This was a bit of a hassle, because the properties-migrator can't be used for map-based types, which the identityprovider is (see https://github.com/spring-projects/spring-boot/issues/9945). I had to write codepaths for both the old and the new property names, and a warning is logged if the old one is used. I adjusted the tests to test with both the old and the new names.
I had to change private boolean signRequest = true; to private Boolean signRequest; to get the fallback working. This doesn't make a difference, because this only gets applied if != null. And the default in Spring Security is true for that field (see org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails.Builder#wantAuthnRequestsSigned).
Closes gh-30642