From dddf541bb863d75d02f456b9bcdcb8d7dbff2ee1 Mon Sep 17 00:00:00 2001
From: rmkellogg <rkellogg@dqtools.com>
Date: Mon, 2 Aug 2021 16:05:00 -0400
Subject: [PATCH] Revised to use built in Sprint Security SAML resource
 resolution.  Otherwise when used from Spring Boot self-contained JAR the File
 could not be located.

---
 .../saml/config/SamlSecurityConfig.java       | 24 ++++++++++++-------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
index 7c6f5defdf..10e37b346f 100644
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
@@ -5,17 +5,19 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Timer;
 
 import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider;
+import org.opensaml.util.resource.ClasspathResource;
 import org.opensaml.util.resource.ResourceException;
 import org.opensaml.xml.parse.StaticBasicParserPool;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.DefaultResourceLoader;
 import org.springframework.core.io.Resource;
 import org.springframework.security.saml.*;
@@ -142,13 +144,19 @@ public class SamlSecurityConfig {
     @Bean
     @Qualifier("okta")
     public ExtendedMetadataDelegate oktaExtendedMetadataProvider() throws MetadataProviderException {
-        File metadata = null;
-        try {
-            metadata = new ClassPathResource("saml/metadata/sso.xml").getFile();
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-        FilesystemMetadataProvider provider = new FilesystemMetadataProvider(metadata);
+		// Use the Spring Security SAML resource mechanism to load
+    	// metadata from the Java classpath.  This works from Spring Boot 
+    	// self contained JAR file.
+		org.opensaml.util.resource.Resource resource = null;
+
+		try {
+			resource = new ClasspathResource("/saml/metadata/sso.xml");
+		} catch (ResourceException e) {
+			 e.printStackTrace();
+		}
+		
+        Timer timer = new Timer("saml-metadata");
+        ResourceBackedMetadataProvider provider = new ResourceBackedMetadataProvider(timer,resource);
         provider.setParserPool(parserPool());
         return new ExtendedMetadataDelegate(provider, extendedMetadata());
     }