Deprecate OpenSamlRelyingPartyRegistration

Closes gh-15343

Author: jzheaux

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlAssertingPartyDetails.java

@@ -65,6 +65,20 @@ public static OpenSamlAssertingPartyDetails.Builder withEntityDescriptor(EntityD
 		return new OpenSamlAssertingPartyDetails.Builder(entity);
 	}
 
+	@Override
+	public OpenSamlAssertingPartyDetails.Builder mutate() {
+		return new OpenSamlAssertingPartyDetails.Builder(this.descriptor).entityId(getEntityId())
+			.wantAuthnRequestsSigned(getWantAuthnRequestsSigned())
+			.signingAlgorithms((algorithms) -> algorithms.addAll(getSigningAlgorithms()))
+			.verificationX509Credentials((c) -> c.addAll(getVerificationX509Credentials()))
+			.encryptionX509Credentials((c) -> c.addAll(getEncryptionX509Credentials()))
+			.singleSignOnServiceLocation(getSingleSignOnServiceLocation())
+			.singleSignOnServiceBinding(getSingleSignOnServiceBinding())
+			.singleLogoutServiceLocation(getSingleLogoutServiceLocation())
+			.singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
+			.singleLogoutServiceBinding(getSingleLogoutServiceBinding());
+	}
+
 	/**
 	 * An OpenSAML version of
 	 * {@link org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder}

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java

@@ -29,7 +29,19 @@
  *
  * @author Josh Cummings
  * @since 6.1
+ * @deprecated This class no longer is needed in order to transmit the
+ * {@link EntityDescriptor} to {@link OpenSamlAssertingPartyDetails}. Instead of doing:
+ * <pre>
+ * 	if (registration instanceof OpenSamlRelyingPartyRegistration openSamlRegistration) {
+ * 	    EntityDescriptor descriptor = openSamlRegistration.getAssertingPartyDetails.getEntityDescriptor();
+ * 	}
+ * </pre> do instead: <pre>
+ * 	if (registration.getAssertingPartyDetails() instanceof openSamlAssertingPartyDetails) {
+ * 	    EntityDescriptor descriptor = openSamlAssertingPartyDetails.getEntityDescriptor();
+ * 	}
+ * </pre>
  */
+@Deprecated
 public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration {
 
 	OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) {
@@ -47,7 +59,7 @@ public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistra
 	@Override
 	public OpenSamlRelyingPartyRegistration.Builder mutate() {
 		OpenSamlAssertingPartyDetails party = getAssertingPartyDetails();
-		return withAssertingPartyEntityDescriptor(party.getEntityDescriptor()).registrationId(getRegistrationId())
+		return new Builder(party).registrationId(getRegistrationId())
 			.entityId(getEntityId())
 			.signingX509Credentials((c) -> c.addAll(getSigningX509Credentials()))
 			.decryptionX509Credentials((c) -> c.addAll(getDecryptionX509Credentials()))
@@ -57,18 +69,7 @@ public OpenSamlRelyingPartyRegistration.Builder mutate() {
 			.singleLogoutServiceResponseLocation(getSingleLogoutServiceResponseLocation())
 			.singleLogoutServiceBindings((c) -> c.addAll(getSingleLogoutServiceBindings()))
 			.nameIdFormat(getNameIdFormat())
-			.authnRequestsSigned(isAuthnRequestsSigned())
-			.assertingPartyDetails((assertingParty) -> ((OpenSamlAssertingPartyDetails.Builder) assertingParty)
-				.entityId(party.getEntityId())
-				.wantAuthnRequestsSigned(party.getWantAuthnRequestsSigned())
-				.signingAlgorithms((algorithms) -> algorithms.addAll(party.getSigningAlgorithms()))
-				.verificationX509Credentials((c) -> c.addAll(party.getVerificationX509Credentials()))
-				.encryptionX509Credentials((c) -> c.addAll(party.getEncryptionX509Credentials()))
-				.singleSignOnServiceLocation(party.getSingleSignOnServiceLocation())
-				.singleSignOnServiceBinding(party.getSingleSignOnServiceBinding())
-				.singleLogoutServiceLocation(party.getSingleLogoutServiceLocation())
-				.singleLogoutServiceResponseLocation(party.getSingleLogoutServiceResponseLocation())
-				.singleLogoutServiceBinding(party.getSingleLogoutServiceBinding()));
+			.authnRequestsSigned(isAuthnRequestsSigned());
 	}
 
 	/**
@@ -100,6 +101,10 @@ private Builder(EntityDescriptor entityDescriptor) {
 			super(entityDescriptor.getEntityID(), OpenSamlAssertingPartyDetails.withEntityDescriptor(entityDescriptor));
 		}
 
+		Builder(OpenSamlAssertingPartyDetails details) {
+			super(details.getEntityDescriptor().getEntityID(), details.mutate());
+		}
+
 		@Override
 		public Builder registrationId(String id) {
 			return (Builder) super.registrationId(id);

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java

@@ -139,8 +139,7 @@ protected RelyingPartyRegistration(String registrationId, String entityId, Strin
 	 * @since 6.1
 	 */
 	public Builder mutate() {
-		AssertingPartyDetails party = this.assertingPartyDetails;
-		return withRegistrationId(this.registrationId).entityId(this.entityId)
+		return new Builder(this.registrationId, this.assertingPartyDetails.mutate()).entityId(this.entityId)
 			.signingX509Credentials((c) -> c.addAll(this.signingX509Credentials))
 			.decryptionX509Credentials((c) -> c.addAll(this.decryptionX509Credentials))
 			.assertionConsumerServiceLocation(this.assertionConsumerServiceLocation)
@@ -149,17 +148,7 @@ public Builder mutate() {
 			.singleLogoutServiceResponseLocation(this.singleLogoutServiceResponseLocation)
 			.singleLogoutServiceBindings((c) -> c.addAll(this.singleLogoutServiceBindings))
 			.nameIdFormat(this.nameIdFormat)
-			.authnRequestsSigned(this.authnRequestsSigned)
-			.assertingPartyDetails((assertingParty) -> assertingParty.entityId(party.getEntityId())
-				.wantAuthnRequestsSigned(party.getWantAuthnRequestsSigned())
-				.signingAlgorithms((algorithms) -> algorithms.addAll(party.getSigningAlgorithms()))
-				.verificationX509Credentials((c) -> c.addAll(party.getVerificationX509Credentials()))
-				.encryptionX509Credentials((c) -> c.addAll(party.getEncryptionX509Credentials()))
-				.singleSignOnServiceLocation(party.getSingleSignOnServiceLocation())
-				.singleSignOnServiceBinding(party.getSingleSignOnServiceBinding())
-				.singleLogoutServiceLocation(party.getSingleLogoutServiceLocation())
-				.singleLogoutServiceResponseLocation(party.getSingleLogoutServiceResponseLocation())
-				.singleLogoutServiceBinding(party.getSingleLogoutServiceBinding()));
+			.authnRequestsSigned(this.authnRequestsSigned);
 	}
 
 	/**
@@ -346,17 +335,7 @@ public static Builder withRegistrationId(String registrationId) {
 
 	public static Builder withAssertingPartyDetails(AssertingPartyDetails assertingPartyDetails) {
 		Assert.notNull(assertingPartyDetails, "assertingPartyDetails cannot be null");
-		return withRegistrationId(assertingPartyDetails.getEntityId())
-			.assertingPartyDetails((party) -> party.entityId(assertingPartyDetails.getEntityId())
-				.wantAuthnRequestsSigned(assertingPartyDetails.getWantAuthnRequestsSigned())
-				.signingAlgorithms((algorithms) -> algorithms.addAll(assertingPartyDetails.getSigningAlgorithms()))
-				.verificationX509Credentials((c) -> c.addAll(assertingPartyDetails.getVerificationX509Credentials()))
-				.encryptionX509Credentials((c) -> c.addAll(assertingPartyDetails.getEncryptionX509Credentials()))
-				.singleSignOnServiceLocation(assertingPartyDetails.getSingleSignOnServiceLocation())
-				.singleSignOnServiceBinding(assertingPartyDetails.getSingleSignOnServiceBinding())
-				.singleLogoutServiceLocation(assertingPartyDetails.getSingleLogoutServiceLocation())
-				.singleLogoutServiceResponseLocation(assertingPartyDetails.getSingleLogoutServiceResponseLocation())
-				.singleLogoutServiceBinding(assertingPartyDetails.getSingleLogoutServiceBinding()));
+		return new Builder(assertingPartyDetails.getEntityId(), assertingPartyDetails.mutate());
 	}
 
 	/**
@@ -592,6 +571,19 @@ public Saml2MessageBinding getSingleLogoutServiceBinding() {
 			return this.singleLogoutServiceBinding;
 		}
 
+		public AssertingPartyDetails.Builder mutate() {
+			return new AssertingPartyDetails.Builder().entityId(this.entityId)
+				.wantAuthnRequestsSigned(this.wantAuthnRequestsSigned)
+				.signingAlgorithms((algorithms) -> algorithms.addAll(this.signingAlgorithms))
+				.verificationX509Credentials((c) -> c.addAll(this.verificationX509Credentials))
+				.encryptionX509Credentials((c) -> c.addAll(this.encryptionX509Credentials))
+				.singleSignOnServiceLocation(this.singleSignOnServiceLocation)
+				.singleSignOnServiceBinding(this.singleSignOnServiceBinding)
+				.singleLogoutServiceLocation(this.singleLogoutServiceLocation)
+				.singleLogoutServiceResponseLocation(this.singleLogoutServiceResponseLocation)
+				.singleLogoutServiceBinding(this.singleLogoutServiceBinding);
+		}
+
 		public static class Builder {
 
 			private String entityId;