From ec73062c0a473bb337bba782cf6ef9981e45f34d Mon Sep 17 00:00:00 2001
From: Bodo Graumann <mail@bodograumann.de>
Date: Wed, 25 Sep 2024 16:57:44 +0200
Subject: [PATCH] Avoid UriComponentsBuilder.fromUri

Closes 15852
---
 .../JwtDecoderProviderConfigurationUtils.java  | 18 ++++++++++--------
 ...veJwtDecoderProviderConfigurationUtils.java | 15 ++++++++-------
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java
index 36ca9b68689..46697d2ab96 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java
@@ -45,6 +45,7 @@
 import org.springframework.web.client.HttpClientErrorException;
 import org.springframework.web.client.RestOperations;
 import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
 
 /**
@@ -82,11 +83,12 @@ private JwtDecoderProviderConfigurationUtils() {
 	}
 
 	static Map<String, Object> getConfigurationForOidcIssuerLocation(String oidcIssuerLocation) {
-		return getConfiguration(oidcIssuerLocation, rest, oidc(URI.create(oidcIssuerLocation)));
+		UriComponents uri = UriComponentsBuilder.fromUriString(oidcIssuerLocation).build();
+		return getConfiguration(oidcIssuerLocation, rest, oidc(uri));
 	}
 
 	static Map<String, Object> getConfigurationForIssuerLocation(String issuer, RestOperations rest) {
-		URI uri = URI.create(issuer);
+		UriComponents uri = UriComponentsBuilder.fromUriString(issuer).build();
 		return getConfiguration(issuer, rest, oidc(uri), oidcRfc8414(uri), oauth(uri));
 	}
 
@@ -183,25 +185,25 @@ private static Map<String, Object> getConfiguration(String issuer, RestOperation
 		throw new IllegalArgumentException(errorMessage);
 	}
 
-	private static URI oidc(URI issuer) {
+	private static URI oidc(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(issuer.getPath() + OIDC_METADATA_PATH)
 				.build(Collections.emptyMap());
 		// @formatter:on
 	}
 
-	private static URI oidcRfc8414(URI issuer) {
+	private static URI oidcRfc8414(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(OIDC_METADATA_PATH + issuer.getPath())
 				.build(Collections.emptyMap());
 		// @formatter:on
 	}
 
-	private static URI oauth(URI issuer) {
+	private static URI oauth(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(OAUTH_METADATA_PATH + issuer.getPath())
 				.build(Collections.emptyMap());
 		// @formatter:on
diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/ReactiveJwtDecoderProviderConfigurationUtils.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/ReactiveJwtDecoderProviderConfigurationUtils.java
index ad82339c2d1..58180b48662 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/ReactiveJwtDecoderProviderConfigurationUtils.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/ReactiveJwtDecoderProviderConfigurationUtils.java
@@ -41,6 +41,7 @@
 import org.springframework.util.Assert;
 import org.springframework.web.reactive.function.client.WebClient;
 import org.springframework.web.reactive.function.client.WebClientResponseException;
+import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
 
 final class ReactiveJwtDecoderProviderConfigurationUtils {
@@ -93,29 +94,29 @@ else if (jwk.getKeyType() == KeyType.EC) {
 	}
 
 	static Mono<Map<String, Object>> getConfigurationForIssuerLocation(String issuer, WebClient web) {
-		URI uri = URI.create(issuer);
+		UriComponents uri = UriComponentsBuilder.fromUriString(issuer).build();
 		return getConfiguration(issuer, web, oidc(uri), oidcRfc8414(uri), oauth(uri));
 	}
 
-	private static URI oidc(URI issuer) {
+	private static URI oidc(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(issuer.getPath() + OIDC_METADATA_PATH)
 				.build(Collections.emptyMap());
 		// @formatter:on
 	}
 
-	private static URI oidcRfc8414(URI issuer) {
+	private static URI oidcRfc8414(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(OIDC_METADATA_PATH + issuer.getPath())
 				.build(Collections.emptyMap());
 		// @formatter:on
 	}
 
-	private static URI oauth(URI issuer) {
+	private static URI oauth(UriComponents issuer) {
 		// @formatter:off
-		return UriComponentsBuilder.fromUri(issuer)
+		return UriComponentsBuilder.newInstance().uriComponents(issuer)
 				.replacePath(OAUTH_METADATA_PATH + issuer.getPath())
 				.build(Collections.emptyMap());
 		// @formatter:on