commons-codec 升级后 Base32 没有抛出异常

No exception thrown from Base32 after commons-codec upgrade

我有一个来自 Apache Commons Codec 的 TOTP Authenticator project which generates a six-digit one-time password using TOTP (RFC 6238). Internally it uses Base32 class:

Base32 base32 = new Base32();

commons-codec 升级 1.14 -> 1.15 之后,单元测试开始失败:

@Test
void testInvalidBase32Value() {
  String secretKey = "AHXQ2W5P6AGKYVK";

  Executable when = () -> generator.generateOtp(secretKey);

  assertThrows(IllegalArgumentException.class, when);
}
org.opentest4j.AssertionFailedError: Expected java.lang.IllegalArgumentException to be thrown, but nothing was thrown.

如何修复测试?

根据 Apache Commons 编解码器 1.15 release notes,默认解码策略已更改:

Base32/Base64/BCodec: Added strict decoding property to control handling of trailing bits. Default lenient mode discards them without error. Strict mode raise an exception.

新的默认解码策略定义在BaseNCodec.java:

protected static final CodecPolicy DECODING_POLICY_DEFAULT = CodecPolicy.LENIENT;

要修复单元测试,请在 generateOtp() 中将解码策略设置为 CodecPolicy.STRICT:

Base32 base32 = new Base32();
->
Base32 base32 = new Base32(0, null, false, PAD_DEFAULT, CodecPolicy.STRICT);

现在导致编解码器失败的数据应该抛出异常。