saml-extension-federation Uses Docker Idp

Issue gh-127

servlet/spring-boot/java/saml2/saml-extension-federation/build.gradle

@@ -23,6 +23,9 @@ dependencies {
 	implementation 'org.springframework.security:spring-security-saml2-service-provider'
 	implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6'
 
+	runtimeOnly files("$projectDir/../identity-provider/build/resources/main")
+
+	testImplementation project(':servlet:spring-boot:java:saml2:identity-provider')
 	testImplementation 'org.htmlunit:htmlunit'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testImplementation 'org.springframework.security:spring-security-test'

servlet/spring-boot/java/saml2/saml-extension-federation/settings.gradle

@@ -6,3 +6,6 @@ pluginManagement {
         maven { url "https://repo.spring.io/snapshot" }
     }
 }
+
+include ":servlet:spring-boot:java:saml2:identity-provider"
+project(":servlet:spring-boot:java:saml2:identity-provider").projectDir = file("../identity-provider")

servlet/spring-boot/java/saml2/saml-extension-federation/src/integTest/java/example/SamlExtensionFederationApplicationITests.java

@@ -21,33 +21,28 @@
 
 import org.htmlunit.ElementNotFoundException;
 import org.htmlunit.WebClient;
+import org.htmlunit.html.HtmlButton;
 import org.htmlunit.html.HtmlElement;
 import org.htmlunit.html.HtmlForm;
 import org.htmlunit.html.HtmlInput;
 import org.htmlunit.html.HtmlPage;
 import org.htmlunit.html.HtmlPasswordInput;
-import org.htmlunit.html.HtmlSubmitInput;
 import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.boot.test.web.server.LocalServerPort;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-@Disabled
-@SpringBootTest
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
 @AutoConfigureMockMvc
 public class SamlExtensionFederationApplicationITests {
 
-	@Autowired
-	MockMvc mvc;
+	@LocalServerPort
+	int port;
 
 	@Autowired
 	WebClient webClient;
@@ -61,7 +56,7 @@ void setup() {
 	void authenticationAttemptWhenValidThenShowsUserEmailAddress() throws Exception {
 		performLogin();
 		HtmlPage home = (HtmlPage) this.webClient.getCurrentWindow().getEnclosedPage();
-		assertThat(home.asNormalizedText()).contains("You're email address is [email protected]");
+		assertThat(home.asNormalizedText()).contains("You're email address is [email protected]");
 	}
 
 	@Test
@@ -77,31 +72,24 @@ void logoutWhenRelyingPartyInitiatedLogoutThenLoginPageWithLogoutParam() throws
 		assertThat(urls).contains("/login?logout");
 	}
 
-	@Test
-	void metadataWhenGetThenForwardToUrl() throws Exception {
-		this.mvc.perform(get("/saml/metadata"))
-			.andExpect(status().isOk())
-			.andExpect(forwardedUrl("/saml2/service-provider-metadata/one"));
-	}
-
 	private void performLogin() throws Exception {
 		HtmlPage login = this.webClient.getPage("/");
 		login.getAnchors().get(0).click();
 		this.webClient.waitForBackgroundJavaScript(10000);
 		HtmlForm form = findForm(login);
 		HtmlInput username = form.getInputByName("username");
 		HtmlPasswordInput password = form.getInputByName("password");
-		HtmlSubmitInput submit = login.getHtmlElementById("okta-signin-submit");
-		username.type("[email protected]");
-		password.type("12345678");
+		HtmlButton submit = (HtmlButton) form.getElementsByTagName("button").iterator().next();
+		username.type("user1");
+		password.type("user1pass");
 		submit.click();
 		this.webClient.waitForBackgroundJavaScript(10000);
 	}
 
 	private HtmlForm findForm(HtmlPage login) {
 		for (HtmlForm form : login.getForms()) {
 			try {
-				if (form.getId().equals("form19")) {
+				if (form.getNameAttribute().equals("f")) {
 					return form;
 				}
 			}

servlet/spring-boot/java/saml2/saml-extension-federation/src/main/java/example/SecurityConfiguration.java

@@ -71,6 +71,7 @@ InMemoryRelyingPartyRegistrationRepository repository(Saml2RelyingPartyPropertie
 			.map((builder) -> builder.registrationId(UUID.randomUUID().toString())
 				.entityId(registration.getEntityId())
 				.assertionConsumerServiceLocation(registration.getAcs().getLocation())
+				.singleLogoutServiceBinding(registration.getSinglelogout().getBinding())
 				.singleLogoutServiceLocation(registration.getSinglelogout().getUrl())
 				.singleLogoutServiceResponseLocation(registration.getSinglelogout().getResponseUrl())
 				.signingX509Credentials((credentials) -> credentials.add(signing))

servlet/spring-boot/java/saml2/saml-extension-federation/src/main/resources/application.yml

@@ -2,18 +2,23 @@ logging.level:
   org.springframework.security: TRACE
 
 spring:
+  docker:
+    compose:
+      file: classpath:docker/compose.yml
+      readiness:
+        wait: never
   security:
     filter:
       dispatcher-types: async, error, request, forward
     saml2:
       relyingparty:
         registration:
           metadata:
-            entity-id: "{baseUrl}/saml2/service-provider-metadata/one"
+            entity-id: "{baseUrl}/saml/metadata"
             singlelogout:
-              binding: POST
+              binding: REDIRECT
               url: "{baseUrl}/saml/logout"
               responseUrl: "{baseUrl}/saml/SingleLogout"
             acs:
               location: "{baseUrl}/saml/SSO"
-            assertingparty.metadata-uri: https://dev-05937739.okta.com/app/exk598vc9bHhwoTXM5d7/sso/saml/metadata
+            assertingparty.metadata-uri:  http://idp-one.7f000001.nip.io/simplesaml/saml2/idp/metadata.php