Expected Behavior I intend to add a request parameter when initiating login on the Service Provider (SP) and process it after receiving the Identity Provider (IdP) response.
<!--- Tell us how it should work -->
Current Behavior My application currently utilizes the approach described in this Stack Overflow topic: [Stack Overflow Link]. I have this endpoint in my application:
@GetMapping("/saml/{companySlug}/course/{courseCode}")
public String courseRedirect(@PathVariable("companySlug") String companySlug, @PathVariable("courseCode") String courseCode) {
Company company = companyRepository.findSAMLBySlug(companySlug).orElseThrow(NotFoundException::new);
return String.format("redirect:/saml/login?idp=%s&urlAfterLogin=%s/sso?courseCode=%s", company.getIdpUrl(), "http://localhost:8080/", courseCode);
}
and a SAMLEntryPoint extension with request.getParameter("urlAfterLogin"). However, when attempting to recreate the same behavior with with a new implementation of AuthenticationEntryPoint, even with additions to WebSecurityConfigurerAdapter, it was not successful. This includes the following code snippet:
http
.exceptionHandling(exception -> exception
.authenticationEntryPoint(entryPoint()))
There is no setRelayStateResolver(this::resolveCustomRelayState) in OpenSaml4AuthenticationRequestResolver.
resolve() method of Interface Saml2AuthenticationRequestResolver has return type T extends AbstractSaml2AuthenticationRequest and AbstractSaml2AuthenticationRequest is not eligible for inheritance outside package has default scope on constructor.
I tried to follow the first suggestion in this issue: https://github.com/spring-projects/spring-security/issues/11065
And make my Saml2AuthenticationRequestRepository implementation