diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml index fe34ea5..9a035cf 100644 --- a/.github/workflows/actions.yml +++ b/.github/workflows/actions.yml @@ -17,6 +17,7 @@ jobs: - uses: actions/setup-java@v3 with: java-version: 11 + distribution: 'temurin' cache: 'maven' - name: Build with Maven diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6bc3c1c..c822fa8 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -17,6 +17,7 @@ jobs: uses: actions/setup-java@v3 with: java-version: 11 + distribution: 'temurin' cache: 'maven' server-id: openconext-releases server-username: MAVEN_USERNAME diff --git a/README.md b/README.md index 86e6615..3d8f035 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,8 @@ ### [Usage](#usage) -The main interface of the SAML IdP library is `SAMLIdPService`. -It provides the following functionality +The main interface of the SAML library is `SAMLService`. +It provides the following functionality: - parsing SAML to an `org.opensaml.saml.saml2.core.AuthnRequest` - sending SAML response back to the Service Provider - construct the IdP metadata @@ -13,7 +13,7 @@ It provides the following functionality ### [Crypto](#crypto) -The saml-idp library uses a private RSA key and corresponding certificate to sign the SAML requests. If you want to +The saml-java library uses a private RSA key and corresponding certificate to sign the SAML requests. If you want to deploy the application in an environment where the certificate needs to be registered with the Service Provider (Proxy) then you can generate a key pair with the following commands: ``` diff --git a/src/main/java/saml/DefaultSAMLIdPService.java b/src/main/java/saml/DefaultSAMLService.java similarity index 99% rename from src/main/java/saml/DefaultSAMLIdPService.java rename to src/main/java/saml/DefaultSAMLService.java index b93d614..752e79a 100644 --- a/src/main/java/saml/DefaultSAMLIdPService.java +++ b/src/main/java/saml/DefaultSAMLService.java @@ -74,7 +74,7 @@ import static org.opensaml.saml.common.xml.SAMLConstants.SAML2_POST_BINDING_URI; -public class DefaultSAMLIdPService implements SAMLIdPService { +public class DefaultSAMLService implements SAMLService { static { java.security.Security.addProvider( @@ -85,7 +85,7 @@ public class DefaultSAMLIdPService implements SAMLIdPService { public static final String authnContextClassRefPassword = AuthnContext.PASSWORD_AUTHN_CTX; public static final String authnContextClassRefUnspecified = AuthnContext.UNSPECIFIED_AUTHN_CTX; - private static final Logger LOG = LoggerFactory.getLogger(DefaultSAMLIdPService.class); + private static final Logger LOG = LoggerFactory.getLogger(DefaultSAMLService.class); private final OpenSamlVelocityEngine velocityEngine = new OpenSamlVelocityEngine(); private final BasicParserPool parserPool; @@ -95,7 +95,7 @@ public class DefaultSAMLIdPService implements SAMLIdPService { private final Credential signingCredential; @SneakyThrows - public DefaultSAMLIdPService(SAMLConfiguration configuration) { + public DefaultSAMLService(SAMLConfiguration configuration) { SAMLIdentityProvider identityProvider = configuration.getIdentityProvider(); String entityId = identityProvider.getEntityId(); String secret = UUID.randomUUID().toString(); diff --git a/src/main/java/saml/SAMLIdPService.java b/src/main/java/saml/SAMLService.java similarity index 96% rename from src/main/java/saml/SAMLIdPService.java rename to src/main/java/saml/SAMLService.java index 121c49c..e5c34fd 100644 --- a/src/main/java/saml/SAMLIdPService.java +++ b/src/main/java/saml/SAMLService.java @@ -9,7 +9,10 @@ import javax.servlet.http.HttpServletResponse; import java.util.List; -public interface SAMLIdPService { +public interface SAMLService { + + + AuthnRequest createAuthnRequest(String authnContextClassRef); /** * Parse XML String to {@link Response} diff --git a/src/test/java/saml/DefaultSAMLIdPServiceTest.java b/src/test/java/saml/DefaultSAMLServiceTest.java similarity index 95% rename from src/test/java/saml/DefaultSAMLIdPServiceTest.java rename to src/test/java/saml/DefaultSAMLServiceTest.java index 80d5321..28e1335 100644 --- a/src/test/java/saml/DefaultSAMLIdPServiceTest.java +++ b/src/test/java/saml/DefaultSAMLServiceTest.java @@ -12,7 +12,6 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; import org.opensaml.core.criterion.EntityIdCriterion; -import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.schema.XSString; import org.opensaml.core.xml.util.XMLObjectSupport; import org.opensaml.saml.saml2.core.Assertion; @@ -47,7 +46,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.*; import static org.junit.jupiter.api.Assertions.*; -class DefaultSAMLIdPServiceTest { +class DefaultSAMLServiceTest { private static final SimpleDateFormat issueFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); private static final String spEntityId = "https://engine.test.surfconext.nl/authentication/sp/metadata"; @@ -55,7 +54,7 @@ class DefaultSAMLIdPServiceTest { @RegisterExtension WireMockExtension mockServer = new WireMockExtension(8999); - private DefaultSAMLIdPService samlIdPService; + private DefaultSAMLService samlIdPService; static { java.security.Security.addProvider( @@ -78,7 +77,7 @@ class DefaultSAMLIdPServiceTest { @BeforeEach void beforeEach() { SAMLConfiguration samlConfiguration = getSamlConfiguration(false); - samlIdPService = new DefaultSAMLIdPService(samlConfiguration); + samlIdPService = new DefaultSAMLService(samlConfiguration); } private String getSPMetaData() { @@ -93,7 +92,7 @@ private String getSPMetaData() { SAMLServiceProvider serviceProvider = new SAMLServiceProvider(spEntityId, spEntityId); serviceProvider.setCredential(signingCredential); serviceProvider.setAcsLocation("https://engine.test.surfconext.nl/authentication/sp/consume-assertion"); - DefaultSAMLIdPService tempSamlIdPService = new DefaultSAMLIdPService(samlConfiguration); + DefaultSAMLService tempSamlIdPService = new DefaultSAMLService(samlConfiguration); return tempSamlIdPService.serviceProviderMetaData(serviceProvider); } @@ -140,7 +139,7 @@ private String signedSamlAuthnRequest() { @SneakyThrows private static String readFile(String path) { - InputStream inputStream = DefaultSAMLIdPService.class.getClassLoader().getResourceAsStream(path); + InputStream inputStream = DefaultSAMLService.class.getClassLoader().getResourceAsStream(path); return IOUtils.toString(inputStream, Charset.defaultCharset()); } @@ -166,7 +165,7 @@ void parseAuthnRequest() { @Test void parseAuthnRequestSignatureMissing() { SAMLConfiguration samlConfiguration = getSamlConfiguration(true); - DefaultSAMLIdPService idPService = new DefaultSAMLIdPService(samlConfiguration); + DefaultSAMLService idPService = new DefaultSAMLService(samlConfiguration); String samlRequest = this.samlAuthnRequest(); assertThrows(SignatureException.class, () -> idPService.parseAuthnRequest(samlRequest, true, true)); @@ -213,7 +212,7 @@ void sendResponse() { SAMLStatus.SUCCESS, "relayState😀", null, - DefaultSAMLIdPService.authnContextClassRefPassword, + DefaultSAMLService.authnContextClassRefPassword, List.of( new SAMLAttribute("group", "riders"), new SAMLAttribute("group", "gliders"), @@ -266,7 +265,7 @@ void sendResponseNoAuthnContext() { SAMLStatus.NO_AUTHN_CONTEXT, null, "Not Ok", - DefaultSAMLIdPService.authnContextClassRefPassword, + DefaultSAMLService.authnContextClassRefPassword, List.of(), httpServletResponse );