GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Simplify Saml2ServletUtils 

Removed one method as well as a parameter from another method

Issue gh-7711
pull/8171/head
Josh Cummings 6 years ago
parent
5bff741c31
commit
088ea07f07
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
3 changed files with 30 additions and 37 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2ServletUtils.java
  2. 9
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java
  3. 37
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java

21
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2ServletUtils.java
Unescape View File

@ -16,15 +16,15 @@ @@ -16,15 +16,15 @@
package org.springframework.security.saml2.provider.service.servlet.filter;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.util.StringUtils;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import static org.springframework.security.web.util.UrlUtils.buildFullRequestUrl;
import static org.springframework.web.util.UriComponentsBuilder.fromHttpUrl;
@ -35,20 +35,13 @@ final class Saml2ServletUtils { @@ -35,20 +35,13 @@ final class Saml2ServletUtils {
private static final char PATH_DELIMITER = '/';
static String getServiceProviderEntityId(RelyingPartyRegistration rp, HttpServletRequest request) {
return resolveUrlTemplate(
rp.getLocalEntityIdTemplate(),
getApplicationUri(request),
rp.getProviderDetails().getEntityId(),
rp.getRegistrationId()
);
}
static String resolveUrlTemplate(String template, String baseUrl, String entityId, String registrationId) {
static String resolveUrlTemplate(String template, String baseUrl, RelyingPartyRegistration relyingParty) {
if (!StringUtils.hasText(template)) {
return baseUrl;
}
String entityId = relyingParty.getProviderDetails().getEntityId();
String registrationId = relyingParty.getRegistrationId();
Map<String, String> uriVariables = new HashMap<>();
UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(baseUrl)
.replaceQuery(null)

9
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationFilter.java
Unescape View File

@ -16,6 +16,9 @@ @@ -16,6 +16,9 @@
package org.springframework.security.saml2.provider.service.servlet.filter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
@ -30,9 +33,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @@ -30,9 +33,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.springframework.security.saml2.provider.service.authentication.Saml2ErrorCodes.RELYING_PARTY_REGISTRATION_NOT_FOUND;
import static org.springframework.util.StringUtils.hasText;
@ -97,7 +97,8 @@ public class Saml2WebSsoAuthenticationFilter extends AbstractAuthenticationProce @@ -97,7 +97,8 @@ public class Saml2WebSsoAuthenticationFilter extends AbstractAuthenticationProce
"Relying Party Registration not found with ID: " + registrationId);
throw new Saml2AuthenticationException(saml2Error);
}
String localSpEntityId = Saml2ServletUtils.getServiceProviderEntityId(rp, request);
String applicationUri = Saml2ServletUtils.getApplicationUri(request);
String localSpEntityId = Saml2ServletUtils.resolveUrlTemplate(rp.getLocalEntityIdTemplate(), applicationUri, rp);
final Saml2AuthenticationToken authentication = new Saml2AuthenticationToken(
responseXml,
request.getRequestURL().toString(),

37
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java
Unescape View File

@ -16,6 +16,13 @@ @@ -16,6 +16,13 @@
package org.springframework.security.saml2.provider.service.servlet.filter;
import java.io.IOException;
import java.util.function.Function;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;
import org.springframework.security.saml2.provider.service.authentication.OpenSamlAuthenticationRequestFactory;
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext;
@ -34,12 +41,6 @@ import org.springframework.web.util.HtmlUtils; @@ -34,12 +41,6 @@ import org.springframework.web.util.HtmlUtils;
import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.web.util.UriUtils;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import static java.lang.String.format;
import static java.nio.charset.StandardCharsets.ISO_8859_1;
import static org.springframework.util.StringUtils.hasText;
@ -137,22 +138,20 @@ public class Saml2WebSsoAuthenticationRequestFilter extends OncePerRequestFilter @@ -137,22 +138,20 @@ public class Saml2WebSsoAuthenticationRequestFilter extends OncePerRequestFilter
private Saml2AuthenticationRequestContext createRedirectAuthenticationRequestContext(
RelyingPartyRegistration relyingParty,
HttpServletRequest request) {
String localSpEntityId = Saml2ServletUtils.getServiceProviderEntityId(relyingParty, request);
return Saml2AuthenticationRequestContext
.builder()
String applicationUri = Saml2ServletUtils.getApplicationUri(request);
Function<String, String> resolver = templateResolver(applicationUri, relyingParty);
String localSpEntityId = resolver.apply(relyingParty.getLocalEntityIdTemplate());
String assertionConsumerServiceUrl = resolver.apply(relyingParty.getAssertionConsumerServiceUrlTemplate());
return Saml2AuthenticationRequestContext.builder()
.issuer(localSpEntityId)
.relyingPartyRegistration(relyingParty)
.assertionConsumerServiceUrl(
Saml2ServletUtils.resolveUrlTemplate(
relyingParty.getAssertionConsumerServiceUrlTemplate(),
Saml2ServletUtils.getApplicationUri(request),
relyingParty.getProviderDetails().getEntityId(),
relyingParty.getRegistrationId()
)
)
.assertionConsumerServiceUrl(assertionConsumerServiceUrl)
.relayState(request.getParameter("RelayState"))
.build()
;
.build();
}
private Function<String, String> templateResolver(String applicationUri, RelyingPartyRegistration relyingParty) {
return template -> Saml2ServletUtils.resolveUrlTemplate(template, applicationUri, relyingParty);
}
private String htmlEscape(String value) {

Write Preview
Loading…
Cancel
Save