Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (#2222)

This commit is contained in:
András Salamon 2021-01-21 19:10:33 +01:00 committed by GitHub
parent e5a16f0b0f
commit 83e0397c42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt
View File

@ -1,2 +1,5 @@
@defaultMessage Use java.nio.charset.StandardCharsets instead
org.apache.commons.codec.Charsets
@defaultMessage Use java.util.Base64 instead
org.apache.commons.codec.binary.Base64

2
solr/CHANGES.txt
View File

@ -186,6 +186,8 @@ Other Changes
* SOLR-14034: Remove deprecated min_rf references (Tim Dillon)
* SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (Andras Salamon via Houston Putman)
Bug Fixes
---------------------
* SOLR-14546: Fix for a relatively hard to hit issue in OverseerTaskProcessor that could lead to out of order execution

8
solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
View File

@ -26,6 +26,7 @@ import java.io.UnsupportedEncodingException;
import java.lang.invoke.MethodHandles;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -34,7 +35,6 @@ import java.util.Set;
import java.util.StringTokenizer;
import com.google.common.collect.ImmutableSet;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.http.Header;
import org.apache.http.HttpHeaders;
@ -133,7 +133,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
if (basic.equalsIgnoreCase("Basic")) {
if (st.hasMoreTokens()) {
try {
String credentials = new String(Base64.decodeBase64(st.nextToken()), StandardCharsets.UTF_8);
String credentials = new String(Base64.getDecoder().decode(st.nextToken()), StandardCharsets.UTF_8);
int p = credentials.indexOf(":");
if (p != -1) {
final String username = credentials.substring(0, p).trim();
@ -222,7 +222,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
HttpClientContext httpClientContext = (HttpClientContext) httpContext;
if (httpClientContext.getUserToken() instanceof BasicAuthUserPrincipal) {
BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) httpClientContext.getUserToken();
String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
httpRequest.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64);
return true;
}
@ -237,7 +237,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
Object userToken = request.getAttributes().get(Http2SolrClient.REQ_PRINCIPAL_KEY);
if (userToken instanceof BasicAuthUserPrincipal) {
BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) userToken;
String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
request.header(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64);
return true;
}

8
solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java
View File

@ -21,6 +21,7 @@ import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
@ -29,7 +30,6 @@ import java.util.Random;
import java.util.Set;
import com.google.common.collect.ImmutableSet;
import org.apache.commons.codec.binary.Base64;
import org.apache.solr.common.util.CommandOperation;
import org.apache.solr.common.util.Utils;
import org.apache.solr.common.util.ValidatingJsonMap;
@ -60,7 +60,7 @@ public class Sha256AuthenticationProvider implements ConfigEditablePlugin, Basi
final Random r = new SecureRandom();
byte[] salt = new byte[32];
r.nextBytes(salt);
String saltBase64 = Base64.encodeBase64String(salt);
String saltBase64 = Base64.getEncoder().encodeToString(salt);
String val = sha256(pwd, saltBase64) + " " + saltBase64;
return val;
}
@ -121,13 +121,13 @@ public class Sha256AuthenticationProvider implements ConfigEditablePlugin, Basi
}
if (saltKey != null) {
digest.reset();
digest.update(Base64.decodeBase64(saltKey));
digest.update(Base64.getDecoder().decode(saltKey));
}
byte[] btPass = digest.digest(password.getBytes(StandardCharsets.UTF_8));
digest.reset();
btPass = digest.digest(btPass);
return Base64.encodeBase64String(btPass);
return Base64.getEncoder().encodeToString(btPass);
}
@Override

5
solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java vendored
View File

@ -18,6 +18,7 @@ package org.apache.solr.servlet.cache;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
@ -37,8 +38,6 @@ import org.apache.solr.search.SolrIndexSearcher;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
import org.apache.commons.codec.binary.Base64;
public final class HttpCacheHeaderUtil {
public static void sendNotModified(HttpServletResponse res) {
@ -72,7 +71,7 @@ public final class HttpCacheHeaderUtil {
if (currentIndexVersion != indexVersionCache) {
indexVersionCache=currentIndexVersion;
etagCache = "\""
+ new String(Base64.encodeBase64((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed)
+ new String(Base64.getEncoder().encode((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed)
.getBytes(StandardCharsets.US_ASCII)), StandardCharsets.US_ASCII) + "\"";
}