Upgrading CAS and Pac4j

apache · Jun 26, 2024 · eeea5e7 · eeea5e7
1 parent 99777f0
commit eeea5e7
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 23 deletions.
diff --git a/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/SAML2SP4UILogic.java b/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/SAML2SP4UILogic.java
@@ -237,16 +237,17 @@ protected SAML2Client getSAML2Client(
     protected static SAML2Request buildRequest(final String idpEntityID, final RedirectionAction action) {
         SAML2Request requestTO = new SAML2Request();
         requestTO.setIdpEntityID(idpEntityID);
-        if (action instanceof WithLocationAction) {
-            WithLocationAction withLocationAction = (WithLocationAction) action;
-
-            requestTO.setBindingType(SAML2BindingType.REDIRECT);
-            requestTO.setContent(withLocationAction.getLocation());
-        } else if (action instanceof WithContentAction) {
-            WithContentAction withContentAction = (WithContentAction) action;
-
-            requestTO.setBindingType(SAML2BindingType.POST);
-            requestTO.setContent(Base64.getMimeEncoder().encodeToString(withContentAction.getContent().getBytes()));
+        switch (action) {
+            case WithLocationAction withLocationAction -> {
+                requestTO.setBindingType(SAML2BindingType.REDIRECT);
+                requestTO.setContent(withLocationAction.getLocation());
+            }
+            case WithContentAction withContentAction -> {
+                requestTO.setBindingType(SAML2BindingType.POST);
+                requestTO.setContent(Base64.getMimeEncoder().encodeToString(withContentAction.getContent().getBytes()));
+            }
+            default -> {
+            }
         }
         return requestTO;
     }

diff --git a/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ClientCache.java b/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ClientCache.java
@@ -73,6 +73,7 @@ public static SAML2SP4UIIdPTO importMetadata(
         cfg.setIdentityProviderMetadataResource(new ByteArrayResource(IOUtils.readBytesFromStream(metadata)));
         SAML2IdentityProviderMetadataResolver metadataResolver = new SAML2IdentityProviderMetadataResolver(cfg);
         metadataResolver.init();
+        cfg.setIdentityProviderMetadataResolver(metadataResolver);
 
         String entityId = metadataResolver.getEntityId();
 
@@ -81,15 +82,16 @@ public static SAML2SP4UIIdPTO importMetadata(
         idpTO.setName(entityId);
 
         EntityDescriptor entityDescriptor = (EntityDescriptor) metadataResolver.getEntityDescriptorElement();
-        entityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices().forEach(sso -> {
-            if (idpTO.getBindingType() == null) {
+
+        if (idpTO.getBindingType() == null) {
+            entityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices().forEach(sso -> {
                 if (SAML2BindingType.POST.getUri().equals(sso.getBinding())) {
                     idpTO.setBindingType(SAML2BindingType.POST);
                 } else if (SAML2BindingType.REDIRECT.getUri().equals(sso.getBinding())) {
                     idpTO.setBindingType(SAML2BindingType.REDIRECT);
                 }
-            }
-        });
+            });
+        }
         if (idpTO.getBindingType() == null) {
             throw new IllegalArgumentException("Neither POST nor REDIRECT artifacts supported by " + entityId);
         }
@@ -126,7 +128,11 @@ public SAML2Client add(
             final SAML2SP4UIIdP idp, final SAML2Configuration cfg, final String spEntityID, final String callbackUrl) {
 
         cfg.setIdentityProviderEntityId(idp.getEntityID());
+
         cfg.setIdentityProviderMetadataResource(new ByteArrayResource(idp.getMetadata()));
+        SAML2IdentityProviderMetadataResolver metadataResolver = new SAML2IdentityProviderMetadataResolver(cfg);
+        metadataResolver.init();
+        cfg.setIdentityProviderMetadataResolver(metadataResolver);
 
         cfg.setServiceProviderEntityId(spEntityID);
         getSPMetadataPath(spEntityID).ifPresent(cfg::setServiceProviderMetadataResourceFilepath);

diff --git a/pom.xml b/pom.xml
@@ -435,9 +435,9 @@ under the License.
     <commons-jexl.version>3.4.0</commons-jexl.version>
     <commons-text.version>1.12.0</commons-text.version>
 
-    <pac4j.version>6.0.3</pac4j.version>
+    <pac4j.version>6.0.4</pac4j.version>
 
-    <cas.version>7.0.5</cas.version>
+    <cas.version>7.0.5.1</cas.version>
     <cas-client.version>4.0.4</cas-client.version>
 
     <h2.version>2.2.224</h2.version>

diff --git a/wa/starter/src/test/java/org/apache/syncope/wa/starter/pac4j/saml/BaseWASAML2ClientTest.java b/wa/starter/src/test/java/org/apache/syncope/wa/starter/pac4j/saml/BaseWASAML2ClientTest.java
@@ -45,6 +45,7 @@
 import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
 import org.pac4j.saml.client.SAML2Client;
 import org.pac4j.saml.config.SAML2Configuration;
+import org.pac4j.saml.metadata.SAML2IdentityProviderMetadataResolver;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.FileSystemResource;
 
@@ -85,13 +86,19 @@ protected static Certificate createSelfSignedCert(final KeyPair keyPair) throws
     }
 
     protected static SAML2Client getSAML2Client() throws Exception {
-        SAML2Configuration saml2Configuration = new SAML2Configuration();
-        saml2Configuration.setKeystorePassword("password");
-        saml2Configuration.setPrivateKeyPassword("password");
-        saml2Configuration.setIdentityProviderMetadataResource(new ClassPathResource("idp-metadata.xml"));
-        saml2Configuration.setServiceProviderMetadataResource(new FileSystemResource(File.createTempFile("sp-metadata",
-                ".xml")));
-        SAML2Client client = new SAML2Client(saml2Configuration);
+        SAML2Configuration cfg = new SAML2Configuration();
+        cfg.setKeystorePassword("password");
+        cfg.setPrivateKeyPassword("password");
+
+        cfg.setIdentityProviderMetadataResource(new ClassPathResource("idp-metadata.xml"));
+
+        SAML2IdentityProviderMetadataResolver idpMetadataResolver = new SAML2IdentityProviderMetadataResolver(cfg);
+        idpMetadataResolver.init();
+        cfg.setIdentityProviderMetadataResolver(idpMetadataResolver);
+
+        cfg.setServiceProviderMetadataResource(new FileSystemResource(File.createTempFile("sp-metadata", ".xml")));
+
+        SAML2Client client = new SAML2Client(cfg);
         client.setCallbackUrl("https://syncope.apache.org");
         return client;
     }