GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '6.1.x' 

Closes gh-13701
pull/13681/head
Josh Cummings 2 years ago
parent
9c599fa8d7 321deb30cc
commit
3540dee259
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
2 changed files with 30 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 24
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/RequestMatcherMetadataResponseResolver.java
  2. 22
      saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/metadata/RequestMatcherMetadataResponseResolverTests.java

24
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/RequestMatcherMetadataResponseResolver.java
Unescape View File

@ -19,8 +19,6 @@ package org.springframework.security.saml2.provider.service.metadata;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.Map; import java.util.Map;
@ -126,21 +124,19 @@ public final class RequestMatcherMetadataResponseResolver implements Saml2Metada
Iterable<RelyingPartyRegistration> registrations) { Iterable<RelyingPartyRegistration> registrations) {
Map<String, RelyingPartyRegistration> results = new LinkedHashMap<>(); Map<String, RelyingPartyRegistration> results = new LinkedHashMap<>();
for (RelyingPartyRegistration registration : registrations) { for (RelyingPartyRegistration registration : registrations) {
results.put(registration.getEntityId(), registration);
}
Collection<RelyingPartyRegistration> resolved = new ArrayList<>();
for (RelyingPartyRegistration registration : results.values()) {
UriResolver uriResolver = RelyingPartyRegistrationPlaceholderResolvers.uriResolver(request, registration); UriResolver uriResolver = RelyingPartyRegistrationPlaceholderResolvers.uriResolver(request, registration);
String entityId = uriResolver.resolve(registration.getEntityId()); String entityId = uriResolver.resolve(registration.getEntityId());
String ssoLocation = uriResolver.resolve(registration.getAssertionConsumerServiceLocation()); results.computeIfAbsent(entityId, (e) -> {
String sloLocation = uriResolver.resolve(registration.getSingleLogoutServiceLocation()); String ssoLocation = uriResolver.resolve(registration.getAssertionConsumerServiceLocation());
String sloResponseLocation = uriResolver.resolve(registration.getSingleLogoutServiceResponseLocation()); String sloLocation = uriResolver.resolve(registration.getSingleLogoutServiceLocation());
resolved.add(registration.mutate().entityId(entityId).assertionConsumerServiceLocation(ssoLocation) String sloResponseLocation = uriResolver.resolve(registration.getSingleLogoutServiceResponseLocation());
.singleLogoutServiceLocation(sloLocation).singleLogoutServiceResponseLocation(sloResponseLocation) return registration.mutate().entityId(entityId).assertionConsumerServiceLocation(ssoLocation)
.build()); .singleLogoutServiceLocation(sloLocation)
.singleLogoutServiceResponseLocation(sloResponseLocation).build();
});
} }
String metadata = this.metadata.resolve(resolved); String metadata = this.metadata.resolve(results.values());
String value = (resolved.size() == 1) ? resolved.iterator().next().getRegistrationId() String value = (results.size() == 1) ? results.values().iterator().next().getRegistrationId()
: UUID.randomUUID().toString(); : UUID.randomUUID().toString();
String fileName = this.filename.replace("{registrationId}", value); String fileName = this.filename.replace("{registrationId}", value);
try { try {

22
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/metadata/RequestMatcherMetadataResponseResolverTests.java
Unescape View File

@ -20,6 +20,7 @@ import java.util.Collection;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.ArgumentCaptor;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension; import org.mockito.junit.jupiter.MockitoExtension;
@ -101,6 +102,23 @@ public final class RequestMatcherMetadataResponseResolverTests {
assertThat(resolver.resolve(new MockHttpServletRequest())).isNull(); assertThat(resolver.resolve(new MockHttpServletRequest())).isNull();
} }
// gh-13700
@Test
void resolveWhenNoRegistrationIdThenResolvesEntityIds() {
RelyingPartyRegistration one = withEntityId("one");
RelyingPartyRegistration two = withEntityId("two");
RelyingPartyRegistrationRepository registrations = new InMemoryRelyingPartyRegistrationRepository(one, two);
RequestMatcherMetadataResponseResolver resolver = new RequestMatcherMetadataResponseResolver(registrations,
this.metadataFactory);
given(this.metadataFactory.resolve(any(Collection.class))).willReturn("metadata");
resolver.resolve(get("/saml2/metadata"));
ArgumentCaptor<Collection<RelyingPartyRegistration>> captor = ArgumentCaptor.forClass(Collection.class);
verify(this.metadataFactory).resolve(captor.capture());
Collection<RelyingPartyRegistration> resolved = captor.getValue();
assertThat(resolved).hasSize(2);
assertThat(resolved.iterator().next().getEntityId()).isEqualTo("one");
}
private MockHttpServletRequest get(String uri) { private MockHttpServletRequest get(String uri) {
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri); MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.setServletPath(uri); request.setServletPath(uri);
@ -108,8 +126,8 @@ public final class RequestMatcherMetadataResponseResolverTests {
} }
private RelyingPartyRegistration withEntityId(String entityId) { private RelyingPartyRegistration withEntityId(String entityId) {
return TestRelyingPartyRegistrations.relyingPartyRegistration().registrationId(entityId).entityId(entityId) return TestRelyingPartyRegistrations.relyingPartyRegistration().registrationId(entityId)
.build(); .entityId("{registrationId}").build();
} }
} }

Write Preview
Loading…
Cancel
Save