Spring Security Inconsistent default binding in saml2-service-provider

Describe the bug Default binding in RelyingPartyRegistration is Redirect. Though it's not propagated down to OpenSamlAuthenticationRequestFactory which has it's own default binding POST

https://github.com/spring-projects/spring-security/blob/master/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationRequestFactory.java#L44 OpenSamlAuthenticationRequestFactory also uses the same binding (POST) for both createPostAuthenticationRequest and createRedirectAuthenticationRequest.

This leads to an inconsistent behavior and doesn't work e.g. with PingID as generated SAMLRequest wants POST binding, sent using Redirect, though SP configured to use only HTTP-Redirect.

SAML Request:

<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://example/login/saml2/sso/example" Destination="https://sso.example.com/idp/SSO.saml2" ForceAuthn="false" ID="ARQ3c6995d-cf5b-4100-9963-e504b6d932ba" IsPassive="false" IssueInstant="2020-06-08T09:10:52.291Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0">
    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://example.com/saml2/service-provider-metadata/example</saml2:Issuer>
</saml2p:AuthnRequest>

SAMLResponse

<samlp:Response Version="2.0" ID="" IssueInstant="2020-06-08T09:10:57.311Z" InResponseTo="" Destination="https://example/login/saml2/sso/example" 
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">sso.example.com</saml:Issuer>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester"/>
        <samlp:StatusMessage>ProtocolBinding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST disallowed for transport of SSO response.</samlp:StatusMessage>
    </samlp:Status>
</samlp:Response>

Expected behavior * Consistent default binding to be either Redirect or POST * Binding defined in RelyingPartyRegistration should be propagated to OpenSamlAuthenticationRequestFactory

Workaround Replace OpenSamlAuthenticationRequestFactory in classpath with custom one with same default binding as in RelyingPartyRegistration.