00
Josh Cummings e6ff57c116
Polish RelyingPartyRegistrations
Issue gh-9028
2020-10-12 13:55:16 -06:00
ryan.cassar 9a11cc84ad
Add File-based Metadata Resolution
Closes gh-9028
2020-10-12 13:55:16 -06:00
Josh Cummings bdfd6f9f92
Remove Unused Code
Issue gh-8887
2020-09-28 13:07:48 -06:00
Josh Cummings bcfbd2dee5
Remove Unused Code
Issue gh-8877
2020-09-26 09:06:28 -06:00
Josh Cummings a36baffb3a
Polish OpenSamlAuthenticationRequestFactory
- Refactored to use SAMLMetadataSignatureSigningParametersResolver

Issue gh-7758
2020-09-26 09:06:24 -06:00
Josh Cummings 2ee455b7bf
Add EntitiesDescriptor Support
Closes gh-9051
2020-09-25 16:23:18 -06:00
Phillip Webb 20baa7d409 Replace ExpectedException @Rules with AssertJ
Replace JUnit ExpectedException @Rules with AssertJ calls.
2020-09-22 16:13:51 -06:00
Phillip Webb 910b81928f Replace try/catch with AssertJ
Replace manual try/catch/fail blocks with AssertJ calls.
2020-09-22 16:13:51 -06:00
Joe Grandja 7b1f574769 Revert "Lock Dependency Versions for 5.4.0"
This reverts commit 3d0e459182.
2020-09-09 18:14:12 -04:00
Joe Grandja 3d0e459182 Lock Dependency Versions for 5.4.0 2020-09-09 13:45:03 -04:00
Rob Winch 2abf59b695 Merge Formatting Changes
Issue gh-8945
2020-08-24 17:33:23 -05:00
Phillip Webb 319d3364aa Migrate to assertThatExceptionOfType
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb a5aa6b3d7f Remove blank lines from all tests
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb 1f03608b73 Polish spring-security-saml2 main code
Manually polish `spring-security-saml2` following the formatting
and checkstyle fixes.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb 834dcf5bcf Use consistent ternary expression style
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.

For example: `a = (a != null) ? a : b`

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 8d3f039f76 Reduce method visibility when possible
Reduce method visibility for package private classes when possible.

In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 52f20b5281 Use parenthesis with single-arg lambdas
Use regular expression search/replace to ensure all single-arg
lambdas have parenthesis. This aligns with the style used in Spring
Boot and ensure that single-arg and multi-arg lambdas are consistent.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 01d90c9881 Hide utility class constructors
Update all utility classes so that they have a private constructor. This
prevents users from accidentally creating an instance, when they should
just use the static methods directly.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb ff94944313 Add whitespace after copyright header
Add an additional lines after the copyright header and before the
`package` declaration. This aligns with the style used by Spring
Framework.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 8d80166aaf Update exception variable names
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb e9130489a6 Remove restricted static imports
Replace static imports with class referenced methods. With the exception
of a few well known static imports, checkstyle restricts the static
imports that a class can use. For example, `asList(...)` would be
replaced with `Arrays.asList(...)`.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb db55ef4b3b Migrate to BDD Mockito
Migrate Mockito imports to use the BDD variant. This aligns better with
the "given" / "when" / "then" style used in most tests since the "given"
block now uses Mockito `given(...)` calls.

The commit also updates a few tests that were accidentally using
Power Mockito when regular Mockito could be used.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 81fe9fc640 Make all exception classes immutable
Update all exception classes so that they are fully immutable and cannot
be changed once they have been thrown.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb a0b9442265 Use consistent modifier order
Update code to use a consistent modifier order that aligns with that
used in the "Java Language specification".

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb a2f2e9ac8d Move inner-types so that they are always last
Move all inner-types so that they are consistently the last item
defined. This aligns with the style used by Spring Framework and
the consistency generally makes it easier to scan the source.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 9e08b51ed3 Apply code cleanup rules to projects
Apply automated cleanup rules to add `@Override` and `@Deprecated`
annotations and to fix class references used with static methods.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 8866fa6fb0 Always use 'this.' when accessing fields
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 6894ff5d12 Make classes final where possible
Update classes that have private constructors so that they are also
declared final. In a few cases, inner-classes used private constructors
but were subclassed. These have now been changed to have package-private
constructors.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 37fa94fafc Organize imports
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 5f64f53c3f Use consistent "@" tag order in Javadoc
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb b7fc18262d Reformat code using spring-javaformat
Run `./gradlew format` to reformat all java files.

Issue gh-8945
2020-08-24 17:32:56 -05:00
Josh Cummings 21e9a410ee
Remove Package Tangle
Issue gh-8876
2020-08-19 15:52:20 -06:00
Josh Cummings af5c55c380
Polish AuthnRequest Customization Support
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
2020-08-19 14:27:31 -06:00
Josh Cummings 3694485056
Polish SAML 2.0 Default Assertion Validator
In several cases, taking a pre-set ValidationContext is not sufficient.
For example, the recipient is calculated via the
RelyingPartyRegistration that's currently in the context of the
request.

Instead, then, createDefaultAssertionValidator was broken up into two
different methods: One that takes no parameters and assumes the class's
default ValidationContext, and another that takes a converter to derive
the ValidationContext from the incoming authentication token.

Issue gh-8970
2020-08-19 13:58:42 -06:00
Josh Cummings da7477cd41
Add Response to Authentication Conversion Support
Closes gh-8010
2020-08-18 17:49:34 -06:00
Josh Cummings 0c696dd58b
Remove XSAnyMarshaller AttributeValue Support
In favor of customizing the authentication converter

Closes gh-8864
2020-08-18 17:42:04 -06:00
Josh Cummings 7b3dda161b
Generalize SAML 2.0 Assertion Validation Support
Closes gh-8970
2020-08-18 12:23:42 -06:00
Phillip Webb 27ac046d8a Rename *Test.java -> *Tests.java
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1"
This reverts commit f3a1e5d40c.
2020-08-05 14:59:11 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings a701555318
Polish Saml2AuthenticationTokenConverter
Issue gh-8768
2020-08-05 10:08:47 -06:00
Josh Cummings f82190b414
Add RelyingPartyRegistrations
Closes gh-8484
2020-08-05 10:08:47 -06:00
Josh Cummings 506786f46e
Replaced Spaces with Tabs
Updated the .gradle file for SAML 2.0 Service Provider to use tabs
2020-08-05 10:08:47 -06:00
Josh Cummings b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint
Closes gh-8693
2020-08-05 10:08:47 -06:00
Jakub Kubrynski 8a355240bc
SAML 2.0 SP Metadata Endpoint Support
Issue gh-8693
2020-08-05 10:08:47 -06:00