Improve authentication and logout request input params API #350
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is made of:
AuthRequest
refactoring extracted from Add support for multiple Attribute Consuming Services #307LogoutRequest
refactoring picked from my own fork (for which I hadn't provided any PR yet because it was relying on other changes)Benefits of this refactoring:
AuthnRequest
,LogoutRequest
andAuth
APIs: all those overridings were honestly cluttering the API and they were not easily extensibleAuthnRequest
andLogoutRequest
generation process, may simply extendAuthnRequestParams
andLogoutRequestParams
without the need to further touch the API ofAuthnRequest
,LogoutRequest
andAuth
classes (or to provide even more overridings); this allows, for instance, to implement NameIDPolicy AllowCreate hardcoded to true in AuthnRequest #329 by simply adding a new property toAuthnRequestParams
(and of course adjust the generation process) without the need to provide new overloadingspostProcessXml
mechanism introduced in Allow for extension classes to post-process generated XML #321 (*), any consumer application which needs to extend this library, may pass toAuthnRequest
andLogoutRequest
constructors a proper input params extension, which will also be passed topostProcessXml
, so that an overriding of the latter will allow for proper XML manipulation and/or extension based on the actual custom input paramsAuth
extensibility improvement, which leverages this rafactoring, can be provided: I already anticipated he idea in Adding attributes to the "saml:Issuer" part in the AuthnRequest #265 (comment) and I may provide a separate PR for that if this is accepted and mergeLogoutRequest
: the new introduced constructors now are specialized on a single scenario (new outgoing logout request creation vs parsing of an incoming request in an IdP-initiated logout)The change is 100% backward compatible: all those
Auth.login
,Auth.logout
,AuthnRequest
andLogoutRequest
constructor overloadings have been deprecated (to ease migration), not removed. You may then consider their removal in the future sooner or later, depending on requirements.(*) Please note that this PR also brings a change in
postProcessXml
API forAuthnRequest
andLogoutRequest
, letting it receive the input parameters as well. I think this is fine since thepostProcessXml
has not been released yet, so we should still be on time for this.