|
|
|
@ -1,5 +1,5 @@ |
|
|
|
/* |
|
|
|
/* |
|
|
|
* Copyright 2002-2022 the original author or authors. |
|
|
|
* Copyright 2002-2023 the original author or authors. |
|
|
|
* |
|
|
|
* |
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
|
|
* you may not use this file except in compliance with the License. |
|
|
|
* you may not use this file except in compliance with the License. |
|
|
|
@ -16,6 +16,7 @@ |
|
|
|
|
|
|
|
|
|
|
|
package org.springframework.security.config.http; |
|
|
|
package org.springframework.security.config.http; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import org.opensaml.core.Version; |
|
|
|
import org.w3c.dom.Element; |
|
|
|
import org.w3c.dom.Element; |
|
|
|
|
|
|
|
|
|
|
|
import org.springframework.beans.BeanMetadataElement; |
|
|
|
import org.springframework.beans.BeanMetadataElement; |
|
|
|
@ -25,6 +26,7 @@ import org.springframework.security.saml2.provider.service.authentication.logout |
|
|
|
import org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutResponseValidator; |
|
|
|
import org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutResponseValidator; |
|
|
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; |
|
|
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; |
|
|
|
import org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository; |
|
|
|
import org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository; |
|
|
|
|
|
|
|
import org.springframework.util.ClassUtils; |
|
|
|
import org.springframework.util.StringUtils; |
|
|
|
import org.springframework.util.StringUtils; |
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
/** |
|
|
|
@ -33,6 +35,8 @@ import org.springframework.util.StringUtils; |
|
|
|
*/ |
|
|
|
*/ |
|
|
|
final class Saml2LogoutBeanDefinitionParserUtils { |
|
|
|
final class Saml2LogoutBeanDefinitionParserUtils { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private static final String OPEN_SAML_4_VERSION = "4"; |
|
|
|
|
|
|
|
|
|
|
|
private static final String ATT_RELYING_PARTY_REGISTRATION_REPOSITORY_REF = "relying-party-registration-repository-ref"; |
|
|
|
private static final String ATT_RELYING_PARTY_REGISTRATION_REPOSITORY_REF = "relying-party-registration-repository-ref"; |
|
|
|
|
|
|
|
|
|
|
|
private static final String ATT_LOGOUT_REQUEST_VALIDATOR_REF = "logout-request-validator-ref"; |
|
|
|
private static final String ATT_LOGOUT_REQUEST_VALIDATOR_REF = "logout-request-validator-ref"; |
|
|
|
@ -62,8 +66,14 @@ final class Saml2LogoutBeanDefinitionParserUtils { |
|
|
|
if (StringUtils.hasText(logoutResponseResolver)) { |
|
|
|
if (StringUtils.hasText(logoutResponseResolver)) { |
|
|
|
return new RuntimeBeanReference(logoutResponseResolver); |
|
|
|
return new RuntimeBeanReference(logoutResponseResolver); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if (version().startsWith("4")) { |
|
|
|
|
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
|
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver") |
|
|
|
|
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
|
|
|
|
.getBeanDefinition(); |
|
|
|
|
|
|
|
} |
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver") |
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSamlLogoutResponseResolver") |
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
.getBeanDefinition(); |
|
|
|
.getBeanDefinition(); |
|
|
|
} |
|
|
|
} |
|
|
|
@ -97,10 +107,29 @@ final class Saml2LogoutBeanDefinitionParserUtils { |
|
|
|
if (StringUtils.hasText(logoutRequestResolver)) { |
|
|
|
if (StringUtils.hasText(logoutRequestResolver)) { |
|
|
|
return new RuntimeBeanReference(logoutRequestResolver); |
|
|
|
return new RuntimeBeanReference(logoutRequestResolver); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if (version().startsWith("4")) { |
|
|
|
|
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
|
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver") |
|
|
|
|
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
|
|
|
|
.getBeanDefinition(); |
|
|
|
|
|
|
|
} |
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
return BeanDefinitionBuilder.rootBeanDefinition( |
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver") |
|
|
|
"org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSamlLogoutRequestResolver") |
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
.addConstructorArgValue(registrations) |
|
|
|
.getBeanDefinition(); |
|
|
|
.getBeanDefinition(); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static String version() { |
|
|
|
|
|
|
|
String version = Version.getVersion(); |
|
|
|
|
|
|
|
if (StringUtils.hasText(version)) { |
|
|
|
|
|
|
|
return version; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
boolean openSaml4ClassPresent = ClassUtils |
|
|
|
|
|
|
|
.isPresent("org.opensaml.core.xml.persist.impl.PassthroughSourceStrategy", null); |
|
|
|
|
|
|
|
if (openSaml4ClassPresent) { |
|
|
|
|
|
|
|
return OPEN_SAML_4_VERSION; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
throw new IllegalStateException("cannot determine OpenSAML version"); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
Josh Cummings
2 years ago