Upgrade to Spring Security 5.0.0.M1

Closes gh-8714
2024-09-03 04:26:12 +08:00 · 2017-05-10 08:19:36 +01:00 · 2017-05-10 08:19:36 +01:00 · 9480e09c21
commit 9480e09c21
parent 8f1cf0ceb4
4 changed files with 11 additions and 9 deletions
--- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java
@ -18,6 +18,7 @@ package org.springframework.boot.autoconfigure.security.oauth2.resource;

 import java.io.IOException;
 import java.util.Arrays;
+import java.util.Base64;
 import java.util.List;
 import java.util.Map;

@ -45,7 +46,6 @@ import org.springframework.http.MediaType;
 import org.springframework.http.client.ClientHttpRequestExecution;
 import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.http.client.ClientHttpResponse;
-import org.springframework.security.crypto.codec.Base64;
 import org.springframework.security.oauth2.client.OAuth2ClientContext;
 import org.springframework.security.oauth2.client.OAuth2RestOperations;
 import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
@ -298,7 +298,8 @@ public class ResourceServerTokenServicesConfiguration {
 			String username = this.resource.getClientId();
 			String password = this.resource.getClientSecret();
 			if (username != null && password != null) {
-				byte[] token = Base64.encode((username + ":" + password).getBytes());
+				byte[] token = Base64.getEncoder()
+						.encode((username + ":" + password).getBytes());
 				headers.add("Authorization", "Basic " + new String(token));
 			}
 			HttpEntity<Void> request = new HttpEntity<>(headers);
--- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java
+++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java
@ -19,6 +19,7 @@ package org.springframework.boot.autoconfigure.security.oauth2;
 import java.net.URI;
 import java.net.URL;
 import java.util.Arrays;
+import java.util.Base64;
 import java.util.List;

 import com.fasterxml.jackson.databind.JsonNode;
@ -72,7 +73,6 @@ import org.springframework.security.config.annotation.method.configuration.Globa
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.crypto.codec.Base64;
 import org.springframework.security.oauth2.client.OAuth2ClientContext;
 import org.springframework.security.oauth2.client.OAuth2RestOperations;
 import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
@ -455,7 +455,7 @@ public class OAuth2AutoConfigurationTests {

 	private HttpHeaders getHeaders(ClientDetails config) {
 		HttpHeaders headers = new HttpHeaders();
-		String token = new String(Base64.encode(
+		String token = new String(Base64.getEncoder().encode(
 				(config.getClientId() + ":" + config.getClientSecret()).getBytes()));
 		headers.set("Authorization", "Basic " + token);
 		return headers;
--- a/spring-boot-dependencies/pom.xml
+++ b/spring-boot-dependencies/pom.xml
@ -165,7 +165,7 @@
 		<spring-plugin.version>1.2.0.RELEASE</spring-plugin.version>
 		<spring-restdocs.version>1.2.1.BUILD-SNAPSHOT</spring-restdocs.version>
 		<spring-retry.version>1.2.0.RELEASE</spring-retry.version>
-		<spring-security.version>5.0.0.BUILD-SNAPSHOT</spring-security.version>
+		<spring-security.version>5.0.0.M1</spring-security.version>
 		<spring-security-jwt.version>1.0.7.RELEASE</spring-security-jwt.version>
 		<spring-security-oauth.version>2.1.0.RELEASE</spring-security-oauth.version>
 		<spring-session.version>2.0.0.BUILD-SNAPSHOT</spring-session.version>
--- a/spring-boot-integration-tests/spring-boot-security-tests/spring-boot-security-test-web-helloworld/src/test/java/sample/HelloWebSecurityApplicationTests.java
+++ b/spring-boot-integration-tests/spring-boot-security-tests/spring-boot-security-test-web-helloworld/src/test/java/sample/HelloWebSecurityApplicationTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2016 the original author or authors.
+ * Copyright 2012-2017 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -16,6 +16,8 @@

 package sample;

+import java.util.Base64;
+
 import javax.servlet.http.HttpServletResponse;

 import org.junit.Before;
@ -28,7 +30,6 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.mock.web.MockFilterChain;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.crypto.codec.Base64;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.test.context.junit4.SpringRunner;

@ -63,8 +64,8 @@ public class HelloWebSecurityApplicationTests {

 	@Test
 	public void userAuthenticates() throws Exception {
-		this.request.addHeader("Authorization",
-				"Basic " + new String(Base64.encode("user:password".getBytes("UTF-8"))));
+		this.request.addHeader("Authorization", "Basic " + new String(
+				Base64.getEncoder().encode("user:password".getBytes("UTF-8"))));

 		this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);