SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (apache#2222)

gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt

@@ -1,2 +1,5 @@
 @defaultMessage Use java.nio.charset.StandardCharsets instead
 org.apache.commons.codec.Charsets
+
+@defaultMessage Use java.util.Base64 instead
+org.apache.commons.codec.binary.Base64

solr/CHANGES.txt

@@ -186,6 +186,8 @@ Other Changes
 
 * SOLR-14034: Remove deprecated min_rf references (Tim Dillon)
 
+* SOLR-14297: Replace commons-codec Base64 with JDK8 Base64 (Andras Salamon via Houston Putman)
+
 Bug Fixes
 ---------------------
 * SOLR-14546: Fix for a relatively hard to hit issue in OverseerTaskProcessor that could lead to out of order execution

solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java

@@ -26,6 +26,7 @@
 import java.lang.invoke.MethodHandles;
 import java.nio.charset.StandardCharsets;
 import java.security.Principal;
+import java.util.Base64;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -34,7 +35,6 @@
 import java.util.StringTokenizer;
 
 import com.google.common.collect.ImmutableSet;
-import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.http.Header;
 import org.apache.http.HttpHeaders;
@@ -133,7 +133,7 @@ public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse re
         if (basic.equalsIgnoreCase("Basic")) {
           if (st.hasMoreTokens()) {
             try {
-              String credentials = new String(Base64.decodeBase64(st.nextToken()), StandardCharsets.UTF_8);
+              String credentials = new String(Base64.getDecoder().decode(st.nextToken()), StandardCharsets.UTF_8);
               int p = credentials.indexOf(":");
               if (p != -1) {
                 final String username = credentials.substring(0, p).trim();
@@ -222,7 +222,7 @@ protected boolean interceptInternodeRequest(HttpRequest httpRequest, HttpContext
         HttpClientContext httpClientContext = (HttpClientContext) httpContext;
         if (httpClientContext.getUserToken() instanceof BasicAuthUserPrincipal) {
           BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) httpClientContext.getUserToken();
-          String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
+          String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
           httpRequest.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64);
           return true;
         }
@@ -237,7 +237,7 @@ protected boolean interceptInternodeRequest(Request request) {
       Object userToken = request.getAttributes().get(Http2SolrClient.REQ_PRINCIPAL_KEY);
       if (userToken instanceof BasicAuthUserPrincipal) {
         BasicAuthUserPrincipal principal = (BasicAuthUserPrincipal) userToken;
-        String userPassBase64 = Base64.encodeBase64String((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
+        String userPassBase64 = Base64.getEncoder().encodeToString((principal.getName() + ":" + principal.getPassword()).getBytes(StandardCharsets.UTF_8));
         request.header(HttpHeaders.AUTHORIZATION, "Basic " + userPassBase64);
         return true;
       }

solr/core/src/java/org/apache/solr/security/Sha256AuthenticationProvider.java

@@ -21,6 +21,7 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.Base64;
 import java.util.Collections;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -29,7 +30,6 @@
 import java.util.Set;
 
 import com.google.common.collect.ImmutableSet;
-import org.apache.commons.codec.binary.Base64;
 import org.apache.solr.common.util.CommandOperation;
 import org.apache.solr.common.util.Utils;
 import org.apache.solr.common.util.ValidatingJsonMap;
@@ -60,7 +60,7 @@ public static String getSaltedHashedValue(String pwd) {
     final Random r = new SecureRandom();
     byte[] salt = new byte[32];
     r.nextBytes(salt);
-    String saltBase64 = Base64.encodeBase64String(salt);
+    String saltBase64 = Base64.getEncoder().encodeToString(salt);
     String val = sha256(pwd, saltBase64) + " " + saltBase64;
     return val;
   }
@@ -121,13 +121,13 @@ public static String sha256(String password, String saltKey) {
     }
     if (saltKey != null) {
       digest.reset();
-      digest.update(Base64.decodeBase64(saltKey));
+      digest.update(Base64.getDecoder().decode(saltKey));
     }
 
     byte[] btPass = digest.digest(password.getBytes(StandardCharsets.UTF_8));
     digest.reset();
     btPass = digest.digest(btPass);
-    return Base64.encodeBase64String(btPass);
+    return Base64.getEncoder().encodeToString(btPass);
   }
 
   @Override

solr/core/src/java/org/apache/solr/servlet/cache/HttpCacheHeaderUtil.java

@@ -18,6 +18,7 @@
 
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 import java.util.Collections;
 import java.util.List;
 import java.util.UUID;
@@ -37,8 +38,6 @@
 import org.apache.solr.request.SolrQueryRequest;
 import org.apache.solr.response.SolrQueryResponse;
 
-import org.apache.commons.codec.binary.Base64;
-
 public final class HttpCacheHeaderUtil {
 
   public static void sendNotModified(HttpServletResponse res) {
@@ -72,7 +71,7 @@ public String calcEtag(final long currentIndexVersion) {
       if (currentIndexVersion != indexVersionCache) {
         indexVersionCache=currentIndexVersion;
         etagCache = "\""
-            + new String(Base64.encodeBase64((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed)
+            + new String(Base64.getEncoder().encode((Long.toHexString(Long.reverse(indexVersionCache)) + etagSeed)
             .getBytes(StandardCharsets.US_ASCII)), StandardCharsets.US_ASCII) + "\"";
       }