You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/05/31 14:34:33 UTC
cxf git commit: Moving security code to use java.util.Base64
Repository: cxf
Updated Branches:
refs/heads/master 847e00fe7 -> e824784db
Moving security code to use java.util.Base64
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e824784d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e824784d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e824784d
Branch: refs/heads/master
Commit: e824784db1bda81c68aaa407f471588acea38865
Parents: 847e00f
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue May 31 15:34:00 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue May 31 15:34:26 2016 +0100
----------------------------------------------------------------------
.../cxf/rs/security/saml/sso/MetadataWriter.java | 4 ++--
.../security/saml/sso/SamlRedirectBindingFilter.java | 4 ++--
.../cxf/rs/security/xml/XmlEncOutInterceptor.java | 7 +++----
.../cxf/ws/security/kerberos/KerberosClient.java | 4 ++--
.../KerberosTokenInterceptorProvider.java | 4 ++--
.../ws/security/policy/interceptors/STSInvoker.java | 6 +++---
.../SecureConversationInInterceptor.java | 4 ++--
.../SpnegoContextTokenInInterceptor.java | 6 +++---
.../SpnegoContextTokenOutInterceptor.java | 5 +++--
.../cxf/ws/security/trust/AbstractSTSClient.java | 10 +++++-----
.../ws/security/wss4j/TokenStoreCallbackHandler.java | 4 ++--
.../ws/security/wss4j/UsernameTokenInterceptor.java | 6 +++---
.../policyhandlers/SymmetricBindingHandler.java | 4 ++--
.../KerberosTokenPolicyValidator.java | 4 ++--
.../cxf/sts/claims/LdapGroupClaimsHandler.java | 2 +-
.../sts/token/validator/UsernameTokenValidator.java | 11 +++++------
.../apache/cxf/sts/operation/IssueSamlUnitTest.java | 4 ++--
.../cxf/sts/operation/ValidateX509TokenUnitTest.java | 4 ++--
.../sts/token/validator/X509TokenValidatorTest.java | 6 +++---
.../cxf/systest/sts/batch/SimpleBatchSTSClient.java | 15 +++++++--------
.../sts/deployment/CustomBSTTokenValidator.java | 5 +++--
21 files changed, 59 insertions(+), 60 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
index d85b9e5..b081bed 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataWriter.java
@@ -25,6 +25,7 @@ import java.security.Key;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collections;
import java.util.List;
@@ -50,7 +51,6 @@ import org.w3c.dom.Document;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.xml.security.stax.impl.util.IDGenerator;
-import org.apache.xml.security.utils.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -176,7 +176,7 @@ public class MetadataWriter {
// Write the Base-64 encoded certificate
byte data[] = signingCert.getEncoded();
- String encodedCertificate = Base64.encode(data);
+ String encodedCertificate = Base64.getMimeEncoder().encodeToString(data);
writer.writeCharacters(encodedCertificate);
writer.writeEndElement(); // X509Certificate
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
index ebfc7b8..485f6d5 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
@@ -24,6 +24,7 @@ import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
+import java.util.Base64;
import java.util.logging.Level;
import javax.security.auth.callback.CallbackHandler;
@@ -42,7 +43,6 @@ import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.util.DOM2Writer;
-import org.apache.xml.security.utils.Base64;
import org.opensaml.saml.saml2.core.AuthnRequest;
public class SamlRedirectBindingFilter extends AbstractServiceProviderFilter {
@@ -159,7 +159,7 @@ public class SamlRedirectBindingFilter extends AbstractServiceProviderFilter {
signature.update(requestToSign.getBytes(StandardCharsets.UTF_8));
byte[] signBytes = signature.sign();
- String encodedSignature = Base64.encode(signBytes);
+ String encodedSignature = Base64.getMimeEncoder().encodeToString(signBytes);
ub.queryParam(SSOConstants.SIGNATURE, URLEncoder.encode(encodedSignature, StandardCharsets.UTF_8.name()));
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
index ad181ef..b3a7db2 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
@@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.xml;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
+import java.util.Base64;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
@@ -34,7 +35,6 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.Text;
import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.message.Message;
@@ -51,7 +51,6 @@ import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.stax.impl.util.IDGenerator;
-import org.apache.xml.security.utils.Base64;
import org.apache.xml.security.utils.EncryptionConstants;
public class XmlEncOutInterceptor extends AbstractXmlSecOutInterceptor {
@@ -223,7 +222,7 @@ public class XmlEncOutInterceptor extends AbstractXmlSecOutInterceptor {
Document doc = encryptedDataElement.getOwnerDocument();
- String encodedKey = Base64Utility.encode(encryptedKey);
+ String encodedKey = Base64.getMimeEncoder().encodeToString(encryptedKey);
Element encryptedKeyElement = createEncryptedKeyElement(doc, keyEncAlgo, digestAlgo);
String encKeyId = IDGenerator.generateID("EK-");
encryptedKeyElement.setAttributeNS(null, "Id", encKeyId);
@@ -275,7 +274,7 @@ public class XmlEncOutInterceptor extends AbstractXmlSecOutInterceptor {
WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, e, "encodeError"
);
}
- Text text = encryptedDataDoc.createTextNode(Base64.encode(data));
+ Text text = encryptedDataDoc.createTextNode(Base64.getMimeEncoder().encodeToString(data));
Element cert = encryptedDataDoc.createElementNS(SIG_NS, SIG_PREFIX + ":X509Certificate");
cert.appendChild(text);
Element x509Data = encryptedDataDoc.createElementNS(SIG_NS, SIG_PREFIX + ":X509Data");
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
index cce09cb..5c15814 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosClient.java
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.kerberos;
+import java.util.Base64;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -36,7 +37,6 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.message.token.KerberosSecurity;
-import org.apache.xml.security.utils.Base64;
import org.ietf.jgss.GSSCredential;
/**
@@ -163,7 +163,7 @@ public class KerberosClient implements Configurable {
token.setKey(secretKey);
token.setSecret(secretKey.getEncoded());
}
- String sha1 = Base64.encode(KeyUtils.generateDigest(bst.getToken()));
+ String sha1 = Base64.getMimeEncoder().encodeToString(KeyUtils.generateDigest(bst.getToken()));
token.setSHA1(sha1);
token.setTokenType(bst.getValueType());
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
index fe5e3af..5ff968a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
@@ -21,6 +21,7 @@ package org.apache.cxf.ws.security.policy.interceptors;
import java.security.Key;
import java.util.Arrays;
+import java.util.Base64;
import java.util.Collection;
import java.util.List;
import java.util.Map;
@@ -66,7 +67,6 @@ import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.securityToken.KerberosServiceSecurityToken;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
-import org.apache.xml.security.utils.Base64;
/**
*
@@ -268,7 +268,7 @@ public class KerberosTokenInterceptorProvider extends AbstractPolicyInterceptorP
byte[] ticket = kerberosToken.getBinaryContent();
try {
- token.setSHA1(Base64.encode(KeyUtils.generateDigest(ticket)));
+ token.setSHA1(Base64.getMimeEncoder().encodeToString(KeyUtils.generateDigest(ticket)));
} catch (WSSecurityException e) {
// Just consume this for now as it isn't critical...
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
index 89422ed..9a9b1e6 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
@@ -20,6 +20,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
import java.util.Date;
import java.util.logging.Logger;
@@ -53,7 +54,6 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
-import org.apache.xml.security.utils.Base64;
/**
* An abstract Invoker used by the Spnego and SecureConversationInInterceptors.
@@ -210,7 +210,7 @@ abstract class STSInvoker implements Invoker {
writer.writeStartElement(prefix, "BinarySecret", namespace);
writer.writeAttribute("Type", namespace + "/Nonce");
- writer.writeCharacters(Base64.encode(secret));
+ writer.writeCharacters(Base64.getMimeEncoder().encodeToString(secret));
writer.writeEndElement();
} else {
byte entropy[] = WSSecurityUtil.generateNonce(keySize / 8);
@@ -225,7 +225,7 @@ abstract class STSInvoker implements Invoker {
writer.writeStartElement(prefix, "Entropy", namespace);
writer.writeStartElement(prefix, "BinarySecret", namespace);
writer.writeAttribute("Type", namespace + "/Nonce");
- writer.writeCharacters(Base64.encode(entropy));
+ writer.writeCharacters(Base64.getMimeEncoder().encodeToString(entropy));
writer.writeEndElement();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
index 5441989..e6bdab0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
@@ -20,6 +20,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
@@ -75,7 +76,6 @@ import org.apache.wss4j.policy.model.SignedParts;
import org.apache.wss4j.policy.model.Trust10;
import org.apache.wss4j.policy.model.Trust13;
import org.apache.xml.security.stax.impl.util.IDGenerator;
-import org.apache.xml.security.utils.Base64;
class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
@@ -339,7 +339,7 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
if ("Entropy".equals(localName)) {
Element bs = DOMUtils.getFirstElement(el);
if (bs != null) {
- clientEntropy = Base64.decode(bs.getTextContent());
+ clientEntropy = Base64.getMimeDecoder().decode(bs.getTextContent());
}
} else if ("KeySize".equals(localName)) {
keySize = Integer.parseInt(el.getTextContent());
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 7219686..4c2f371 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
+import java.util.Base64;
import java.util.Collection;
import java.util.Date;
@@ -60,7 +61,6 @@ import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.policy.SPConstants;
-import org.apache.xml.security.utils.Base64;
class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
@@ -287,7 +287,7 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
}
String content = DOMUtils.getContent(binaryExchange);
- byte[] decodedContent = Base64.decode(content);
+ byte[] decodedContent = Base64.getMimeDecoder().decode(content);
String jaasContext =
(String)message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
@@ -322,7 +322,7 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherData", WSConstants.ENC_NS);
writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherValue", WSConstants.ENC_NS);
- writer.writeCharacters(Base64.encode(key));
+ writer.writeCharacters(Base64.getMimeEncoder().encodeToString(key));
writer.writeEndElement();
writer.writeEndElement();
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
index e99ff08..c4fcaa0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
+import java.util.Base64;
import java.util.Collection;
import javax.security.auth.callback.CallbackHandler;
@@ -42,7 +43,6 @@ import org.apache.wss4j.common.spnego.SpnegoTokenContext;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.Trust10;
import org.apache.wss4j.policy.model.Trust13;
-import org.apache.xml.security.utils.Base64;
class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
SpnegoContextTokenOutInterceptor() {
@@ -134,7 +134,8 @@ class SpnegoContextTokenOutInterceptor extends AbstractPhaseInterceptor<SoapMess
if (maps != null) {
client.setAddressingNamespace(maps.getNamespaceURI());
}
- SecurityToken tok = client.requestSecurityToken(s, Base64.encode(spnegoToken.getToken()));
+ SecurityToken tok =
+ client.requestSecurityToken(s, Base64.getMimeEncoder().encodeToString(spnegoToken.getToken()));
byte[] wrappedTok = spnegoToken.unwrapKey(tok.getSecret());
tok.setSecret(wrappedTok);
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 0b6f619..813f1ab 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -25,6 +25,7 @@ import java.net.URL;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
@@ -143,7 +144,6 @@ import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.content.keyvalues.DSAKeyValue;
import org.apache.xml.security.keys.content.keyvalues.RSAKeyValue;
-import org.apache.xml.security.utils.Base64;
/**
* An abstract class with some functionality to invoke on a SecurityTokenService (STS) via the
@@ -908,7 +908,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
requestorEntropy = WSSecurityUtil
.generateNonce(algType.getMaximumSymmetricKeyLength() / 8);
}
- writer.writeCharacters(Base64.encode(requestorEntropy));
+ writer.writeCharacters(Base64.getMimeEncoder().encodeToString(requestorEntropy));
writer.writeEndElement();
writer.writeEndElement();
@@ -1475,7 +1475,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
if (childQname.equals(new QName(namespace, "BinarySecret"))) {
// First check for the binary secret
String b64Secret = DOMUtils.getContent(child);
- secret = Base64.decode(b64Secret);
+ secret = Base64.getMimeDecoder().decode(b64Secret);
} else if (childQname.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
secret = decryptKey(child);
} else if (childQname.equals(new QName(namespace, "ComputedKey"))) {
@@ -1489,7 +1489,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
serviceEntr = decryptKey(computedKeyChild);
} else if (computedKeyChildQName.equals(new QName(namespace, "BinarySecret"))) {
String content = DOMUtils.getContent(computedKeyChild);
- serviceEntr = Base64.decode(content);
+ serviceEntr = Base64.getMimeDecoder().decode(content);
}
}
@@ -1542,7 +1542,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
if (tmpE != null) {
String content = DOMUtils.getContent(tmpE);
- cipherValue = Base64.decode(content);
+ cipherValue = Base64.getMimeDecoder().decode(content);
}
}
if (cipherValue == null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/TokenStoreCallbackHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/TokenStoreCallbackHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/TokenStoreCallbackHandler.java
index 0d7495a..46341de 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/TokenStoreCallbackHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/TokenStoreCallbackHandler.java
@@ -20,6 +20,7 @@
package org.apache.cxf.ws.security.wss4j;
import java.io.IOException;
+import java.util.Base64;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -30,7 +31,6 @@ import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
-import org.apache.xml.security.utils.Base64;
public class TokenStoreCallbackHandler implements CallbackHandler {
private CallbackHandler internal;
@@ -68,7 +68,7 @@ public class TokenStoreCallbackHandler implements CallbackHandler {
private static String getSHA1(byte[] input) {
try {
byte[] digestBytes = KeyUtils.generateDigest(input);
- return Base64.encode(digestBytes);
+ return Base64.getMimeEncoder().encodeToString(digestBytes);
} catch (WSSecurityException e) {
//REVISIT
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index f1cd30c..0660109 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -21,6 +21,7 @@ package org.apache.cxf.ws.security.wss4j;
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
@@ -70,7 +71,6 @@ import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
import org.apache.wss4j.policy.model.SupportingTokens;
import org.apache.wss4j.policy.model.UsernameToken;
import org.apache.xml.security.exceptions.Base64DecodingException;
-import org.apache.xml.security.utils.Base64;
/**
*
@@ -126,7 +126,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
UsernameTokenPrincipal utPrincipal = (UsernameTokenPrincipal)principal;
String nonce = null;
if (utPrincipal.getNonce() != null) {
- nonce = Base64.encode(utPrincipal.getNonce());
+ nonce = Base64.getMimeEncoder().encodeToString(utPrincipal.getNonce());
}
subject = createSubject(utPrincipal.getName(), utPrincipal.getPassword(),
utPrincipal.isPasswordDigest(), nonce, utPrincipal.getCreatedTime());
@@ -236,7 +236,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed());
if (ut.getNonce() != null) {
- principal.setNonce(Base64.decode(ut.getNonce()));
+ principal.setNonce(Base64.getMimeDecoder().decode(ut.getNonce()));
}
principal.setPassword(ut.getPassword());
principal.setCreatedTime(ut.getCreated());
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 789b9ff..9d57e0d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -20,6 +20,7 @@
package org.apache.cxf.ws.security.wss4j.policyhandlers;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.logging.Level;
@@ -78,7 +79,6 @@ import org.apache.wss4j.policy.model.SpnegoContextToken;
import org.apache.wss4j.policy.model.SymmetricBinding;
import org.apache.wss4j.policy.model.UsernameToken;
import org.apache.wss4j.policy.model.X509Token;
-import org.apache.xml.security.utils.Base64;
/**
*
@@ -941,7 +941,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
private static String getSHA1(byte[] input) {
try {
byte[] digestBytes = KeyUtils.generateDigest(input);
- return Base64.encode(digestBytes);
+ return Base64.getMimeEncoder().encodeToString(digestBytes);
} catch (WSSecurityException e) {
//REVISIT
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
index 0a4a3dd..6d26523 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
@@ -20,6 +20,7 @@
package org.apache.cxf.ws.security.wss4j.policyvalidators;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collection;
import java.util.List;
@@ -42,7 +43,6 @@ import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.KerberosToken;
import org.apache.wss4j.policy.model.KerberosToken.ApReqTokenType;
-import org.apache.xml.security.utils.Base64;
/**
* Validate a WSSecurityEngineResult corresponding to the processing of a Kerberos Token
@@ -162,7 +162,7 @@ public class KerberosTokenPolicyValidator extends AbstractSecurityPolicyValidato
token.setTokenType(binarySecurityToken.getValueType());
byte[] tokenBytes = binarySecurityToken.getToken();
try {
- token.setSHA1(Base64.encode(KeyUtils.generateDigest(tokenBytes)));
+ token.setSHA1(Base64.getMimeEncoder().encodeToString(KeyUtils.generateDigest(tokenBytes)));
} catch (WSSecurityException e) {
// Just consume this for now as it isn't critical...
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
index cbe940e..fbbbdd8 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
@@ -250,7 +250,7 @@ public class LdapGroupClaimsHandler implements ClaimsHandler, RealmSupport {
&& parameters.getAppliesToAddress() != null) {
scope = getAppliesToScopeMapping().get(parameters.getAppliesToAddress());
if (LOG.isLoggable(Level.FINE)) {
- LOG.fine("AppliesTo matchs with scope: " + scope);
+ LOG.fine("AppliesTo matches with scope: " + scope);
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
index cbbd573..2392d60 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
@@ -19,6 +19,7 @@
package org.apache.cxf.sts.token.validator;
import java.security.Principal;
+import java.util.Base64;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@@ -57,8 +58,6 @@ import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
-import org.apache.xml.security.exceptions.Base64DecodingException;
-import org.apache.xml.security.utils.Base64;
/**
* This class validates a wsse UsernameToken.
@@ -238,8 +237,6 @@ public class UsernameTokenValidator implements TokenValidator {
LOG.fine("Username Token successfully validated");
} catch (WSSecurityException ex) {
LOG.log(Level.WARNING, "", ex);
- } catch (Base64DecodingException ex) {
- LOG.log(Level.WARNING, "", ex);
}
return response;
@@ -255,13 +252,15 @@ public class UsernameTokenValidator implements TokenValidator {
String passwordType,
String nonce,
String createdTime
- ) throws Base64DecodingException {
+ ) {
boolean hashed = false;
if (WSConstants.PASSWORD_DIGEST.equals(passwordType)) {
hashed = true;
}
WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(username, hashed);
- principal.setNonce(Base64.decode(nonce));
+ if (nonce != null) {
+ principal.setNonce(Base64.getMimeDecoder().decode(nonce));
+ }
principal.setPassword(passwordValue);
principal.setCreatedTime(createdTime);
principal.setPasswordType(passwordType);
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index e4fc41d..08da7d3 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -22,6 +22,7 @@ import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.Properties;
@@ -75,7 +76,6 @@ import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.WSSecEncryptedKey;
import org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor;
import org.apache.wss4j.dom.util.WSSecurityUtil;
-import org.apache.xml.security.utils.Base64;
/**
* Some unit tests for the issue operation to issue SAML tokens.
@@ -1487,7 +1487,7 @@ public class IssueSamlUnitTest extends org.junit.Assert {
Element x509Data = doc.createElementNS(WSConstants.SIG_NS, "ds:X509Data");
x509Data.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:ds", WSConstants.SIG_NS);
Element x509Cert = doc.createElementNS(WSConstants.SIG_NS, "ds:X509Certificate");
- Text certText = doc.createTextNode(Base64.encode(certs[0].getEncoded()));
+ Text certText = doc.createTextNode(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
x509Cert.appendChild(certText);
x509Data.appendChild(x509Cert);
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
index 21c5114..b320465 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
@@ -21,6 +21,7 @@ package org.apache.cxf.sts.operation;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.List;
import java.util.Properties;
@@ -47,7 +48,6 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.principal.CustomTokenPrincipal;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.xml.security.utils.Base64;
/**
* Some unit tests for the validate operation to validate X.509 tokens.
@@ -247,7 +247,7 @@ public class ValidateX509TokenUnitTest extends org.junit.Assert {
X509Certificate cert
) throws Exception {
BinarySecurityTokenType binarySecurityToken = new BinarySecurityTokenType();
- binarySecurityToken.setValue(Base64.encode(cert.getEncoded()));
+ binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(cert.getEncoded()));
binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
binarySecurityToken.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
JAXBElement<BinarySecurityTokenType> tokenType =
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/X509TokenValidatorTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/X509TokenValidatorTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/X509TokenValidatorTest.java
index 9521e28..70a6c34 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/X509TokenValidatorTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/X509TokenValidatorTest.java
@@ -20,6 +20,7 @@ package org.apache.cxf.sts.token.validator;
import java.security.Principal;
import java.security.cert.X509Certificate;
+import java.util.Base64;
import java.util.Properties;
import javax.xml.bind.JAXBElement;
@@ -41,7 +42,6 @@ import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.CustomTokenPrincipal;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.xml.security.utils.Base64;
/**
@@ -69,7 +69,7 @@ public class X509TokenValidatorTest extends org.junit.Assert {
Crypto crypto = validatorParameters.getStsProperties().getSignatureCrypto();
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
assertTrue(certs != null && certs.length > 0);
- binarySecurityToken.setValue(Base64.encode(certs[0].getEncoded()));
+ binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
ReceivedToken validateTarget = new ReceivedToken(tokenType);
tokenRequirements.setValidateTarget(validateTarget);
@@ -120,7 +120,7 @@ public class X509TokenValidatorTest extends org.junit.Assert {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
assertTrue(certs != null && certs.length > 0);
- binarySecurityToken.setValue(Base64.encode(certs[0].getEncoded()));
+ binarySecurityToken.setValue(Base64.getMimeEncoder().encodeToString(certs[0].getEncoded()));
binarySecurityToken.setValueType(X509TokenValidator.X509_V3_TYPE);
binarySecurityToken.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
index 5d06446..a04391a 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
@@ -25,6 +25,7 @@ import java.net.URL;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
@@ -110,11 +111,9 @@ import org.apache.wss4j.policy.model.AlgorithmSuite;
import org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType;
import org.apache.wss4j.policy.model.Trust10;
import org.apache.wss4j.policy.model.Trust13;
-import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.content.keyvalues.DSAKeyValue;
import org.apache.xml.security.keys.content.keyvalues.RSAKeyValue;
-import org.apache.xml.security.utils.Base64;
/**
* A primitive STSClient for batch tokens. Note that this contains a number of hacks and should NOT be
@@ -665,7 +664,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
requestorEntropy = WSSecurityUtil
.generateNonce(algType.getMaximumSymmetricKeyLength() / 8);
}
- writer.writeCharacters(Base64.encode(requestorEntropy));
+ writer.writeCharacters(Base64.getMimeEncoder().encodeToString(requestorEntropy));
writer.writeEndElement();
writer.writeEndElement();
@@ -842,7 +841,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
}
protected SecurityToken createSecurityToken(Element el, byte[] requestorEntropy)
- throws WSSecurityException, Base64DecodingException {
+ throws WSSecurityException {
if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
el = DOMUtils.getFirstElement(el);
@@ -899,7 +898,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
if (childQname.equals(new QName(namespace, "BinarySecret"))) {
// First check for the binary secret
String b64Secret = DOMUtils.getContent(child);
- secret = Base64.decode(b64Secret);
+ secret = Base64.getMimeDecoder().decode(b64Secret);
} else if (childQname.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
secret = decryptKey(child);
} else if (childQname.equals(new QName(namespace, "ComputedKey"))) {
@@ -913,7 +912,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
serviceEntr = decryptKey(computedKeyChild);
} else if (computedKeyChildQName.equals(new QName(namespace, "BinarySecret"))) {
String content = DOMUtils.getContent(computedKeyChild);
- serviceEntr = Base64.decode(content);
+ serviceEntr = Base64.getMimeDecoder().decode(content);
}
}
@@ -945,7 +944,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
return token;
}
- protected byte[] decryptKey(Element child) throws TrustException, WSSecurityException, Base64DecodingException {
+ protected byte[] decryptKey(Element child) throws TrustException, WSSecurityException {
String encryptionAlgorithm = X509Util.getEncAlgo(child);
// For the SPNEGO case just return the decoded cipher value and decrypt it later
if (encryptionAlgorithm != null && encryptionAlgorithm.endsWith("spnego#GSS_Wrap")) {
@@ -958,7 +957,7 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
if (tmpE != null) {
String content = DOMUtils.getContent(tmpE);
- cipherValue = Base64.decode(content);
+ cipherValue = Base64.getMimeDecoder().decode(content);
}
}
if (cipherValue == null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/e824784d/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/deployment/CustomBSTTokenValidator.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/deployment/CustomBSTTokenValidator.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/deployment/CustomBSTTokenValidator.java
index 67f5b57..2210f40 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/deployment/CustomBSTTokenValidator.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/deployment/CustomBSTTokenValidator.java
@@ -19,6 +19,8 @@
package org.apache.cxf.systest.sts.deployment;
+import java.util.Base64;
+
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
import org.apache.cxf.sts.token.validator.TokenValidator;
@@ -26,7 +28,6 @@ import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
import org.apache.cxf.sts.token.validator.TokenValidatorResponse;
import org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType;
import org.apache.wss4j.common.principal.CustomTokenPrincipal;
-import org.apache.xml.security.utils.Base64;
/**
@@ -61,7 +62,7 @@ public class CustomBSTTokenValidator implements TokenValidator {
//
// Do some validation of the token here
//
- if (Base64.encode("12345678".getBytes()).equals(binarySecurityToken.getValue())) {
+ if (Base64.getMimeEncoder().encodeToString("12345678".getBytes()).equals(binarySecurityToken.getValue())) {
validateTarget.setState(STATE.VALID);
}
response.setPrincipal(new CustomTokenPrincipal("alice"));