From 29016ef3d2dafde6051411d43c281de59ca4e5c0 Mon Sep 17 00:00:00 2001
From: Brian Clozel <brian.clozel@broadcom.com>
Date: Tue, 19 Dec 2023 11:32:19 +0100
Subject: [PATCH 1/3] Fix authorization server smoke test

Change from spring-projects/spring-authorization-server#1468

See gh-38678
---
 ...h2AuthorizationServerApplicationTests.java | 59 ++++++++++---------
 1 file changed, 30 insertions(+), 29 deletions(-)

diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java
index 0ecf890c9f4..467868aa3eb 100644
--- a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java
+++ b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-oauth2-authorization-server/src/test/java/smoketest/oauth2/server/SampleOAuth2AuthorizationServerApplicationTests.java
@@ -39,7 +39,8 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata;
 import org.springframework.security.oauth2.server.authorization.oidc.OidcProviderConfiguration;
-import org.springframework.web.util.UriComponentsBuilder;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -103,13 +104,13 @@ class SampleOAuth2AuthorizationServerApplicationTests {
 	void validTokenRequestShouldReturnTokenResponse() {
 		HttpHeaders headers = new HttpHeaders();
 		headers.setBasicAuth("messaging-client", "secret");
-		HttpEntity<Object> request = new HttpEntity<>(headers);
-		String requestUri = UriComponentsBuilder.fromUriString("/token")
-			.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
-			.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
-			.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
-			.toUriString();
-		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+		MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
+		body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
+		body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
+		body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
+		HttpEntity<Object> request = new HttpEntity<>(body, headers);
+		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
 				MAP_TYPE_REFERENCE);
 		assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.OK);
 		Map<String, Object> tokenResponse = Objects.requireNonNull(entity.getBody());
@@ -123,13 +124,13 @@ class SampleOAuth2AuthorizationServerApplicationTests {
 	@Test
 	void anonymousTokenRequestShouldReturnUnauthorized() {
 		HttpHeaders headers = new HttpHeaders();
-		HttpEntity<Object> request = new HttpEntity<>(headers);
-		String requestUri = UriComponentsBuilder.fromUriString("/token")
-			.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
-			.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
-			.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
-			.toUriString();
-		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+		MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
+		body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
+		body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
+		body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
+		HttpEntity<Object> request = new HttpEntity<>(body, headers);
+		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
 				MAP_TYPE_REFERENCE);
 		assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
 	}
@@ -137,14 +138,14 @@ class SampleOAuth2AuthorizationServerApplicationTests {
 	@Test
 	void anonymousTokenRequestWithAcceptHeaderAllShouldReturnUnauthorized() {
 		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 		headers.setAccept(List.of(MediaType.ALL));
-		HttpEntity<Object> request = new HttpEntity<>(headers);
-		String requestUri = UriComponentsBuilder.fromUriString("/token")
-			.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
-			.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
-			.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
-			.toUriString();
-		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
+		MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
+		body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
+		body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
+		body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
+		HttpEntity<Object> request = new HttpEntity<>(body, headers);
+		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
 				MAP_TYPE_REFERENCE);
 		assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
 	}
@@ -152,14 +153,14 @@ class SampleOAuth2AuthorizationServerApplicationTests {
 	@Test
 	void anonymousTokenRequestWithAcceptHeaderTextHtmlShouldRedirectToLogin() {
 		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 		headers.setAccept(List.of(MediaType.TEXT_HTML));
-		HttpEntity<Object> request = new HttpEntity<>(headers);
-		String requestUri = UriComponentsBuilder.fromUriString("/token")
-			.queryParam(OAuth2ParameterNames.CLIENT_ID, "messaging-client")
-			.queryParam(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
-			.queryParam(OAuth2ParameterNames.SCOPE, "message.read+message.write")
-			.toUriString();
-		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange(requestUri, HttpMethod.POST, request,
+		MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
+		body.add(OAuth2ParameterNames.CLIENT_ID, "messaging-client");
+		body.add(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
+		body.add(OAuth2ParameterNames.SCOPE, "message.read message.write");
+		HttpEntity<Object> request = new HttpEntity<>(body, headers);
+		ResponseEntity<Map<String, Object>> entity = this.restTemplate.exchange("/token", HttpMethod.POST, request,
 				MAP_TYPE_REFERENCE);
 		assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.FOUND);
 		assertThat(entity.getHeaders().getLocation()).isEqualTo(URI.create("http://localhost:" + this.port + "/login"));

From 0fa8a27e4a697947b45664b78a93a8b1ed123d6a Mon Sep 17 00:00:00 2001
From: Brian Clozel <brian.clozel@broadcom.com>
Date: Tue, 19 Dec 2023 12:30:04 +0100
Subject: [PATCH 2/3] Upgrade to Spring LDAP 3.1.3

Closes gh-38681
---
 spring-boot-project/spring-boot-dependencies/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spring-boot-project/spring-boot-dependencies/build.gradle b/spring-boot-project/spring-boot-dependencies/build.gradle
index a902fb12838..db6af4ca696 100644
--- a/spring-boot-project/spring-boot-dependencies/build.gradle
+++ b/spring-boot-project/spring-boot-dependencies/build.gradle
@@ -1458,7 +1458,7 @@ bom {
 			]
 		}
 	}
-	library("Spring LDAP", "3.1.3-SNAPSHOT") {
+	library("Spring LDAP", "3.1.3") {
 		considerSnapshots()
 		group("org.springframework.ldap") {
 			modules = [

From 450a0ce8c732da58f976de7fea9b367f7fd6f8b8 Mon Sep 17 00:00:00 2001
From: Brian Clozel <brian.clozel@broadcom.com>
Date: Tue, 19 Dec 2023 12:30:36 +0100
Subject: [PATCH 3/3] Upgrade to Spring Security 6.1.6

Closes gh-38682
---
 spring-boot-project/spring-boot-dependencies/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spring-boot-project/spring-boot-dependencies/build.gradle b/spring-boot-project/spring-boot-dependencies/build.gradle
index db6af4ca696..2d81de40273 100644
--- a/spring-boot-project/spring-boot-dependencies/build.gradle
+++ b/spring-boot-project/spring-boot-dependencies/build.gradle
@@ -1485,7 +1485,7 @@ bom {
 			]
 		}
 	}
-	library("Spring Security", "6.1.6-SNAPSHOT") {
+	library("Spring Security", "6.1.6") {
 		considerSnapshots()
 		group("org.springframework.security") {
 			imports = [