countrycode converter and wss4j-ws-security-common upgrades to remove CVEs

catalog/confluence/catalog-confluence-source/src/main/java/org/codice/ddf/confluence/source/ConfluenceSource.java

@@ -44,6 +44,7 @@
 import java.io.Serializable;
 import java.net.URI;
 import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Collections;
@@ -277,7 +278,7 @@ public SourceResponse query(QueryRequest request) throws UnsupportedQueryExcepti
       String error = "";
       try {
         if (stream != null) {
-          error = IOUtils.toString(stream);
+          error = IOUtils.toString(stream, StandardCharsets.UTF_8);
         }
       } catch (IOException ioe) {
         LOGGER.debug("Could not convert error message to a string for output.", ioe);

catalog/confluence/catalog-confluence-source/src/test/java/org/codice/ddf/confluence/source/ConfluenceInputTransformerTest.java

@@ -171,7 +171,7 @@ public void testTransformingAnonymousContent() throws Exception {
   private String getFileContent(String filePath) {
     try {
       return IOUtils.toString(
-          this.getClass().getClassLoader().getResourceAsStream(filePath), "UTF-8");
+          this.getClass().getClassLoader().getResourceAsStream(filePath), StandardCharsets.UTF_8);
     } catch (IOException e) {
       throw new RuntimeException("Failed to read filepath: " + filePath);
     }

catalog/confluence/catalog-confluence-source/src/test/java/org/codice/ddf/confluence/source/ConfluenceSourceTest.java

@@ -555,7 +555,7 @@ private static String getFileContent(String filePath) {
     try {
       return IOUtils.toString(
           ConfluenceSourceTest.class.getClassLoader().getResourceAsStream(filePath),
-          StandardCharsets.UTF_8.toString());
+          StandardCharsets.UTF_8);
     } catch (IOException e) {
       throw new RuntimeException("Failed to read filepath: " + filePath);
     }

catalog/core/catalog-core-commands/src/main/java/org/codice/ddf/commands/catalog/ValidateCommand.java

@@ -27,6 +27,7 @@
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.text.ParseException;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -122,7 +123,7 @@ private List<Metacard> createMetacardsFromFiles() throws IOException {
     List<Metacard> metacards = new ArrayList<>();
     for (File file : files) {
       Metacard metacard = new MetacardImpl();
-      String metadata = IOUtils.toString(file.toURI());
+      String metadata = IOUtils.toString(file.toURI(), StandardCharsets.UTF_8);
       metacard.setAttribute(new AttributeImpl(Metacard.METADATA, metadata));
       metacard.setAttribute(new AttributeImpl(Metacard.TITLE, file.getName()));
       metacards.add(metacard);

catalog/core/catalog-core-definitionparser/src/main/java/ddf/catalog/definition/impl/DefinitionParser.java

@@ -250,7 +250,7 @@ public boolean canHandle(File file) {
   private void apply(File file) throws Exception {
     String data;
     try (InputStream input = new FileInputStream(file)) {
-      data = IOUtils.toString(input, StandardCharsets.UTF_8.name());
+      data = IOUtils.toString(input, StandardCharsets.UTF_8);
       LOGGER.debug("Installing file [{}]. Contents:\n{}", file.getAbsolutePath(), data);
     }
     if (StringUtils.isEmpty(data)) {

catalog/core/catalog-core-urlresourcereader/src/main/java/ddf/catalog/resource/impl/URLResourceReader.java

@@ -32,6 +32,7 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URLConnection;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.InvalidPathException;
 import java.nio.file.Paths;
 import java.security.AccessController;
@@ -423,7 +424,7 @@ private ResourceResponse retrieveHttpProduct(
   private String getResponseErrorMessage(InputStream is) {
     String error = "";
     try {
-      error = IOUtils.toString(is);
+      error = IOUtils.toString(is, StandardCharsets.UTF_8);
     } catch (IOException ioe) {
       LOGGER.debug("Could not convert error message to a string for output.", ioe);
     }

catalog/schematron/catalog-schematron-plugin/src/test/java/ddf/services/schematron/SchematronValidationServiceTest.java

@@ -27,6 +27,7 @@
 import java.io.File;
 import java.io.IOException;
 import java.net.URL;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Paths;
 import java.util.ArrayList;
 import java.util.Optional;
@@ -224,7 +225,9 @@ public void testSanitizationChangesInput() {
   }
 
   private MetacardImpl getMetacard(String filename) throws IOException {
-    String metadata = IOUtils.toString(getClass().getClassLoader().getResourceAsStream(filename));
+    String metadata =
+        IOUtils.toString(
+            getClass().getClassLoader().getResourceAsStream(filename), StandardCharsets.UTF_8);
     MetacardImpl metacard = new MetacardImpl();
     metacard.setMetadata(metadata);
     return metacard;

catalog/spatial/csw/spatial-csw-endpoint/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/endpoint/event/CswSubscriptionConfigFactoryTest.java

@@ -22,6 +22,7 @@
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
+import java.nio.charset.StandardCharsets;
 import net.opengis.cat.csw.v_2_0_2.GetRecordsType;
 import org.apache.commons.io.IOUtils;
 import org.codice.ddf.spatial.ogc.csw.catalog.endpoint.CswSubscriptionEndpoint;
@@ -47,7 +48,8 @@ public void setup() throws Exception {
     cswSubscriptionConfigFactory = new CswSubscriptionConfigFactory(subscriptionService);
     filterXml =
         IOUtils.toString(
-            CswSubscriptionConfigFactoryTest.class.getResourceAsStream("/GetRecords.xml"), "UTF-8");
+            CswSubscriptionConfigFactoryTest.class.getResourceAsStream("/GetRecords.xml"),
+            StandardCharsets.UTF_8);
   }
 
   @Test

catalog/spatial/csw/spatial-csw-transformer/src/main/java/org/codice/ddf/spatial/ogc/csw/catalog/converter/CswTransformProvider.java

@@ -174,10 +174,10 @@ public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext co
     try (InputStream is = readXml(reader, context)) {
       InputStream inputStream = is;
       if (LOGGER.isDebugEnabled()) {
-        String originalInputStream = IOUtils.toString(inputStream, StandardCharsets.UTF_8.name());
+        String originalInputStream = IOUtils.toString(inputStream, StandardCharsets.UTF_8);
         LOGGER.debug("About to transform\n{}", originalInputStream);
         inputStream =
-            new ByteArrayInputStream(originalInputStream.getBytes(StandardCharsets.UTF_8.name()));
+            new ByteArrayInputStream(originalInputStream.getBytes(StandardCharsets.UTF_8));
       }
       metacard = transformer.transform(inputStream);
     } catch (IOException | CatalogTransformerException e) {

catalog/spatial/csw/spatial-csw-transformer/src/main/java/org/codice/ddf/spatial/ogc/csw/catalog/transformer/GmdTransformer.java

@@ -42,6 +42,7 @@
 import java.io.StringReader;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
@@ -230,7 +231,7 @@ private Metacard handleTransform(InputStream inputStream, String id)
       byteArray = temporaryFileBackedOutputStream.asByteSource();
 
       try (InputStream xmlSourceInputStream = getSourceInputStream()) {
-        xml = IOUtils.toString(xmlSourceInputStream);
+        xml = IOUtils.toString(xmlSourceInputStream, StandardCharsets.UTF_8);
       }
 
       argumentHolder.put(XstreamPathConverter.PATH_KEY, buildPaths());

catalog/spatial/csw/spatial-csw-transformer/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/converter/CswRecordConverterTest.java

@@ -137,7 +137,9 @@ public static void setUpBeforeClass() throws Exception {
     converter = new CswRecordConverter(getCswMetacardType());
 
     cswRecordXml =
-        IOUtils.toString(CswRecordConverterTest.class.getResourceAsStream("/Csw_Record_Text.xml"));
+        IOUtils.toString(
+            CswRecordConverterTest.class.getResourceAsStream("/Csw_Record_Text.xml"),
+            StandardCharsets.UTF_8);
   }
 
   @Test
@@ -440,7 +442,7 @@ public void testMetacardTransform()
 
     BinaryContent content = converter.transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(
         xml, containsString("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>"));
     XMLUnit.setIgnoreWhitespace(true);
@@ -458,7 +460,7 @@ public void testMetacardTransformOmitXmlDeclaration()
 
     BinaryContent content = converter.transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(
         xml, not(containsString("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>")));
     XMLUnit.setIgnoreWhitespace(true);
@@ -475,7 +477,7 @@ public void testMetacardTransformOmitNamespaces()
 
     BinaryContent content = converter.transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(xml, containsString("<csw:Record>"));
   }
 
@@ -489,7 +491,7 @@ public void testMetacardTransformWithCswRecordMetadata()
 
     BinaryContent content = converter.transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(xml, containsString("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"));
     XMLUnit.setIgnoreWhitespace(true);
     assertXMLEqual(cswRecordXml, xml);

catalog/spatial/csw/spatial-csw-transformer/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/converter/CswTransformProviderTest.java

@@ -215,7 +215,7 @@ public void testUnmarshalCopyPreservesNamespaces() throws Exception {
     verify(mockInputTransformer, times(1)).transform(captor.capture());
 
     InputStream inStream = captor.getValue();
-    String result = IOUtils.toString(inStream);
+    String result = IOUtils.toString(inStream, StandardCharsets.UTF_8);
 
     XMLUnit.setIgnoreWhitespace(true);
     XMLAssert.assertXMLEqual(getRecord(), result);
@@ -289,7 +289,7 @@ public void testUnmarshalMissingNamespaces() throws Exception {
     verify(mockInputTransformer, times(1)).transform(captor.capture());
 
     InputStream inStream = captor.getValue();
-    String result = IOUtils.toString(inStream);
+    String result = IOUtils.toString(inStream, StandardCharsets.UTF_8);
 
     XMLUnit.setIgnoreWhitespace(true);
     XMLAssert.assertXMLEqual(getRecord(), result);

catalog/spatial/csw/spatial-csw-transformer/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/converter/GmdConverterTest.java

@@ -35,6 +35,7 @@
 import java.io.StringWriter;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import java.util.GregorianCalendar;
 import java.util.TimeZone;
@@ -124,7 +125,7 @@ public void testMarshalSparseMetacard() throws IOException, SAXException {
   private void assertMetacard(Metacard metacard, String xmlPath) throws IOException, SAXException {
     String compareString;
     try (InputStream input = getClass().getResourceAsStream(xmlPath)) {
-      compareString = IOUtils.toString(input);
+      compareString = IOUtils.toString(input, StandardCharsets.UTF_8);
     }
 
     String xml = convert(metacard, true);

catalog/spatial/csw/spatial-csw-transformer/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/converter/TransactionRequestConverterTest.java

@@ -35,6 +35,7 @@
 import ddf.catalog.data.impl.types.MediaAttributes;
 import ddf.catalog.data.impl.types.TopicAttributes;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import net.opengis.cat.csw.v_2_0_2.DeleteType;
 import net.opengis.cat.csw.v_2_0_2.QueryConstraintType;
@@ -208,7 +209,8 @@ public void testMultipleOperations() throws Exception {
   public void testUnmarshalInsert() throws Exception {
     String insertRequest =
         IOUtils.toString(
-            TransactionRequestConverterTest.class.getResourceAsStream("/insertRequest.xml"));
+            TransactionRequestConverterTest.class.getResourceAsStream("/insertRequest.xml"),
+            StandardCharsets.UTF_8);
     CswTransactionRequest request = (CswTransactionRequest) xStream.fromXML(insertRequest);
     assertThat(request.getDeleteActions(), emptyCollectionOf(DeleteAction.class));
     assertThat(request.getUpdateActions(), emptyCollectionOf(UpdateAction.class));
@@ -222,7 +224,8 @@ public void testUnmarshalUpdateWholeRecord() throws Exception {
     String updateRequest =
         IOUtils.toString(
             TransactionRequestConverterTest.class.getResourceAsStream(
-                "/updateWholeRecordRequest.xml"));
+                "/updateWholeRecordRequest.xml"),
+            StandardCharsets.UTF_8);
     CswTransactionRequest request = (CswTransactionRequest) xStream.fromXML(updateRequest);
     assertThat(request.getDeleteActions(), emptyCollectionOf(DeleteAction.class));
     assertThat(request.getUpdateActions(), hasSize(1));
@@ -236,7 +239,8 @@ public void testUnmarshalByProperty() throws Exception {
     String updateRequest =
         IOUtils.toString(
             TransactionRequestConverterTest.class.getResourceAsStream(
-                "/updateByPropertyRequest.xml"));
+                "/updateByPropertyRequest.xml"),
+            StandardCharsets.UTF_8);
     CswTransactionRequest request = (CswTransactionRequest) xStream.fromXML(updateRequest);
     assertThat(request.getDeleteActions(), emptyCollectionOf(DeleteAction.class));
     assertThat(request.getUpdateActions(), hasSize(1));
@@ -259,7 +263,8 @@ public void testUnmarshalByProperty() throws Exception {
   public void testUnmarshalDelete() throws Exception {
     String deleteRequest =
         IOUtils.toString(
-            TransactionRequestConverterTest.class.getResourceAsStream("/deleteRequest.xml"));
+            TransactionRequestConverterTest.class.getResourceAsStream("/deleteRequest.xml"),
+            StandardCharsets.UTF_8);
     CswTransactionRequest request = (CswTransactionRequest) xStream.fromXML(deleteRequest);
     assertThat(request.getDeleteActions(), hasSize(1));
     assertThat(request.getUpdateActions(), emptyCollectionOf(UpdateAction.class));

catalog/spatial/csw/spatial-csw-transformer/src/test/java/org/codice/ddf/spatial/ogc/csw/catalog/transformer/GmdTransformerTest.java

@@ -48,6 +48,7 @@
 import java.io.InputStreamReader;
 import java.io.Serializable;
 import java.net.URI;
+import java.nio.charset.StandardCharsets;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -249,7 +250,7 @@ public void testMetacardTransform() throws IOException, CatalogTransformerExcept
 
     BinaryContent content = new GmdTransformer(gmdMetacardType).transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(xml, startsWith(XML_DECLARATION));
   }
 
@@ -262,7 +263,7 @@ public void testMetacardTransformNoDeclaration() throws IOException, CatalogTran
 
     BinaryContent content = new GmdTransformer(gmdMetacardType).transform(metacard, args);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(xml, not(startsWith(XML_DECLARATION)));
   }
 
@@ -272,15 +273,15 @@ public void testMetacardTransformNullArgs() throws IOException, CatalogTransform
 
     BinaryContent content = new GmdTransformer(gmdMetacardType).transform(metacard, null);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
     assertThat(xml, startsWith(XML_DECLARATION));
   }
 
   @Test
   public void testMetacardTransformNullMetacard() throws IOException, CatalogTransformerException {
     BinaryContent content = new GmdTransformer(gmdMetacardType).transform((Metacard) null, null);
 
-    String xml = IOUtils.toString(content.getInputStream());
+    String xml = IOUtils.toString(content.getInputStream(), StandardCharsets.UTF_8);
 
     assertThat(xml.trim(), is(XML_DECLARATION));
   }

catalog/spatial/geocoding/spatial-geocoding-websearch/src/test/java/org/codice/ddf/spatial/geocoder/geonames/GeoNamesWebServiceTest.java

@@ -28,6 +28,7 @@
 import static org.mockito.Mockito.when;
 
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.text.ParseException;
 import java.util.Optional;
 import javax.ws.rs.WebApplicationException;
@@ -123,7 +124,8 @@ public void testGetLocation() throws IOException, GeoEntryQueryException {
         IOUtils.toString(
             GeoNamesWebServiceTest.class
                 .getClassLoader()
-                .getResourceAsStream("getLocationTestResponse.json"));
+                .getResourceAsStream("getLocationTestResponse.json"),
+            StandardCharsets.UTF_8);
 
     prepareWebClient(response);
 

catalog/spatial/kml/spatial-kml-transformer/src/test/java/org/codice/ddf/spatial/kml/transformer/KmzTransformerTest.java

@@ -126,12 +126,12 @@ private String getOutputFromBinaryContent(BinaryContent binaryContent) throws IO
 
   private String resourceToString(String resourceName) throws IOException {
     try (final InputStream inputStream = getResourceAsStream(resourceName)) {
-      return IOUtils.toString(inputStream, StandardCharsets.UTF_8.name());
+      return IOUtils.toString(inputStream, StandardCharsets.UTF_8);
     }
   }
 
   private String readContentsFromZipInputStream(ZipInputStream zipInputStream) throws IOException {
-    String kmlDocument = IOUtils.toString(zipInputStream, StandardCharsets.UTF_8.name());
+    String kmlDocument = IOUtils.toString(zipInputStream, StandardCharsets.UTF_8);
     IOUtils.closeQuietly(zipInputStream);
     return kmlDocument;
   }

catalog/transformer/catalog-transformer-xml/src/test/java/ddf/catalog/transform/xml/XmlMetacardTransformerTest.java

@@ -29,6 +29,7 @@
 import ddf.catalog.transformer.xml.XmlMetacardTransformer;
 import java.io.InputStream;
 import java.io.Serializable;
+import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Date;
@@ -156,7 +157,7 @@ public void testXmlMetacardTransformer() throws Exception {
     mc.setThumbnail(testThumbnail);
 
     InputStream input = getClass().getResourceAsStream("/extensibleMetacard.xml");
-    String metadata = IOUtils.toString(input);
+    String metadata = IOUtils.toString(input, StandardCharsets.UTF_8);
     mc.setMetadata(metadata);
 
     String outputXml = transform(mc);

platform/admin/core/admin-core-appservice/src/main/java/org/codice/ddf/admin/application/service/impl/ApplicationServiceImpl.java

@@ -19,6 +19,7 @@
 import ddf.security.service.SecurityServiceException;
 import java.io.File;
 import java.lang.reflect.InvocationTargetException;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.AccessController;
@@ -99,7 +100,8 @@ public Set<Application> getApplications() {
       try {
         String appJson =
             AccessController.doPrivileged(
-                (PrivilegedExceptionAction<String>) () -> IOUtils.toString(appDef.toURI()));
+                (PrivilegedExceptionAction<String>)
+                    () -> IOUtils.toString(appDef.toURI(), StandardCharsets.UTF_8));
         ApplicationImpl app = JsonUtils.fromJson(appJson, ApplicationImpl.class);
         if (isPermittedToViewFeature(app.getName())) {
           app.loadBundles(bundlesByLocation);