This is an automated email from the ASF dual-hosted git repository.
buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 75fb6bb cxf-rt-ws-security: fix PMD rule: UnusedAssignment
75fb6bb is described below
commit 75fb6bb56d82f72771a9ee6ecab5d36168303f51
Author: Alexey Markevich <[email protected]>
AuthorDate: Tue Mar 23 23:33:23 2021 +0300
cxf-rt-ws-security: fix PMD rule: UnusedAssignment
---
.../org/apache/cxf/js/rhino/ProviderFactory.java | 8 +--
.../saml/interceptor/WSS4JBasicAuthValidator.java | 2 +-
.../cxf/rt/security/saml/utils/SAMLUtils.java | 8 +--
.../saml/xacml2/DefaultXACMLRequestBuilder.java | 4 +-
.../KerberosTokenInterceptorProvider.java | 2 +-
.../security/policy/interceptors/STSInvoker.java | 4 +-
.../sts/provider/SecurityTokenServiceProvider.java | 2 +-
.../cxf/ws/security/trust/AbstractSTSClient.java | 2 +-
.../ws/security/trust/DefaultSTSTokenCacher.java | 2 +-
.../cxf/ws/security/trust/STSLoginModule.java | 2 +-
.../ws/security/trust/STSStaxTokenValidator.java | 11 ++--
.../cxf/ws/security/trust/STSTokenValidator.java | 2 +-
.../org/apache/cxf/ws/security/trust/STSUtils.java | 5 +-
.../delegation/WSSUsernameCallbackHandler.java | 2 +-
.../security/wss4j/AbstractTokenInterceptor.java | 2 +-
...ractUsernameTokenAuthenticatingInterceptor.java | 2 +-
.../wss4j/AbstractWSS4JStaxInterceptor.java | 2 +-
.../ws/security/wss4j/CryptoCoverageChecker.java | 5 +-
.../wss4j/PolicyBasedWSS4JInInterceptor.java | 6 +--
.../wss4j/PolicyBasedWSS4JOutInterceptor.java | 2 +-
.../wss4j/PolicyBasedWSS4JStaxInInterceptor.java | 6 +--
.../wss4j/PolicyBasedWSS4JStaxOutInterceptor.java | 6 +--
.../wss4j/StaxSecurityContextInInterceptor.java | 4 +-
.../cxf/ws/security/wss4j/StaxSerializer.java | 9 ++--
.../security/wss4j/UsernameTokenInterceptor.java | 2 +-
.../cxf/ws/security/wss4j/WSS4JInInterceptor.java | 7 +--
.../cxf/ws/security/wss4j/WSS4JOutInterceptor.java | 7 ++-
.../apache/cxf/ws/security/wss4j/WSS4JUtils.java | 6 +--
.../policyhandlers/AbstractBindingBuilder.java | 10 ++--
.../policyhandlers/AsymmetricBindingHandler.java | 6 +--
.../StaxAsymmetricBindingHandler.java | 4 +-
.../StaxSymmetricBindingHandler.java | 4 +-
.../policyhandlers/SymmetricBindingHandler.java | 18 +++----
.../policyhandlers/TransportBindingHandler.java | 2 +-
.../AbstractSupportingTokenPolicyValidator.java | 4 +-
.../security/wss4j/SignatureConfirmationTest.java | 4 +-
.../cxf/ws/security/wss4j/WSS4JFaultCodeTest.java | 8 +--
.../cxf/ws/security/wss4j/WSS4JInOutTest.java | 4 +-
.../cxf/ws/security/wss4j/saml/SamlTokenTest.java | 58 +++++++++++-----------
39 files changed, 114 insertions(+), 130 deletions(-)
diff --git
a/rt/frontend/js/src/main/java/org/apache/cxf/js/rhino/ProviderFactory.java
b/rt/frontend/js/src/main/java/org/apache/cxf/js/rhino/ProviderFactory.java
index a1068bf..1f15685 100644
--- a/rt/frontend/js/src/main/java/org/apache/cxf/js/rhino/ProviderFactory.java
+++ b/rt/frontend/js/src/main/java/org/apache/cxf/js/rhino/ProviderFactory.java
@@ -75,12 +75,8 @@ public class ProviderFactory {
boolean isE4X = f.getName().endsWith(".jsx");
StringBuilder sb = new StringBuilder();
try (BufferedReader bufrd = new BufferedReader(new FileReader(f))) {
- String line = null;
- for (;;) {
- line = bufrd.readLine();
- if (line == null) {
- break;
- }
+ String line;
+ while (null != (line = bufrd.readLine())) {
sb.append(line).append('\n');
}
}
diff --git
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/interceptor/WSS4JBasicAuthValidator.java
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/interceptor/WSS4JBasicAuthValidator.java
index 77f4413..dfefd99 100644
---
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/interceptor/WSS4JBasicAuthValidator.java
+++
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/interceptor/WSS4JBasicAuthValidator.java
@@ -83,7 +83,7 @@ public abstract class WSS4JBasicAuthValidator {
credential = getValidator().validate(credential, data);
// Create a Principal/SecurityContext
- SecurityContext sc = null;
+ final SecurityContext sc;
if (credential != null && credential.getPrincipal() != null) {
sc = createSecurityContext(message, credential);
} else {
diff --git
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/utils/SAMLUtils.java
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/utils/SAMLUtils.java
index 692d075..27354cf6 100644
---
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/utils/SAMLUtils.java
+++
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/utils/SAMLUtils.java
@@ -109,10 +109,10 @@ public final class SAMLUtils {
String name,
String nameFormat
) {
- String roleAttributeName = name;
- if (roleAttributeName == null) {
- roleAttributeName = SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT;
- }
+// String roleAttributeName = name;
+// if (roleAttributeName == null) {
+// roleAttributeName = SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT;
+// }
Set<Principal> roles = new HashSet<>();
diff --git
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
index 1fa959c..407c877 100644
---
a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
+++
b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
@@ -86,14 +86,14 @@ public class DefaultXACMLRequestBuilder implements
XACMLRequestBuilder {
List<AttributeType> attributes = new ArrayList<>();
// Resource-id
- String resourceId = null;
+ String resourceId;
boolean isSoapService = messageParser.isSOAPService();
if (isSoapService) {
QName serviceName = messageParser.getWSDLService();
QName operationName = messageParser.getWSDLOperation();
if (serviceName != null) {
- resourceId = serviceName.toString() + "#";
+ resourceId = serviceName.toString() + '#';
if (serviceName.getNamespaceURI() != null
&&
serviceName.getNamespaceURI().equals(operationName.getNamespaceURI())) {
resourceId += operationName.getLocalPart();
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
index 8d49175..a1c546c 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
@@ -116,7 +116,7 @@ public class KerberosTokenInterceptorProvider extends
AbstractPolicyInterceptorP
return;
}
if (isRequestor(message)) {
- SecurityToken tok = null;
+ final SecurityToken tok;
try {
KerberosClient client =
KerberosUtils.getClient(message, "kerberos");
synchronized (client) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
index 82f431d..6dd0903 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
@@ -78,7 +78,7 @@ abstract class STSInvoker implements Invoker {
MessageContentsList lst = (MessageContentsList)o;
DOMSource src = (DOMSource)lst.get(0);
Node nd = src.getNode();
- Element requestEl = null;
+ final Element requestEl;
if (nd instanceof Document) {
requestEl = ((Document)nd).getDocumentElement();
} else {
@@ -204,7 +204,7 @@ abstract class STSInvoker implements Invoker {
byte[] clientEntropy,
int keySize
) throws NoSuchAlgorithmException, WSSecurityException, XMLStreamException
{
- byte[] secret = null;
+ final byte[] secret;
writer.writeStartElement(prefix, "RequestedProofToken", namespace);
if (clientEntropy == null) {
secret = WSSecurityUtil.generateNonce(keySize / 8);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
index 6bdfcf1..3f618ab 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
@@ -212,7 +212,7 @@ public class SecurityTokenServiceProvider implements
Provider<Source> {
public Source invoke(Source request) {
- Source response = null;
+ final Source response;
try {
Object obj = convertToJAXBObject(request);
Object operationImpl = null;
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 11d38f8..89ab2d4 100755
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -1333,7 +1333,7 @@ public abstract class AbstractSTSClient implements
Configurable, InterceptorProv
writer.writeEndElement();
writer.writeStartElement("wst", "CancelTarget", namespace);
- Element el = null;
+ Element el;
if (attachTokenDirectly) {
el = token.getToken();
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
index cc3acc6..2e47098 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
@@ -41,7 +41,7 @@ import org.apache.wss4j.common.util.XMLUtils;
public class DefaultSTSTokenCacher implements STSTokenCacher {
public SecurityToken retrieveToken(Message message, boolean
retrieveTokenFromEndpoint) throws TokenStoreException {
- SecurityToken tok = null;
+ SecurityToken tok;
if (retrieveTokenFromEndpoint) {
tok =
(SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN);
if (tok == null) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
index 205803c..d11f4a5 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
@@ -276,7 +276,7 @@ public class STSLoginModule implements LoginModule {
}
private STSClient configureSTSClient(Message msg) throws BusException,
EndpointException {
- STSClient c = null;
+ final STSClient c;
if (cxfSpringCfg != null) {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = Loader.getResource(cxfSpringCfg);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
index 57429e2..24e241d 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
@@ -429,7 +429,7 @@ public class STSStaxTokenValidator
new
Object[]{binarySecurityTokenType.getEncodingType()});
}
- byte[] securityTokenData = null;
+ final byte[] securityTokenData;
try {
securityTokenData =
getBinarySecurityTokenBytes(binarySecurityTokenType,
tokenContext.getWssSecurityProperties());
@@ -450,7 +450,6 @@ public class STSStaxTokenValidator
final boolean stsValidated = valid;
try {
- final byte[] bytes = securityTokenData;
if
(WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
Crypto crypto =
getCrypto(tokenContext.getWssSecurityProperties());
X509V3SecurityTokenImpl x509V3SecurityToken = new
X509V3SecurityTokenImpl(
@@ -471,7 +470,7 @@ public class STSStaxTokenValidator
super.verify();
} catch (XMLSecurityException ex) {
Element tokenElement =
- convertToDOM(binarySecurityTokenType,
bytes);
+ convertToDOM(binarySecurityTokenType,
securityTokenData);
validateTokenToSTS(tokenElement, message);
}
}
@@ -500,7 +499,7 @@ public class STSStaxTokenValidator
super.verify();
} catch (XMLSecurityException ex) {
Element tokenElement =
- convertToDOM(binarySecurityTokenType,
bytes);
+ convertToDOM(binarySecurityTokenType,
securityTokenData);
validateTokenToSTS(tokenElement, message);
}
}
@@ -527,7 +526,7 @@ public class STSStaxTokenValidator
super.verify();
} catch (XMLSecurityException ex) {
Element tokenElement =
- convertToDOM(binarySecurityTokenType,
bytes);
+ convertToDOM(binarySecurityTokenType,
securityTokenData);
validateTokenToSTS(tokenElement, message);
}
}
@@ -577,7 +576,7 @@ public class STSStaxTokenValidator
byte[] securityTokenData
) throws WSSecurityException {
Document doc = DOMUtils.getEmptyDocument();
- BinarySecurity binarySecurity = null;
+ final BinarySecurity binarySecurity;
if
(WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
binarySecurity = new X509Security(doc);
} else if
(WSSConstants.NS_X509_PKIPATH_V1.equals(binarySecurityTokenType.getValueType()))
{
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
index e1b4e3e..df76fb0 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
@@ -132,7 +132,7 @@ public class STSTokenValidator implements Validator {
synchronized (c) {
System.setProperty("noprint", "true");
- SecurityToken returnedToken = null;
+ final SecurityToken returnedToken;
if (useIssueBinding && useOnBehalfOf) {
ElementCallbackHandler callbackHandler = new
ElementCallbackHandler(tokenElement);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
index 34540bd..abaf3eb 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
@@ -138,7 +138,7 @@ public final class STSUtils {
// Only parse the EPR if we really have to
if (issuer != null
&& (preferWSMex || client.getLocation() == null &&
client.getWsdlLocation() == null)) {
- EndpointReferenceType epr = null;
+ final EndpointReferenceType epr;
try {
epr = VersionTransformer.parseEndpointReference(issuer);
} catch (JAXBException e) {
@@ -308,7 +308,6 @@ public final class STSUtils {
boolean sc) throws BusException,
EndpointException {
//CHECKSTYLE:ON
- Service service = null;
String ns = namespace + "/wsdl";
ServiceInfo si = new ServiceInfo();
@@ -321,7 +320,7 @@ public final class STSUtils {
OperationInfo roi = addRenewOperation(ii, namespace, ns);
si.setInterface(ii);
- service = new ServiceImpl(si);
+ Service service = new ServiceImpl(si);
BindingFactoryManager bfm =
bus.getExtension(BindingFactoryManager.class);
BindingFactory bindingFactory = bfm.getBindingFactory(soapVersion);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/WSSUsernameCallbackHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/WSSUsernameCallbackHandler.java
index 2ea8b81..063e32f 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/WSSUsernameCallbackHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/WSSUsernameCallbackHandler.java
@@ -52,7 +52,7 @@ public class WSSUsernameCallbackHandler implements
CallbackHandler {
(String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.USERNAME,
message);
if (username != null) {
Node contentNode = message.getContent(Node.class);
- Document doc = null;
+ final Document doc;
if (contentNode != null) {
doc = contentNode.getOwnerDocument();
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index b39c84a..3a563a7 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -180,7 +180,7 @@ public abstract class AbstractTokenInterceptor extends
AbstractSoapInterceptor {
protected String getPassword(String userName, AbstractToken info,
int usage, SoapMessage message) {
//Then try to get the password from the given callback handler
- CallbackHandler handler = null;
+ final CallbackHandler handler;
try {
Object o =
SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
message);
handler = SecurityUtils.getCallbackHandler(o);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
index e0bed7b..af3f4fb 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
@@ -156,7 +156,7 @@ public abstract class
AbstractUsernameTokenAuthenticatingInterceptor extends WSS
if (msg == null) {
throw new IllegalStateException("Current message is not
available");
}
- Subject subject = null;
+ final Subject subject;
try {
subject = createSubject(name, password, isDigest, nonce, created);
} catch (Exception ex) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 585e908..092ee7f 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -204,7 +204,7 @@ public abstract class AbstractWSS4JStaxInterceptor
implements SoapInterceptor,
SoapMessage soapMessage, WSSSecurityProperties securityProperties
) throws WSSecurityException {
Object o =
SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
soapMessage);
- CallbackHandler callbackHandler = null;
+ CallbackHandler callbackHandler;
try {
callbackHandler = SecurityUtils.getCallbackHandler(o);
} catch (Exception ex) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
index a7331f5..e3b1b80 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
@@ -121,15 +121,14 @@ public class CryptoCoverageChecker extends
AbstractSoapInterceptor {
throw new SoapFault("Error obtaining SOAP document",
Fault.FAULT_CODE_CLIENT);
}
- Element documentElement = null;
+ final Element documentElement;
try {
SOAPMessage saajDoc = message.getContent(SOAPMessage.class);
SOAPEnvelope envelope = saajDoc.getSOAPPart().getEnvelope();
if (!checkFaults && envelope.getBody().hasFault()) {
return;
}
- documentElement = envelope;
- documentElement = (Element)DOMUtils.getDomElement(documentElement);
+ documentElement = (Element)DOMUtils.getDomElement(envelope);
} catch (SOAPException e) {
throw new SoapFault("Error obtaining SOAP document",
Fault.FAULT_CODE_CLIENT);
}
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
index 640165e..74e97ca 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
@@ -202,7 +202,7 @@ public class PolicyBasedWSS4JInInterceptor extends
WSS4JInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message, data);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -243,7 +243,7 @@ public class PolicyBasedWSS4JInInterceptor extends
WSS4JInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message, data);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -352,7 +352,7 @@ public class PolicyBasedWSS4JInInterceptor extends
WSS4JInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message, data);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
index 520bb23..34f269c 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
@@ -140,7 +140,7 @@ public class PolicyBasedWSS4JOutInterceptor extends
AbstractPhaseInterceptor<Soa
if (binding != null) {
WSSecHeader secHeader = new WSSecHeader(actor, mustUnderstand,
saaj.getSOAPPart());
- Element el = null;
+ final Element el;
try {
el = secHeader.insertSecurityHeader();
} catch (WSSecurityException e) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
index b321e5b..7a8b582 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java
@@ -104,7 +104,7 @@ public class PolicyBasedWSS4JStaxInInterceptor extends
WSS4JStaxInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -161,7 +161,7 @@ public class PolicyBasedWSS4JStaxInInterceptor extends
WSS4JStaxInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -209,7 +209,7 @@ public class PolicyBasedWSS4JStaxInInterceptor extends
WSS4JStaxInInterceptor {
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
index a30ef1f..af39f04 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
@@ -71,7 +71,7 @@ public class PolicyBasedWSS4JStaxOutInterceptor extends
WSS4JStaxOutInterceptor
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -102,7 +102,7 @@ public class PolicyBasedWSS4JStaxOutInterceptor extends
WSS4JStaxOutInterceptor
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
@@ -133,7 +133,7 @@ public class PolicyBasedWSS4JStaxOutInterceptor extends
WSS4JStaxOutInterceptor
}
Crypto encrCrypto = getEncryptionCrypto(e, message,
securityProperties);
- Crypto signCrypto = null;
+ final Crypto signCrypto;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
index 4752198..c341230 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
@@ -129,8 +129,6 @@ public class StaxSecurityContextInInterceptor extends
AbstractPhaseInterceptor<S
break;
} else if (p != null) {
- Object receivedAssertion = null;
-
if (desiredEvent == WSSecurityEventConstants.SAML_TOKEN) {
String roleAttributeName =
(String)SecurityUtils.getSecurityPropertyValue(
SecurityConstants.SAML_ROLE_ATTRIBUTENAME,
msg);
@@ -138,7 +136,7 @@ public class StaxSecurityContextInInterceptor extends
AbstractPhaseInterceptor<S
roleAttributeName =
SAML_ROLE_ATTRIBUTENAME_DEFAULT;
}
- receivedAssertion =
((SAMLTokenPrincipal)token.getPrincipal()).getToken();
+ Object receivedAssertion =
((SAMLTokenPrincipal)token.getPrincipal()).getToken();
if (receivedAssertion != null) {
ClaimCollection claims =
SAMLUtils.getClaims((SamlAssertionWrapper)receivedAssertion);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
index 57248fe..8f3b312 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSerializer.java
@@ -223,14 +223,13 @@ public class StaxSerializer extends AbstractSerializer {
}
private Node deserialize(Node ctx, XMLStreamReader reader, boolean
wrapped) throws XMLEncryptionException {
- Document contextDocument = null;
+ final Document contextDocument;
if (Node.DOCUMENT_NODE == ctx.getNodeType()) {
contextDocument = (Document)ctx;
} else {
contextDocument = ctx.getOwnerDocument();
}
- XMLStreamWriter writer = null;
try {
if (ctx instanceof SOAPElement) {
SOAPElement el = (SOAPElement)ctx;
@@ -240,19 +239,19 @@ public class StaxSerializer extends AbstractSerializer {
//cannot load into fragment due to a ClassCastException within
SAAJ addChildElement
//which only checks for Document as parent, not
DocumentFragment
Element element =
ctx.getOwnerDocument().createElementNS("dummy", "dummy");
- writer = new SAAJStreamWriter((SOAPEnvelope)el, element);
+ XMLStreamWriter writer = new
SAAJStreamWriter((SOAPEnvelope)el, element);
return appendNewChild(reader, wrapped, contextDocument,
writer, element);
}
if (DOMUtils.isJava9SAAJ()) {
//cannot load into fragment due to a ClassCastException within
SAAJ addChildElement
//which only checks for Document as parent, not
DocumentFragment
Element element =
ctx.getOwnerDocument().createElementNS("dummy", "dummy");
- writer = new OverlayW3CDOMStreamWriter(ctx.getOwnerDocument(),
element);
+ XMLStreamWriter writer = new
OverlayW3CDOMStreamWriter(ctx.getOwnerDocument(), element);
return appendNewChild(reader, wrapped, contextDocument,
writer, element);
}
// Import to a dummy fragment
DocumentFragment dummyFragment =
contextDocument.createDocumentFragment();
- writer = StaxUtils.createXMLStreamWriter(new
DOMResult(dummyFragment));
+ XMLStreamWriter writer = StaxUtils.createXMLStreamWriter(new
DOMResult(dummyFragment));
StaxUtils.copy(reader, writer);
// Remove the "dummy" wrapper
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index c5b4e28..bd3f303 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -101,7 +101,7 @@ public class UsernameTokenInterceptor extends
AbstractTokenInterceptor {
try {
boolean bspCompliant = isWsiBSPCompliant(message);
boolean allowNSPasswdTypes =
allowNamespaceQualifiedPWDTypes(message);
- Principal principal = null;
+ Principal principal;
Subject subject = null;
Object transformedToken = null;
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 5ea6209..25f1ef3 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -384,8 +384,6 @@ public class WSS4JInInterceptor extends
AbstractWSS4JInterceptor {
throw new SoapFault(new Message("STAX_EX", LOG), e,
version.getSender());
} catch (SOAPException e) {
throw new SoapFault(new Message("SAAJ_EX", LOG), e,
version.getSender());
- } finally {
- reqData = null;
}
}
private void importNewDomToSAAJ(SOAPMessage doc, Element elem,
@@ -405,9 +403,8 @@ public class WSS4JInInterceptor extends
AbstractWSS4JInterceptor {
getDocumentElement().getFirstChild().getNextSibling().getFirstChild();
}
if (document != null && node != null) {
- Node newNode = null;
try {
- newNode = DOMUtils.getDomElement(document.importNode(node,
true));
+ Node newNode =
DOMUtils.getDomElement(document.importNode(node, true));
elem.getOwnerDocument().getDocumentElement().getFirstChild().
getNextSibling().replaceChild(newNode, node);
List<WSSecurityEngineResult> encryptResults =
wsResult.getActionResults().get(WSConstants.ENCR);
@@ -638,7 +635,7 @@ public class WSS4JInInterceptor extends
AbstractWSS4JInterceptor {
Object o =
SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
(SoapMessage)reqData.getMsgContext());
- CallbackHandler cbHandler = null;
+ CallbackHandler cbHandler;
try {
cbHandler = SecurityUtils.getCallbackHandler(o);
} catch (Exception ex) {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
index c052412..cd96fe5 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
@@ -157,13 +157,14 @@ public class WSS4JOutInterceptor extends
AbstractWSS4JInterceptor {
return;
}
SoapVersion version = mc.getVersion();
- RequestData reqData = new RequestData();
/*
* The overall try, just to have a finally at the end to perform
some
* housekeeping.
*/
try {
+ RequestData reqData = new RequestData();
+
WSSConfig config = WSSConfig.getNewInstance();
reqData.setWssConfig(config);
reqData.setEncryptionSerializer(new StaxSerializer());
@@ -272,8 +273,6 @@ public class WSS4JOutInterceptor extends
AbstractWSS4JInterceptor {
} catch (InvalidCanonicalizerException | WSSecurityException e) {
throw new SoapFault(new Message("SECURITY_FAILED", LOG), e,
version
.getSender());
- } finally {
- reqData = null;
}
}
@@ -308,7 +307,7 @@ public class WSS4JOutInterceptor extends
AbstractWSS4JInterceptor {
(Map<?, ?>)getProperty(mc, WSS4J_ACTION_MAP));
if (actionMap != null && !actionMap.isEmpty()) {
for (Map.Entry<Integer, Object> entry : actionMap.entrySet()) {
- Class<?> removedAction = null;
+ final Class<?> removedAction;
// Be defensive here since the cast above is slightly risky
// with the handler config options not being strongly
typed.
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index 7e3851e..b2eda68 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -139,7 +139,7 @@ public final class WSS4JUtils {
}
if (WSS4JCacheUtil.isEhCacheInstalled()) {
Bus bus = message.getExchange().getBus();
- Path diskstoreParent = null;
+ final Path diskstoreParent;
try {
diskstoreParent = Files.createTempDirectory("cxf");
} catch (IOException ex) {
@@ -221,8 +221,8 @@ public final class WSS4JUtils {
) {
SoapFault fault;
- String errorMessage = null;
- javax.xml.namespace.QName faultCode = null;
+ final String errorMessage;
+ final javax.xml.namespace.QName faultCode;
boolean returnSecurityError =
MessageUtils.getContextualBoolean(message,
SecurityConstants.RETURN_SECURITY_ERROR, false);
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 7bda697..6d1010d 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -586,7 +586,7 @@ public abstract class AbstractBindingBuilder extends
AbstractCommonBindingHandle
sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
Crypto crypto = secToken.getCrypto();
- String uname = null;
+ final String uname;
try {
uname = crypto.getX509Identifier(secToken.getX509Certificate());
} catch (WSSecurityException e1) {
@@ -798,7 +798,7 @@ public abstract class AbstractBindingBuilder extends
AbstractCommonBindingHandle
secRefSaml.setReference(ref);
} else {
Element keyId = doc.createElementNS(WSS4JConstants.WSSE_NS,
"wsse:KeyIdentifier");
- String valueType = null;
+ final String valueType;
if (saml1) {
valueType = WSS4JConstants.WSS_SAML_KI_VALUE_TYPE;
secRefSaml.addTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
@@ -1020,7 +1020,7 @@ public abstract class AbstractBindingBuilder extends
AbstractCommonBindingHandle
protected String getPassword(String userName, Assertion info, int usage) {
//Then try to get the password from the given callback handler
Object o =
SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER,
message);
- CallbackHandler handler = null;
+ final CallbackHandler handler;
try {
handler = SecurityUtils.getCallbackHandler(o);
if (handler == null) {
@@ -1078,7 +1078,7 @@ public abstract class AbstractBindingBuilder extends
AbstractCommonBindingHandle
} else {
//Add an id
id = wssConfig.getIdAllocator().createId("_", element);
- String pfx = null;
+ String pfx;
try {
pfx = element.lookupPrefix(PolicyConstants.WSU_NAMESPACE_URI);
} catch (Throwable t) {
@@ -1454,7 +1454,7 @@ public abstract class AbstractBindingBuilder extends
AbstractCommonBindingHandle
if (!found.contains(el)) {
found.add(el);
- WSEncryptionPart part = null;
+ final WSEncryptionPart part;
boolean saml1 =
WSS4JConstants.SAML_NS.equals(el.getNamespaceURI())
&& "Assertion".equals(el.getLocalName());
boolean saml2 =
WSS4JConstants.SAML2_NS.equals(el.getNamespaceURI())
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 9dc3043..a944b99 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -235,8 +235,8 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
}
if (encToken != null) {
- WSSecBase encr = null;
if (encToken.getToken() != null && !enc.isEmpty()) {
+ final WSSecBase encr;
if (encToken.getToken().getDerivedKeys() ==
DerivedKeys.RequireDerivedKeys) {
encr = doEncryptionDerived(encToken, enc);
} else {
@@ -342,7 +342,7 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
unassertPolicy(encryptionToken, ex);
}
- List<WSEncryptionPart> encrParts = null;
+ final List<WSEncryptionPart> encrParts;
try {
encrParts = getEncryptedParts();
//Signed parts are determined before encryption because encrypted
signed headers
@@ -492,7 +492,7 @@ public class AsymmetricBindingHandler extends
AbstractBindingBuilder {
Crypto crypto = getEncryptionCrypto();
- SecurityToken securityToken = null;
+ final SecurityToken securityToken;
try {
securityToken = getSecurityToken();
if (!isRequestor() && securityToken != null
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index fd3c42a..59e8e0f 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -276,8 +276,8 @@ public class StaxAsymmetricBindingHandler extends
AbstractStaxBindingHandler {
}
}
- List<SecurePart> encrParts = null;
- List<SecurePart> sigParts = null;
+ final List<SecurePart> encrParts;
+ final List<SecurePart> sigParts;
try {
encrParts = getEncryptedParts();
//Signed parts are determined before encryption because
encrypted signed headers
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index 5917b33..3ead191 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -226,8 +226,8 @@ public class StaxSymmetricBindingHandler extends
AbstractStaxBindingHandler {
storeSecurityToken(encryptionToken, tok);
}
- List<SecurePart> encrParts = null;
- List<SecurePart> sigParts = null;
+ final List<SecurePart> encrParts;
+ final List<SecurePart> sigParts;
try {
encrParts = getEncryptedParts();
//Signed parts are determined before encryption because
encrypted signed headers
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 0497f17..bd14ac7 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -272,7 +272,7 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
}
if (!secondEncrParts.isEmpty()) {
- Element secondRefList = null;
+ final Element secondRefList;
if (encryptionToken.getDerivedKeys() ==
DerivedKeys.RequireDerivedKeys) {
secondRefList =
((WSSecDKEncrypt)encr).encryptForExternalRef(null, secondEncrParts);
@@ -304,7 +304,6 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
assertTokenWrapper(sigAbstractTokenWrapper);
AbstractToken sigToken = sigAbstractTokenWrapper.getToken();
String sigTokId = null;
- Element sigTokElem = null;
try {
SecurityToken sigTok = null;
@@ -348,11 +347,11 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
boolean tokIncluded = true;
if (isTokenRequired(sigToken.getIncludeTokenType())) {
Element el = sigTok.getToken();
- sigTokElem = cloneElement(el);
+ Element sigTokElem = cloneElement(el);
this.addEncryptedKeyElement(sigTokElem);
} else if (isRequestor() && sigToken instanceof X509Token) {
Element el = sigTok.getToken();
- sigTokElem = cloneElement(el);
+ Element sigTokElem = cloneElement(el);
this.addEncryptedKeyElement(sigTokElem);
} else {
tokIncluded = false;
@@ -384,7 +383,7 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
//Encryption
AbstractTokenWrapper encrAbstractTokenWrapper =
getEncryptionToken();
AbstractToken encrToken = encrAbstractTokenWrapper.getToken();
- SecurityToken encrTok = null;
+ final SecurityToken encrTok;
if (sigToken.equals(encrToken)) {
//Use the same token
encrTok = sigTok;
@@ -414,12 +413,12 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
}
if (encrAbstractTokenWrapper.getToken() != null && !enc.isEmpty())
{
- WSSecBase encr = null;
+ final WSSecBase encr;
if (encrAbstractTokenWrapper.getToken().getDerivedKeys() ==
DerivedKeys.RequireDerivedKeys) {
encr = doEncryptionDerived(encrAbstractTokenWrapper,
encrTok, tokIncluded, enc, false);
} else {
byte[] ephemeralKey = encrTok.getSecret();
- SecretKey symmetricKey = null;
+ final SecretKey symmetricKey;
String symEncAlgorithm =
sbinding.getAlgorithmSuite().getAlgorithmSuiteType().getEncryption();
if (ephemeralKey != null) {
symmetricKey =
KeyUtils.prepareSecretKey(symEncAlgorithm, ephemeralKey);
@@ -531,8 +530,7 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength()
/ 8);
dkEncr.prepare(encrTok.getSecret());
- Element encrDKTokenElem = null;
- encrDKTokenElem = dkEncr.getdktElement();
+ Element encrDKTokenElem = dkEncr.getdktElement();
addDerivedKeyElement(encrDKTokenElem);
Element refList = dkEncr.encryptForExternalRef(null, encrParts);
@@ -925,7 +923,7 @@ public class SymmetricBindingHandler extends
AbstractBindingBuilder {
AlgorithmSuiteType algType =
sbinding.getAlgorithmSuite().getAlgorithmSuiteType();
sig.setDigestAlgo(algType.getDigest());
sig.setSigCanonicalization(sbinding.getAlgorithmSuite().getC14n().getValue());
- Crypto crypto = null;
+ final Crypto crypto;
if (sbinding.getProtectionToken() != null) {
crypto = getEncryptionCrypto();
} else {
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index f0fc873..2ff0b99 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -577,7 +577,7 @@ public class TransportBindingHandler extends
AbstractBindingBuilder {
sig.setCustomTokenValueType(tokenType);
}
}
- Crypto crypto = null;
+ Crypto crypto;
if (secTok.getSecret() == null) {
sig.setX509Certificate(secTok.getX509Certificate());
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
index ee03c6b..0fc0548 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
@@ -647,7 +647,7 @@ public abstract class
AbstractSupportingTokenPolicyValidator extends AbstractSec
if (parts.isBody()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
- Element soapBody = null;
+ final Element soapBody;
try {
soapBody = soapMessage.getSOAPBody();
} catch (SOAPException ex) {
@@ -662,7 +662,7 @@ public abstract class
AbstractSupportingTokenPolicyValidator extends AbstractSec
for (Header h : parts.getHeaders()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
- Element soapHeader = null;
+ final Element soapHeader;
try {
soapHeader = soapMessage.getSOAPHeader();
} catch (SOAPException ex) {
diff --git
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
index 1746449..b08a048 100644
---
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
+++
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
@@ -89,7 +89,7 @@ public class SignatureConfirmationTest extends
AbstractSecurityTest {
assertFalse(sigv.isEmpty());
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
@@ -139,7 +139,7 @@ public class SignatureConfirmationTest extends
AbstractSecurityTest {
// assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
diff --git
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
index c37fd11..8431d79 100644
---
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
+++
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
@@ -63,7 +63,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
doc = saajMsg.getSOAPPart();
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
@@ -112,7 +112,7 @@ public class WSS4JFaultCodeTest extends
AbstractSecurityTest {
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
@@ -161,7 +161,7 @@ public class WSS4JFaultCodeTest extends
AbstractSecurityTest {
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
@@ -197,7 +197,7 @@ public class WSS4JFaultCodeTest extends
AbstractSecurityTest {
doc = saajMsg.getSOAPPart();
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
diff --git
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
index d029a6c..467c661 100644
---
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
+++
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
@@ -293,7 +293,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
final Map<String, Object> properties = new HashMap<>();
properties.put(
@@ -341,7 +341,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
- doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
+ StaxUtils.read(new ByteArrayInputStream(docbytes));
final Map<String, Object> properties = new HashMap<>();
final Map<QName, Object> customMap = new HashMap<>();
diff --git
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
index 51a80d2..965660a 100644
---
a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
+++
b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
@@ -19,7 +19,7 @@
package org.apache.cxf.ws.security.wss4j.saml;
import java.io.ByteArrayInputStream;
-import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@@ -102,9 +102,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml1:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml1:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
if (allowUnsignedPrincipal) {
@@ -149,9 +149,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml1:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml1:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
Message message = makeInvocation(outProperties, xpaths, inProperties,
inMessageProperties);
@@ -185,9 +185,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml2:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml2:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
inMessageProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION,
"false");
@@ -227,9 +227,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml2:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml2:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
inMessageProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION,
"false");
@@ -276,9 +276,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml1:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml1:Assertion");
try {
makeInvocation(outProperties, xpaths, inProperties,
Collections.emptyMap());
@@ -332,9 +332,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml2:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml2:Assertion");
try {
makeInvocation(outProperties, xpaths, inProperties,
Collections.emptyMap());
@@ -401,9 +401,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml2:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml2:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
inMessageProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION,
"false");
@@ -459,9 +459,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml2:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml2:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
inMessageProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION,
"false");
@@ -516,9 +516,9 @@ public class SamlTokenTest extends AbstractSecurityTest {
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
- List<String> xpaths = new ArrayList<>();
- xpaths.add("//wsse:Security");
- xpaths.add("//wsse:Security/saml1:Assertion");
+ List<String> xpaths = Arrays.asList(
+ "//wsse:Security",
+ "//wsse:Security/saml1:Assertion");
Map<String, String> inMessageProperties = new HashMap<>();
inMessageProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION,
"false");
@@ -578,7 +578,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
- doc = StaxUtils.read(db, reader, false);
+ StaxUtils.read(db, reader, false);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
