From 70850699ec8615182a9e51f2c822f656f22117f8 Mon Sep 17 00:00:00 2001
From: tkuzynow <tomasz.kuzynowski@gmail.com>
Date: Thu, 16 Jan 2025 10:30:27 +0100
Subject: [PATCH] fix: remove url decoder for passwords

---
 .../userservice/api/adapters/web/dto/UserDTO.java   |  1 -
 .../caritas/cob/userservice/api/helper/Helper.java  | 13 +------------
 2 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/src/main/java/de/caritas/cob/userservice/api/adapters/web/dto/UserDTO.java b/src/main/java/de/caritas/cob/userservice/api/adapters/web/dto/UserDTO.java
index bc8f8a762..7fa588fcc 100644
--- a/src/main/java/de/caritas/cob/userservice/api/adapters/web/dto/UserDTO.java
+++ b/src/main/java/de/caritas/cob/userservice/api/adapters/web/dto/UserDTO.java
@@ -70,7 +70,6 @@ public class UserDTO implements UserRegistrationDTO {
 
   @NotBlank(message = "{user.password.notBlank}")
   @ApiModelProperty(required = true, example = "pass@w0rd", position = 3)
-  @JsonDeserialize(using = UrlDecodePasswordJsonDeserializer.class)
   @JsonProperty("password")
   private String password;
 
diff --git a/src/main/java/de/caritas/cob/userservice/api/helper/Helper.java b/src/main/java/de/caritas/cob/userservice/api/helper/Helper.java
index 387475fc8..1d06f93e1 100644
--- a/src/main/java/de/caritas/cob/userservice/api/helper/Helper.java
+++ b/src/main/java/de/caritas/cob/userservice/api/helper/Helper.java
@@ -14,8 +14,6 @@
 @Component
 public class Helper {
 
-  private static final String PERCENT = "__PERCENT__";
-  private static final String PLUS = "__PLUS__";
   public static final long ONE_DAY_IN_HOURS = 24L;
   public static final Date UNIXTIME_0 = new Date(0);
 
@@ -57,16 +55,7 @@ public static String removeHTMLFromText(String text) {
    */
   public String urlDecodeString(String stringToDecode) {
     try {
-      if (stringToDecode == null) {
-        return null;
-      }
-      String tempPassword = stringToDecode.replace("%", PERCENT);
-      tempPassword = tempPassword.replace("+", PLUS);
-      String decodedPassword =
-          java.net.URLDecoder.decode(tempPassword, StandardCharsets.UTF_8.name());
-      decodedPassword = decodedPassword.replace(PERCENT, "%"); // Restore the original percent signs
-      return decodedPassword.replace(PLUS, "+"); // Restore the original percent signs
-
+      return java.net.URLDecoder.decode(stringToDecode, StandardCharsets.UTF_8.name());
     } catch (UnsupportedEncodingException ex) {
       return null;
     }