Skip to content

Commit 9632513

Browse files
jzheauxjzheaux
committed
Replace Apache Commons Base64 Decoding
Issue gh-10923
1 parent ee061f3 commit 9632513

File tree

4 files changed

+14
-15
lines changed

4 files changed

+14
-15
lines changed

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -253,7 +253,7 @@ public void authenticateWhenCustomAuthenticationConverterBeanThenUses() throws E
253253
public void authenticateWithInvalidDeflatedSAMLResponseThenFailureHandlerUses() throws Exception {
254254
this.spring.register(CustomAuthenticationFailureHandler.class).autowire();
255255
byte[] invalidDeflated = "invalid".getBytes();
256-
String encoded = Saml2Utils.samlEncode(invalidDeflated);
256+
String encoded = Saml2Utils.samlEncodeNotRfc2045(invalidDeflated);
257257
MockHttpServletRequestBuilder request = get("/login/saml2/sso/registration-id").queryParam("SAMLResponse",
258258
encoded);
259259
this.mvc.perform(request);

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Utils.java

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,31 +19,28 @@
1919
import java.io.ByteArrayOutputStream;
2020
import java.io.IOException;
2121
import java.nio.charset.StandardCharsets;
22+
import java.util.Base64;
2223
import java.util.zip.Deflater;
2324
import java.util.zip.DeflaterOutputStream;
2425
import java.util.zip.Inflater;
2526
import java.util.zip.InflaterOutputStream;
2627

27-
import org.apache.commons.codec.binary.Base64;
28-
2928
import org.springframework.security.saml2.Saml2Exception;
3029

3130
/**
3231
* @since 5.3
3332
*/
3433
final class Saml2Utils {
3534

36-
private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
37-
3835
private Saml2Utils() {
3936
}
4037

4138
static String samlEncode(byte[] b) {
42-
return BASE64.encodeAsString(b);
39+
return Base64.getMimeEncoder().encodeToString(b);
4340
}
4441

4542
static byte[] samlDecode(String s) {
46-
return BASE64.decode(s);
43+
return Base64.getMimeDecoder().decode(s);
4744
}
4845

4946
static byte[] samlDeflate(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/Saml2Utils.java

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,28 +19,30 @@
1919
import java.io.ByteArrayOutputStream;
2020
import java.io.IOException;
2121
import java.nio.charset.StandardCharsets;
22+
import java.util.Base64;
2223
import java.util.zip.Deflater;
2324
import java.util.zip.DeflaterOutputStream;
2425
import java.util.zip.Inflater;
2526
import java.util.zip.InflaterOutputStream;
2627

27-
import org.apache.commons.codec.binary.Base64;
28-
2928
import org.springframework.security.saml2.Saml2Exception;
3029

3130
public final class Saml2Utils {
3231

33-
private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
34-
3532
private Saml2Utils() {
3633
}
3734

35+
@Deprecated
36+
public static String samlEncodeNotRfc2045(byte[] b) {
37+
return Base64.getEncoder().encodeToString(b);
38+
}
39+
3840
public static String samlEncode(byte[] b) {
39-
return BASE64.encodeAsString(b);
41+
return Base64.getMimeEncoder().encodeToString(b);
4042
}
4143

4244
public static byte[] samlDecode(String s) {
43-
return BASE64.decode(s);
45+
return Base64.getMimeDecoder().decode(s);
4446
}
4547

4648
public static byte[] samlDeflate(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ public void convertWhenSamlResponseThenToken() {
6464
.willReturn(this.relyingPartyRegistration);
6565
MockHttpServletRequest request = new MockHttpServletRequest();
6666
request.setParameter(Saml2ParameterNames.SAML_RESPONSE,
67-
Saml2Utils.samlEncode("response".getBytes(StandardCharsets.UTF_8)));
67+
Saml2Utils.samlEncodeNotRfc2045("response".getBytes(StandardCharsets.UTF_8)));
6868
Saml2AuthenticationToken token = converter.convert(request);
6969
assertThat(token.getSaml2Response()).isEqualTo("response");
7070
assertThat(token.getRelyingPartyRegistration().getRegistrationId())
@@ -115,7 +115,7 @@ public void convertWhenGetRequestThenInflates() {
115115
MockHttpServletRequest request = new MockHttpServletRequest();
116116
request.setMethod("GET");
117117
byte[] deflated = Saml2Utils.samlDeflate("response");
118-
String encoded = Saml2Utils.samlEncode(deflated);
118+
String encoded = Saml2Utils.samlEncodeNotRfc2045(deflated);
119119
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, encoded);
120120
Saml2AuthenticationToken token = converter.convert(request);
121121
assertThat(token.getSaml2Response()).isEqualTo("response");

0 commit comments

Comments
 (0)