From 83e0397c42826b8b88c5595957df6da151d42009 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A1s=20Salamon?= Date: Thu, 21 Jan 2021 19:10:33 +0100 Subject: [PATCH] SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (#2222) --- .../forbidden-apis/commons-codec.commons-codec.all.txt | 3 +++ solr/CHANGES.txt | 2 ++ .../java/org/apache/solr/security/BasicAuthPlugin.java | 8 ++++---- .../solr/security/Sha256AuthenticationProvider.java | 8 ++++---- .../apache/solr/servlet/cache/HttpCacheHeaderUtil.java | 5 ++--- 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt b/gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt index b0efb8e78d2..c73505398be 100644 --- a/gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt +++ b/gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt @@ -1,2 +1,5 @@ @defaultMessage Use java.nio.charset.StandardCharsets instead org.apache.commons.codec.Charsets + +@defaultMessage Use java.util.Base64 instead +org.apache.commons.codec.binary.Base64 \ No newline at end of file diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt index e6782e0131d..4ce0332d68e 100644 --- a/solr/CHANGES.txt +++ b/solr/CHANGES.txt @@ -186,6 +186,8 @@ Other Changes * SOLR-14034: Remove deprecated min_rf references (Tim Dillon) +* SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (Andras Salamon via Houston Putman) + Bug Fixes --------------------- * SOLR-14546: Fix for a relatively hard to hit issue in OverseerTaskProcessor that could lead to out of order execution diff --git a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java index 6bc35bf5221..b83f0c63982 100644 --- a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java +++ b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java @@ -26,6 +26,7 @@ import java.io.UnsupportedEncodingException; import java.lang.invoke.MethodHandles; import java.nio.charset.StandardCharsets; import java.security.Principal; +import java.util.Base64; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -34,7 +35,6 @@ import java.util.Set; import java.util.StringTokenizer; import com.google.common.collect.ImmutableSet; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.builder.ToStringBuilder; import org.apache.http.Header; import org.apache.http.HttpHeaders; @@ -133,7 +133,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita if (basic.equalsIgnoreCase("Basic")) { if (st.hasMoreTokens()) { try { - String credentials = new String(Base64.decodeBase64(st.nextToken()), StandardCharsets.UTF_8); + String credentials = new String(Base64.getDecoder().decode(st.nextToken()), StandardCharsets.UTF_8); int p = credentials.indexOf(":"); if (p != -1) { final String username = credentials.substring(0, p).trim(); @@ -222,7 +222,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita HttpClientContext httpClientContext = (HttpClientContext) httpContext; if (httpClientContext.getUserToken() instanceof BasicAuthUserPrincipal) { BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) httpClientContext.getUserToken(); - String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8)); + String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8)); httpRequest.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64); return true; } @@ -237,7 +237,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita Object userToken = request.getAttributes().get(Http2SolrClient.REQ_PRINCIPAL_KEY); if (userToken instanceof BasicAuthUserPrincipal) { BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) userToken; - String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8)); + String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8)); request.header(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64); return true; } diff --git a/solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java b/solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java index 5b1f6d4af91..a7b194eda31 100644 --- a/solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java +++ b/solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java @@ -21,6 +21,7 @@ import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; +import java.util.Base64; import java.util.Collections; import java.util.LinkedHashMap; import java.util.List; @@ -29,7 +30,6 @@ import java.util.Random; import java.util.Set; import com.google.common.collect.ImmutableSet; -import org.apache.commons.codec.binary.Base64; import org.apache.solr.common.util.CommandOperation; import org.apache.solr.common.util.Utils; import org.apache.solr.common.util.ValidatingJsonMap; @@ -60,7 +60,7 @@ public class Sha256AuthenticationProvider implements ConfigEditablePlugin, Basi final Random r = new SecureRandom(); byte[] salt = new byte[32]; r.nextBytes(salt); - String saltBase64 = Base64.encodeBase64String(salt); + String saltBase64 = Base64.getEncoder().encodeToString(salt); String val = sha256(pwd, saltBase64) + " " + saltBase64; return val; } @@ -121,13 +121,13 @@ public class Sha256AuthenticationProvider implements ConfigEditablePlugin, Basi } if (saltKey != null) { digest.reset(); - digest.update(Base64.decodeBase64(saltKey)); + digest.update(Base64.getDecoder().decode(saltKey)); } byte[] btPass = digest.digest(password.getBytes(StandardCharsets.UTF_8)); digest.reset(); btPass = digest.digest(btPass); - return Base64.encodeBase64String(btPass); + return Base64.getEncoder().encodeToString(btPass); } @Override diff --git a/solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java b/solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java index 41a6ec51b61..dc54fc97bf4 100644 --- a/solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java +++ b/solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java @@ -18,6 +18,7 @@ package org.apache.solr.servlet.cache; import java.io.IOException; import java.nio.charset.StandardCharsets; +import java.util.Base64; import java.util.Collections; import java.util.List; import java.util.UUID; @@ -37,8 +38,6 @@ import org.apache.solr.search.SolrIndexSearcher; import org.apache.solr.request.SolrQueryRequest; import org.apache.solr.response.SolrQueryResponse; -import org.apache.commons.codec.binary.Base64; - public final class HttpCacheHeaderUtil { public static void sendNotModified(HttpServletResponse res) { @@ -72,7 +71,7 @@ public final class HttpCacheHeaderUtil { if (currentIndexVersion != indexVersionCache) { indexVersionCache=currentIndexVersion; etagCache = "\"" - + new String(Base64.encodeBase64((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed) + + new String(Base64.getEncoder().encode((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed) .getBytes(StandardCharsets.US_ASCII)), StandardCharsets.US_ASCII) + "\""; }