Updated config

src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java

@@ -8,11 +8,14 @@ import java.security.PrivateKey;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.UUID;
 
 import org.bouncycastle.util.io.pem.PemReader;
+import org.opensaml.saml.common.SAMLVersion;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
+import org.opensaml.saml.saml2.core.AuthnRequest;
 import org.opensaml.saml.saml2.core.RequestedAuthnContext;
 import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
 import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
@@ -256,30 +259,35 @@ public class SecurityConfig {
         return new InMemoryRelyingPartyRegistrationRepository(registration);
     }
     
+
 @Bean
 public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
     RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
     OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
 
-        // Customize and log the AuthnRequest after setting the context
     authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
-            context.getAuthnRequest().setRequestedAuthnContext(buildRequestedAuthnContext());
+        // Set the required attributes
+        AuthnRequest authnRequest = context.getAuthnRequest();
+        authnRequest.setID("_" + UUID.randomUUID().toString()); // Add a unique ID
+        authnRequest.setVersion(SAMLVersion.VERSION_20); // Ensure version is 2.0
+        authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI); // HTTP-POST
 
-            // Log the SAML AuthnRequest after setting the authentication context
-            String samlRequest = SamlRequestLogger.convertSAMLObjectToString(context.getAuthnRequest());
+        // Set Authentication Context
+        authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
+
+        // Log the SAML AuthnRequest after setting context
+        String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
         logger.info("SAML AuthnRequest after setting context: " + samlRequest);
     });
 
     return authenticationRequestResolver;
 }
 
-
 private RequestedAuthnContext buildRequestedAuthnContext() {
     AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
     AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
         SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
     );
-        
     // Set the SPID Level 2 authentication context
     authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
 
@@ -291,7 +299,6 @@ public class SecurityConfig {
     return requestedAuthnContext;
 }
     
-    
     public PrivateKey readPrivateKey() throws Exception {
         // Path to your private key PEM file
         try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) {