Spring boot/security encoding introspection credentials incorrectly

[ianHowlett1]

Describe the bug
I am upgrading Spring boot from 3.3.5 to 3.5.8. This is incrementing Spring security from 6.3.4 to 6.5.7.
The introspection credentials in the Basic Auth header are being encoded incorrectly after the upgrade.

application.yml

spring:
security:
oauth2:
resourceserver:
opaquetoken:
introspection-uri: http://localhost:7171/introspect
client-id: someClientId
client-secret: h25spw7I_y0Kt=s5NPo

Spring boot 3.3.5 / Spring security 6.3.4
Encoded Authorization: Basic c29tZUNsaWVudElkOmgyNXNwdzdJX3kwS3Q9czVOUG8=

Spring boot 3.5.8 / Spring security 6.5.7
Encoded Authorization: Basic c29tZUNsaWVudElkOmgyNXNwdzdJX3kwS3QlM0RzNU5Qbw==

To Reproduce
Link to project to reproduce. Run the application and invoke the example RestController. Change version of spring-boot-starter-parent from 3.3.5 to 3.5.8.

Expected behavior
The encoded credentials should be encoded correctly as they were before, i.e.
someClientId:h25spw7I_y0Kt=s5NPo
should be encoded as:
c29tZUNsaWVudElkOmgyNXNwdzdJX3kwS3Q9czVOUG8=
and not:
c29tZUNsaWVudElkOmgyNXNwdzdJX3kwS3QlM0RzNU5Qbw==

The encoding bug was introduced in:
Spring boot - 3.5.0
Spring security - 6.5.0

Sample

https://github.com/ianHowlett1/spring-security-oauth-endcoding-bug

[ngocnhan-tran1996]

I think it's related to https://github.com/spring-projects/spring-security/releases/tag/6.5.0-M1

Encode clientId and clientSecret for OpaqueTokenIntrospector and ReactiveOpaqueTokenIntrospector

clientId and clientSecret will be encoded, and the result is c29tZUNsaWVudElkOmgyNXNwdzdJX3kwS3QlM0RzNU5Qbw==