From aa9c1bab67b5fa041462555dba6e7a655afb1e42 Mon Sep 17 00:00:00 2001 From: Marcus Hert Da Coregio Date: Mon, 17 Jun 2024 16:02:47 -0300 Subject: [PATCH] Upgrade to Spring Framework 6.2.0-M4 Closes gh-15266 --- config/spring-security-config.gradle | 4 ++-- .../web/configurers/NamespaceHttpFirewallTests.java | 4 +++- .../oauth2/client/OidcLogoutConfigurerTests.java | 2 +- .../config/http/AccessDeniedConfigTests.java | 6 +++--- .../security/config/http/CsrfConfigTests.java | 4 ++-- .../config/web/server/OidcLogoutSpecTests.java | 2 +- .../htmlunit/server/HtmlUnitWebTestClient.java | 13 +++++++------ .../htmlunit/server/MockWebResponseBuilder.java | 8 ++++---- .../server/WebTestClientHtmlUnitDriverBuilder.java | 4 ++-- .../htmlunit/server/WebTestClientWebConnection.java | 8 ++++---- dependencies/spring-security-dependencies.gradle | 1 + gradle/libs.versions.toml | 7 ++++--- .../http/OAuth2ErrorResponseErrorHandler.java | 2 +- ...entReactivePasswordTokenResponseClientTests.java | 4 ++-- ...eactiveRefreshTokenTokenResponseClientTests.java | 4 ++-- ...activeTokenExchangeTokenResponseClientTests.java | 8 ++++---- .../http/OAuth2ErrorResponseErrorHandlerTests.java | 9 ++------- ...aultOAuth2AuthorizationRequestResolverTests.java | 9 ++++----- 18 files changed, 49 insertions(+), 50 deletions(-) diff --git a/config/spring-security-config.gradle b/config/spring-security-config.gradle index c517447e18..ad0e01bb2d 100644 --- a/config/spring-security-config.gradle +++ b/config/spring-security-config.gradle @@ -65,7 +65,7 @@ dependencies { testImplementation 'jakarta.websocket:jakarta.websocket-api' testImplementation 'jakarta.websocket:jakarta.websocket-client-api' testImplementation 'ldapsdk:ldapsdk:4.1' - testImplementation('net.sourceforge.htmlunit:htmlunit') { + testImplementation('org.htmlunit:htmlunit') { exclude group: 'commons-logging', module: 'commons-logging' exclude group: 'xml-apis', module: 'xml-apis' } @@ -80,7 +80,7 @@ dependencies { testImplementation "org.hibernate.orm:hibernate-core" testImplementation 'org.hsqldb:hsqldb' testImplementation 'org.mockito:mockito-core' - testImplementation('org.seleniumhq.selenium:htmlunit-driver') { + testImplementation('org.seleniumhq.selenium:htmlunit3-driver') { exclude group: 'commons-logging', module: 'commons-logging' exclude group: 'xml-apis', module: 'xml-apis' } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java index 48758ad268..e6216a2075 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ package org.springframework.security.config.annotation.web.configurers; import jakarta.servlet.http.HttpServletRequest; +import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -52,6 +53,7 @@ public class NamespaceHttpFirewallTests { MockMvc mvc; @Test + @Disabled("MockMvc uses UriComponentsBuilder::fromUriString which was changed in https://github.com/spring-projects/spring-framework/issues/32513") public void requestWhenPathContainsDoubleDotsThenBehaviorMatchesNamespace() throws Exception { this.rule.register(HttpFirewallConfig.class).autowire(); this.mvc.perform(get("/public/../private/")).andExpect(status().isBadRequest()); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutConfigurerTests.java index eccf675f3d..481dcced74 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutConfigurerTests.java @@ -25,7 +25,6 @@ import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import com.gargoylesoftware.htmlunit.util.UrlUtils; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.source.ImmutableJWKSet; @@ -41,6 +40,7 @@ import okhttp3.mockwebserver.Dispatcher; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; import okhttp3.mockwebserver.RecordedRequest; +import org.htmlunit.util.UrlUtils; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; diff --git a/config/src/test/java/org/springframework/security/config/http/AccessDeniedConfigTests.java b/config/src/test/java/org/springframework/security/config/http/AccessDeniedConfigTests.java index f38318f5ee..df43cc3049 100644 --- a/config/src/test/java/org/springframework/security/config/http/AccessDeniedConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/AccessDeniedConfigTests.java @@ -18,13 +18,13 @@ package org.springframework.security.config.http; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import org.eclipse.jetty.http.HttpStatus; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.beans.factory.BeanCreationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.parsing.BeanDefinitionParsingException; +import org.springframework.http.HttpStatus; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.config.test.SpringTestContext; import org.springframework.security.config.test.SpringTestContextExtension; @@ -71,7 +71,7 @@ public class AccessDeniedConfigTests { @WithMockUser public void configureWhenAccessDeniedHandlerRefThenAutowire() throws Exception { this.spring.configLocations(this.xml("AccessDeniedHandler")).autowire(); - this.mvc.perform(get("/")).andExpect(status().is(HttpStatus.GONE_410)); + this.mvc.perform(get("/")).andExpect(status().is(HttpStatus.GONE.value())); } @Test @@ -90,7 +90,7 @@ public class AccessDeniedConfigTests { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) { - response.setStatus(HttpStatus.GONE_410); + response.setStatus(HttpStatus.GONE.value()); } } diff --git a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java index 97bffee2f4..901945e73a 100644 --- a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java @@ -22,12 +22,12 @@ import java.util.List; import jakarta.servlet.Filter; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import org.eclipse.jetty.http.HttpStatus; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpSession; import org.springframework.security.access.AccessDeniedException; @@ -566,7 +566,7 @@ public class CsrfConfigTests { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) { - response.setStatus(HttpStatus.IM_A_TEAPOT_418); + response.setStatus(HttpStatus.I_AM_A_TEAPOT.value()); } } diff --git a/config/src/test/java/org/springframework/security/config/web/server/OidcLogoutSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OidcLogoutSpecTests.java index 9f5627db79..fed59255f0 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OidcLogoutSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OidcLogoutSpecTests.java @@ -26,7 +26,6 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; -import com.gargoylesoftware.htmlunit.util.UrlUtils; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.source.ImmutableJWKSet; @@ -40,6 +39,7 @@ import okhttp3.mockwebserver.Dispatcher; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; import okhttp3.mockwebserver.RecordedRequest; +import org.htmlunit.util.UrlUtils; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import reactor.core.publisher.Mono; diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java b/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java index 5efc812af0..bd48fdf85a 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java @@ -24,10 +24,11 @@ import java.util.Map; import java.util.Set; import java.util.StringTokenizer; -import com.gargoylesoftware.htmlunit.FormEncodingType; -import com.gargoylesoftware.htmlunit.WebClient; -import com.gargoylesoftware.htmlunit.WebRequest; -import com.gargoylesoftware.htmlunit.util.NameValuePair; +import org.htmlunit.FormEncodingType; +import org.htmlunit.WebClient; +import org.htmlunit.WebRequest; +import org.htmlunit.util.Cookie; +import org.htmlunit.util.NameValuePair; import reactor.core.publisher.Mono; import org.springframework.http.HttpMethod; @@ -117,8 +118,8 @@ final class HtmlUnitWebTestClient { request.cookie(cookieName, cookieValue); } } - Set managedCookies = this.webClient.getCookies(webRequest.getUrl()); - for (com.gargoylesoftware.htmlunit.util.Cookie cookie : managedCookies) { + Set managedCookies = this.webClient.getCookies(webRequest.getUrl()); + for (Cookie cookie : managedCookies) { request.cookie(cookie.getName(), cookie.getValue()); } } diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/MockWebResponseBuilder.java b/config/src/test/java/org/springframework/security/htmlunit/server/MockWebResponseBuilder.java index ab5845a817..66ce945c04 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/MockWebResponseBuilder.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/MockWebResponseBuilder.java @@ -20,10 +20,10 @@ import java.io.IOException; import java.util.ArrayList; import java.util.List; -import com.gargoylesoftware.htmlunit.WebRequest; -import com.gargoylesoftware.htmlunit.WebResponse; -import com.gargoylesoftware.htmlunit.WebResponseData; -import com.gargoylesoftware.htmlunit.util.NameValuePair; +import org.htmlunit.WebRequest; +import org.htmlunit.WebResponse; +import org.htmlunit.WebResponseData; +import org.htmlunit.util.NameValuePair; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java index db19b75056..7767ec71da 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java @@ -16,8 +16,8 @@ package org.springframework.security.htmlunit.server; -import com.gargoylesoftware.htmlunit.WebClient; -import com.gargoylesoftware.htmlunit.WebConnection; +import org.htmlunit.WebClient; +import org.htmlunit.WebConnection; import org.openqa.selenium.WebDriver; import org.springframework.test.web.reactive.server.WebTestClient; diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientWebConnection.java b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientWebConnection.java index 91e948bf90..ff060b0e3a 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientWebConnection.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientWebConnection.java @@ -18,10 +18,10 @@ package org.springframework.security.htmlunit.server; import java.io.IOException; -import com.gargoylesoftware.htmlunit.WebClient; -import com.gargoylesoftware.htmlunit.WebConnection; -import com.gargoylesoftware.htmlunit.WebRequest; -import com.gargoylesoftware.htmlunit.WebResponse; +import org.htmlunit.WebClient; +import org.htmlunit.WebConnection; +import org.htmlunit.WebRequest; +import org.htmlunit.WebResponse; import org.springframework.lang.Nullable; import org.springframework.test.web.reactive.server.FluxExchangeResult; diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 930e0c1a52..060addd4b3 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -47,6 +47,7 @@ dependencies { api libs.jakarta.websocket.jakarta.websocket.client.api api libs.ldapsdk api libs.net.sourceforge.htmlunit + api libs.org.htmlunit.htmlunit api libs.org.apache.directory.server.apacheds.entry api libs.org.apache.directory.server.apacheds.core api libs.org.apache.directory.server.apacheds.protocol.ldap diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 041978eb1f..ec10a508b9 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -13,7 +13,7 @@ org-jetbrains-kotlin = "1.9.24" org-jetbrains-kotlinx = "1.8.1" org-mockito = "5.11.0" org-opensaml = "4.3.2" -org-springframework = "6.1.9" +org-springframework = "6.2.0-M4" [libraries] ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.6" @@ -46,6 +46,7 @@ jakarta-websocket-jakarta-websocket-client-api = { module = "jakarta.websocket:j jakarta-xml-bind-jakarta-xml-bind-api = "jakarta.xml.bind:jakarta.xml.bind-api:4.0.2" ldapsdk = "ldapsdk:ldapsdk:4.1" net-sourceforge-htmlunit = "net.sourceforge.htmlunit:htmlunit:2.70.0" +org-htmlunit-htmlunit = "org.htmlunit:htmlunit:4.1.0" org-apache-directory-server-apacheds-core = { module = "org.apache.directory.server:apacheds-core", version.ref = "org-apache-directory-server" } org-apache-directory-server-apacheds-entry = { module = "org.apache.directory.server:apacheds-core-entry", version.ref = "org-apache-directory-server" } org-apache-directory-server-apacheds-protocol-ldap = { module = "org.apache.directory.server:apacheds-protocol-ldap", version.ref = "org-apache-directory-server" } @@ -78,8 +79,8 @@ org-opensaml-opensaml-core = { module = "org.opensaml:opensaml-core", version.re org-opensaml-opensaml-saml-api = { module = "org.opensaml:opensaml-saml-api", version.ref = "org-opensaml" } org-opensaml-opensaml-saml-impl = { module = "org.opensaml:opensaml-saml-impl", version.ref = "org-opensaml" } org-python-jython = { module = "org.python:jython", version = "2.5.3" } -org-seleniumhq-selenium-htmlunit-driver = "org.seleniumhq.selenium:htmlunit-driver:2.70.0" -org-seleniumhq-selenium-selenium-java = "org.seleniumhq.selenium:selenium-java:3.141.59" +org-seleniumhq-selenium-htmlunit-driver = "org.seleniumhq.selenium:htmlunit3-driver:4.20.0" +org-seleniumhq-selenium-selenium-java = "org.seleniumhq.selenium:selenium-java:4.20.0" org-seleniumhq-selenium-selenium-support = "org.seleniumhq.selenium:selenium-support:3.141.59" org-skyscreamer-jsonassert = "org.skyscreamer:jsonassert:1.5.1" org-slf4j-log4j-over-slf4j = "org.slf4j:log4j-over-slf4j:1.7.36" diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java index 5e14fb66a1..0b7c058757 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java @@ -54,7 +54,7 @@ public class OAuth2ErrorResponseErrorHandler implements ResponseErrorHandler { @Override public void handleError(ClientHttpResponse response) throws IOException { - if (HttpStatus.BAD_REQUEST.value() != response.getRawStatusCode()) { + if (HttpStatus.BAD_REQUEST.value() != response.getStatusCode().value()) { this.defaultErrorHandler.handleError(response); } // A Bearer Token Error may be in the WWW-Authenticate response header diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java index db1d88cc48..da8b235319 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java @@ -120,7 +120,7 @@ public class WebClientReactivePasswordTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); assertThat(formParameters).contains("grant_type=password"); assertThat(formParameters).contains("username=user1"); @@ -155,7 +155,7 @@ public class WebClientReactivePasswordTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); assertThat(formParameters).contains("grant_type=password"); assertThat(formParameters).contains("username=user1"); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java index 42f86dfcbc..204080be82 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -124,7 +124,7 @@ public class WebClientReactiveRefreshTokenTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.AUTHORIZATION)).startsWith("Basic "); String formParameters = recordedRequest.getBody().readUtf8(); assertThat(formParameters).contains("grant_type=refresh_token"); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java index c9bbfcf517..2e3d32bb17 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java @@ -190,7 +190,7 @@ public class WebClientReactiveTokenExchangeTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); // @formatter:off assertThat(formParameters).contains( @@ -230,7 +230,7 @@ public class WebClientReactiveTokenExchangeTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); // @formatter:off assertThat(formParameters).contains( @@ -270,7 +270,7 @@ public class WebClientReactiveTokenExchangeTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); // @formatter:off assertThat(formParameters).contains( @@ -312,7 +312,7 @@ public class WebClientReactiveTokenExchangeTokenResponseClientTests { assertThat(recordedRequest.getMethod()).isEqualTo(HttpMethod.POST.toString()); assertThat(recordedRequest.getHeader(HttpHeaders.ACCEPT)).isEqualTo(MediaType.APPLICATION_JSON_VALUE); assertThat(recordedRequest.getHeader(HttpHeaders.CONTENT_TYPE)) - .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"); + .isEqualTo(MediaType.APPLICATION_FORM_URLENCODED_VALUE); String formParameters = recordedRequest.getBody().readUtf8(); // @formatter:off assertThat(formParameters).contains( diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandlerTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandlerTests.java index cd309dd234..602273c52e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandlerTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandlerTests.java @@ -118,17 +118,12 @@ public class OAuth2ErrorResponseErrorHandlerTests { @Override public HttpStatus getStatusCode() throws IOException { - return HttpStatus.valueOf(getRawStatusCode()); - } - - @Override - public int getRawStatusCode() { - return this.statusCode; + return HttpStatus.valueOf(this.statusCode); } @Override public String getStatusText() throws IOException { - HttpStatus httpStatus = HttpStatus.resolve(this.statusCode); + HttpStatus httpStatus = HttpStatus.valueOf(this.statusCode); return (httpStatus != null) ? httpStatus.getReasonPhrase() : ""; } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolverTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolverTests.java index ff25b24386..c10a3f82cf 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolverTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolverTests.java @@ -38,8 +38,10 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.PkceParameterNames; import org.springframework.security.oauth2.core.oidc.OidcScopes; import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames; +import org.springframework.web.util.InvalidUrlException; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.entry; @@ -255,17 +257,14 @@ public class DefaultOAuth2AuthorizationRequestResolverTests { } @Test - public void resolveWhenAuthorizationRequestHasNoPortThenExpandedRedirectUriWithExtraVarsExcludesPort() { + public void resolveWhenAuthorizationRequestHasNoPortThenInvalidUrlException() { ClientRegistration clientRegistration = this.fineRedirectUriTemplateRegistration; String requestUri = this.authorizationRequestBaseUri + "/" + clientRegistration.getRegistrationId(); MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri); request.setScheme("https"); request.setServerPort(-1); request.setServletPath(requestUri); - OAuth2AuthorizationRequest authorizationRequest = this.resolver.resolve(request); - assertThat(authorizationRequest.getRedirectUri()).isNotEqualTo(clientRegistration.getRedirectUri()); - assertThat(authorizationRequest.getRedirectUri()) - .isEqualTo("https://localhost/login/oauth2/code/" + clientRegistration.getRegistrationId()); + assertThatExceptionOfType(InvalidUrlException.class).isThrownBy(() -> this.resolver.resolve(request)); } // gh-5520