From 5a7afc0fc7edf0810c093801abea5c8536b52108 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Tue, 5 Nov 2024 15:00:32 -0700 Subject: [PATCH] saml-extension-federation Uses Docker Idp Issue gh-127 --- .../saml-extension-federation/build.gradle | 3 ++ .../saml-extension-federation/settings.gradle | 3 ++ ...lExtensionFederationApplicationITests.java | 32 ++++++------------- .../java/example/SecurityConfiguration.java | 1 + .../src/main/resources/application.yml | 11 +++++-- 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/servlet/spring-boot/java/saml2/saml-extension-federation/build.gradle b/servlet/spring-boot/java/saml2/saml-extension-federation/build.gradle index f2484a768..1c40adfce 100644 --- a/servlet/spring-boot/java/saml2/saml-extension-federation/build.gradle +++ b/servlet/spring-boot/java/saml2/saml-extension-federation/build.gradle @@ -23,6 +23,9 @@ dependencies { implementation 'org.springframework.security:spring-security-saml2-service-provider' implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6' + runtimeOnly files("$projectDir/../identity-provider/build/resources/main") + + testImplementation project(':servlet:spring-boot:java:saml2:identity-provider') testImplementation 'org.htmlunit:htmlunit' testImplementation 'org.springframework.boot:spring-boot-starter-test' testImplementation 'org.springframework.security:spring-security-test' diff --git a/servlet/spring-boot/java/saml2/saml-extension-federation/settings.gradle b/servlet/spring-boot/java/saml2/saml-extension-federation/settings.gradle index 733fda690..0c499579e 100644 --- a/servlet/spring-boot/java/saml2/saml-extension-federation/settings.gradle +++ b/servlet/spring-boot/java/saml2/saml-extension-federation/settings.gradle @@ -6,3 +6,6 @@ pluginManagement { maven { url "https://repo.spring.io/snapshot" } } } + +include ":servlet:spring-boot:java:saml2:identity-provider" +project(":servlet:spring-boot:java:saml2:identity-provider").projectDir = file("../identity-provider") \ No newline at end of file diff --git a/servlet/spring-boot/java/saml2/saml-extension-federation/src/integTest/java/example/SamlExtensionFederationApplicationITests.java b/servlet/spring-boot/java/saml2/saml-extension-federation/src/integTest/java/example/SamlExtensionFederationApplicationITests.java index f5fb8bd94..55916d284 100644 --- a/servlet/spring-boot/java/saml2/saml-extension-federation/src/integTest/java/example/SamlExtensionFederationApplicationITests.java +++ b/servlet/spring-boot/java/saml2/saml-extension-federation/src/integTest/java/example/SamlExtensionFederationApplicationITests.java @@ -21,33 +21,28 @@ import org.htmlunit.ElementNotFoundException; import org.htmlunit.WebClient; +import org.htmlunit.html.HtmlButton; import org.htmlunit.html.HtmlElement; import org.htmlunit.html.HtmlForm; import org.htmlunit.html.HtmlInput; import org.htmlunit.html.HtmlPage; import org.htmlunit.html.HtmlPasswordInput; -import org.htmlunit.html.HtmlSubmitInput; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.web.servlet.MockMvc; +import org.springframework.boot.test.web.server.LocalServerPort; import static org.assertj.core.api.Assertions.assertThat; -import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; -@Disabled -@SpringBootTest +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT) @AutoConfigureMockMvc public class SamlExtensionFederationApplicationITests { - @Autowired - MockMvc mvc; + @LocalServerPort + int port; @Autowired WebClient webClient; @@ -61,7 +56,7 @@ void setup() { void authenticationAttemptWhenValidThenShowsUserEmailAddress() throws Exception { performLogin(); HtmlPage home = (HtmlPage) this.webClient.getCurrentWindow().getEnclosedPage(); - assertThat(home.asNormalizedText()).contains("You're email address is testuser2@spring.security.saml"); + assertThat(home.asNormalizedText()).contains("You're email address is user1@example.org"); } @Test @@ -77,13 +72,6 @@ void logoutWhenRelyingPartyInitiatedLogoutThenLoginPageWithLogoutParam() throws assertThat(urls).contains("/login?logout"); } - @Test - void metadataWhenGetThenForwardToUrl() throws Exception { - this.mvc.perform(get("/saml/metadata")) - .andExpect(status().isOk()) - .andExpect(forwardedUrl("/saml2/service-provider-metadata/one")); - } - private void performLogin() throws Exception { HtmlPage login = this.webClient.getPage("/"); login.getAnchors().get(0).click(); @@ -91,9 +79,9 @@ private void performLogin() throws Exception { HtmlForm form = findForm(login); HtmlInput username = form.getInputByName("username"); HtmlPasswordInput password = form.getInputByName("password"); - HtmlSubmitInput submit = login.getHtmlElementById("okta-signin-submit"); - username.type("testuser2@spring.security.saml"); - password.type("12345678"); + HtmlButton submit = (HtmlButton) form.getElementsByTagName("button").iterator().next(); + username.type("user1"); + password.type("user1pass"); submit.click(); this.webClient.waitForBackgroundJavaScript(10000); } @@ -101,7 +89,7 @@ private void performLogin() throws Exception { private HtmlForm findForm(HtmlPage login) { for (HtmlForm form : login.getForms()) { try { - if (form.getId().equals("form19")) { + if (form.getNameAttribute().equals("f")) { return form; } } diff --git a/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/java/example/SecurityConfiguration.java b/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/java/example/SecurityConfiguration.java index dd475919e..7fbc95388 100644 --- a/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/java/example/SecurityConfiguration.java +++ b/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/java/example/SecurityConfiguration.java @@ -71,6 +71,7 @@ InMemoryRelyingPartyRegistrationRepository repository(Saml2RelyingPartyPropertie .map((builder) -> builder.registrationId(UUID.randomUUID().toString()) .entityId(registration.getEntityId()) .assertionConsumerServiceLocation(registration.getAcs().getLocation()) + .singleLogoutServiceBinding(registration.getSinglelogout().getBinding()) .singleLogoutServiceLocation(registration.getSinglelogout().getUrl()) .singleLogoutServiceResponseLocation(registration.getSinglelogout().getResponseUrl()) .signingX509Credentials((credentials) -> credentials.add(signing)) diff --git a/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/resources/application.yml b/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/resources/application.yml index 9e9f77491..5abbffb94 100644 --- a/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/resources/application.yml +++ b/servlet/spring-boot/java/saml2/saml-extension-federation/src/main/resources/application.yml @@ -2,6 +2,11 @@ logging.level: org.springframework.security: TRACE spring: + docker: + compose: + file: classpath:docker/compose.yml + readiness: + wait: never security: filter: dispatcher-types: async, error, request, forward @@ -9,11 +14,11 @@ spring: relyingparty: registration: metadata: - entity-id: "{baseUrl}/saml2/service-provider-metadata/one" + entity-id: "{baseUrl}/saml/metadata" singlelogout: - binding: POST + binding: REDIRECT url: "{baseUrl}/saml/logout" responseUrl: "{baseUrl}/saml/SingleLogout" acs: location: "{baseUrl}/saml/SSO" - assertingparty.metadata-uri: https://dev-05937739.okta.com/app/exk598vc9bHhwoTXM5d7/sso/saml/metadata + assertingparty.metadata-uri: http://idp-one.7f000001.nip.io/simplesaml/saml2/idp/metadata.php