Remove Unneeded OpenSAML 4 References

This will reduce the number of components that need to be duplicated between the OpenSAML 4 and 5 support Issue spring-projectsgh-11658
nomoreFt · Aug 7, 2024 · 54a4792 · 54a4792
1 parent ab842b7
commit 54a4792
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 23 deletions.
diff --git a/...pringframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java b/...pringframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
@@ -24,8 +24,6 @@
 import java.util.List;
 import java.util.function.Consumer;
 
-import org.opensaml.xmlsec.signature.support.SignatureConstants;
-
 import org.springframework.security.saml2.core.Saml2X509Credential;
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
@@ -838,7 +836,7 @@ public Builder singleLogoutServiceBinding(Saml2MessageBinding singleLogoutServic
 			 */
 			public AssertingPartyDetails build() {
 				List<String> signingAlgorithms = this.signingAlgorithms.isEmpty()
-						? Collections.singletonList(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256)
+						? Collections.singletonList("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
 						: Collections.unmodifiableList(this.signingAlgorithms);
 
 				return new AssertingPartyDetails(this.entityId, this.wantAuthnRequestsSigned, signingAlgorithms,

diff --git a/...test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java b/...test/java/org/springframework/security/saml2/core/OpenSamlInitializationServiceTests.java
@@ -19,6 +19,7 @@
 import org.junit.jupiter.api.Test;
 import org.opensaml.core.config.ConfigurationService;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistry;
+import org.opensaml.saml.saml2.core.AuthnRequest;
 
 import org.springframework.security.saml2.Saml2Exception;
 
@@ -36,7 +37,7 @@ public class OpenSamlInitializationServiceTests {
 	public void initializeWhenInvokedMultipleTimesThenInitializesOnce() {
 		OpenSamlInitializationService.initialize();
 		XMLObjectProviderRegistry registry = ConfigurationService.get(XMLObjectProviderRegistry.class);
-		assertThat(registry.getParserPool()).isNotNull();
+		assertThat(registry.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME)).isNotNull();
 		assertThatExceptionOfType(Saml2Exception.class)
 			.isThrownBy(() -> OpenSamlInitializationService.requireInitialize((r) -> {
 			}))

diff --git a/...vider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java b/...vider/src/test/java/org/springframework/security/saml2/core/TestSaml2X509Credentials.java
@@ -18,14 +18,12 @@
 
 import java.io.ByteArrayInputStream;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyException;
 import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 
-import org.opensaml.security.crypto.KeySupport;
-
+import org.springframework.security.converter.RsaKeyConverters;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;
 
@@ -84,12 +82,7 @@ private static X509Certificate certificate(String cert) {
 	}
 
 	private static PrivateKey privateKey(String key) {
-		try {
-			return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
-		}
-		catch (KeyException ex) {
-			throw new Saml2Exception(ex);
-		}
+		return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
 	}
 
 	private static X509Certificate idpCertificate() {

diff --git a/...rc/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java b/...rc/test/java/org/springframework/security/saml2/credentials/TestSaml2X509Credentials.java
@@ -18,14 +18,12 @@
 
 import java.io.ByteArrayInputStream;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyException;
 import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 
-import org.opensaml.security.crypto.KeySupport;
-
+import org.springframework.security.converter.RsaKeyConverters;
 import org.springframework.security.saml2.Saml2Exception;
 import org.springframework.security.saml2.core.Saml2X509Credential;
 
@@ -74,12 +72,7 @@ private static X509Certificate certificate(String cert) {
 	}
 
 	private static PrivateKey privateKey(String key) {
-		try {
-			return KeySupport.decodePrivateKey(key.getBytes(StandardCharsets.UTF_8), new char[0]);
-		}
-		catch (KeyException ex) {
-			throw new Saml2Exception(ex);
-		}
+		return RsaKeyConverters.pkcs8().convert(new ByteArrayInputStream(key.getBytes(StandardCharsets.UTF_8)));
 	}
 
 	private static X509Certificate idpCertificate() {

diff --git a/...ngframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java b/...ngframework/security/saml2/provider/service/authentication/TestCustomOpenSamlObjects.java
@@ -198,7 +198,6 @@ public CustomSamlObjectUnmarshaller() {
 		protected void processChildElement(@Nonnull XMLObject parentXMLObject, @Nonnull XMLObject childXMLObject)
 				throws UnmarshallingException {
 			final CustomOpenSamlObject customSamlObject = (CustomOpenSamlObject) parentXMLObject;
-			super.processChildElement(customSamlObject, childXMLObject);
 			customSamlObject.getUnknownXMLObjects().add(childXMLObject);
 		}