diff --git a/saml2/package-info.java b/saml2/package-info.java new file mode 100644 index 00000000000..ec90e68b0c0 --- /dev/null +++ b/saml2/package-info.java @@ -0,0 +1,22 @@ +/* + * Copyright 2004-present the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Core Spring Security SAML 2.0 abstractions. + */ +@NullMarked +package org.springframework.security.saml2; + +import org.jspecify.annotations.NullMarked; diff --git a/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle b/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle index 39c3e34dc72..c254ecba752 100644 --- a/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle +++ b/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle @@ -1,6 +1,4 @@ plugins { - id 'compile-warnings-error' - id 'javadoc-warnings-error' id 'security-nullability' } @@ -138,6 +136,10 @@ javadoc { source = sourceSets.main.allJava + sourceSets.opensaml5Main.allJava } +tasks.named("compileJava") { + options.nullability.checking = "main" +} + tasks.named("compileOpensaml5MainJava") { options.nullability.checking = "main" } diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/package-info.java index 57a849a6c35..c73b842ddf2 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Core SAML2 types and utilities. + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.core; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/internal/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/internal/package-info.java index 793434d7822..0c025f7ac47 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/internal/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/internal/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Internal utilities for SAML2 support (not for public use). + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.internal; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/jackson/.LCKpackage-info.java~ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/jackson/.LCKpackage-info.java~ new file mode 100644 index 00000000000..25359e7b23f --- /dev/null +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/jackson/.LCKpackage-info.java~ @@ -0,0 +1 @@ +/home/soumik-sarker/spring-security/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/jackson/package-info.java \ No newline at end of file diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticatedPrincipal.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticatedPrincipal.java index 77193e1bec8..3d49c0521f1 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticatedPrincipal.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticatedPrincipal.java @@ -20,8 +20,7 @@ import java.util.List; import java.util.Map; -import org.jspecify.annotations.NullUnmarked; - +import org.jspecify.annotations.Nullable; import org.springframework.security.core.AuthenticatedPrincipal; import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration; import org.springframework.util.CollectionUtils; @@ -76,6 +75,7 @@ default Map> getAttributes() { * @return the {@link RelyingPartyRegistration} identifier * @since 5.6 */ + @Nullable default String getRelyingPartyRegistrationId() { return null; } diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/package-info.java index 937e85e33da..5e301b025ac 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Internal utilities for SAML2 support (not for public use). + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.provider.service.authentication.logout; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/package-info.java index 125aecf6736..568b5ebf8ab 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Internal utilities for SAML2 support (not for public use). + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.provider.service.authentication; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/package-info.java index bf7f96700e0..18ae781dba0 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/metadata/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Internal utilities for SAML2 support (not for public use). + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.provider.service.metadata; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/package-info.java new file mode 100644 index 00000000000..582f798f1e7 --- /dev/null +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/package-info.java @@ -0,0 +1,22 @@ +/* + * Copyright 2004-present the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Core Spring Security SAML 2.0 abstractions. + */ +@NullMarked +package org.springframework.security.saml2.provider.service; + +import org.jspecify.annotations.NullMarked; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/BaseOpenSamlAssertingPartyMetadataRepository.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/BaseOpenSamlAssertingPartyMetadataRepository.java index 5a5abbeb984..f8f3bd5b103 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/BaseOpenSamlAssertingPartyMetadataRepository.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/BaseOpenSamlAssertingPartyMetadataRepository.java @@ -31,7 +31,7 @@ import org.opensaml.saml.metadata.resolver.index.impl.RoleMetadataIndex; import org.opensaml.saml.saml2.metadata.EntityDescriptor; import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; - +import org.springframework.lang.NonNull; import org.springframework.security.saml2.Saml2Exception; import org.springframework.security.saml2.core.OpenSamlInitializationService; import org.springframework.util.Assert; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/package-info.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/package-info.java index 3cd7b379908..0a0bc2a0718 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/package-info.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/package-info.java @@ -13,9 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - /** - * Internal utilities for SAML2 support (not for public use). + * Core Spring Security SAML 2.0 abstractions. */ @NullMarked package org.springframework.security.saml2.provider.service.registration; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/BaseOpenSamlAuthenticationTokenConverter.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/BaseOpenSamlAuthenticationTokenConverter.java index 1c6af54bbce..04f6d575415 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/BaseOpenSamlAuthenticationTokenConverter.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/BaseOpenSamlAuthenticationTokenConverter.java @@ -16,15 +16,10 @@ package org.springframework.security.saml2.provider.service.web; -import java.util.Objects; - -import jakarta.servlet.http.HttpServletRequest; -import org.jspecify.annotations.Nullable; -import org.opensaml.core.xml.schema.XSString; -import org.opensaml.saml.saml2.core.Issuer; import org.opensaml.saml.saml2.core.Response; - import org.springframework.http.HttpMethod; + +import org.jspecify.annotations.Nullable; import org.springframework.security.saml2.core.OpenSamlInitializationService; import org.springframework.security.saml2.core.Saml2Error; import org.springframework.security.saml2.core.Saml2ParameterNames; @@ -35,11 +30,12 @@ import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationPlaceholderResolvers.UriResolver; import org.springframework.security.web.authentication.AuthenticationConverter; +import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern; import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern; +import jakarta.servlet.http.HttpServletRequest; final class BaseOpenSamlAuthenticationTokenConverter implements AuthenticationConverter { @@ -96,8 +92,14 @@ final class BaseOpenSamlAuthenticationTokenConverter implements AuthenticationCo * @throws Saml2AuthenticationException if the {@link RequestMatcher} specifies a * non-existent {@code registrationId} */ + @Override +<<<<<<< HEAD public @Nullable Saml2AuthenticationToken convert(HttpServletRequest request) { +======= + @Nullable + public Saml2AuthenticationToken convert(HttpServletRequest request) { +>>>>>>> 46ffe65384 (Added nullable) String serialized = request.getParameter(Saml2ParameterNames.SAML_RESPONSE); if (serialized == null) { return null; @@ -115,8 +117,9 @@ final class BaseOpenSamlAuthenticationTokenConverter implements AuthenticationCo } return token; } - - private @Nullable Saml2AuthenticationToken tokenByAuthenticationRequest(HttpServletRequest request) { + + @Nullable + private Saml2AuthenticationToken tokenByAuthenticationRequest(HttpServletRequest request) { AbstractSaml2AuthenticationRequest authenticationRequest = this.authenticationRequests .loadAuthenticationRequest(request); if (authenticationRequest == null) { @@ -129,8 +132,9 @@ final class BaseOpenSamlAuthenticationTokenConverter implements AuthenticationCo RelyingPartyRegistration registration = this.registrations.findByRegistrationId(registrationId); return tokenByRegistration(request, registration, authenticationRequest); } - - private @Nullable Saml2AuthenticationToken tokenByRegistrationId(HttpServletRequest request, + + @Nullable + private Saml2AuthenticationToken tokenByRegistrationId(HttpServletRequest request, RequestMatcher.MatchResult result) { String registrationId = result.getVariables().get("registrationId"); if (registrationId == null) { @@ -140,21 +144,18 @@ final class BaseOpenSamlAuthenticationTokenConverter implements AuthenticationCo return tokenByRegistration(request, registration, null); } - private @Nullable Saml2AuthenticationToken tokenByEntityId(HttpServletRequest request) { - String decoded = decode(request); - if (decoded == null) { - return null; - } - Response response = this.saml.deserialize(decoded); - Issuer issuer = response.getIssuer(); - Assert.notNull(issuer, "Response#Issuer cannot be null"); - RelyingPartyRegistration registration = this.registrations.findUniqueByAssertingPartyEntityId(getValue(issuer)); + @Nullable + private Saml2AuthenticationToken tokenByEntityId(HttpServletRequest request) { + Response response = this.saml.deserialize(decode(request)); + String issuer = response.getIssuer().getValue(); + RelyingPartyRegistration registration = this.registrations.findUniqueByAssertingPartyEntityId(issuer); return tokenByRegistration(request, registration, null); } - private @Nullable Saml2AuthenticationToken tokenByRegistration(HttpServletRequest request, - @Nullable RelyingPartyRegistration registration, - @Nullable AbstractSaml2AuthenticationRequest authenticationRequest) { + @Nullable + private Saml2AuthenticationToken tokenByRegistration(HttpServletRequest request, + @Nullable RelyingPartyRegistration registration, + @Nulable AbstractSaml2AuthenticationRequest authenticationRequest) { if (registration == null) { return null; } @@ -205,7 +206,8 @@ void setShouldConvertGetRequests(boolean shouldConvertGetRequests) { this.shouldConvertGetRequests = shouldConvertGetRequests; } - private @Nullable String decode(HttpServletRequest request) { + @Nullable + private String decode(HttpServletRequest request) { String encoded = request.getParameter(Saml2ParameterNames.SAML_RESPONSE); boolean isGet = HttpMethod.GET.matches(request.getMethod()); if (!this.shouldConvertGetRequests && isGet) { diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java index c53f7004d4d..39ff55086af 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java @@ -16,16 +16,16 @@ package org.springframework.security.saml2.provider.service.web; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.jspecify.annotations.Nullable; - import org.springframework.cache.Cache; import org.springframework.cache.concurrent.ConcurrentMapCache; import org.springframework.security.saml2.core.Saml2ParameterNames; import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; import org.springframework.util.Assert; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + /** * A cache-based {@link Saml2AuthenticationRequestRepository}. This can be handy when you * are dropping requests due to using SameSite=Strict and the previous session is lost. @@ -44,7 +44,8 @@ public final class CacheSaml2AuthenticationRequestRepository private Cache cache = new ConcurrentMapCache("authentication-requests"); @Override - public @Nullable AbstractSaml2AuthenticationRequest loadAuthenticationRequest(HttpServletRequest request) { + @Nullable + public AbstractSaml2AuthenticationRequest loadAuthenticationRequest(HttpServletRequest request) { String relayState = request.getParameter(Saml2ParameterNames.RELAY_STATE); Assert.notNull(relayState, "relayState must not be null"); return this.cache.get(relayState, AbstractSaml2AuthenticationRequest.class); @@ -60,7 +61,8 @@ public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest authent } @Override - public @Nullable AbstractSaml2AuthenticationRequest removeAuthenticationRequest(HttpServletRequest request, + @Nullable + public AbstractSaml2AuthenticationRequest removeAuthenticationRequest(HttpServletRequest request, HttpServletResponse response) { String relayState = request.getParameter(Saml2ParameterNames.RELAY_STATE); Assert.notNull(relayState, "relayState must not be null"); diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java index 3e28f4ca2da..fbe32934bab 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java @@ -17,13 +17,11 @@ package org.springframework.security.saml2.provider.service.web; import java.util.Map; -import java.util.Objects; +import java.util.regex.MatchResult; -import jakarta.servlet.http.HttpServletRequest; +import org.jspecify.annotations.Nullable; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.jspecify.annotations.Nullable; - import org.springframework.core.convert.converter.Converter; import org.springframework.http.server.PathContainer; import org.springframework.http.server.RequestPath; @@ -33,6 +31,8 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; +import jakarta.servlet.http.HttpServletRequest; + /** * A {@link Converter} that resolves a {@link RelyingPartyRegistration} by extracting the * registration id from the request, querying a @@ -78,7 +78,8 @@ public DefaultRelyingPartyRegistrationResolver( * {@inheritDoc} */ @Override - public @Nullable RelyingPartyRegistration convert(HttpServletRequest request) { + @Nullable + public RelyingPartyRegistration convert(HttpServletRequest request) { return resolve(request, null); } @@ -86,7 +87,8 @@ public DefaultRelyingPartyRegistrationResolver( * {@inheritDoc} */ @Override - public @Nullable RelyingPartyRegistration resolve(HttpServletRequest request, + @Nullable + public RelyingPartyRegistration resolve(HttpServletRequest request, @Nullable String relyingPartyRegistrationId) { if (relyingPartyRegistrationId == null) { if (this.logger.isTraceEnabled()) { diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java index 087ade40f23..01c9ee166a9 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java @@ -16,13 +16,14 @@ package org.springframework.security.saml2.provider.service.web; +import org.jspecify.annotations.Nullable; +import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; + import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpSession; import org.jspecify.annotations.Nullable; -import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; - /** * A {@link Saml2AuthenticationRequestRepository} implementation that uses * {@link HttpSession} to store and retrieve the @@ -41,7 +42,8 @@ public class HttpSessionSaml2AuthenticationRequestRepository private String saml2AuthnRequestAttributeName = DEFAULT_SAML2_AUTHN_REQUEST_ATTR_NAME; @Override - public @Nullable AbstractSaml2AuthenticationRequest loadAuthenticationRequest(HttpServletRequest request) { + @Nullable + public AbstractSaml2AuthenticationRequest loadAuthenticationRequest(HttpServletRequest request) { HttpSession httpSession = request.getSession(false); if (httpSession == null) { return null; @@ -50,7 +52,7 @@ public class HttpSessionSaml2AuthenticationRequestRepository } @Override - public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest authenticationRequest, + public void saveAuthenticationRequest(@Nullable AbstractSaml2AuthenticationRequest authenticationRequest, HttpServletRequest request, HttpServletResponse response) { if (authenticationRequest == null) { removeAuthenticationRequest(request, response); @@ -61,7 +63,8 @@ public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest authent } @Override - public @Nullable AbstractSaml2AuthenticationRequest removeAuthenticationRequest(HttpServletRequest request, + @Nullable + public AbstractSaml2AuthenticationRequest removeAuthenticationRequest(HttpServletRequest request, HttpServletResponse response) { AbstractSaml2AuthenticationRequest authenticationRequest = loadAuthenticationRequest(request); if (authenticationRequest == null) { diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java index b9219c076f2..c7a510ed572 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java @@ -16,12 +16,13 @@ package org.springframework.security.saml2.provider.service.web; +import org.jspecify.annotations.Nullable; +import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; + import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.jspecify.annotations.Nullable; -import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest; - /** * A repository for {@link AbstractSaml2AuthenticationRequest} * @@ -37,7 +38,8 @@ public interface Saml2AuthenticationRequestRepository