Skip to content

RelyingPartyRegistration Credentials Should Be Split by Party #8788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Jul 1, 2020 · 0 comments
Closed

RelyingPartyRegistration Credentials Should Be Split by Party #8788

jzheaux opened this issue Jul 1, 2020 · 0 comments
Assignees
@jzheaux
Labels
in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
Milestone
5.4.0-RC1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jul 1, 2020

Initially, RelyingPartyRegistration held both relying party and asserting party details together.

In 5.3, the asserting party details were split out into an inner class, similar to ClientRegistration.

The relying party and asserting party credentials are still listed together, and they need to be split as well in order to complete the refactor.

Generally speaking, an instance of RelyingPartyRegistration will have the asserting party's verification and encryption credentials. This allows the relying party to verify assertions and encrypt authentication requests, for example.

As such, it would make sense for RelyingPartyRegistration.ProviderDetails to hold the verification and encryption credentials while RelyingPartyRegistration continues to hold the signing and decryption credentials.

To maintain backward compatibility, it will be necessary in the builder to copy into ProviderDetails any verification or encryption credentials specified in RelyingPartyRegistration and vice-versa.
@jzheaux jzheaux added type: enhancement A general enhancement in: saml2 An issue in SAML2 modules labels Jul 1, 2020
@jzheaux jzheaux added this to the 5.4.0-RC1 milestone Jul 1, 2020
@jzheaux jzheaux self-assigned this Jul 1, 2020
jzheaux added a commit to jzheaux/spring-security that referenced this issue Jul 3, 2020
@jzheaux
Separate RP and AP credentials
4713aec 
Closes spring-projectsgh-8788
jzheaux added a commit to jzheaux/spring-security that referenced this issue Jul 3, 2020
@jzheaux
Polish SAML 2.0 Credential Usage
526c84f 
Issue spring-projectsgh-8788
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
Projects
None yet
Milestone
5.4.0-RC1
Development

No branches or pull requests
1 participant
@jzheaux