diff --git a/.mvn/maven.config b/.mvn/maven.config
deleted file mode 100644
index 0f4fa3c8a6eae..0000000000000
--- a/.mvn/maven.config
+++ /dev/null
@@ -1 +0,0 @@
--Dmaven.multiModuleProjectDirectory=${session.rootDirectory}
\ No newline at end of file
diff --git a/bom/application/pom.xml b/bom/application/pom.xml
index 870611dbc7334..9f4508ab51cf3 100644
--- a/bom/application/pom.xml
+++ b/bom/application/pom.xml
@@ -51,7 +51,7 @@
2.1
2.0
3.1.1
- 2.5.0
+ 2.6.0
3.9.1
4.1.0
4.0.0
@@ -95,7 +95,7 @@
1.8.0
2.17.2
1.0.0.Final
- 3.14.0
+ 3.17.0
1.17.1
1.7.0
2.8
@@ -70,7 +70,7 @@
1.26
2.0
3.5.1
- 2.5.0
+ 2.6.0
1.5.2
8.9
0.0.10
diff --git a/independent-projects/resteasy-reactive/pom.xml b/independent-projects/resteasy-reactive/pom.xml
index 36c412d48459c..f953417f1f0b8 100644
--- a/independent-projects/resteasy-reactive/pom.xml
+++ b/independent-projects/resteasy-reactive/pom.xml
@@ -57,7 +57,7 @@
3.1.0
2.6.2
- 2.5.0
+ 2.6.0
4.5.9
5.5.0
1.0.0.Final
diff --git a/integration-tests/oidc-code-flow/src/main/resources/application.properties b/integration-tests/oidc-code-flow/src/main/resources/application.properties
index 41372ae76857a..273e767de6583 100644
--- a/integration-tests/oidc-code-flow/src/main/resources/application.properties
+++ b/integration-tests/oidc-code-flow/src/main/resources/application.properties
@@ -173,7 +173,7 @@ quarkus.oidc.tenant-split-tokens.token-state-manager.encryption-secret=eUk1p7UB3
quarkus.oidc.tenant-split-tokens.application-type=web-app
quarkus.oidc.tenant-split-tokens.authentication.cookie-same-site=strict
-quarkus.http.auth.permission.roles1.paths=/index.html
+quarkus.http.auth.permission.roles1.paths=/index.html,/index.html;/checktterer
quarkus.http.auth.permission.roles1.policy=authenticated
quarkus.http.auth.permission.logout.paths=/tenant-logout
diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java
index 9629c61ce5dab..a2f28e11d8593 100644
--- a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java
+++ b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java
@@ -1081,6 +1081,29 @@ public void testAccessTokenInjection() throws IOException {
}
}
+ @Test
+ public void testInvalidPath() throws IOException {
+ try (final WebClient webClient = createWebClient()) {
+ HtmlPage page = webClient.getPage("http://localhost:8081/index.html;/checktterer");
+ assertEquals("/index.html;/checktterer", getStateCookieSavedPath(webClient, null));
+
+ assertEquals("Sign in to quarkus", page.getTitleText());
+
+ HtmlForm loginForm = page.getForms().get(0);
+
+ loginForm.getInputByName("username").setValueAttribute("alice");
+ loginForm.getInputByName("password").setValueAttribute("alice");
+
+ try {
+ page = loginForm.getInputByName("login").click();
+ } catch (FailingHttpStatusCodeException ex) {
+ assertEquals(404, ex.getStatusCode());
+ }
+
+ webClient.getCookieManager().clearCookies();
+ }
+ }
+
@Test
public void testAccessAndRefreshTokenInjection() throws IOException {
try (final WebClient webClient = createWebClient()) {
@@ -1386,8 +1409,8 @@ public void testAccessAndRefreshTokenInjectionWithoutIndexHtmlAndListenerMultiTa
@Test
public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception {
try (final WebClient webClient = createWebClient()) {
- HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue");
- assertEquals("/web-app/refresh-query?a=aValue", getStateCookieSavedPath(webClient, null));
+ HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue%");
+ assertEquals("/web-app/refresh-query?a=aValue%25", getStateCookieSavedPath(webClient, null));
assertEquals("Sign in to quarkus", page.getTitleText());
@@ -1398,7 +1421,8 @@ public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception {
page = loginForm.getInputByName("login").click();
- assertEquals("RT injected:aValue", page.getBody().asNormalizedText());
+ // Query parameters are decoded by the time they reach the JAX-RS endpoint
+ assertEquals("RT injected:aValue%", page.getBody().asNormalizedText());
webClient.getCookieManager().clearCookies();
}
}
@@ -1561,12 +1585,17 @@ private String getStateCookieStateParam(Cookie stateCookie) {
private String getStateCookieSavedPath(WebClient webClient, String tenantId) {
String[] parts = getStateCookie(webClient, tenantId).getValue().split("\\|");
- return parts.length == 2 ? parts[1] : null;
+ return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null;
}
private String getStateCookieSavedPath(Cookie stateCookie) {
String[] parts = stateCookie.getValue().split("\\|");
- return parts.length == 2 ? parts[1] : null;
+ return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null;
+ }
+
+ private String getSavedPathFromJson(String value) {
+ JsonObject json = new JsonObject(OidcUtils.base64UrlDecode(value));
+ return json.getString(OidcUtils.STATE_COOKIE_RESTORE_PATH);
}
private Cookie getSessionCookie(WebClient webClient, String tenantId) {
diff --git a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java
index eab9ad69c8765..c05c6304c1242 100644
--- a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java
+++ b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java
@@ -31,7 +31,7 @@ public static class RabbitMQResource implements QuarkusTestResourceLifecycleMana
@Override
public Map start() {
String username = "tester";
- String password = RandomStringUtils.random(10);
+ String password = RandomStringUtils.insecure().next(10);
rabbit = new RabbitMQContainer(DockerImageName.parse("rabbitmq:3.12-management"))
.withNetwork(Network.SHARED)
diff --git a/pom.xml b/pom.xml
index 45f8b17982219..1bdde83985a03 100644
--- a/pom.xml
+++ b/pom.xml
@@ -77,7 +77,7 @@
7.0.1.Final
2.4.0.Final
8.0.1.Final
- 7.2.0.Final
+ 7.2.1.Final
1.65.1
@@ -183,7 +183,7 @@
io.quarkus.bot
build-reporter-maven-extension
- 3.9.1
+ 3.9.2
diff --git a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java
index 533048d795934..50295407fa505 100644
--- a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java
+++ b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java
@@ -50,7 +50,7 @@ public class DefaultDockerContainerLauncher implements DockerContainerArtifactLa
private Map labels;
private final Map systemProps = new HashMap<>();
private boolean isSsl;
- private final String containerName = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false);
+ private final String containerName = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false);
private String containerRuntimeBinaryName;
private final ExecutorService executorService = Executors.newSingleThreadExecutor();
private Optional entryPoint;
diff --git a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java
index a29edfc4a0488..b44f78c962cf5 100644
--- a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java
+++ b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java
@@ -319,7 +319,7 @@ public void accept(String s, String s2) {
if (networkIdOpt.isPresent()) {
networkId = networkIdOpt.get();
} else {
- networkId = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false);
+ networkId = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false);
manageNetwork = true;
}
}