NIFI-14227 Replaced deprecated Spring Security SAML methods with reco…

…mmendations (#9689) Signed-off-by: David Handermann <[email protected]>
apache · Feb 4, 2025 · 46cbada · 46cbada
1 parent b91fe67
commit 46cbada
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 18 deletions.
diff --git a/.../nifi/web/security/saml2/registration/StandardRelyingPartyRegistrationRepositoryTest.java b/.../nifi/web/security/saml2/registration/StandardRelyingPartyRegistrationRepositoryTest.java
@@ -24,6 +24,7 @@
 import org.junit.jupiter.api.Test;
 import org.opensaml.xmlsec.signature.support.SignatureConstants;
 import org.springframework.security.saml2.core.Saml2X509Credential;
+import org.springframework.security.saml2.provider.service.registration.AssertingPartyMetadata;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 
 import javax.net.ssl.X509ExtendedKeyManager;
@@ -67,9 +68,9 @@ void testFindByRegistrationId() {
         assertNull(registration.getSingleLogoutServiceLocation());
         assertNull(registration.getSingleLogoutServiceResponseLocation());
 
-        final RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails = registration.getAssertingPartyDetails();
-        assertFalse(assertingPartyDetails.getWantAuthnRequestsSigned());
-        assertTrue(assertingPartyDetails.getSigningAlgorithms().contains(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256));
+        final AssertingPartyMetadata assertingPartyMetadata = registration.getAssertingPartyMetadata();
+        assertFalse(assertingPartyMetadata.getWantAuthnRequestsSigned());
+        assertTrue(assertingPartyMetadata.getSigningAlgorithms().contains(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256));
 
         final Collection<Saml2X509Credential> signingCredentials = registration.getSigningX509Credentials();
         assertTrue(signingCredentials.isEmpty());
@@ -96,12 +97,12 @@ void testFindByRegistrationIdSingleLogoutEnabled() throws Exception {
         assertEquals(StandardRelyingPartyRegistrationRepository.SINGLE_LOGOUT_RESPONSE_SERVICE_LOCATION, registration.getSingleLogoutServiceLocation());
         assertEquals(StandardRelyingPartyRegistrationRepository.SINGLE_LOGOUT_RESPONSE_SERVICE_LOCATION, registration.getSingleLogoutServiceResponseLocation());
 
-        final RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails = registration.getAssertingPartyDetails();
-        assertFalse(assertingPartyDetails.getWantAuthnRequestsSigned());
-        assertTrue(assertingPartyDetails.getSigningAlgorithms().contains(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512));
+        final AssertingPartyMetadata assertingPartyMetadata = registration.getAssertingPartyMetadata();
+        assertFalse(assertingPartyMetadata.getWantAuthnRequestsSigned());
+        assertTrue(assertingPartyMetadata.getSigningAlgorithms().contains(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512));
 
         assertSigningCredentialsFound(registration);
-        assertEncryptionCredentialsFound(assertingPartyDetails);
+        assertEncryptionCredentialsFound(assertingPartyMetadata);
     }
 
     private void assertSigningCredentialsFound(final RelyingPartyRegistration registration) {
@@ -113,8 +114,8 @@ private void assertSigningCredentialsFound(final RelyingPartyRegistration regist
         assertEquals(CERTIFICATE_PRINCIPAL, certificate.getIssuerX500Principal());
     }
 
-    private void assertEncryptionCredentialsFound(final RelyingPartyRegistration.AssertingPartyDetails assertingPartyDetails) {
-        final Collection<Saml2X509Credential> encryptionCredentials = assertingPartyDetails.getEncryptionX509Credentials();
+    private void assertEncryptionCredentialsFound(final AssertingPartyMetadata assertingPartyMetadata) {
+        final Collection<Saml2X509Credential> encryptionCredentials = assertingPartyMetadata.getEncryptionX509Credentials();
         assertFalse(encryptionCredentials.isEmpty());
         final Optional<Saml2X509Credential> certificateCredential = encryptionCredentials.stream().filter(
                 credential -> CERTIFICATE_PRINCIPAL.equals(credential.getCertificate().getSubjectX500Principal())

diff --git a/...che/nifi/web/security/saml2/service/web/StandardRelyingPartyRegistrationResolverTest.java b/...che/nifi/web/security/saml2/service/web/StandardRelyingPartyRegistrationResolverTest.java
@@ -114,9 +114,9 @@ private RelyingPartyRegistration.Builder getRegistrationBuilder() {
         return RelyingPartyRegistration.withRegistrationId(REGISTRATION_ID)
                 .entityId(REGISTRATION_ID)
                 .assertionConsumerServiceLocation(SERVICE_LOCATION)
-                .assertingPartyDetails(assertingPartyDetails -> {
-                    assertingPartyDetails.entityId(REGISTRATION_ID);
-                    assertingPartyDetails.singleSignOnServiceLocation(SERVICE_LOCATION);
+                .assertingPartyMetadata(assertingPartyMetadata -> {
+                    assertingPartyMetadata.entityId(REGISTRATION_ID);
+                    assertingPartyMetadata.singleSignOnServiceLocation(SERVICE_LOCATION);
                 });
     }
 

diff --git a/...nifi/web/security/saml2/service/web/StandardSaml2AuthenticationRequestRepositoryTest.java b/...nifi/web/security/saml2/service/web/StandardSaml2AuthenticationRequestRepositoryTest.java
@@ -128,9 +128,9 @@ void testRemoveAuthenticationRequestFound() {
     private AbstractSaml2AuthenticationRequest getRequest() {
         final RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty())
                 .entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty())
-                .assertingPartyDetails(assertingPartyDetails -> {
-                    assertingPartyDetails.entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty());
-                    assertingPartyDetails.singleSignOnServiceLocation(LOCATION);
+                .assertingPartyMetadata(assertingPartyMetadata -> {
+                    assertingPartyMetadata.entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty());
+                    assertingPartyMetadata.singleSignOnServiceLocation(LOCATION);
                 })
                 .build();
         return Saml2PostAuthenticationRequest.withRelyingPartyRegistration(registration).samlRequest(SAML_REQUEST).build();

diff --git a/...eb/security/saml2/web/authentication/logout/StandardSaml2LogoutRequestRepositoryTest.java b/...eb/security/saml2/web/authentication/logout/StandardSaml2LogoutRequestRepositoryTest.java
@@ -128,9 +128,9 @@ void testRemoveLogoutRequestFound() {
     private Saml2LogoutRequest getRequest() {
         final RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty())
                 .entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty())
-                .assertingPartyDetails(assertingPartyDetails -> {
-                    assertingPartyDetails.entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty());
-                    assertingPartyDetails.singleSignOnServiceLocation(LOCATION);
+                .assertingPartyMetadata(assertingPartyMetadata -> {
+                    assertingPartyMetadata.entityId(Saml2RegistrationProperty.REGISTRATION_ID.getProperty());
+                    assertingPartyMetadata.singleSignOnServiceLocation(LOCATION);
                 })
                 .build();
         return Saml2LogoutRequest.withRelyingPartyRegistration(registration).samlRequest(SAML_REQUEST).relayState(RELAY_STATE).build();