From bb5cf873c8f732a07d3d81e91896cdd08d4c2457 Mon Sep 17 00:00:00 2001
From: Anshul BANSAL <smartdiscover17@gmail.com>
Date: Wed, 24 Feb 2021 07:57:42 +0200
Subject: [PATCH] BAEL-4628 - Spring Security SAMl with Okta

---
 .../spring-security-saml/pom.xml                |  6 +++---
 .../saml/config/SamlSecurityConfig.java         |  6 ------
 .../baeldung/saml/config/WebSecurityConfig.java | 17 ++++++++++-------
 .../src/main/resources/application.properties   |  6 +++---
 .../src/main/resources/templates/home.html      |  6 ++----
 .../src/main/resources/templates/index.html     |  4 +---
 6 files changed, 19 insertions(+), 26 deletions(-)

diff --git a/spring-security-modules/spring-security-saml/pom.xml b/spring-security-modules/spring-security-saml/pom.xml
index 624f314865..36e5f46bc2 100644
--- a/spring-security-modules/spring-security-saml/pom.xml
+++ b/spring-security-modules/spring-security-saml/pom.xml
@@ -23,14 +23,14 @@
 	</repositories>
 
 	<dependencies>
-		<dependency>
+        <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
+            </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-thymeleaf</artifactId>
@@ -40,7 +40,7 @@
             <artifactId>spring-security-saml2-core</artifactId>
             <version>${saml2-core.spring.version}</version>
         </dependency>
-	</dependencies>
+    </dependencies>
 
 	<build>
 		<finalName>spring-security-saml</finalName>
diff --git a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
index 11bb6debf0..378db478cf 100644
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
@@ -129,12 +129,6 @@ public class SamlSecurityConfig {
         samlEntryPoint.setDefaultProfileOptions(defaultWebSSOProfileOptions());
         return samlEntryPoint;
     }
-    
-    @Bean
-    public SAMLDiscovery samlIDPDiscovery() {
-        SAMLDiscovery idpDiscovery = new SAMLDiscovery();
-        return idpDiscovery;
-    }
 
     @Bean
     public ExtendedMetadata extendedMetadata() {
diff --git a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java
index ef76a8dd31..297c391823 100644
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java
@@ -53,8 +53,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private SAMLLogoutProcessingFilter samlLogoutProcessingFilter;
 
-    @Autowired
-    private SAMLDiscovery samlDiscovery;
+    @Bean
+    public SAMLDiscovery samlDiscovery() {
+        SAMLDiscovery idpDiscovery = new SAMLDiscovery();
+        return idpDiscovery;
+    }
 
     @Autowired
     private SAMLAuthenticationProvider samlAuthenticationProvider;
@@ -89,7 +92,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
             samlWebSSOProcessingFilter()));
         chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
-            samlDiscovery));
+            samlDiscovery()));
         chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
             samlEntryPoint));
         chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
@@ -115,21 +118,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         http
         .csrf()
         .disable();
-    
+
         http
         .httpBasic()
         .authenticationEntryPoint(samlEntryPoint);
-    
+
         http
         .addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
         .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class)
         .addFilterBefore(samlFilter(), CsrfFilter.class);
-    
+
         http
         .authorizeRequests()
         .antMatchers("/").permitAll()
         .anyRequest().authenticated();
-    
+
         http
         .logout()
         .addLogoutHandler((request, response, authentication) -> {
diff --git a/spring-security-modules/spring-security-saml/src/main/resources/application.properties b/spring-security-modules/spring-security-saml/src/main/resources/application.properties
index 9da292ee76..f9d6a5df3c 100644
--- a/spring-security-modules/spring-security-saml/src/main/resources/application.properties
+++ b/spring-security-modules/spring-security-saml/src/main/resources/application.properties
@@ -1,6 +1,6 @@
 saml.keystore.location=classpath:/saml/samlKeystore.jks
-saml.keystore.password=oktaiscool
-saml.keystore.alias=oktasaml
+saml.keystore.password=<key_pass>
+saml.keystore.alias=<key_alias>
 
-saml.idp=http://www.okta.com/exk26fxqrz8LLk9dV4x7
+saml.idp=<idp_issuer_url>
 saml.sp=http://localhost:8080/saml/metadata
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html b/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html
index efd61019c1..c66e92c1f0 100644
--- a/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html
+++ b/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html
@@ -6,10 +6,8 @@
 <body>
     <h3><Strong>Welcome!</strong><br/>You are successfully logged in!</h3>
     <p>You are logged as <span class="badge badge-dark" th:text="${username}">null</span>.</p>
-    <small class="d-block text-right mt-3" id="sso-btn">
-        <a th:href="@{/logout}" class="btn btn-spring btn-sm">
-            <i class="far fa-user-circle"></i> Logout
-        </a>
+    <small>
+        <a th:href="@{/logout}">Logout</a>
     </small>
 </body>
 </html>
\ No newline at end of file
diff --git a/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html b/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html
index aa47683841..7999c2fded 100644
--- a/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html
+++ b/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html
@@ -5,8 +5,6 @@
 </head>
 <body>
     <h3><Strong>Welcome to Baeldung Spring Security SAML</strong></h3>
-    <a th:href="@{/auth}" class="btn btn-spring btn-sm">
-        <i class="far fa-user-circle"></i> Login
-    </a>
+    <a th:href="@{/auth}">Login</a>
 </body>
 </html>
\ No newline at end of file