diff --git a/.mvn/maven.config b/.mvn/maven.config deleted file mode 100644 index 0f4fa3c8a6eae..0000000000000 --- a/.mvn/maven.config +++ /dev/null @@ -1 +0,0 @@ --Dmaven.multiModuleProjectDirectory=${session.rootDirectory} \ No newline at end of file diff --git a/bom/application/pom.xml b/bom/application/pom.xml index 870611dbc7334..9f4508ab51cf3 100644 --- a/bom/application/pom.xml +++ b/bom/application/pom.xml @@ -51,7 +51,7 @@ 2.1 2.0 3.1.1 - 2.5.0 + 2.6.0 3.9.1 4.1.0 4.0.0 @@ -95,7 +95,7 @@ 1.8.0 2.17.2 1.0.0.Final - 3.14.0 + 3.17.0 1.17.1 1.7.0 2.8 @@ -70,7 +70,7 @@ 1.26 2.0 3.5.1 - 2.5.0 + 2.6.0 1.5.2 8.9 0.0.10 diff --git a/independent-projects/resteasy-reactive/pom.xml b/independent-projects/resteasy-reactive/pom.xml index 36c412d48459c..f953417f1f0b8 100644 --- a/independent-projects/resteasy-reactive/pom.xml +++ b/independent-projects/resteasy-reactive/pom.xml @@ -57,7 +57,7 @@ 3.1.0 2.6.2 - 2.5.0 + 2.6.0 4.5.9 5.5.0 1.0.0.Final diff --git a/integration-tests/oidc-code-flow/src/main/resources/application.properties b/integration-tests/oidc-code-flow/src/main/resources/application.properties index 41372ae76857a..273e767de6583 100644 --- a/integration-tests/oidc-code-flow/src/main/resources/application.properties +++ b/integration-tests/oidc-code-flow/src/main/resources/application.properties @@ -173,7 +173,7 @@ quarkus.oidc.tenant-split-tokens.token-state-manager.encryption-secret=eUk1p7UB3 quarkus.oidc.tenant-split-tokens.application-type=web-app quarkus.oidc.tenant-split-tokens.authentication.cookie-same-site=strict -quarkus.http.auth.permission.roles1.paths=/index.html +quarkus.http.auth.permission.roles1.paths=/index.html,/index.html;/checktterer quarkus.http.auth.permission.roles1.policy=authenticated quarkus.http.auth.permission.logout.paths=/tenant-logout diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java index 9629c61ce5dab..a2f28e11d8593 100644 --- a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java +++ b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java @@ -1081,6 +1081,29 @@ public void testAccessTokenInjection() throws IOException { } } + @Test + public void testInvalidPath() throws IOException { + try (final WebClient webClient = createWebClient()) { + HtmlPage page = webClient.getPage("http://localhost:8081/index.html;/checktterer"); + assertEquals("/index.html;/checktterer", getStateCookieSavedPath(webClient, null)); + + assertEquals("Sign in to quarkus", page.getTitleText()); + + HtmlForm loginForm = page.getForms().get(0); + + loginForm.getInputByName("username").setValueAttribute("alice"); + loginForm.getInputByName("password").setValueAttribute("alice"); + + try { + page = loginForm.getInputByName("login").click(); + } catch (FailingHttpStatusCodeException ex) { + assertEquals(404, ex.getStatusCode()); + } + + webClient.getCookieManager().clearCookies(); + } + } + @Test public void testAccessAndRefreshTokenInjection() throws IOException { try (final WebClient webClient = createWebClient()) { @@ -1386,8 +1409,8 @@ public void testAccessAndRefreshTokenInjectionWithoutIndexHtmlAndListenerMultiTa @Test public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception { try (final WebClient webClient = createWebClient()) { - HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue"); - assertEquals("/web-app/refresh-query?a=aValue", getStateCookieSavedPath(webClient, null)); + HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue%"); + assertEquals("/web-app/refresh-query?a=aValue%25", getStateCookieSavedPath(webClient, null)); assertEquals("Sign in to quarkus", page.getTitleText()); @@ -1398,7 +1421,8 @@ public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception { page = loginForm.getInputByName("login").click(); - assertEquals("RT injected:aValue", page.getBody().asNormalizedText()); + // Query parameters are decoded by the time they reach the JAX-RS endpoint + assertEquals("RT injected:aValue%", page.getBody().asNormalizedText()); webClient.getCookieManager().clearCookies(); } } @@ -1561,12 +1585,17 @@ private String getStateCookieStateParam(Cookie stateCookie) { private String getStateCookieSavedPath(WebClient webClient, String tenantId) { String[] parts = getStateCookie(webClient, tenantId).getValue().split("\\|"); - return parts.length == 2 ? parts[1] : null; + return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null; } private String getStateCookieSavedPath(Cookie stateCookie) { String[] parts = stateCookie.getValue().split("\\|"); - return parts.length == 2 ? parts[1] : null; + return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null; + } + + private String getSavedPathFromJson(String value) { + JsonObject json = new JsonObject(OidcUtils.base64UrlDecode(value)); + return json.getString(OidcUtils.STATE_COOKIE_RESTORE_PATH); } private Cookie getSessionCookie(WebClient webClient, String tenantId) { diff --git a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java index eab9ad69c8765..c05c6304c1242 100644 --- a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java +++ b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java @@ -31,7 +31,7 @@ public static class RabbitMQResource implements QuarkusTestResourceLifecycleMana @Override public Map start() { String username = "tester"; - String password = RandomStringUtils.random(10); + String password = RandomStringUtils.insecure().next(10); rabbit = new RabbitMQContainer(DockerImageName.parse("rabbitmq:3.12-management")) .withNetwork(Network.SHARED) diff --git a/pom.xml b/pom.xml index 45f8b17982219..1bdde83985a03 100644 --- a/pom.xml +++ b/pom.xml @@ -77,7 +77,7 @@ 7.0.1.Final 2.4.0.Final 8.0.1.Final - 7.2.0.Final + 7.2.1.Final 1.65.1 @@ -183,7 +183,7 @@ io.quarkus.bot build-reporter-maven-extension - 3.9.1 + 3.9.2 diff --git a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java index 533048d795934..50295407fa505 100644 --- a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java +++ b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java @@ -50,7 +50,7 @@ public class DefaultDockerContainerLauncher implements DockerContainerArtifactLa private Map labels; private final Map systemProps = new HashMap<>(); private boolean isSsl; - private final String containerName = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false); + private final String containerName = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false); private String containerRuntimeBinaryName; private final ExecutorService executorService = Executors.newSingleThreadExecutor(); private Optional entryPoint; diff --git a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java index a29edfc4a0488..b44f78c962cf5 100644 --- a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java +++ b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java @@ -319,7 +319,7 @@ public void accept(String s, String s2) { if (networkIdOpt.isPresent()) { networkId = networkIdOpt.get(); } else { - networkId = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false); + networkId = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false); manageNetwork = true; } }