spring-projects · jzheaux · Apr 26, 2024 · Apr 7, 2024
diff --git a/...c/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java b/...c/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java
@@ -41,8 +41,6 @@ public class PasswordEncoderParser {
 
 	public static final String ATT_HASH = "hash";
 
-	static final String ATT_BASE_64 = "base64";
-
 	static final String OPT_HASH_BCRYPT = "bcrypt";
 
 	private static final Map<String, Class<?>> ENCODER_CLASSES = Collections.singletonMap(OPT_HASH_BCRYPT,
@@ -62,19 +60,17 @@ private void parse(Element element, ParserContext parserContext) {
 			return;
 		}
 		String hash = element.getAttribute(ATT_HASH);
-		boolean useBase64 = StringUtils.hasText(element.getAttribute(ATT_BASE_64))
-				&& Boolean.parseBoolean(element.getAttribute(ATT_BASE_64));
 		String ref = element.getAttribute(ATT_REF);
 		if (StringUtils.hasText(ref)) {
 			this.passwordEncoder = new RuntimeBeanReference(ref);
 		}
 		else {
-			this.passwordEncoder = createPasswordEncoderBeanDefinition(hash, useBase64);
+			this.passwordEncoder = createPasswordEncoderBeanDefinition(hash);
 			((RootBeanDefinition) this.passwordEncoder).setSource(parserContext.extractSource(element));
 		}
 	}
 
-	public static BeanDefinition createPasswordEncoderBeanDefinition(String hash, boolean useBase64) {
+	public static BeanDefinition createPasswordEncoderBeanDefinition(String hash) {
 		Class<?> beanClass = ENCODER_CLASSES.get(hash);
 		BeanDefinitionBuilder beanBldr = BeanDefinitionBuilder.rootBeanDefinition(beanClass);
 		return beanBldr.getBeanDefinition();

diff --git a/.../main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java b/.../main/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParser.java
@@ -98,7 +98,7 @@ else if (searchBean == null) {
 			}
 			else if (StringUtils.hasText(hash)) {
 				authenticatorBuilder.addPropertyValue("passwordEncoder",
-						PasswordEncoderParser.createPasswordEncoderBeanDefinition(hash, false));
+						PasswordEncoderParser.createPasswordEncoderBeanDefinition(hash));
 			}
 		}
 		authenticatorBuilder.addConstructorArgValue(contextSource);

diff --git a/...t/java/org/springframework/security/config/authentication/PasswordEncoderParserTests.java b/...t/java/org/springframework/security/config/authentication/PasswordEncoderParserTests.java
@@ -20,10 +20,13 @@
 import org.junit.jupiter.api.extension.ExtendWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.test.web.servlet.MockMvc;
 
+import static org.assertj.core.api.Assertions.assertThat;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -65,4 +68,15 @@ public void passwordEncoderDefaultsToPasswordEncoderBean() throws Exception {
 		// @formatter:on
 	}
 
+	@Test
+	void testCreatePasswordEncoderBeanDefinition() throws Exception {
+		String hash = "bcrypt";
+		Class<?> expectedBeanClass = BCryptPasswordEncoder.class;
+
+		BeanDefinition beanDefinition = PasswordEncoderParser.createPasswordEncoderBeanDefinition(hash);
+
+		Class<?> actualBeanClass = Class.forName(beanDefinition.getBeanClassName());
+		assertThat(actualBeanClass).isEqualTo(expectedBeanClass);
+	}
+
 }