пре 2 година · fd4541be0c
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
@@ -37,8 +37,8 @@ public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistra
 
				 				registration.getAssertionConsumerServiceLocation(), registration.getAssertionConsumerServiceBinding(),
			
 
				 				registration.getSingleLogoutServiceLocation(), registration.getSingleLogoutServiceResponseLocation(),
			
 
				 				registration.getSingleLogoutServiceBindings(), registration.getAssertingPartyDetails(),
			
 
				-				registration.getNameIdFormat(), registration.getDecryptionX509Credentials(),
			
 
				-				registration.getSigningX509Credentials());
			
 
				+				registration.getNameIdFormat(), registration.isAuthnRequestsSigned(),
			
 
				+				registration.getDecryptionX509Credentials(), registration.getSigningX509Credentials());
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -55,7 +55,7 @@ public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistra
 
				 				.singleLogoutServiceLocation(getSingleLogoutServiceLocation())
			
 
				 				.singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
			
 
				 				.singleLogoutServiceBindings((c) -> c.addAll(getSingleLogoutServiceBindings()))
			
 
				-				.nameIdFormat(getNameIdFormat())
			
 
				+				.nameIdFormat(getNameIdFormat()).authnRequestsSigned(isAuthnRequestsSigned())
			
 
				 				.assertingPartyDetails((assertingParty) -> ((OpenSamlAssertingPartyDetails.Builder) assertingParty)
			
 
				 						.entityId(party.getEntityId()).wantAuthnRequestsSigned(party.getWantAuthnRequestsSigned())
			
 
				 						.signingAlgorithms((algorithms) -> algorithms.addAll(party.getSigningAlgorithms()))
			
@@ -152,6 +152,11 @@ public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistra
 
				 			return (Builder) super.nameIdFormat(nameIdFormat);
			
 
				 		}
			
 
				 
			
 
				+		@Override
			
 
				+		public Builder authnRequestsSigned(Boolean authnRequestsSigned) {
			
 
				+			return (Builder) super.authnRequestsSigned(authnRequestsSigned);
			
 
				+		}
			
 
				+
			
 
				 		@Override
			
 
				 		public Builder assertingPartyDetails(Consumer<AssertingPartyDetails.Builder> assertingPartyDetails) {
			
 
				 			return (Builder) super.assertingPartyDetails(assertingPartyDetails);
			
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSamlAuthenticationRequestResolverTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/authentication/OpenSamlAuthenticationRequestResolverTests.java
@@ -16,6 +16,8 @@
 
				 
			
 
				 package org.springframework.security.saml2.provider.service.web.authentication;
			
 
				 
			
 
				+import java.util.stream.Stream;
			
 
				+
			
 
				 import org.junit.jupiter.api.BeforeEach;
			
 
				 import org.junit.jupiter.api.Test;
			
 
				 import org.junit.jupiter.params.ParameterizedTest;
			
@@ -35,8 +37,6 @@ import org.springframework.security.saml2.provider.service.registration.TestRely
 
				 import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationPlaceholderResolvers;
			
 
				 import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationPlaceholderResolvers.UriResolver;
			
 
				 
			
 
				-import java.util.stream.Stream;
			
 
				-
			
 
				 import static org.assertj.core.api.Assertions.assertThat;
			
 
				 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
			
 
				 
			
@@ -54,13 +54,13 @@ public class OpenSamlAuthenticationRequestResolverTests {
 
				 
			
 
				 	@ParameterizedTest
			
 
				 	@MethodSource("provideSignRequestFlags")
			
 
				-	public void resolveAuthenticationRequestWhenSignedRedirectThenSignsAndRedirects(boolean wantAuthRequestsSigned, boolean authnRequestsSigned) {
			
 
				+	public void resolveAuthenticationRequestWhenSignedRedirectThenSignsAndRedirects(boolean wantAuthRequestsSigned,
			
 
				+			boolean authnRequestsSigned) {
			
 
				 		MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				 		request.setPathInfo("/saml2/authenticate/registration-id");
			
 
				 		RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder
			
 
				 				.authnRequestsSigned(authnRequestsSigned)
			
 
				-				.assertingPartyDetails(party -> party.wantAuthnRequestsSigned(wantAuthRequestsSigned))
			
 
				-				.build();
			
 
				+				.assertingPartyDetails((party) -> party.wantAuthnRequestsSigned(wantAuthRequestsSigned)).build();
			
 
				 		OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
			
 
				 		Saml2RedirectAuthenticationRequest result = resolver.resolve(request, (r, authnRequest) -> {
			
 
				 			UriResolver uriResolver = RelyingPartyRegistrationPlaceholderResolvers.uriResolver(request, registration);
			
@@ -122,10 +122,9 @@ public class OpenSamlAuthenticationRequestResolverTests {
 
				 	public void resolveAuthenticationRequestWhenUnsignedPostThenOnlyPosts() {
			
 
				 		MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				 		request.setPathInfo("/saml2/authenticate/registration-id");
			
 
				-		RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder
			
 
				-				.assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST).wantAuthnRequestsSigned(false))
			
 
				-				.authnRequestsSigned(false)
			
 
				-				.build();
			
 
				+		RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.assertingPartyDetails(
			
 
				+				(party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST).wantAuthnRequestsSigned(false))
			
 
				+				.authnRequestsSigned(false).build();
			
 
				 		OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
			
 
				 		Saml2PostAuthenticationRequest result = resolver.resolve(request, (r, authnRequest) -> {
			
 
				 			UriResolver uriResolver = RelyingPartyRegistrationPlaceholderResolvers.uriResolver(request, registration);
			
@@ -146,7 +145,8 @@ public class OpenSamlAuthenticationRequestResolverTests {
 
				 
			
 
				 	@ParameterizedTest
			
 
				 	@MethodSource("provideSignRequestFlags")
			
 
				-	public void resolveAuthenticationRequestWhenSignedPostThenSignsAndPosts(boolean wantAuthRequestsSigned, boolean authnRequestsSigned) {
			
 
				+	public void resolveAuthenticationRequestWhenSignedPostThenSignsAndPosts(boolean wantAuthRequestsSigned,
			
 
				+			boolean authnRequestsSigned) {
			
 
				 		MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				 		request.setPathInfo("/saml2/authenticate/registration-id");
			
 
				 		RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder
			
@@ -195,11 +195,7 @@ public class OpenSamlAuthenticationRequestResolverTests {
 
				 	}
			
 
				 
			
 
				 	private static Stream<Arguments> provideSignRequestFlags() {
			
 
				-		return Stream.of(
			
 
				-				Arguments.of(true, true),
			
 
				-				Arguments.of(true, false),
			
 
				-				Arguments.of(false, true)
			
 
				-		);
			
 
				+		return Stream.of(Arguments.of(true, true), Arguments.of(true, false), Arguments.of(false, true));
			
 
				 	}
			
 
				 
			
 
				 }