Fix handling of deprecated identityprovider verification.credentials

Fixes gh-34525
pull/34587/head
Andy Wilkinson 2 years ago
parent 4bd0f75119
commit 1e5169846f

@ -32,6 +32,7 @@ import org.apache.commons.logging.LogFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty.Verification;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty.Verification.Credential;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Decryption;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Registration;
import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.Registration.Signing;
@ -52,6 +53,7 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations;
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
/**
@ -102,9 +104,8 @@ class Saml2RelyingPartyRegistrationConfiguration {
.stream()
.map(this::asDecryptionCredential)
.forEach(credentials::add));
builder.assertingPartyDetails(
(details) -> details.verificationX509Credentials((credentials) -> assertingParty.getVerification()
.getCredentials()
builder.assertingPartyDetails((details) -> details
.verificationX509Credentials((credentials) -> assertingParty.getVerificationCredentials()
.stream()
.map(this::asVerificationCredential)
.forEach(credentials::add)));
@ -200,8 +201,8 @@ class Saml2RelyingPartyRegistrationConfiguration {
return get("metadata-uri", AssertingParty::getMetadataUri);
}
Verification getVerification() {
return get("verification", AssertingParty::getVerification);
List<Credential> getVerificationCredentials() {
return get("verification.credentials", (property) -> property.getVerification().getCredentials());
}
String getEntityId() {
@ -235,7 +236,7 @@ class Saml2RelyingPartyRegistrationConfiguration {
@SuppressWarnings("deprecation")
private <T> T get(String name, Function<AssertingParty, T> getter) {
T newValue = getter.apply(this.registration.getAssertingparty());
if (newValue != null) {
if (!ObjectUtils.isEmpty(newValue)) {
return newValue;
}
T deprecatedValue = getter.apply(this.registration.getIdentityprovider());

@ -145,7 +145,7 @@ class Saml2RelyingPartyAutoConfigurationTests {
assertThat(registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()).isEqualTo(false);
assertThat(registration.getSigningX509Credentials()).hasSize(1);
assertThat(registration.getDecryptionX509Credentials()).hasSize(1);
assertThat(registration.getAssertingPartyDetails().getVerificationX509Credentials()).isNotNull();
assertThat(registration.getAssertingPartyDetails().getVerificationX509Credentials()).hasSize(1);
assertThat(registration.getEntityId()).isEqualTo("{baseUrl}/saml2/foo-entity-id");
assertThat(registration.getSingleLogoutServiceLocation())
.isEqualTo("https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/SLOService.php");

Loading…
Cancel
Save