Remove deprecated 'identityprovider' property

Closes gh-30751

Author: mhalbritter

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/security/servlet/ManagementWebSecurityAutoConfigurationTests.java

@@ -144,19 +144,6 @@ void backOffIfSaml2RelyingPartyAutoConfigurationPresent() {
 						.doesNotHaveBean(MANAGEMENT_SECURITY_FILTER_CHAIN_BEAN));
 	}
 
-	@Test
-	@Deprecated
-	void backOffIfSaml2RelyingPartyAutoConfigurationPresentDeprecated() {
-		this.contextRunner.withConfiguration(AutoConfigurations.of(Saml2RelyingPartyAutoConfiguration.class))
-				.withPropertyValues(
-						"spring.security.saml2.relyingparty.registration.simplesamlphp.identityprovider.single-sign-on.url=https://simplesaml-for-spring-saml/SSOService.php",
-						"spring.security.saml2.relyingparty.registration.simplesamlphp.identityprovider.single-sign-on.sign-request=false",
-						"spring.security.saml2.relyingparty.registration.simplesamlphp.identityprovider.entity-id=https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php",
-						"spring.security.saml2.relyingparty.registration.simplesamlphp.identityprovider.verification.credentials[0].certificate-location=classpath:saml/certificate-location")
-				.run((context) -> assertThat(context).doesNotHaveBean(ManagementWebSecurityAutoConfiguration.class)
-						.doesNotHaveBean(MANAGEMENT_SECURITY_FILTER_CHAIN_BEAN));
-	}
-
 	@Test
 	void backOffIfRemoteDevToolsSecurityFilterChainIsPresent() {
 		this.contextRunner.withUserConfiguration(TestRemoteDevToolsSecurityFilterChainConfig.class).run((context) -> {

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyProperties.java

@@ -69,13 +69,6 @@ public static class Registration {
 		 */
 		private final AssertingParty assertingParty = new AssertingParty();
 
-		/**
-		 * Remote SAML Identity Provider.
-		 * @deprecated use {@link #assertingParty}
-		 */
-		@Deprecated
-		private final AssertingParty identityprovider = new AssertingParty();
-
 		public String getEntityId() {
 			return this.entityId;
 		}
@@ -100,16 +93,6 @@ public AssertingParty getAssertingParty() {
 			return this.assertingParty;
 		}
 
-		/**
-		 * Remote SAML Identity Provider.
-		 * @return remote SAML Identity Provider
-		 * @deprecated use {@link #getAssertingParty()}
-		 */
-		@Deprecated
-		public AssertingParty getIdentityprovider() {
-			return this.identityprovider;
-		}
-
 		public static class Acs {
 
 			/**
@@ -299,7 +282,7 @@ public static class Singlesignon {
 			/**
 			 * Whether to sign authentication requests.
 			 */
-			private Boolean signRequest;
+			private boolean signRequest = true;
 
 			public String getUrl() {
 				return this.url;
@@ -321,11 +304,7 @@ public boolean isSignRequest() {
 				return this.signRequest;
 			}
 
-			public Boolean getSignRequest() {
-				return this.signRequest;
-			}
-
-			public void setSignRequest(Boolean signRequest) {
+			public void setSignRequest(boolean signRequest) {
 				this.signRequest = signRequest;
 			}
 

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/saml2/Saml2RelyingPartyRegistrationConfiguration.java

@@ -23,12 +23,8 @@
 import java.util.List;
 import java.util.Map;
 import java.util.function.Consumer;
-import java.util.function.Function;
 import java.util.stream.Collectors;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty;
 import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties.AssertingParty.Verification;
@@ -64,8 +60,6 @@
 @ConditionalOnMissingBean(RelyingPartyRegistrationRepository.class)
 class Saml2RelyingPartyRegistrationConfiguration {
 
-	private static final Log logger = LogFactory.getLog(Saml2RelyingPartyRegistrationConfiguration.class);
-
 	@Bean
 	RelyingPartyRegistrationRepository relyingPartyRegistrationRepository(Saml2RelyingPartyProperties properties) {
 		List<RelyingPartyRegistration> registrations = properties.getRegistration().entrySet().stream()
@@ -78,21 +72,19 @@ private RelyingPartyRegistration asRegistration(Map.Entry<String, Registration>
 	}
 
 	private RelyingPartyRegistration asRegistration(String id, Registration properties) {
-		boolean usingMetadata = StringUtils
-				.hasText(getFromAssertingParty(properties, id, "metadata-uri", AssertingParty::getMetadataUri));
+		boolean usingMetadata = StringUtils.hasText(properties.getAssertingParty().getMetadataUri());
 		Builder builder = (usingMetadata) ? RelyingPartyRegistrations
-				.fromMetadataLocation(
-						getFromAssertingParty(properties, id, "metadata-uri", AssertingParty::getMetadataUri))
-				.registrationId(id) : RelyingPartyRegistration.withRegistrationId(id);
+				.fromMetadataLocation(properties.getAssertingParty().getMetadataUri()).registrationId(id)
+				: RelyingPartyRegistration.withRegistrationId(id);
 		builder.assertionConsumerServiceLocation(properties.getAcs().getLocation());
 		builder.assertionConsumerServiceBinding(properties.getAcs().getBinding());
-		builder.assertingPartyDetails(mapAssertingParty(properties, id, usingMetadata));
+		builder.assertingPartyDetails(mapAssertingParty(properties.getAssertingParty(), usingMetadata));
 		builder.signingX509Credentials((credentials) -> properties.getSigning().getCredentials().stream()
 				.map(this::asSigningCredential).forEach(credentials::add));
 		builder.decryptionX509Credentials((credentials) -> properties.getDecryption().getCredentials().stream()
 				.map(this::asDecryptionCredential).forEach(credentials::add));
-		builder.assertingPartyDetails((details) -> details.verificationX509Credentials(
-				(credentials) -> getFromAssertingParty(properties, id, "verification", AssertingParty::getVerification)
+		builder.assertingPartyDetails((details) -> details
+				.verificationX509Credentials((credentials) -> properties.getAssertingParty().getVerification()
 						.getCredentials().stream().map(this::asVerificationCredential).forEach(credentials::add)));
 		builder.entityId(properties.getEntityId());
 		RelyingPartyRegistration registration = builder.build();
@@ -101,35 +93,14 @@ private RelyingPartyRegistration asRegistration(String id, Registration properti
 		return registration;
 	}
 
-	@SuppressWarnings("deprecation")
-	private <T> T getFromAssertingParty(Registration registration, String id, String name,
-			Function<AssertingParty, T> getter) {
-		T newValue = getter.apply(registration.getAssertingParty());
-		if (newValue != null) {
-			return newValue;
-		}
-		T deprecatedValue = getter.apply(registration.getIdentityprovider());
-		if (deprecatedValue != null) {
-			logger.warn(String.format(
-					"Property 'spring.security.saml2.relyingparty.registration.identityprovider.%1$s.%2$s' is deprecated, please use 'spring.security.saml2.relyingparty.registration.asserting-party.%1$s.%2$s' instead",
-					id, name));
-			return deprecatedValue;
-		}
-		return newValue;
-	}
-
-	private Consumer<AssertingPartyDetails.Builder> mapAssertingParty(Registration registration, String id,
+	private Consumer<AssertingPartyDetails.Builder> mapAssertingParty(AssertingParty assertingParty,
 			boolean usingMetadata) {
 		PropertyMapper map = PropertyMapper.get().alwaysApplyingWhenNonNull();
 		return (details) -> {
-			map.from(() -> getFromAssertingParty(registration, id, "entity-id", AssertingParty::getEntityId))
-					.to(details::entityId);
-			map.from(() -> getFromAssertingParty(registration, id, "singlesignon.binding",
-					(property) -> property.getSinglesignon().getBinding())).to(details::singleSignOnServiceBinding);
-			map.from(() -> getFromAssertingParty(registration, id, "singlesignon.url",
-					(property) -> property.getSinglesignon().getUrl())).to(details::singleSignOnServiceLocation);
-			map.from(() -> getFromAssertingParty(registration, id, "singlesignon.sign-request",
-					(property) -> property.getSinglesignon().getSignRequest())).when((ignored) -> !usingMetadata)
+			map.from(assertingParty::getEntityId).to(details::entityId);
+			map.from(assertingParty.getSinglesignon()::getBinding).to(details::singleSignOnServiceBinding);
+			map.from(assertingParty.getSinglesignon()::getUrl).to(details::singleSignOnServiceLocation);
+			map.from(assertingParty.getSinglesignon()::isSignRequest).when((signRequest) -> !usingMetadata)
 					.to(details::wantAuthnRequestsSigned);
 		};
 	}