Merge branch '4.16'

nvazquez · nvazquez · commit 1c238e101da7 · 2022-03-30T00:00:34.000-03:00
diff --git a/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java b/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java
@@ -100,8 +100,11 @@
 public class SAMLUtils {
     public static final Logger s_logger = Logger.getLogger(SAMLUtils.class);
 
+    static final String charset = "abcdefghijklmnopqrstuvwxyz";
+
     public static String generateSecureRandomId() {
-        return new BigInteger(160, new SecureRandom()).toString(32);
+        return new BigInteger(160, new SecureRandom()).toString(32).replaceFirst("^[0-9]",
+                String.valueOf(charset.charAt(new SecureRandom().nextInt(charset.length()))));
     }
 
     public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
diff --git a/plugins/user-authenticators/saml2/src/test/java/org/apache/cloudstack/SAMLUtilsTest.java b/plugins/user-authenticators/saml2/src/test/java/org/apache/cloudstack/SAMLUtilsTest.java
@@ -22,6 +22,7 @@
 import java.security.KeyPair;
 import java.security.PrivateKey;
 import java.security.PublicKey;
+import java.util.regex.Pattern;
 
 import org.apache.cloudstack.saml.SAMLUtils;
 import org.apache.cloudstack.utils.security.CertUtils;
@@ -38,6 +39,15 @@ public void testGenerateSecureRandomId() throws Exception {
         assertTrue(SAMLUtils.generateSecureRandomId().length() > 0);
     }
 
+    @Test
+    public void testGenerateSecureRandomId2() throws Exception {
+        for (int i = 0; i < 20; i++) {
+            String randomId = SAMLUtils.generateSecureRandomId();
+            System.out.println("randomId is " + randomId);
+            assertTrue(Pattern.compile("^[a-z]").matcher(randomId).find());
+        }
+    }
+
     @Test
     public void testBuildAuthnRequestObject() throws Exception {
         String consumerUrl = "http://someurl.com";
