Skip to content

Commit 040a28a

Browse files
jzheauxjzheaux
committed
Replace Apache Commons Base64 Decoding
Issue gh-10923
1 parent 0ae6e6e commit 040a28a

File tree

4 files changed

+15
-15
lines changed

4 files changed

+15
-15
lines changed

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,7 @@ public void authenticateWhenCustomAuthenticationConverterThenUses() throws Excep
223223
public void authenticateWithInvalidDeflatedSAMLResponseThenFailureHandlerUses() throws Exception {
224224
this.spring.register(CustomAuthenticationFailureHandler.class).autowire();
225225
byte[] invalidDeflated = "invalid".getBytes();
226-
String encoded = Saml2Utils.samlEncode(invalidDeflated);
226+
String encoded = Saml2Utils.samlEncodeNotRfc2045(invalidDeflated);
227227
MockHttpServletRequestBuilder request = get("/login/saml2/sso/registration-id").queryParam("SAMLResponse",
228228
encoded);
229229
this.mvc.perform(request);

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Utils.java

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,31 +19,28 @@
1919
import java.io.ByteArrayOutputStream;
2020
import java.io.IOException;
2121
import java.nio.charset.StandardCharsets;
22+
import java.util.Base64;
2223
import java.util.zip.Deflater;
2324
import java.util.zip.DeflaterOutputStream;
2425
import java.util.zip.Inflater;
2526
import java.util.zip.InflaterOutputStream;
2627

27-
import org.apache.commons.codec.binary.Base64;
28-
2928
import org.springframework.security.saml2.Saml2Exception;
3029

3130
/**
3231
* @since 5.3
3332
*/
3433
final class Saml2Utils {
3534

36-
private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
37-
3835
private Saml2Utils() {
3936
}
4037

4138
static String samlEncode(byte[] b) {
42-
return BASE64.encodeAsString(b);
39+
return Base64.getMimeEncoder().encodeToString(b);
4340
}
4441

4542
static byte[] samlDecode(String s) {
46-
return BASE64.decode(s);
43+
return Base64.getMimeDecoder().decode(s);
4744
}
4845

4946
static byte[] samlDeflate(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/Saml2Utils.java

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,28 +19,30 @@
1919
import java.io.ByteArrayOutputStream;
2020
import java.io.IOException;
2121
import java.nio.charset.StandardCharsets;
22+
import java.util.Base64;
2223
import java.util.zip.Deflater;
2324
import java.util.zip.DeflaterOutputStream;
2425
import java.util.zip.Inflater;
2526
import java.util.zip.InflaterOutputStream;
2627

27-
import org.apache.commons.codec.binary.Base64;
28-
2928
import org.springframework.security.saml2.Saml2Exception;
3029

3130
public final class Saml2Utils {
3231

33-
private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
34-
3532
private Saml2Utils() {
3633
}
3734

35+
@Deprecated
36+
public static String samlEncodeNotRfc2045(byte[] b) {
37+
return Base64.getEncoder().encodeToString(b);
38+
}
39+
3840
public static String samlEncode(byte[] b) {
39-
return BASE64.encodeAsString(b);
41+
return Base64.getMimeEncoder().encodeToString(b);
4042
}
4143

4244
public static byte[] samlDecode(String s) {
43-
return BASE64.decode(s);
45+
return Base64.getMimeDecoder().decode(s);
4446
}
4547

4648
public static byte[] samlDeflate(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,8 @@ public void convertWhenSamlResponseThenToken() {
6060
given(this.relyingPartyRegistrationResolver.convert(any(HttpServletRequest.class)))
6161
.willReturn(this.relyingPartyRegistration);
6262
MockHttpServletRequest request = new MockHttpServletRequest();
63-
request.setParameter("SAMLResponse", Saml2Utils.samlEncode("response".getBytes(StandardCharsets.UTF_8)));
63+
request.setParameter("SAMLResponse",
64+
Saml2Utils.samlEncodeNotRfc2045("response".getBytes(StandardCharsets.UTF_8)));
6465
Saml2AuthenticationToken token = converter.convert(request);
6566
assertThat(token.getSaml2Response()).isEqualTo("response");
6667
assertThat(token.getRelyingPartyRegistration().getRegistrationId())
@@ -111,7 +112,7 @@ public void convertWhenGetRequestThenInflates() {
111112
MockHttpServletRequest request = new MockHttpServletRequest();
112113
request.setMethod("GET");
113114
byte[] deflated = Saml2Utils.samlDeflate("response");
114-
String encoded = Saml2Utils.samlEncode(deflated);
115+
String encoded = Saml2Utils.samlEncodeNotRfc2045(deflated);
115116
request.setParameter("SAMLResponse", encoded);
116117
Saml2AuthenticationToken token = converter.convert(request);
117118
assertThat(token.getSaml2Response()).isEqualTo("response");

0 commit comments

Comments
 (0)