This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
commit edc1b1778afe4d9641cab8a673ab6a083de4fc44 Author: Colm O hEigeartaigh <[email protected]> AuthorDate: Wed Jun 8 08:48:41 2022 +0100 PMD fixes on ws-security-dom, part I --- .../org/apache/wss4j/dom/handler/WSHandler.java | 13 +++---------- .../wss4j/dom/message/WSSecDerivedKeyBase.java | 3 ++- .../apache/wss4j/dom/message/WSSecEncryptedKey.java | 5 +---- .../org/apache/wss4j/dom/message/WSSecHeader.java | 5 +---- .../wss4j/dom/message/WSSecUsernameToken.java | 2 +- .../wss4j/dom/message/token/DerivedKeyToken.java | 10 ++++------ .../wss4j/dom/message/token/KerberosSecurity.java | 21 ++++++--------------- .../dom/message/token/SecurityContextToken.java | 5 +---- .../dom/message/token/SignatureConfirmation.java | 5 +---- .../apache/wss4j/dom/message/token/Timestamp.java | 5 +---- .../wss4j/dom/message/token/UsernameToken.java | 14 ++++---------- .../wss4j/dom/resolvers/ResolverAttachment.java | 5 +---- 12 files changed, 26 insertions(+), 67 deletions(-) diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java index 421b6718e..33da87937 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java @@ -384,11 +384,7 @@ public abstract class WSHandler { } } - if (ai != size) { - return false; - } - - return true; + return ai == size; } protected boolean checkReceiverResultsAnyOrder( @@ -418,11 +414,7 @@ public abstract class WSHandler { } } - if (!recordedActions.isEmpty()) { - return false; - } - - return true; + return recordedActions.isEmpty(); } @SuppressWarnings("unchecked") @@ -1226,6 +1218,7 @@ public abstract class WSHandler { break; default: reason = WSPasswordCallback.UNKNOWN; + break; } return new WSPasswordCallback(username, reason); } diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java index f667e4e7c..50462ff41 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java @@ -231,7 +231,7 @@ public abstract class WSSecDerivedKeyBase extends WSSecSignatureBase { X509Certificate[] certs = getSigningCerts(); - switch (keyIdentifierType) { + switch (keyIdentifierType) { case WSConstants.X509_KEY_IDENTIFIER: secRef.setKeyIdentifier(certs[0]); @@ -285,6 +285,7 @@ public abstract class WSSecDerivedKeyBase extends WSSecSignatureBase { } secRef.setReference(ref); + break; } dkt.setSecurityTokenReference(secRef); diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java index 13f6f0111..150437064 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java @@ -754,10 +754,7 @@ public class WSSecEncryptedKey extends WSSecBase { } public boolean isCertSet() { - if (useThisCert == null) { - return false; - } - return true; + return useThisCert != null; } public void setCustomEKTokenValueType(String customEKTokenValueType) { diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java index 510211292..f75a05f1e 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java @@ -135,10 +135,7 @@ public class WSSecHeader { ); } - if (securityHeader == null || securityHeader.getFirstChild() == null) { - return true; - } - return false; + return securityHeader == null || securityHeader.getFirstChild() == null; } /** diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java index b92196e04..c6fe2edfe 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java @@ -113,7 +113,7 @@ public class WSSecUsernameToken extends WSSecBase { */ public byte[] getDerivedKey(byte[] saltValue) throws WSSecurityException { if (ut == null || !useDerivedKey) { - return null; + return new byte[0]; } if (passwordsAreEncoded) { return UsernameTokenUtil.generateDerivedKey(org.apache.xml.security.utils.XMLUtils.decode(password), diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java index 9fe5cd278..eea34fc21 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java @@ -20,6 +20,7 @@ package org.apache.wss4j.dom.message.token; import java.security.Principal; +import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Map.Entry; @@ -322,7 +323,7 @@ public class DerivedKeyToken { } return table; } - return null; + return Collections.emptyMap(); } /** @@ -592,7 +593,7 @@ public class DerivedKeyToken { } Map<String, String> properties = getProperties(); - if (properties != null) { + if (!properties.isEmpty()) { result = 31 * result + properties.hashCode(); } int generation = getGeneration(); @@ -653,10 +654,7 @@ public class DerivedKeyToken { if (!compare(getLabel(), token.getLabel())) { return false; } - if (!compare(getNonce(), token.getNonce())) { - return false; - } - return true; + return compare(getNonce(), token.getNonce()); } private boolean compare(String item1, String item2) { diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java index 875a92c24..4b59e792a 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java @@ -87,12 +87,9 @@ public class KerberosSecurity extends BinarySecurity { */ public boolean isV5ApReq() { String type = getValueType(); - if (WSConstants.WSS_KRB_V5_AP_REQ.equals(type) + return WSConstants.WSS_KRB_V5_AP_REQ.equals(type) || WSConstants.WSS_KRB_V5_AP_REQ1510.equals(type) - || WSConstants.WSS_KRB_V5_AP_REQ4120.equals(type)) { - return true; - } - return false; + || WSConstants.WSS_KRB_V5_AP_REQ4120.equals(type); } /** @@ -100,12 +97,9 @@ public class KerberosSecurity extends BinarySecurity { */ public boolean isGssV5ApReq() { String type = getValueType(); - if (WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(type) + return WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(type) || WSConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(type) - || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(type)) { - return true; - } - return false; + || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(type); } /** @@ -303,15 +297,12 @@ public class KerberosSecurity extends BinarySecurity { * @return true if the valueType represents a Kerberos Token */ public static boolean isKerberosToken(String valueType) { - if (WSConstants.WSS_KRB_V5_AP_REQ.equals(valueType) + return WSConstants.WSS_KRB_V5_AP_REQ.equals(valueType) || WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType) || WSConstants.WSS_KRB_V5_AP_REQ1510.equals(valueType) || WSConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(valueType) || WSConstants.WSS_KRB_V5_AP_REQ4120.equals(valueType) - || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(valueType)) { - return true; - } - return false; + || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(valueType); } @Override diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java index b20ba0eae..27f652ece 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java @@ -295,10 +295,7 @@ public class SecurityContextToken { return false; } SecurityContextToken securityToken = (SecurityContextToken)object; - if (!compare(getIdentifier(), securityToken.getIdentifier())) { - return false; - } - return true; + return compare(getIdentifier(), securityToken.getIdentifier()); } private boolean compare(String item1, String item2) { diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java index 87749ff80..34b57c27c 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java @@ -148,10 +148,7 @@ public class SignatureConfirmation { } SignatureConfirmation signatureConfirmation = (SignatureConfirmation)object; byte[] sigValue = signatureConfirmation.getSignatureValue(); - if (!Arrays.equals(sigValue, getSignatureValue())) { - return false; - } - return true; + return Arrays.equals(sigValue, getSignatureValue()); } } diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java index e99153cdf..8fd219129 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java @@ -320,10 +320,7 @@ public class Timestamp { if (!compare(timestamp.getCreated(), getCreated())) { return false; } - if (!compare(timestamp.getExpires(), getExpires())) { - return false; - } - return true; + return compare(timestamp.getExpires(), getExpires()); } private boolean compare(Instant item1, Instant item2) { diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java index 73929c526..1b791948b 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java @@ -438,7 +438,7 @@ public class UsernameToken { if (salt != null) { return org.apache.xml.security.utils.XMLUtils.decode(salt); } - return null; + return new byte[0]; } /** @@ -624,10 +624,7 @@ public class UsernameToken { * @throws WSSecurityException */ public boolean isDerivedKey() throws WSSecurityException { - if (elementSalt != null && elementIteration != null) { - return true; - } - return false; + return elementSalt != null && elementIteration != null; } /** @@ -685,7 +682,7 @@ public class UsernameToken { } try { byte[] salt = getSalt(); - if (salt != null) { + if (salt != null && salt.length > 0) { result = 31 * result + Arrays.hashCode(salt); } } catch (WSSecurityException ex) { @@ -726,10 +723,7 @@ public class UsernameToken { LOG.debug(ex.getMessage(), ex); } int iteration = usernameToken.getIteration(); - if (iteration != getIteration()) { - return false; - } - return true; + return iteration == getIteration(); } private boolean compare(String item1, String item2) { diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/resolvers/ResolverAttachment.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/resolvers/ResolverAttachment.java index 7ebfd540c..72bf257fd 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/resolvers/ResolverAttachment.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/resolvers/ResolverAttachment.java @@ -49,10 +49,7 @@ public class ResolverAttachment extends ResourceResolverSpi { if (context.uriToResolve == null) { return false; } - if (context.uriToResolve.startsWith("cid:")) { - return true; - } - return false; + return context.uriToResolve.startsWith("cid:"); } }
