hace 10 meses · 572255bebe
--- a/etc/checkstyle/checkstyle-suppressions.xml
+++ b/etc/checkstyle/checkstyle-suppressions.xml
@@ -5,4 +5,6 @@
 
				 <suppressions>
			
 
				 	<suppress files=".*" checks="JavadocStyle" />
			
 
				 	<suppress files="SpringAuthorizationServerVersion\.java" checks="HideUtilityClassConstructor"/>
			
 
				+	<suppress files="[\\/]src[\\/]test[\\/]" checks="RegexpSinglelineJava" id="toLowerCaseWithoutLocale"/>
			
 
				+	<suppress files="[\\/]src[\\/]test[\\/]" checks="RegexpSinglelineJava" id="toUpperCaseWithoutLocale"/>
			
 
				 </suppressions>
			
--- a/etc/checkstyle/checkstyle.xml
+++ b/etc/checkstyle/checkstyle.xml
@@ -15,4 +15,22 @@
 
				 		<property name="excludes" value="io.spring.javaformat.checkstyle.check.SpringHeaderCheck" />
			
 
				 		<property name="excludes" value="com.puppycrawl.tools.checkstyle.checks.javadoc.JavadocPackageCheck" />
			
 
				 	</module>
			
 
				+	<module name="com.puppycrawl.tools.checkstyle.TreeWalker">
			
 
				+		<module name="com.puppycrawl.tools.checkstyle.checks.regexp.RegexpSinglelineJavaCheck">
			
 
				+			<property name="id" value="toLowerCaseWithoutLocale"/>
			
 
				+			<property name="format" value="\.toLowerCase\(\)"/>
			
 
				+			<property name="maximum" value="0"/>
			
 
				+			<property name="message"
			
 
				+					  value="String.toLowerCase() should be String.toLowerCase(Locale.ROOT) or String.toLowerCase(Locale.ENGLISH)"/>
			
 
				+			<property name="ignoreComments" value="true"/>
			
 
				+		</module>
			
 
				+		<module name="com.puppycrawl.tools.checkstyle.checks.regexp.RegexpSinglelineJavaCheck">
			
 
				+			<property name="id" value="toUpperCaseWithoutLocale"/>
			
 
				+			<property name="format" value="\.toUpperCase\(\)"/>
			
 
				+			<property name="maximum" value="0"/>
			
 
				+			<property name="message"
			
 
				+					  value="String.toUpperCase() should be String.toUpperCase(Locale.ROOT) or String.toUpperCase(Locale.ENGLISH)"/>
			
 
				+			<property name="ignoreComments" value="true"/>
			
 
				+		</module>
			
 
				+	</module>
			
 
				 </module>
			
--- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java
+++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2020-2023 the original author or authors.
			
 
				+ * Copyright 2020-2024 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -27,6 +27,7 @@ import java.util.ArrayList;
 
				 import java.util.Collections;
			
 
				 import java.util.HashMap;
			
 
				 import java.util.List;
			
 
				+import java.util.Locale;
			
 
				 import java.util.Map;
			
 
				 import java.util.Set;
			
 
				 import java.util.function.Function;
			
@@ -416,7 +417,8 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic
 
				 			// But if it is not enclosed in double quotes,
			
 
				 			// the name is converted to uppercase and this uppercase version is stored in
			
 
				 			// the database as the case-normal form.
			
 
				-			rs = databaseMetaData.getColumns(null, null, TABLE_NAME.toUpperCase(), columnName.toUpperCase());
			
 
				+			rs = databaseMetaData.getColumns(null, null, TABLE_NAME.toUpperCase(Locale.ENGLISH),
			
 
				+					columnName.toUpperCase(Locale.ENGLISH));
			
 
				 			if (rs.next()) {
			
 
				 				return rs.getInt("DATA_TYPE");
			
 
				 			}
			
--- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2EndpointUtils.java
+++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2EndpointUtils.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2020-2023 the original author or authors.
			
 
				+ * Copyright 2020-2024 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -17,6 +17,7 @@ package org.springframework.security.oauth2.server.authorization.web.authenticat
 
				 
			
 
				 import java.util.Collections;
			
 
				 import java.util.HashMap;
			
 
				+import java.util.Locale;
			
 
				 import java.util.Map;
			
 
				 
			
 
				 import jakarta.servlet.http.HttpServletRequest;
			
@@ -110,14 +111,14 @@ final class OAuth2EndpointUtils {
 
				 
			
 
				 	static String normalizeUserCode(String userCode) {
			
 
				 		Assert.hasText(userCode, "userCode cannot be empty");
			
 
				-		StringBuilder sb = new StringBuilder(userCode.toUpperCase().replaceAll("[^A-Z\\d]+", ""));
			
 
				+		StringBuilder sb = new StringBuilder(userCode.toUpperCase(Locale.ENGLISH).replaceAll("[^A-Z\\d]+", ""));
			
 
				 		Assert.isTrue(sb.length() == 8, "userCode must be exactly 8 alpha/numeric characters");
			
 
				 		sb.insert(4, '-');
			
 
				 		return sb.toString();
			
 
				 	}
			
 
				 
			
 
				 	static boolean validateUserCode(String userCode) {
			
 
				-		return (userCode != null && userCode.toUpperCase().replaceAll("[^A-Z\\d]+", "").length() == 8);
			
 
				+		return (userCode != null && userCode.toUpperCase(Locale.ENGLISH).replaceAll("[^A-Z\\d]+", "").length() == 8);
			
 
				 	}
			
 
				 
			
 
				 }