diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlAssertingPartyDetails.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlAssertingPartyDetails.java
index 25d5738a6c1..0d780d0e0d5 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlAssertingPartyDetails.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlAssertingPartyDetails.java
@@ -65,6 +65,20 @@ public static OpenSamlAssertingPartyDetails.Builder withEntityDescriptor(EntityD
return new OpenSamlAssertingPartyDetails.Builder(entity);
}
+ @Override
+ public OpenSamlAssertingPartyDetails.Builder mutate() {
+ return new OpenSamlAssertingPartyDetails.Builder(this.descriptor).entityId(getEntityId())
+ .wantAuthnRequestsSigned(getWantAuthnRequestsSigned())
+ .signingAlgorithms((algorithms) -> algorithms.addAll(getSigningAlgorithms()))
+ .verificationX509Credentials((c) -> c.addAll(getVerificationX509Credentials()))
+ .encryptionX509Credentials((c) -> c.addAll(getEncryptionX509Credentials()))
+ .singleSignOnServiceLocation(getSingleSignOnServiceLocation())
+ .singleSignOnServiceBinding(getSingleSignOnServiceBinding())
+ .singleLogoutServiceLocation(getSingleLogoutServiceLocation())
+ .singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
+ .singleLogoutServiceBinding(getSingleLogoutServiceBinding());
+ }
+
/**
* An OpenSAML version of
* {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder}
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
index ce9061ad4a3..9b3f26dc3a9 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
@@ -29,7 +29,19 @@
*
* @author Josh Cummings
* @since 6.1
+ * @deprecated This class no longer is needed in order to transmit the
+ * {@link EntityDescriptor} to {@link OpenSamlAssertingPartyDetails}. Instead of doing:
+ *
+ * if (registration instanceof OpenSamlRelyingPartyRegistration openSamlRegistration) {
+ * EntityDescriptor descriptor = openSamlRegistration.getAssertingPartyDetails.getEntityDescriptor();
+ * }
+ * do instead:
+ * if (registration.getAssertingPartyDetails() instanceof openSamlAssertingPartyDetails) {
+ * EntityDescriptor descriptor = openSamlAssertingPartyDetails.getEntityDescriptor();
+ * }
+ *
*/
+@Deprecated
public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration {
OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) {
@@ -47,7 +59,7 @@ public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistra
@Override
public OpenSamlRelyingPartyRegistration.Builder mutate() {
OpenSamlAssertingPartyDetails party = getAssertingPartyDetails();
- return withAssertingPartyEntityDescriptor(party.getEntityDescriptor()).registrationId(getRegistrationId())
+ return new Builder(party).registrationId(getRegistrationId())
.entityId(getEntityId())
.signingX509Credentials((c) -> c.addAll(getSigningX509Credentials()))
.decryptionX509Credentials((c) -> c.addAll(getDecryptionX509Credentials()))
@@ -57,18 +69,7 @@ public OpenSamlRelyingPartyRegistration.Builder mutate() {
.singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
.singleLogoutServiceBindings((c) -> c.addAll(getSingleLogoutServiceBindings()))
.nameIdFormat(getNameIdFormat())
- .authnRequestsSigned(isAuthnRequestsSigned())
- .assertingPartyDetails((assertingParty) -> ((OpenSamlAssertingPartyDetails.Builder) assertingParty)
- .entityId(party.getEntityId())
- .wantAuthnRequestsSigned(party.getWantAuthnRequestsSigned())
- .signingAlgorithms((algorithms) -> algorithms.addAll(party.getSigningAlgorithms()))
- .verificationX509Credentials((c) -> c.addAll(party.getVerificationX509Credentials()))
- .encryptionX509Credentials((c) -> c.addAll(party.getEncryptionX509Credentials()))
- .singleSignOnServiceLocation(party.getSingleSignOnServiceLocation())
- .singleSignOnServiceBinding(party.getSingleSignOnServiceBinding())
- .singleLogoutServiceLocation(party.getSingleLogoutServiceLocation())
- .singleLogoutServiceResponseLocation(party.getSingleLogoutServiceResponseLocation())
- .singleLogoutServiceBinding(party.getSingleLogoutServiceBinding()));
+ .authnRequestsSigned(isAuthnRequestsSigned());
}
/**
@@ -100,6 +101,10 @@ private Builder(EntityDescriptor entityDescriptor) {
super(entityDescriptor.getEntityID(), OpenSamlAssertingPartyDetails.withEntityDescriptor(entityDescriptor));
}
+ Builder(OpenSamlAssertingPartyDetails details) {
+ super(details.getEntityDescriptor().getEntityID(), details.mutate());
+ }
+
@Override
public Builder registrationId(String id) {
return (Builder) super.registrationId(id);
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
index 9e6f1b75332..87cfea754ec 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
@@ -139,8 +139,7 @@ protected RelyingPartyRegistration(String registrationId, String entityId, Strin
* @since 6.1
*/
public Builder mutate() {
- AssertingPartyDetails party = this.assertingPartyDetails;
- return withRegistrationId(this.registrationId).entityId(this.entityId)
+ return new Builder(this.registrationId, this.assertingPartyDetails.mutate()).entityId(this.entityId)
.signingX509Credentials((c) -> c.addAll(this.signingX509Credentials))
.decryptionX509Credentials((c) -> c.addAll(this.decryptionX509Credentials))
.assertionConsumerServiceLocation(this.assertionConsumerServiceLocation)
@@ -149,17 +148,7 @@ public Builder mutate() {
.singleLogoutServiceResponseLocation(this.singleLogoutServiceResponseLocation)
.singleLogoutServiceBindings((c) -> c.addAll(this.singleLogoutServiceBindings))
.nameIdFormat(this.nameIdFormat)
- .authnRequestsSigned(this.authnRequestsSigned)
- .assertingPartyDetails((assertingParty) -> assertingParty.entityId(party.getEntityId())
- .wantAuthnRequestsSigned(party.getWantAuthnRequestsSigned())
- .signingAlgorithms((algorithms) -> algorithms.addAll(party.getSigningAlgorithms()))
- .verificationX509Credentials((c) -> c.addAll(party.getVerificationX509Credentials()))
- .encryptionX509Credentials((c) -> c.addAll(party.getEncryptionX509Credentials()))
- .singleSignOnServiceLocation(party.getSingleSignOnServiceLocation())
- .singleSignOnServiceBinding(party.getSingleSignOnServiceBinding())
- .singleLogoutServiceLocation(party.getSingleLogoutServiceLocation())
- .singleLogoutServiceResponseLocation(party.getSingleLogoutServiceResponseLocation())
- .singleLogoutServiceBinding(party.getSingleLogoutServiceBinding()));
+ .authnRequestsSigned(this.authnRequestsSigned);
}
/**
@@ -346,17 +335,7 @@ public static Builder withRegistrationId(String registrationId) {
public static Builder withAssertingPartyDetails(AssertingPartyDetails assertingPartyDetails) {
Assert.notNull(assertingPartyDetails, "assertingPartyDetails cannot be null");
- return withRegistrationId(assertingPartyDetails.getEntityId())
- .assertingPartyDetails((party) -> party.entityId(assertingPartyDetails.getEntityId())
- .wantAuthnRequestsSigned(assertingPartyDetails.getWantAuthnRequestsSigned())
- .signingAlgorithms((algorithms) -> algorithms.addAll(assertingPartyDetails.getSigningAlgorithms()))
- .verificationX509Credentials((c) -> c.addAll(assertingPartyDetails.getVerificationX509Credentials()))
- .encryptionX509Credentials((c) -> c.addAll(assertingPartyDetails.getEncryptionX509Credentials()))
- .singleSignOnServiceLocation(assertingPartyDetails.getSingleSignOnServiceLocation())
- .singleSignOnServiceBinding(assertingPartyDetails.getSingleSignOnServiceBinding())
- .singleLogoutServiceLocation(assertingPartyDetails.getSingleLogoutServiceLocation())
- .singleLogoutServiceResponseLocation(assertingPartyDetails.getSingleLogoutServiceResponseLocation())
- .singleLogoutServiceBinding(assertingPartyDetails.getSingleLogoutServiceBinding()));
+ return new Builder(assertingPartyDetails.getEntityId(), assertingPartyDetails.mutate());
}
/**
@@ -592,6 +571,19 @@ public Saml2MessageBinding getSingleLogoutServiceBinding() {
return this.singleLogoutServiceBinding;
}
+ public AssertingPartyDetails.Builder mutate() {
+ return new AssertingPartyDetails.Builder().entityId(this.entityId)
+ .wantAuthnRequestsSigned(this.wantAuthnRequestsSigned)
+ .signingAlgorithms((algorithms) -> algorithms.addAll(this.signingAlgorithms))
+ .verificationX509Credentials((c) -> c.addAll(this.verificationX509Credentials))
+ .encryptionX509Credentials((c) -> c.addAll(this.encryptionX509Credentials))
+ .singleSignOnServiceLocation(this.singleSignOnServiceLocation)
+ .singleSignOnServiceBinding(this.singleSignOnServiceBinding)
+ .singleLogoutServiceLocation(this.singleLogoutServiceLocation)
+ .singleLogoutServiceResponseLocation(this.singleLogoutServiceResponseLocation)
+ .singleLogoutServiceBinding(this.singleLogoutServiceBinding);
+ }
+
public static class Builder {
private String entityId;