3 年之前 · 040a28a8c9
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
@@ -223,7 +223,7 @@ public class Saml2LoginConfigurerTests {
 
				 	public void authenticateWithInvalidDeflatedSAMLResponseThenFailureHandlerUses() throws Exception {
			
 
				 		this.spring.register(CustomAuthenticationFailureHandler.class).autowire();
			
 
				 		byte[] invalidDeflated = "invalid".getBytes();
			
 
				-		String encoded = Saml2Utils.samlEncode(invalidDeflated);
			
 
				+		String encoded = Saml2Utils.samlEncodeNotRfc2045(invalidDeflated);
			
 
				 		MockHttpServletRequestBuilder request = get("/login/saml2/sso/registration-id").queryParam("SAMLResponse",
			
 
				 				encoded);
			
 
				 		this.mvc.perform(request);
			
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Utils.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2Utils.java
@@ -19,13 +19,12 @@ package org.springframework.security.saml2.provider.service.authentication;
 
				 import java.io.ByteArrayOutputStream;
			
 
				 import java.io.IOException;
			
 
				 import java.nio.charset.StandardCharsets;
			
 
				+import java.util.Base64;
			
 
				 import java.util.zip.Deflater;
			
 
				 import java.util.zip.DeflaterOutputStream;
			
 
				 import java.util.zip.Inflater;
			
 
				 import java.util.zip.InflaterOutputStream;
			
 
				 
			
 
				-import org.apache.commons.codec.binary.Base64;
			
 
				-
			
 
				 import org.springframework.security.saml2.Saml2Exception;
			
 
				 
			
 
				 /**
			
@@ -33,17 +32,15 @@ import org.springframework.security.saml2.Saml2Exception;
 
				  */
			
 
				 final class Saml2Utils {
			
 
				 
			
 
				-	private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
			
 
				-
			
 
				 	private Saml2Utils() {
			
 
				 	}
			
 
				 
			
 
				 	static String samlEncode(byte[] b) {
			
 
				-		return BASE64.encodeAsString(b);
			
 
				+		return Base64.getMimeEncoder().encodeToString(b);
			
 
				 	}
			
 
				 
			
 
				 	static byte[] samlDecode(String s) {
			
 
				-		return BASE64.decode(s);
			
 
				+		return Base64.getMimeDecoder().decode(s);
			
 
				 	}
			
 
				 
			
 
				 	static byte[] samlDeflate(String s) {
			
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/Saml2Utils.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/core/Saml2Utils.java
@@ -19,28 +19,30 @@ package org.springframework.security.saml2.core;
 
				 import java.io.ByteArrayOutputStream;
			
 
				 import java.io.IOException;
			
 
				 import java.nio.charset.StandardCharsets;
			
 
				+import java.util.Base64;
			
 
				 import java.util.zip.Deflater;
			
 
				 import java.util.zip.DeflaterOutputStream;
			
 
				 import java.util.zip.Inflater;
			
 
				 import java.util.zip.InflaterOutputStream;
			
 
				 
			
 
				-import org.apache.commons.codec.binary.Base64;
			
 
				-
			
 
				 import org.springframework.security.saml2.Saml2Exception;
			
 
				 
			
 
				 public final class Saml2Utils {
			
 
				 
			
 
				-	private static Base64 BASE64 = new Base64(0, new byte[] { '\n' });
			
 
				-
			
 
				 	private Saml2Utils() {
			
 
				 	}
			
 
				 
			
 
				+	@Deprecated
			
 
				+	public static String samlEncodeNotRfc2045(byte[] b) {
			
 
				+		return Base64.getEncoder().encodeToString(b);
			
 
				+	}
			
 
				+
			
 
				 	public static String samlEncode(byte[] b) {
			
 
				-		return BASE64.encodeAsString(b);
			
 
				+		return Base64.getMimeEncoder().encodeToString(b);
			
 
				 	}
			
 
				 
			
 
				 	public static byte[] samlDecode(String s) {
			
 
				-		return BASE64.decode(s);
			
 
				+		return Base64.getMimeDecoder().decode(s);
			
 
				 	}
			
 
				 
			
 
				 	public static byte[] samlDeflate(String s) {
			
--- a/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java
+++ b/saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationTokenConverterTests.java
@@ -60,7 +60,8 @@ public class Saml2AuthenticationTokenConverterTests {
 
				 		given(this.relyingPartyRegistrationResolver.convert(any(HttpServletRequest.class)))
			
 
				 				.willReturn(this.relyingPartyRegistration);
			
 
				 		MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				-		request.setParameter("SAMLResponse", Saml2Utils.samlEncode("response".getBytes(StandardCharsets.UTF_8)));
			
 
				+		request.setParameter("SAMLResponse",
			
 
				+				Saml2Utils.samlEncodeNotRfc2045("response".getBytes(StandardCharsets.UTF_8)));
			
 
				 		Saml2AuthenticationToken token = converter.convert(request);
			
 
				 		assertThat(token.getSaml2Response()).isEqualTo("response");
			
 
				 		assertThat(token.getRelyingPartyRegistration().getRegistrationId())
			
@@ -111,7 +112,7 @@ public class Saml2AuthenticationTokenConverterTests {
 
				 		MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				 		request.setMethod("GET");
			
 
				 		byte[] deflated = Saml2Utils.samlDeflate("response");
			
 
				-		String encoded = Saml2Utils.samlEncode(deflated);
			
 
				+		String encoded = Saml2Utils.samlEncodeNotRfc2045(deflated);
			
 
				 		request.setParameter("SAMLResponse", encoded);
			
 
				 		Saml2AuthenticationToken token = converter.convert(request);
			
 
				 		assertThat(token.getSaml2Response()).isEqualTo("response");