Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump opensaml2 from 2.6.6 to 4.0.1 #2908

Open
wants to merge 209 commits into
base: develop
Choose a base branch
from
Open

build(deps): bump opensaml2 from 2.6.6 to 4.0.1 #2908

wants to merge 209 commits into from
+23,751 −17,364

Conversation

Tallicia
Copy link
Contributor

@Tallicia Tallicia commented May 30, 2024
edited by strehle
Loading

Replacing the other feature branch #2862 for new SAML library replacement effort.

Sonar
https://sonarcloud.io/summary/new_code?id=cloudfoundry-identity-parent&pullRequest=2908

@Tallicia Tallicia added in progress DO NOT MERGE Internal Test or WIP, please DO NOT MERGE labels May 30, 2024
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/187710947

The labels on this github issue will be updated when the story is started.

@Tallicia Tallicia changed the title New saml 0530 New SAML 2024.05.30 - Not to merge but just for SAML feature branch testing May 30, 2024
@Tallicia Tallicia mentioned this pull request May 30, 2024
Closed
@duanemay duanemay force-pushed the new-saml-0530 branch 5 times, most recently from 65b0d64 to e67a40a Compare June 14, 2024 22:11
@duanemay duanemay force-pushed the new-saml-0530 branch 9 times, most recently from a761b67 to 7de27a1 Compare June 24, 2024 15:54
@duanemay duanemay force-pushed the new-saml-0530 branch 2 times, most recently from 0d3a595 to f199f50 Compare July 5, 2024 22:17
@duanemay duanemay force-pushed the new-saml-0530 branch 2 times, most recently from 46248b9 to b6cb65b Compare July 9, 2024 18:49
@peterhaochen47 peterhaochen47 force-pushed the new-saml-0530 branch 2 times, most recently from a97457f to 745fff3 Compare July 10, 2024 17:04
@strehle strehle added in_review The PR is currently in review and removed unscheduled labels Nov 12, 2024
@strehle strehle changed the title New SAML 2024.05.30 - Not to merge but just for SAML feature branch testing build(deps): bump opensaml2 from 2.6.6 to 4.0.1 Nov 12, 2024
@strehle strehle marked this pull request as ready for review November 12, 2024 17:44
@strehle
Cleanup libraries not needed anymore (#3129)
78e21ba 
* Cleanup libraries not needed anymore

bound to old opensaml

* Remove ESAPI finally

this dependency is only there because of old saml

* fix rebase
@strehle strehle requested review from a team, strehle and duanemay November 12, 2024 17:50
strehle
strehle reviewed Nov 14, 2024
View reviewed changes
.../cloudfoundry/identity/uaa/provider/saml/ConfiguratorRelyingPartyRegistrationRepository.java Outdated Show resolved Hide resolved
.../cloudfoundry/identity/uaa/provider/saml/ConfiguratorRelyingPartyRegistrationRepository.java Outdated Show resolved Hide resolved
server/src/main/resources/dummy-saml-idp-metadata.xml Outdated Show resolved Hide resolved
...ava/org/cloudfoundry/identity/uaa/provider/saml/Saml2BearerGrantAuthenticationConverter.java Outdated Show resolved Hide resolved
...ava/org/cloudfoundry/identity/uaa/provider/saml/Saml2BearerGrantAuthenticationConverter.java Outdated Show resolved Hide resolved
...ava/org/cloudfoundry/identity/uaa/provider/saml/Saml2BearerGrantAuthenticationConverter.java Show resolved Hide resolved
server/src/main/java/org/cloudfoundry/identity/uaa/provider/saml/Saml2Utils.java Show resolved Hide resolved
@strehle
Copy link
Member

strehle commented Nov 14, 2024

SAML2 bearer and IdP initated flows are similar and the IdP initiated flow still is not working.
The tests work, but this is by accident because we have only one trusted IdP and the TODO in resolution of IdP.

The resolver needs to be forked / implemented on Uaa side, I assume then we can resolve from issuer to idP .
With more than 1 trusted IdP the flow is working by accident...

SAML2 bearer works now independent from amount of SAML2 trusts, #3132

strehle and others added 11 commits November 15, 2024 17:06
@strehle
Enhancements for SAML2 bearer flow (#3132)
d281b28 
* Test saml bearer

* Fixes for SAML2 bearer flow

* reverted test
@strehle
Merge remote-tracking branch 'origin/develop' into new-saml-0530
e22d1d1 
# Conflicts:
#	dependencies.gradle
@strehle @duanemay
Enhancements for SAML2 bearer and IdP initiated SSO (#3136)
e084cee 
* Test saml bearer

* Fixes for SAML2 bearer flow

* reverted test

* Implement RelyingPartyRegistrationResolver

* support resolution of SAMLResponse from request
* remove default setting

* Use standard setting of metadata

the feature with classpath is new in this PR.

* refactorings based on sonar

* Replace dummy-saml-idp-metadata

and create the data based on real key data

Until now we do not deliver any keys in uaa.war.

* Cleanup test failure

Changed, because of hack with defaults.

* Rename DefaultRelyingPartyRegistrationResolver to UaaRelyingPartyRegistrationResolver

Signed-off-by: Duane May <[email protected]>

* Refactor text blocks

Signed-off-by: Duane May <[email protected]>

---------

Signed-off-by: Duane May <[email protected]>
Co-authored-by: Duane May <[email protected]>
Co-authored-by: Duane May <[email protected]>
@strehle
sonar: unused imports
bdb80e5
@strehle
sonar: recommendation
946a6f9
@strehle
sonar: recommendation
e54b489
@strehle
sonar changes
af2c5b6
@strehle
sonar changes
f984d0d
@strehle
omit hard coded example name (#3140)
6b4e0a1
@duanemay
Merge remote-tracking branch 'origin' into new-saml-0530
d89f4f1
@strehle
Merge remote-tracking branch 'origin/develop' into new-saml-0530
dc31694 
# Conflicts:
#	dependencies.gradle
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@strehle strehle strehle left review comments

@duanemay duanemay Awaiting requested review from duanemay

Assignees
No one assigned
Labels
DO NOT MERGE Internal Test or WIP, please DO NOT MERGE in_review The PR is currently in review scheduled
Projects
Foundational Infrastructure Working Group
Status: Pending Review | Discussion
Milestone
EOL_Removal
Development

Successfully merging this pull request may close these issues.

Spring Security SAML2 End of Life
10 participants
@Tallicia @cf-gitbot @strehle @swalchemist @peterhaochen47 @bruce-ricard @duanemay @hsinn0 @fhanik @achrinza