Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Revert "Add Registration to Saml2Authentication"

This reverts commit efe42b93cec4816743d8e7c976856399ca754e44.
Josh Cummings 4 years ago
parent
55047fd996
commit
8c92eddbe5
4 changed files with 5 additions and 50 deletions
Split View Show Diff Stats
  1. 1 7
      docs/manual/src/docs/asciidoc/_includes/servlet/saml2/saml2-login.adoc
  2. 0 37
      saml2/saml2-service-provider/core/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Authentication.java
  3. 3 4
      saml2/saml2-service-provider/opensaml3/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java
  4. 1 2
      saml2/saml2-service-provider/opensaml4/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProvider.java

+ 1 - 7
docs/manual/src/docs/asciidoc/_includes/servlet/saml2/saml2-login.adoc
View File 

@@ -107,7 +107,6 @@ where
 
 * `https://idp.example.com/issuer` is the value contained in the `Issuer` attribute of the SAML responses that the identity provider will issue
 
 * `classpath:idp.crt` is the location on the classpath for the identity provider's certificate for verifying SAML responses, and
 
 * `https://idp.example.com/issuer/sso` is the endpoint where the identity provider is expecting `AuthnRequest` s.
 
-* `adfs` is <<servlet-saml2login-relyingpartyregistrationid, an arbitrary identifier you choose>>
 
 
 And that's it!
 
 
@@ -191,7 +190,6 @@ image:{icondir}/number_10.png[] And finally, it takes the `NameID` from the firs
 
 Then, it places that principal and the authorities into a `Saml2Authentication`.
 
 
 The resulting `Authentication#getPrincipal` is a Spring Security `Saml2AuthenticatedPrincipal` object, and `Authentication#getName` maps to the first assertion's `NameID` element.
 
-`Saml2Authentication#getRelyingPartyRegistrationId` holds the <<servlet-saml2login-relyingpartyregistrationid,identifier to the associated `RelyingPartyRegistration`>>.
 
 
 [[servlet-saml2login-opensaml-customization]]
 
 ==== Customizing OpenSAML Configuration
 
@@ -232,7 +230,7 @@ static {
 
 				authnRequest.setForceAuthN(true);
 
             }
 
 		}
 
-
 
+		
 	    factory.getMarshallerFactory().registerMarshaller(AuthnRequest.DEFAULT_ELEMENT_NAME, marshaller);
 
 	});
 
 }
 
@@ -344,10 +342,6 @@ public RelyingPartyRegistrationRepository relyingPartyRegistrations() {
 
 ----
 
 ====
 
 
-[[servlet-saml2login-relyingpartyregistrationid]]
 
-[NOTE]
 
-The `registrationId` is an arbitrary value that you choose for differentiating between registrations.
 
-
 
 Or you can provide each detail manually, as you can see below:
 
 
 .Relying Party Registration Repository Manual Configuration

+ 0 - 37
saml2/saml2-service-provider/core/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Authentication.java
View File 

@@ -22,7 +22,6 @@ import org.springframework.security.authentication.AbstractAuthenticationToken;
 
 import org.springframework.security.core.AuthenticatedPrincipal;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 
 import org.springframework.util.Assert;
 
 
 /**
 
@@ -42,40 +41,14 @@ public class Saml2Authentication extends AbstractAuthenticationToken {
 
 
 	private final String saml2Response;
 
 
-	private final String relyingPartyRegistrationId;
 
-
 
-	/**
 
-	 * Construct a {@link Saml2Authentication} using the provided parameters
 
-	 * @param principal the logged in user
 
-	 * @param saml2Response the SAML 2.0 response used to authenticate the user
 
-	 * @param authorities the authorities for the logged in user
 
-	 * @deprecated Use
 
-	 * {@link #Saml2Authentication(AuthenticatedPrincipal, String, Collection, String)}
 
-	 */
 
-	@Deprecated
 
 	public Saml2Authentication(AuthenticatedPrincipal principal, String saml2Response,
 
 			Collection<? extends GrantedAuthority> authorities) {
 
-		this(principal, saml2Response, authorities, null);
 
-	}
 
-
 
-	/**
 
-	 * Construct a {@link Saml2Authentication} using the provided parameters
 
-	 * @param principal the logged in user
 
-	 * @param saml2Response the SAML 2.0 response used to authenticate the user
 
-	 * @param authorities the authorities for the logged in user
 
-	 * @param relyingPartyRegistrationId the
 
-	 * {@link RelyingPartyRegistration#getRegistrationId} associated with this user
 
-	 * @since 5.5
 
-	 */
 
-	public Saml2Authentication(AuthenticatedPrincipal principal, String saml2Response,
 
-			Collection<? extends GrantedAuthority> authorities, String relyingPartyRegistrationId) {
 
 		super(authorities);
 
 		Assert.notNull(principal, "principal cannot be null");
 
 		Assert.hasText(saml2Response, "saml2Response cannot be null");
 
 		this.principal = principal;
 
 		this.saml2Response = saml2Response;
 
 		setAuthenticated(true);
 
-		this.relyingPartyRegistrationId = relyingPartyRegistrationId;
 
 	}
 
 
 	@Override
 
@@ -96,14 +69,4 @@ public class Saml2Authentication extends AbstractAuthenticationToken {
 
 		return getSaml2Response();
 
 	}
 
 
-	/**
 
-	 * Get the registration id associated with the {@link RelyingPartyRegistration} that
 
-	 * this user belongs to
 
-	 * @return the relying party registration id
 
-	 * @since 5.5
 
-	 */
 
-	public String getRelyingPartyRegistrationId() {
 
-		return this.relyingPartyRegistrationId;
 
-	}
 
-
 
 }

+ 3 - 4
saml2/saml2-service-provider/opensaml3/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java
View File 

@@ -425,8 +425,7 @@ public final class OpenSamlAuthenticationProvider implements AuthenticationProvi
 
 			String username = assertion.getSubject().getNameID().getValue();
 
 			Map<String, List<Object>> attributes = getAssertionAttributes(assertion);
 
 			return new Saml2Authentication(new DefaultSaml2AuthenticatedPrincipal(username, attributes),
 
-					token.getSaml2Response(), Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")),
 
-					responseToken.token.getRelyingPartyRegistration().getRegistrationId());
 
+					token.getSaml2Response(), Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
 
 		};
 
 	}
 
 
@@ -628,8 +627,8 @@ public final class OpenSamlAuthenticationProvider implements AuthenticationProvi
 
 			String username = assertion.getSubject().getNameID().getValue();
 
 			Map<String, List<Object>> attributes = getAssertionAttributes(assertion);
 
 			return new Saml2Authentication(new DefaultSaml2AuthenticatedPrincipal(username, attributes),
 
-					token.getSaml2Response(), this.authoritiesMapper.mapAuthorities(getAssertionAuthorities(assertion)),
 
-					responseToken.token.getRelyingPartyRegistration().getRegistrationId());
 
+					token.getSaml2Response(),
 
+					this.authoritiesMapper.mapAuthorities(getAssertionAuthorities(assertion)));
 
 		};
 
 	}

+ 1 - 2
saml2/saml2-service-provider/opensaml4/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProvider.java
View File 

@@ -365,8 +365,7 @@ public final class OpenSaml4AuthenticationProvider implements AuthenticationProv
 
 			String username = assertion.getSubject().getNameID().getValue();
 
 			Map<String, List<Object>> attributes = getAssertionAttributes(assertion);
 
 			return new Saml2Authentication(new DefaultSaml2AuthenticatedPrincipal(username, attributes),
 
-					token.getSaml2Response(), AuthorityUtils.createAuthorityList("ROLE_USER"),
 
-					responseToken.token.getRelyingPartyRegistration().getRegistrationId());
 
+					token.getSaml2Response(), AuthorityUtils.createAuthorityList("ROLE_USER"));
 
 		};
 
 	}