From f32cd91792f434754640d0213c65d7faf5e101a8 Mon Sep 17 00:00:00 2001 From: Case Walker Date: Fri, 12 Apr 2024 12:49:19 -0400 Subject: [PATCH] Upgrade owasp-java-html-sanitizer, address all fallout Signed-off-by: Case Walker --- distribution/api-docs-dist/pom.xml | 6 ------ pom.xml | 12 ++++++++++- quarkus/runtime/pom.xml | 20 +++++++++++++++++++ services/pom.xml | 8 ++++++++ .../forms/AbstractRegistrationRecaptcha.java | 4 ++-- .../forms/RegistrationRecaptcha.java | 4 ++-- .../RegistrationRecaptchaEnterprise.java | 4 ++-- .../WebAuthnCredentialProvider.java | 6 +++--- .../oid4vc/model/CredentialIssuer.java | 4 ++-- .../oid4vc/model/CredentialsOffer.java | 4 ++-- .../protocol/oid4vc/model/OID4VCClient.java | 5 ++--- .../keycloak/protocol/oid4vc/model/Role.java | 4 ++-- .../SupportedCredentialConfiguration.java | 8 ++++---- .../theme/KeycloakSanitizerPolicy.java | 13 +++--------- .../keycloak/testsuite/util/OAuthClient.java | 5 ++--- .../testsuite/authz/UmaGrantTypeTest.java | 4 ++-- .../testsuite/client/MutualTLSClientTest.java | 5 ++--- .../testsuite/saml/ArtifactBindingTest.java | 6 +++--- .../x509/X509OCSPResponderFailOpenTest.java | 5 ++--- .../testsuite/x509/X509OCSPResponderTest.java | 4 ++-- 20 files changed, 76 insertions(+), 55 deletions(-) diff --git a/distribution/api-docs-dist/pom.xml b/distribution/api-docs-dist/pom.xml index dc67e12f11..20e072583b 100755 --- a/distribution/api-docs-dist/pom.xml +++ b/distribution/api-docs-dist/pom.xml @@ -63,12 +63,6 @@ net.java.dev.jna jna - - - com.googlecode.owasp-java-html-sanitizer - owasp-java-html-sanitizer - diff --git a/pom.xml b/pom.xml index 89c873d436..87e38148f6 100644 --- a/pom.xml +++ b/pom.xml @@ -110,7 +110,7 @@ 4.7.7.Final 6.2.7.Final ${resteasy.version} - 20220608.1 + 20240325.1 2.0.6 3.0.10 2.0.1 @@ -533,6 +533,16 @@ owasp-java-html-sanitizer ${owasp.html.sanitizer.version} + + com.googlecode.owasp-java-html-sanitizer + java8-shim + ${owasp.html.sanitizer.version} + + + com.googlecode.owasp-java-html-sanitizer + java10-shim + ${owasp.html.sanitizer.version} + junit junit diff --git a/quarkus/runtime/pom.xml b/quarkus/runtime/pom.xml index def75eba02..ea65f4aa43 100644 --- a/quarkus/runtime/pom.xml +++ b/quarkus/runtime/pom.xml @@ -437,6 +437,26 @@ + + com.googlecode.owasp-java-html-sanitizer + java8-shim + + + * + * + + + + + com.googlecode.owasp-java-html-sanitizer + java10-shim + + + * + * + + + org.apache.httpcomponents httpcore diff --git a/services/pom.xml b/services/pom.xml index 3535e4dad5..0819d0b6b2 100755 --- a/services/pom.xml +++ b/services/pom.xml @@ -148,6 +148,14 @@ com.googlecode.owasp-java-html-sanitizer owasp-java-html-sanitizer + + com.googlecode.owasp-java-html-sanitizer + java8-shim + + + com.googlecode.owasp-java-html-sanitizer + java10-shim + com.fasterxml.jackson.core jackson-core diff --git a/services/src/main/java/org/keycloak/authentication/forms/AbstractRegistrationRecaptcha.java b/services/src/main/java/org/keycloak/authentication/forms/AbstractRegistrationRecaptcha.java index f207103933..a71bdfd930 100644 --- a/services/src/main/java/org/keycloak/authentication/forms/AbstractRegistrationRecaptcha.java +++ b/services/src/main/java/org/keycloak/authentication/forms/AbstractRegistrationRecaptcha.java @@ -23,7 +23,6 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; -import com.google.common.base.Strings; import jakarta.ws.rs.core.MultivaluedMap; import org.jboss.logging.Logger; import org.keycloak.Config; @@ -43,6 +42,7 @@ import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigurationBuilder; import org.keycloak.services.messages.Messages; import org.keycloak.services.validation.Validation; +import org.keycloak.utils.StringUtil; public abstract class AbstractRegistrationRecaptcha implements FormAction, FormActionFactory { @@ -98,7 +98,7 @@ public abstract class AbstractRegistrationRecaptcha implements FormAction, FormA String userLanguageTag = context.getSession().getContext().resolveLocale(context.getUser()) .toLanguageTag(); boolean invisible = Boolean.parseBoolean(config.get(INVISIBLE)); - String action = Strings.isNullOrEmpty(config.get(ACTION)) ? "register" : config.get(ACTION); + String action = StringUtil.isNullOrEmpty(config.get(ACTION)) ? "register" : config.get(ACTION); form.setAttribute("recaptchaRequired", true); form.setAttribute("recaptchaSiteKey", config.get(SITE_KEY)); diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java index 78d25c6782..17fe98c026 100755 --- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java +++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java @@ -22,7 +22,6 @@ import java.util.LinkedList; import java.util.List; import java.util.Map; -import com.google.common.base.Strings; import org.apache.http.NameValuePair; import org.apache.http.client.entity.UrlEncodedFormEntity; import org.apache.http.client.methods.CloseableHttpResponse; @@ -38,6 +37,7 @@ import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigurationBuilder; import org.keycloak.services.ServicesLogger; import org.keycloak.util.JsonSerialization; +import org.keycloak.utils.StringUtil; public class RegistrationRecaptcha extends AbstractRegistrationRecaptcha { @@ -67,7 +67,7 @@ public class RegistrationRecaptcha extends AbstractRegistrationRecaptcha { @Override protected boolean validateConfig(Map config) { - return !(Strings.isNullOrEmpty(config.get(SITE_KEY)) || Strings.isNullOrEmpty(config.get(SECRET_KEY))); + return !(StringUtil.isNullOrEmpty(config.get(SITE_KEY)) || StringUtil.isNullOrEmpty(config.get(SECRET_KEY))); } @Override diff --git a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptchaEnterprise.java b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptchaEnterprise.java index 918b3f6b34..37b75cd051 100644 --- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptchaEnterprise.java +++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptchaEnterprise.java @@ -24,7 +24,6 @@ import java.util.List; import java.util.Map; import java.util.stream.Stream; -import com.google.common.base.Strings; import org.apache.http.HttpResponse; import org.apache.http.HttpStatus; import org.apache.http.client.HttpClient; @@ -38,6 +37,7 @@ import org.keycloak.provider.ProviderConfigProperty; import org.keycloak.provider.ProviderConfigurationBuilder; import org.keycloak.services.ServicesLogger; import org.keycloak.util.JsonSerialization; +import org.keycloak.utils.StringUtil; public class RegistrationRecaptchaEnterprise extends AbstractRegistrationRecaptcha { public static final String PROVIDER_ID = "registration-recaptcha-enterprise"; @@ -67,7 +67,7 @@ public class RegistrationRecaptchaEnterprise extends AbstractRegistrationRecaptc @Override protected boolean validateConfig(Map config) { return !(Stream.of(PROJECT_ID, SITE_KEY, API_KEY, ACTION) - .anyMatch(key -> Strings.isNullOrEmpty(config.get(key))) + .anyMatch(key -> StringUtil.isNullOrEmpty(config.get(key))) || parseDoubleFromConfig(config, SCORE_THRESHOLD) == null); } diff --git a/services/src/main/java/org/keycloak/credential/WebAuthnCredentialProvider.java b/services/src/main/java/org/keycloak/credential/WebAuthnCredentialProvider.java index 5b9c228782..d24dfe6b0e 100644 --- a/services/src/main/java/org/keycloak/credential/WebAuthnCredentialProvider.java +++ b/services/src/main/java/org/keycloak/credential/WebAuthnCredentialProvider.java @@ -33,7 +33,7 @@ import com.webauthn4j.util.AssertUtil; import com.webauthn4j.util.exception.WebAuthnException; import com.webauthn4j.validator.OriginValidatorImpl; import com.webauthn4j.validator.exception.BadOriginException; -import org.checkerframework.checker.nullness.qual.NonNull; +import jakarta.annotation.Nonnull; import org.jboss.logging.Logger; import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory; import org.keycloak.common.util.Base64; @@ -248,8 +248,8 @@ public class WebAuthnCredentialProvider implements CredentialProvider credentialsSupported) { - this.credentialsSupported = ImmutableMap.copyOf(credentialsSupported); + this.credentialsSupported = Collections.unmodifiableMap(credentialsSupported); return this; } diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/model/CredentialsOffer.java b/services/src/main/java/org/keycloak/protocol/oid4vc/model/CredentialsOffer.java index 00ebd84e7e..84aa97635f 100644 --- a/services/src/main/java/org/keycloak/protocol/oid4vc/model/CredentialsOffer.java +++ b/services/src/main/java/org/keycloak/protocol/oid4vc/model/CredentialsOffer.java @@ -19,8 +19,8 @@ package org.keycloak.protocol.oid4vc.model; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; -import com.google.common.collect.ImmutableList; +import java.util.Collections; import java.util.List; /** @@ -56,7 +56,7 @@ public class CredentialsOffer { } public CredentialsOffer setCredentialConfigurationIds(List credentialConfigurationIds) { - this.credentialConfigurationIds = ImmutableList.copyOf(credentialConfigurationIds); + this.credentialConfigurationIds = Collections.unmodifiableList(credentialConfigurationIds); return this; } diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/model/OID4VCClient.java b/services/src/main/java/org/keycloak/protocol/oid4vc/model/OID4VCClient.java index ac2e99e69d..996314ca51 100644 --- a/services/src/main/java/org/keycloak/protocol/oid4vc/model/OID4VCClient.java +++ b/services/src/main/java/org/keycloak/protocol/oid4vc/model/OID4VCClient.java @@ -17,8 +17,7 @@ package org.keycloak.protocol.oid4vc.model; -import com.google.common.collect.ImmutableList; - +import java.util.Collections; import java.util.List; /** @@ -84,7 +83,7 @@ public class OID4VCClient { } public OID4VCClient setSupportedVCTypes(List supportedVCTypes) { - this.supportedVCTypes = ImmutableList.copyOf(supportedVCTypes); + this.supportedVCTypes = Collections.unmodifiableList(supportedVCTypes); return this; } diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/model/Role.java b/services/src/main/java/org/keycloak/protocol/oid4vc/model/Role.java index 81ee2cbbd3..6fc16d71fa 100644 --- a/services/src/main/java/org/keycloak/protocol/oid4vc/model/Role.java +++ b/services/src/main/java/org/keycloak/protocol/oid4vc/model/Role.java @@ -17,9 +17,9 @@ package org.keycloak.protocol.oid4vc.model; -import com.google.common.collect.ImmutableSet; import org.keycloak.protocol.oid4vc.issuance.mappers.OID4VCTargetRoleMapper; +import java.util.Collections; import java.util.Objects; import java.util.Set; @@ -37,7 +37,7 @@ public class Role { } public Role(Set names, String target) { - this.names = ImmutableSet.copyOf(names); + this.names = Collections.unmodifiableSet(names); this.target = target; } diff --git a/services/src/main/java/org/keycloak/protocol/oid4vc/model/SupportedCredentialConfiguration.java b/services/src/main/java/org/keycloak/protocol/oid4vc/model/SupportedCredentialConfiguration.java index 12d78cc222..c15b8369cc 100644 --- a/services/src/main/java/org/keycloak/protocol/oid4vc/model/SupportedCredentialConfiguration.java +++ b/services/src/main/java/org/keycloak/protocol/oid4vc/model/SupportedCredentialConfiguration.java @@ -20,9 +20,9 @@ package org.keycloak.protocol.oid4vc.model; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; -import com.google.common.collect.ImmutableList; import java.util.Arrays; +import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -92,7 +92,7 @@ public class SupportedCredentialConfiguration { } public SupportedCredentialConfiguration setCryptographicBindingMethodsSupported(List cryptographicBindingMethodsSupported) { - this.cryptographicBindingMethodsSupported = ImmutableList.copyOf(cryptographicBindingMethodsSupported); + this.cryptographicBindingMethodsSupported = Collections.unmodifiableList(cryptographicBindingMethodsSupported); return this; } @@ -101,7 +101,7 @@ public class SupportedCredentialConfiguration { } public SupportedCredentialConfiguration setCryptographicSuitesSupported(List cryptographicSuitesSupported) { - this.cryptographicSuitesSupported = ImmutableList.copyOf(cryptographicSuitesSupported); + this.cryptographicSuitesSupported = Collections.unmodifiableList(cryptographicSuitesSupported); return this; } @@ -131,7 +131,7 @@ public class SupportedCredentialConfiguration { } public SupportedCredentialConfiguration setCredentialSigningAlgValuesSupported(List credentialSigningAlgValuesSupported) { - this.credentialSigningAlgValuesSupported = ImmutableList.copyOf(credentialSigningAlgValuesSupported); + this.credentialSigningAlgValuesSupported = Collections.unmodifiableList(credentialSigningAlgValuesSupported); return this; } diff --git a/services/src/main/java/org/keycloak/theme/KeycloakSanitizerPolicy.java b/services/src/main/java/org/keycloak/theme/KeycloakSanitizerPolicy.java index bb8a08eeb3..deaf8ea667 100644 --- a/services/src/main/java/org/keycloak/theme/KeycloakSanitizerPolicy.java +++ b/services/src/main/java/org/keycloak/theme/KeycloakSanitizerPolicy.java @@ -18,15 +18,13 @@ package org.keycloak.theme; import java.util.regex.Pattern; +import java.util.function.Predicate; import org.owasp.html.HtmlPolicyBuilder; import org.owasp.html.PolicyFactory; -import com.google.common.base.Predicate; - /** * Based on the EbayPolicyExample in owasp java-html-sanitizer. - * */ public class KeycloakSanitizerPolicy { @@ -166,12 +164,7 @@ public class KeycloakSanitizerPolicy { "table", "td", "th", "tr", "colgroup", "fieldset", "legend") .toFactory(); - private static Predicate matchesEither( - final Pattern a, final Pattern b) { - return new Predicate() { - public boolean apply(String s) { - return a.matcher(s).matches()|| b.matcher(s).matches(); - } - }; + private static Predicate matchesEither(final Pattern a, final Pattern b) { + return s -> a.matcher(s).matches() || b.matcher(s).matches(); } } diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java index 703d76dbe7..94861ea35d 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java @@ -17,7 +17,6 @@ package org.keycloak.testsuite.util; -import com.google.common.base.Charsets; import jakarta.ws.rs.client.Entity; import jakarta.ws.rs.core.Form; import jakarta.ws.rs.core.UriBuilder; @@ -524,7 +523,7 @@ public class OAuthClient { post.addHeader("DPoP", dpopProof); } - UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, Charsets.UTF_8); + UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, StandardCharsets.UTF_8); post.setEntity(formEntity); try { @@ -1277,7 +1276,7 @@ public class OAuthClient { customParameters.keySet().stream().forEach(i -> parameters.add(new BasicNameValuePair(i, customParameters.get(i)))); } - UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, Charsets.UTF_8); + UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, StandardCharsets.UTF_8); post.setEntity(formEntity); try { return new ParResponse(client.execute(post), c); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java index f790a60e28..efbcde855a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java @@ -28,6 +28,7 @@ import static org.junit.Assert.fail; import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT; import java.net.URI; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Collection; import java.util.Collections; @@ -42,7 +43,6 @@ import jakarta.ws.rs.core.Form; import jakarta.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.UriBuilder; -import com.google.common.base.Charsets; import org.apache.http.NameValuePair; import org.apache.http.client.entity.UrlEncodedFormEntity; import org.apache.http.client.methods.CloseableHttpResponse; @@ -445,7 +445,7 @@ public class UmaGrantTypeTest extends AbstractResourceServerTest { parameters.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.UMA_GRANT_TYPE)); parameters.add(new BasicNameValuePair("ticket", ticket)); - UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, Charsets.UTF_8); + UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, StandardCharsets.UTF_8); post.setEntity(formEntity); CloseableHttpResponse response = oauth.getHttpClient().get().execute(post); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/MutualTLSClientTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/MutualTLSClientTest.java index c080ed0a93..526395e354 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/MutualTLSClientTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/MutualTLSClientTest.java @@ -1,6 +1,7 @@ package org.keycloak.testsuite.client; import java.io.IOException; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; @@ -30,8 +31,6 @@ import org.keycloak.testsuite.util.KeycloakModelUtils; import org.keycloak.testsuite.util.MutualTLSUtils; import org.keycloak.testsuite.util.OAuthClient; -import com.google.common.base.Charsets; - /** * Mutual TLS Client tests. */ @@ -278,7 +277,7 @@ public class MutualTLSClientTest extends AbstractTestRealmKeycloakTest { parameters.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.AUTHORIZATION_CODE)); parameters.add(new BasicNameValuePair(OAuth2Constants.CODE, oauth.getCurrentQuery().get(OAuth2Constants.CODE))); parameters.add(new BasicNameValuePair(OAuth2Constants.REDIRECT_URI, oauth.getRedirectUri())); - UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, Charsets.UTF_8); + UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, StandardCharsets.UTF_8); post.setEntity(formEntity); return new OAuthClient.AccessTokenResponse(client.execute(post)); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/ArtifactBindingTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/ArtifactBindingTest.java index 7413dd7696..0d2dd306d0 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/ArtifactBindingTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/ArtifactBindingTest.java @@ -1,6 +1,5 @@ package org.keycloak.testsuite.saml; -import com.google.common.base.Charsets; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.util.EntityUtils; import org.hamcrest.Matchers; @@ -49,6 +48,7 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; +import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Base64; @@ -190,7 +190,7 @@ public class ArtifactBindingTest extends AbstractSamlTest { assertThat(artifact[3], is((byte)0)); MessageDigest sha1Digester = MessageDigest.getInstance("SHA-1"); - byte[] source = sha1Digester.digest(getAuthServerRealmBase(REALM_NAME).toString().getBytes(Charsets.UTF_8)); + byte[] source = sha1Digester.digest(getAuthServerRealmBase(REALM_NAME).toString().getBytes(StandardCharsets.UTF_8)); for (int i = 0; i < 20; i++) { assertThat(source[i], is(artifact[i+4])); } @@ -450,7 +450,7 @@ public class ArtifactBindingTest extends AbstractSamlTest { assertThat(artifact[3], is((byte)0)); MessageDigest sha1Digester = MessageDigest.getInstance("SHA-1"); - byte[] source = sha1Digester.digest(getAuthServerRealmBase(REALM_NAME).toString().getBytes(Charsets.UTF_8)); + byte[] source = sha1Digester.digest(getAuthServerRealmBase(REALM_NAME).toString().getBytes(StandardCharsets.UTF_8)); for (int i = 0; i < 20; i++) { assertThat(source[i], is(artifact[i+4])); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java index 32a056226e..1c266fe633 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java @@ -1,9 +1,8 @@ package org.keycloak.testsuite.x509; -import com.google.common.base.Charsets; - import io.undertow.Undertow; +import java.nio.charset.StandardCharsets; import java.nio.file.Paths; import java.util.function.Supplier; @@ -81,7 +80,7 @@ public class X509OCSPResponderFailOpenTest extends AbstractX509AuthenticationTes .setMappingSourceType(SUBJECTDN_EMAIL) .setOCSPResponder("http://" + OCSP_RESPONDER_HOST + ".invalid.host:" + OCSP_RESPONDER_PORT + "/oscp") .setOCSPResponderCertificate( - IOUtils.toString(this.getClass().getResourceAsStream(OcspHandler.OCSP_RESPONDER_CERT_PATH), Charsets.UTF_8) + IOUtils.toString(this.getClass().getResourceAsStream(OcspHandler.OCSP_RESPONDER_CERT_PATH), StandardCharsets.UTF_8) .replace("-----BEGIN CERTIFICATE-----", "") .replace("-----END CERTIFICATE-----", "")) .setUserIdentityMapperType(USERNAME_EMAIL); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java index b503f240e1..36018d3eb2 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java @@ -18,7 +18,6 @@ package org.keycloak.testsuite.x509; -import com.google.common.base.Charsets; import org.jboss.arquillian.drone.api.annotation.Drone; import org.junit.After; import org.junit.Assert; @@ -40,6 +39,7 @@ import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorC import io.undertow.Undertow; import io.undertow.server.handlers.BlockingHandler; +import java.nio.charset.StandardCharsets; import java.nio.file.Paths; import java.util.function.Supplier; import org.apache.commons.io.IOUtils; @@ -164,7 +164,7 @@ public class X509OCSPResponderTest extends AbstractX509AuthenticationTest { .setMappingSourceType(SUBJECTDN_EMAIL) .setOCSPResponder("http://" + OCSP_RESPONDER_HOST + ":" + OCSP_RESPONDER_PORT + "/oscp") .setOCSPResponderCertificate( - IOUtils.toString(this.getClass().getResourceAsStream(OcspHandler.OCSP_RESPONDER_CERT_PATH), Charsets.UTF_8) + IOUtils.toString(this.getClass().getResourceAsStream(OcspHandler.OCSP_RESPONDER_CERT_PATH), StandardCharsets.UTF_8) .replace(PemUtils.BEGIN_CERT, "") .replace(PemUtils.END_CERT, "")) .setUserIdentityMapperType(USERNAME_EMAIL);