From 915bde0e627190bd61af5d1e7367102a50b18165 Mon Sep 17 00:00:00 2001 From: Andy Wilkinson Date: Tue, 23 Apr 2019 12:04:36 +0100 Subject: [PATCH] Use MIME decoder to read OAuth2 resource server public key Fixes gh-16624 --- .../ReactiveOAuth2ResourceServerJwkConfiguration.java | 4 ++-- .../servlet/OAuth2ResourceServerJwtConfiguration.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java index 7310684740..2b1c5a138e 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java @@ -68,8 +68,8 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { private byte[] getKeySpec(String keyValue) { keyValue = keyValue.replace("-----BEGIN PUBLIC KEY-----", "") - .replace("-----END PUBLIC KEY-----", "").replace("\n", ""); - return Base64.getDecoder().decode(keyValue); + .replace("-----END PUBLIC KEY-----", ""); + return Base64.getMimeDecoder().decode(keyValue); } @Bean diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java index 3bfe1c50fd..e4bd7c03ab 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -70,8 +70,8 @@ class OAuth2ResourceServerJwtConfiguration { private byte[] getKeySpec(String keyValue) { keyValue = keyValue.replace("-----BEGIN PUBLIC KEY-----", "") - .replace("-----END PUBLIC KEY-----", "").replace("\n", ""); - return Base64.getDecoder().decode(keyValue); + .replace("-----END PUBLIC KEY-----", ""); + return Base64.getMimeDecoder().decode(keyValue); } @Bean