OpenSamlImplementation is a package-private Spring Security class that exists to remove some of the boilerplate needed to configure and work with OpenSAML.
In effect, it does four things:
- Bootstraps OpenSAML with reasonable defaults
- Builds OpenSAML
XMLObjects - Marshals OpenSAML
XMLObjects - Unmarshals OpenSAML
XMLObjects
While it was convenient to have in the early stages of creating saml2-service-provider, there's value in breaking it up into its individual components.
- [x] - OpenSAML should get initialized as part of container lifecycle - #8772
- [x] -
OpenSamlAuthenticationProvidershould use OpenSAML directly - #8773 - [x] -
OpenSamlAuthenticationRequestFactoryshould use OpenSAML directly - #8774
The above plan requires minimal code duplication as the authentication provider is largely unmarshalling objects while the authentication request factory is marshalling them. Additionally, the marshalling support in OpenSamlImplementation is largely specific to AuthnRequest.