HttpSecurity.saml2login() - MVP Core Code
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
This commit is contained in:
@@ -15,17 +15,6 @@
|
||||
*/
|
||||
package org.springframework.security.web.authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Locale;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.context.support.MessageSourceAccessor;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@@ -36,6 +25,17 @@ import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Locale;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Luke Taylor
|
||||
@@ -205,4 +205,21 @@ public class DefaultLoginPageGeneratingFilterTests {
|
||||
|
||||
assertThat(response.getContentAsString()).contains("<a href=\"/oauth2/authorization/google\">Google < > " ' &</a>");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void generatesForSaml2LoginAndEscapesClientName() throws Exception {
|
||||
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter();
|
||||
filter.setLoginPageUrl(DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL);
|
||||
filter.setSaml2LoginEnabled(true);
|
||||
|
||||
String clientName = "Google < > \" \' &";
|
||||
filter.setSaml2AuthenticationUrlToProviderName(
|
||||
Collections.singletonMap("/saml/sso/google", clientName));
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(new MockHttpServletRequest("GET", "/login"), response, chain);
|
||||
|
||||
assertThat(response.getContentAsString()).contains("Login with SAML 2.0");
|
||||
assertThat(response.getContentAsString()).contains("<a href=\"/saml/sso/google\">Google < > " ' &</a>");
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user