Restore Binary Compatibility

Issue gh-8835

Author: jzheaux

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java

@@ -83,20 +83,86 @@ public Saml2AuthenticationException(Saml2Error error, String message, Throwable
 		this.setError(error);
 	}
 
+	/**
+	 * Constructs a {@code Saml2AuthenticationException} using the provided parameters.
+	 *
+	 * @param error the {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error SAML 2.0 Error}
+	 * @deprecated Use {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error} constructor instead
+	 */
+	@Deprecated
+	public Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2Error error) {
+		this(error, error.getDescription());
+	}
+
+	/**
+	 * Constructs a {@code Saml2AuthenticationException} using the provided parameters.
+	 *
+	 * @param error the {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error SAML 2.0 Error}
+	 * @param cause the root cause
+	 * @deprecated Use {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error} constructor instead
+	 */
+	@Deprecated
+	public Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2Error error, Throwable cause) {
+		this(error, cause.getMessage(), cause);
+	}
+
+	/**
+	 * Constructs a {@code Saml2AuthenticationException} using the provided parameters.
+	 *
+	 * @param error the {@link Saml2Error SAML 2.0 Error}
+	 * @param message the detail message
+	 * @deprecated Use {@link Saml2Error} constructor instead
+	 */
+	@Deprecated
+	public Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2Error error, String message) {
+		super(message);
+		this.setError(error);
+	}
+
+	/**
+	 * Constructs a {@code Saml2AuthenticationException} using the provided parameters.
+	 *
+	 * @param error the {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error SAML 2.0 Error}
+	 * @param message the detail message
+	 * @param cause the root cause
+	 * @deprecated Use {@link org.springframework.security.saml2.provider.service.authentication.Saml2Error} constructor instead
+	 */
+	@Deprecated
+	public Saml2AuthenticationException(org.springframework.security.saml2.provider.service.authentication.Saml2Error error, String message, Throwable cause) {
+		super(message, cause);
+		this.setError(error);
+	}
+
+	/**
+	 * Get the associated {@link Saml2Error}
+	 *
+	 * @return the associated {@link Saml2Error}
+	 */
+	public Saml2Error getSaml2Error() {
+		return this.error;
+	}
+
 	/**
 	 * Returns the {@link Saml2Error SAML 2.0 Error}.
 	 *
 	 * @return the {@link Saml2Error}
+	 * @deprecated Use {@link #getSaml2Error()} instead
 	 */
-	public Saml2Error getError() {
-		return this.error;
+	@Deprecated
+	public org.springframework.security.saml2.provider.service.authentication.Saml2Error getError() {
+		return new org.springframework.security.saml2.provider.service.authentication.Saml2Error(
+				this.error.getErrorCode(), this.error.getDescription());
 	}
 
 	private void setError(Saml2Error error) {
 		Assert.notNull(error, "error cannot be null");
 		this.error = error;
 	}
 
+	private void setError(org.springframework.security.saml2.provider.service.authentication.Saml2Error error) {
+		setError(new Saml2Error(error.getErrorCode(), error.getDescription()));
+	}
+
 	@Override
 	public String toString() {
 		final StringBuffer sb = new StringBuffer("Saml2AuthenticationException{");

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Error.java

@@ -19,7 +19,6 @@
 import java.io.Serializable;
 
 import org.springframework.security.core.SpringSecurityCoreVersion;
-import org.springframework.util.Assert;
 
 /**
  * A representation of an SAML 2.0 Error.
@@ -36,8 +35,7 @@
 public class Saml2Error implements Serializable {
 	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
 
-	private final String errorCode;
-	private final String description;
+	private final org.springframework.security.saml2.core.Saml2Error error;
 
 	/**
 	 * Constructs a {@code Saml2Error} using the provided parameters.
@@ -46,9 +44,7 @@ public class Saml2Error implements Serializable {
 	 * @param description the error description
 	 */
 	public Saml2Error(String errorCode, String description) {
-		Assert.hasText(errorCode, "errorCode cannot be empty");
-		this.errorCode = errorCode;
-		this.description = description;
+		this.error = new org.springframework.security.saml2.core.Saml2Error(errorCode, description);
 	}
 
 	/**
@@ -57,7 +53,7 @@ public Saml2Error(String errorCode, String description) {
 	 * @return the error code
 	 */
 	public final String getErrorCode() {
-		return this.errorCode;
+		return this.error.getErrorCode();
 	}
 
 	/**
@@ -66,7 +62,7 @@ public final String getErrorCode() {
 	 * @return the error description
 	 */
 	public final String getDescription() {
-		return this.description;
+		return this.error.getDescription();
 	}
 
 	@Override

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2ErrorCodes.java

@@ -30,34 +30,34 @@ public interface Saml2ErrorCodes {
 	 * SAML 2 Response object of type {@code ResponseType} per specification
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=46
 	 */
-	String UNKNOWN_RESPONSE_CLASS = "unknown_response_class";
+	String UNKNOWN_RESPONSE_CLASS = org.springframework.security.saml2.core.Saml2ErrorCodes.UNKNOWN_RESPONSE_CLASS;
 	/**
 	 * The response data is malformed or incomplete.
 	 * An invalid XML object was received, and XML unmarshalling failed.
 	 */
-	String MALFORMED_RESPONSE_DATA = "malformed_response_data";
+	String MALFORMED_RESPONSE_DATA = org.springframework.security.saml2.core.Saml2ErrorCodes.MALFORMED_RESPONSE_DATA;
 	/**
 	 * Response destination does not match the request URL.
 	 * A SAML 2 response object was received at a URL that
 	 * did not match the URL stored in the {code Destination} attribute
 	 * in the Response object.
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=38
 	 */
-	String INVALID_DESTINATION = "invalid_destination";
+	String INVALID_DESTINATION = org.springframework.security.saml2.core.Saml2ErrorCodes.INVALID_DESTINATION;
 	/**
 	 * The assertion was not valid.
 	 * The assertion used for authentication failed validation.
 	 * Details around the failure will be present in the error description.
 	 */
-	String INVALID_ASSERTION = "invalid_assertion";
+	String INVALID_ASSERTION = org.springframework.security.saml2.core.Saml2ErrorCodes.INVALID_ASSERTION;
 	/**
 	 * The signature of response or assertion was invalid.
 	 * Either the response or the assertion was missing a signature
 	 * or the signature could not be verified using the system's
 	 * configured credentials. Most commonly the IDP's
 	 * X509 certificate.
 	 */
-	String INVALID_SIGNATURE = "invalid_signature";
+	String INVALID_SIGNATURE = org.springframework.security.saml2.core.Saml2ErrorCodes.INVALID_SIGNATURE;
 	/**
 	 * The assertion did not contain a subject element.
 	 * The subject element, type SubjectType, contains
@@ -67,7 +67,7 @@ public interface Saml2ErrorCodes {
 	 *
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=18
 	 */
-	String SUBJECT_NOT_FOUND = "subject_not_found";
+	String SUBJECT_NOT_FOUND = org.springframework.security.saml2.core.Saml2ErrorCodes.SUBJECT_NOT_FOUND;
 	/**
 	 * The subject did not contain a user identifier
 	 * The assertion contained a subject element, but the subject
@@ -76,28 +76,28 @@ public interface Saml2ErrorCodes {
 	 *
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=18
 	 */
-	String USERNAME_NOT_FOUND = "username_not_found";
+	String USERNAME_NOT_FOUND = org.springframework.security.saml2.core.Saml2ErrorCodes.USERNAME_NOT_FOUND;
 	/**
 	 * The system failed to decrypt an assertion or a name identifier.
 	 * This error code will be thrown if the decryption of either a
 	 * {@code EncryptedAssertion} or {@code EncryptedID} fails.
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=17
 	 */
-	String DECRYPTION_ERROR = "decryption_error";
+	String DECRYPTION_ERROR = org.springframework.security.saml2.core.Saml2ErrorCodes.DECRYPTION_ERROR;
 	/**
 	 * An Issuer element contained a value that didn't
 	 * https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf#page=15
 	 */
-	String INVALID_ISSUER = "invalid_issuer";
+	String INVALID_ISSUER = org.springframework.security.saml2.core.Saml2ErrorCodes.INVALID_ISSUER;
 	/**
 	 * An error happened during validation.
 	 * Used when internal, non classified, errors are caught during the
 	 * authentication process.
 	 */
-	String INTERNAL_VALIDATION_ERROR = "internal_validation_error";
+	String INTERNAL_VALIDATION_ERROR = org.springframework.security.saml2.core.Saml2ErrorCodes.INTERNAL_VALIDATION_ERROR;
 	/**
 	 * The relying party registration was not found.
 	 * The registration ID did not correspond to any relying party registration.
 	 */
-	String RELYING_PARTY_REGISTRATION_NOT_FOUND = "relying_party_registration_not_found";
+	String RELYING_PARTY_REGISTRATION_NOT_FOUND = org.springframework.security.saml2.core.Saml2ErrorCodes.RELYING_PARTY_REGISTRATION_NOT_FOUND;
 }

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProviderTests.java

@@ -52,7 +52,6 @@
 import org.xml.sax.InputSource;
 
 import org.springframework.security.core.Authentication;
-import org.springframework.security.saml2.core.Saml2ErrorCodes;
 import org.springframework.security.saml2.credentials.Saml2X509Credential;
 
 import static org.assertj.core.api.Assertions.assertThat;