Replace apache.commons Base64 with jdk Base64 (#1162)

* Replace apache.commons Base64 with jdk Base64

* Align imports

* Align imports for test classes

* Replace Hex apache commons with java xml

* Remove the org.apache.commons from pom

* Revert templates/libraries/okhttp-gson/JSON.mustache

pom.xml

@@ -191,12 +191,6 @@
             <artifactId>jackson-databind</artifactId>
             <version>2.15.2</version>
         </dependency>
-        <dependency>
-            <groupId>commons-codec</groupId>
-            <artifactId>commons-codec</artifactId>
-            <version>1.16.0</version>
-            <scope>compile</scope>
-        </dependency>
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>

src/main/java/com/adyen/httpclient/AdyenHttpClient.java

@@ -24,7 +24,7 @@
 import com.adyen.Config;
 import com.adyen.constants.ApiConstants;
 import com.adyen.model.RequestOptions;
-import org.apache.commons.codec.binary.Base64;
+import java.util.Base64;
 import org.apache.hc.client5.http.classic.methods.HttpDelete;
 import org.apache.hc.client5.http.classic.methods.HttpGet;
 import org.apache.hc.client5.http.classic.methods.HttpPatch;
@@ -244,7 +244,7 @@ private void setApiKey(HttpUriRequest httpUriRequest, String apiKey) {
     private void setBasicAuthentication(HttpUriRequest httpUriRequest, String username, String password) {
         // set basic authentication
         String authString = username + ":" + password;
-        byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
+        byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
         String authStringEnc = new String(authEncBytes);
 
         httpUriRequest.addHeader("Authorization", "Basic " + authStringEnc);

src/main/java/com/adyen/model/terminal/SaleToAcquirerData.java

@@ -27,8 +27,7 @@
 import java.util.Map;
 import java.util.Objects;
 
-import org.apache.commons.codec.binary.Base64;
-
+import java.util.Base64;
 import com.adyen.model.applicationinfo.ApplicationInfo;
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
@@ -279,11 +278,11 @@ public String toString() {
 
     public String toBase64() {
         String json = PRETTY_PRINT_GSON.toJson(this);
-        return new String(Base64.encodeBase64(json.getBytes()));
+        return new String(Base64.getEncoder().encode(json.getBytes()));
     }
 
     public static SaleToAcquirerData fromBase64(String base64) {
-        byte[] decoded = Base64.decodeBase64(base64);
+        byte[] decoded = Base64.getDecoder().decode(base64);
         try (Reader reader = new InputStreamReader(new ByteArrayInputStream(decoded))) {
             return PRETTY_PRINT_GSON.fromJson(reader, SaleToAcquirerData.class);
         }

src/main/java/com/adyen/terminal/security/NexoCrypto.java

@@ -27,8 +27,7 @@
 import com.adyen.model.terminal.security.SecurityKey;
 import com.adyen.model.terminal.security.SecurityTrailer;
 import com.adyen.terminal.security.exception.NexoCryptoException;
-import org.apache.commons.codec.binary.Base64;
-
+import java.util.Base64;
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
@@ -75,15 +74,15 @@ public SaleToPOISecuredMessage encrypt(String saleToPoiMessageJson, MessageHeade
 
         SaleToPOISecuredMessage saleToPoiSecuredMessage = new SaleToPOISecuredMessage();
         saleToPoiSecuredMessage.setMessageHeader(messageHeader);
-        saleToPoiSecuredMessage.setNexoBlob(new String(Base64.encodeBase64(encryptedSaleToPoiMessage)));
+        saleToPoiSecuredMessage.setNexoBlob(new String(Base64.getEncoder().encode(encryptedSaleToPoiMessage)));
         saleToPoiSecuredMessage.setSecurityTrailer(securityTrailer);
 
         return saleToPoiSecuredMessage;
     }
 
     public String decrypt(SaleToPOISecuredMessage saleToPoiSecuredMessage) throws Exception {
         NexoDerivedKey derivedKey = getNexoDerivedKey();
-        byte[] encryptedSaleToPoiMessageByteArray = Base64.decodeBase64(saleToPoiSecuredMessage.getNexoBlob().getBytes());
+        byte[] encryptedSaleToPoiMessageByteArray = Base64.getDecoder().decode(saleToPoiSecuredMessage.getNexoBlob().getBytes());
         byte[] ivNonce = saleToPoiSecuredMessage.getSecurityTrailer().getNonce();
         byte[] decryptedSaleToPoiMessageByteArray = crypt(encryptedSaleToPoiMessageByteArray, derivedKey, ivNonce, Cipher.DECRYPT_MODE);
 

src/main/java/com/adyen/terminal/serialization/ByteArrayToBase64TypeAdapter.java

@@ -28,16 +28,15 @@
 import com.google.gson.JsonPrimitive;
 import com.google.gson.JsonSerializationContext;
 import com.google.gson.JsonSerializer;
-import org.apache.commons.codec.binary.Base64;
-
+import java.util.Base64;
 import java.lang.reflect.Type;
 
 public class ByteArrayToBase64TypeAdapter implements JsonSerializer<byte[]>, JsonDeserializer<byte[]> {
     public byte[] deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
-        return Base64.decodeBase64(json.getAsString().getBytes());
+        return Base64.getDecoder().decode(json.getAsString().getBytes());
     }
 
     public JsonElement serialize(byte[] src, Type typeOfSrc, JsonSerializationContext context) {
-        return new JsonPrimitive(new String(Base64.encodeBase64(src)));
+        return new JsonPrimitive(new String(Base64.getEncoder().encode(src)));
     }
 }

src/main/java/com/adyen/util/HMACValidator.java

@@ -22,8 +22,8 @@
 
 import com.adyen.model.notification.Amount;
 import com.adyen.model.notification.NotificationRequestItem;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.binary.Hex;
+import java.util.Base64;
+import javax.xml.bind.DatatypeConverter;
 
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
@@ -46,7 +46,7 @@ public String calculateHMAC(String data, String key) throws IllegalArgumentExcep
                 throw new IllegalArgumentException();
             }
 
-            byte[] rawKey = Hex.decodeHex(key.toCharArray());
+            byte[] rawKey = DatatypeConverter.parseHexBinary(key);
             // Create an hmac_sha256 key from the raw key bytes
             SecretKeySpec signingKey = new SecretKeySpec(rawKey, HMAC_SHA256_ALGORITHM);
 
@@ -60,7 +60,7 @@ public String calculateHMAC(String data, String key) throws IllegalArgumentExcep
             byte[] rawHmac = mac.doFinal(data.getBytes(StandardCharsets.UTF_8));
 
             // Base64-encode the hmac
-            return new String(Base64.encodeBase64(rawHmac));
+            return new String(Base64.getEncoder().encode(rawHmac));
         } catch (IllegalArgumentException e) {
             throw new IllegalArgumentException("Missing data or key.");
         } catch (Exception e) {

src/test/java/com/adyen/serializer/ByteArrayToStringAdapterTest.java

@@ -22,8 +22,7 @@
 
 import com.google.gson.JsonElement;
 import com.google.gson.JsonPrimitive;
-import org.apache.commons.codec.binary.Base64;
-import org.junit.Test;
+import java.util.Base64;import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.junit.MockitoJUnitRunner;
 
@@ -36,7 +35,7 @@ public class ByteArrayToStringAdapterTest {
     @Test
     public void testSerialize() {
         ByteArrayToStringAdapter adapter = new ByteArrayToStringAdapter();
-        byte[] base64Bytes = Base64.encodeBase64("Bytes-To-Be-Encoded".getBytes());
+        byte[] base64Bytes = Base64.getEncoder().encode("Bytes-To-Be-Encoded".getBytes());
 
         JsonElement serializedElement = adapter.serialize(base64Bytes, null, null);
         assertEquals("Qnl0ZXMtVG8tQmUtRW5jb2RlZA==", serializedElement.getAsString());
@@ -45,7 +44,7 @@ public void testSerialize() {
     @Test
     public void testDeserialize() {
         ByteArrayToStringAdapter adapter = new ByteArrayToStringAdapter();
-        byte[] base64Bytes = Base64.encodeBase64("Bytes-To-Be-Encoded".getBytes());
+        byte[] base64Bytes = Base64.getEncoder().encode("Bytes-To-Be-Encoded".getBytes());
 
         JsonElement element = new JsonPrimitive("Qnl0ZXMtVG8tQmUtRW5jb2RlZA==");
         byte[] deserializedBytes = adapter.deserialize(element, null, null);

src/test/java/com/adyen/serializer/SaleToAcquirerDataSerializerTest.java

@@ -7,7 +7,7 @@
 import com.google.gson.Gson;
 import com.google.gson.JsonParser;
 import com.google.gson.GsonBuilder;
-import org.apache.commons.codec.binary.Base64;
+import java.util.Base64;
 import org.junit.Test;
 
 import java.util.HashMap;
@@ -105,7 +105,7 @@ public void testSerialize()  {
 
         // test if base64 works
         String serialized = saleToAcquirerDataModelAdapter.serialize(saleToAcquirerData, null, null).getAsString();
-        SaleToAcquirerData saleToAcquirerDataDecoded = new Gson().fromJson(new String(Base64.decodeBase64(serialized)), SaleToAcquirerData.class);
+        SaleToAcquirerData saleToAcquirerDataDecoded = new Gson().fromJson(new String(Base64.getDecoder().decode(serialized)), SaleToAcquirerData.class);
         assertEquals(saleToAcquirerData, saleToAcquirerDataDecoded);
     }