Make source code compatible with JDK 8

Closes gh-10695

build.gradle

@@ -106,6 +106,7 @@ subprojects {
 	tasks.withType(JavaCompile) {
 		options.encoding = "UTF-8"
 		options.compilerArgs.add("-parameters")
+		options.release = 8
 	}
 }
 

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurer.java

@@ -297,8 +297,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		if (version != null) {
 			return version;
 		}
-		return Version.class.getModule().getDescriptor().version().map(Object::toString)
+		return Version.getVersion();
-				.orElseThrow(() -> new IllegalStateException("cannot determine OpenSAML version"));
 	}
 
 	private void registerDefaultAuthenticationProvider(B http) {

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java

@@ -319,8 +319,7 @@ public final class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>
 		if (version != null) {
 			return version;
 		}
-		return Version.class.getModule().getDescriptor().version().map(Object::toString)
+		return Version.getVersion();
-				.orElseThrow(() -> new IllegalStateException("cannot determine OpenSAML version"));
 	}
 
 	/**

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java

@@ -21,11 +21,13 @@ import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 
+import javax.security.auth.x500.X500Principal;
 import javax.servlet.http.HttpServletRequest;
 
+import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.asn1.x500.style.BCStyle;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
-import sun.security.x509.X500Name;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -240,12 +242,8 @@ public class NamespaceHttpX509Tests {
 		}
 
 		private String extractCommonName(X509Certificate certificate) {
-			try {
+			X500Principal principal = certificate.getSubjectX500Principal();
-				return ((X500Name) certificate.getSubjectDN()).getCommonName();
+			return new X500Name(principal.getName()).getRDNs(BCStyle.CN)[0].getFirst().getValue().toString();
-			}
-			catch (Exception ex) {
-				throw new IllegalArgumentException(ex);
-			}
 		}
 
 	}

core/src/test/java/org/springframework/security/core/SpringSecurityCoreVersionTests.java

@@ -18,6 +18,7 @@ package org.springframework.security.core;
 
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
+import java.lang.reflect.Modifier;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -60,15 +61,24 @@ public class SpringSecurityCoreVersionTests {
 
 	@BeforeEach
 	public void setup() throws Exception {
-		Field logger = ReflectionUtils.findField(SpringSecurityCoreVersion.class, "logger");
+		setFinalStaticField(SpringSecurityCoreVersion.class, "logger", this.logger);
-		StaticFinalReflectionUtils.setField(logger, this.logger);
 	}
 
 	@AfterEach
 	public void cleanup() throws Exception {
 		System.clearProperty(getDisableChecksProperty());
-		Field logger = ReflectionUtils.findField(SpringSecurityCoreVersion.class, "logger");
+		setFinalStaticField(SpringSecurityCoreVersion.class, "logger",
-		StaticFinalReflectionUtils.setField(logger, LogFactory.getLog(SpringSecurityCoreVersion.class));
+				LogFactory.getLog(SpringSecurityCoreVersion.class));
+	}
+
+	private static void setFinalStaticField(Class<?> clazz, String fieldName, Object value)
+			throws ReflectiveOperationException {
+		Field field = clazz.getDeclaredField(fieldName);
+		field.setAccessible(true);
+		Field modifiers = Field.class.getDeclaredField("modifiers");
+		modifiers.setAccessible(true);
+		modifiers.setInt(field, field.getModifiers() & ~Modifier.FINAL);
+		field.set(null, value);
 	}
 
 	@Test

core/src/test/java/org/springframework/security/core/StaticFinalReflectionUtils.java

@@ -1,115 +0,0 @@
-/*
- * Copyright 2008 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.core;
-
-import java.lang.reflect.Field;
-import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
-import sun.misc.Unsafe;
-
-import org.springframework.objenesis.instantiator.util.UnsafeUtils;
-
-/**
- * Used for setting static variables even if they are private static final.
- *
- * The code in this class has been adopted from Powermock's <a href=
- * "https://github.com/noushadali/powermock/blob/powermock-1.5.4/reflect/src/main/java/org/powermock/reflect/internal/WhiteboxImpl.java#L326">WhiteboxImpl</a>.
- *
- * @author Rob Winch
- */
-final class StaticFinalReflectionUtils {
-
-	/**
-	 * Used to support setting static fields that are final using Java's Unsafe. If the
-	 * field is not static final, use
-	 * {@link org.springframework.test.util.ReflectionTestUtils}.
-	 * @param field the field to set
-	 * @param newValue the new value
-	 */
-	static void setField(final Field field, final Object newValue) {
-		try {
-			field.setAccessible(true);
-			int fieldModifiersMask = field.getModifiers();
-			boolean isFinalModifierPresent = (fieldModifiersMask & Modifier.FINAL) == Modifier.FINAL;
-			if (isFinalModifierPresent) {
-				AccessController.doPrivileged(new PrivilegedAction<Object>() {
-					@Override
-					public Object run() {
-						try {
-							Unsafe unsafe = UnsafeUtils.getUnsafe();
-							long offset = unsafe.staticFieldOffset(field);
-							Object base = unsafe.staticFieldBase(field);
-							setFieldUsingUnsafe(base, field.getType(), offset, newValue, unsafe);
-							return null;
-						}
-						catch (Throwable thrown) {
-							throw new RuntimeException(thrown);
-						}
-					}
-				});
-			}
-			else {
-				field.set(null, newValue);
-			}
-		}
-		catch (SecurityException ex) {
-			throw new RuntimeException(ex);
-		}
-		catch (IllegalAccessException ex) {
-			throw new RuntimeException(ex);
-		}
-		catch (IllegalArgumentException ex) {
-			throw new RuntimeException(ex);
-		}
-	}
-
-	private static void setFieldUsingUnsafe(Object base, Class type, long offset, Object newValue, Unsafe unsafe) {
-		if (type == Integer.TYPE) {
-			unsafe.putInt(base, offset, ((Integer) newValue));
-		}
-		else if (type == Short.TYPE) {
-			unsafe.putShort(base, offset, ((Short) newValue));
-		}
-		else if (type == Long.TYPE) {
-			unsafe.putLong(base, offset, ((Long) newValue));
-		}
-		else if (type == Byte.TYPE) {
-			unsafe.putByte(base, offset, ((Byte) newValue));
-		}
-		else if (type == Boolean.TYPE) {
-			unsafe.putBoolean(base, offset, ((Boolean) newValue));
-		}
-		else if (type == Float.TYPE) {
-			unsafe.putFloat(base, offset, ((Float) newValue));
-		}
-		else if (type == Double.TYPE) {
-			unsafe.putDouble(base, offset, ((Double) newValue));
-		}
-		else if (type == Character.TYPE) {
-			unsafe.putChar(base, offset, ((Character) newValue));
-		}
-		else {
-			unsafe.putObject(base, offset, newValue);
-		}
-	}
-
-	private StaticFinalReflectionUtils() {
-	}
-
-}