Skip to content

Commit d0da160

Browse files
junytsejzheaux
junytse
authored and
jzheaux
committed
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
1 parent 4caf53e commit d0da160

File tree

7 files changed

+8
-13
lines changed

7 files changed

+8
-13
lines changed

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -307,7 +307,7 @@ public void authenticateWhenCustomAuthenticationConverterBeanThenUses() throws E
307307
public void authenticateWithInvalidDeflatedSAMLResponseThenFailureHandlerUses() throws Exception {
308308
this.spring.register(CustomAuthenticationFailureHandler.class).autowire();
309309
byte[] invalidDeflated = "invalid".getBytes();
310-
String encoded = Saml2Utils.samlEncodeNotRfc2045(invalidDeflated);
310+
String encoded = Saml2Utils.samlEncode(invalidDeflated);
311311
MockHttpServletRequestBuilder request = get("/login/saml2/sso/registration-id").queryParam("SAMLResponse",
312312
encoded);
313313
this.mvc.perform(request);

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Utils.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ private Saml2Utils() {
3636
}
3737

3838
static String samlEncode(byte[] b) {
39-
return Base64.getMimeEncoder().encodeToString(b);
39+
return Base64.getEncoder().encodeToString(b);
4040
}
4141

4242
static byte[] samlDecode(String s) {

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/Saml2Utils.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ private Saml2Utils() {
4040
}
4141

4242
static String samlEncode(byte[] b) {
43-
return Base64.getMimeEncoder().encodeToString(b);
43+
return Base64.getEncoder().encodeToString(b);
4444
}
4545

4646
static byte[] samlDecode(String s) {

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/Saml2Utils.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ private Saml2Utils() {
4040
}
4141

4242
static String samlEncode(byte[] b) {
43-
return Base64.getMimeEncoder().encodeToString(b);
43+
return Base64.getEncoder().encodeToString(b);
4444
}
4545

4646
static byte[] samlDecode(String s) {

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2Utils.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ private Saml2Utils() {
4040
}
4141

4242
static String samlEncode(byte[] b) {
43-
return Base64.getMimeEncoder().encodeToString(b);
43+
return Base64.getEncoder().encodeToString(b);
4444
}
4545

4646
static byte[] samlDecode(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/Saml2Utils.java

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,13 +32,8 @@ public final class Saml2Utils {
3232
private Saml2Utils() {
3333
}
3434

35-
@Deprecated
36-
public static String samlEncodeNotRfc2045(byte[] b) {
37-
return Base64.getEncoder().encodeToString(b);
38-
}
39-
4035
public static String samlEncode(byte[] b) {
41-
return Base64.getMimeEncoder().encodeToString(b);
36+
return Base64.getEncoder().encodeToString(b);
4237
}
4338

4439
public static byte[] samlDecode(String s) {

saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ public void convertWhenSamlResponseThenToken() {
6464
.willReturn(this.relyingPartyRegistration);
6565
MockHttpServletRequest request = new MockHttpServletRequest();
6666
request.setParameter(Saml2ParameterNames.SAML_RESPONSE,
67-
Saml2Utils.samlEncodeNotRfc2045("response".getBytes(StandardCharsets.UTF_8)));
67+
Saml2Utils.samlEncode("response".getBytes(StandardCharsets.UTF_8)));
6868
Saml2AuthenticationToken token = converter.convert(request);
6969
assertThat(token.getSaml2Response()).isEqualTo("response");
7070
assertThat(token.getRelyingPartyRegistration().getRegistrationId())
@@ -115,7 +115,7 @@ public void convertWhenGetRequestThenInflates() {
115115
MockHttpServletRequest request = new MockHttpServletRequest();
116116
request.setMethod("GET");
117117
byte[] deflated = Saml2Utils.samlDeflate("response");
118-
String encoded = Saml2Utils.samlEncodeNotRfc2045(deflated);
118+
String encoded = Saml2Utils.samlEncode(deflated);
119119
request.setParameter(Saml2ParameterNames.SAML_RESPONSE, encoded);
120120
Saml2AuthenticationToken token = converter.convert(request);
121121
assertThat(token.getSaml2Response()).isEqualTo("response");

0 commit comments

Comments
 (0)