reta commented on a change in pull request #462: Httpsig URL: https://github.com/apache/cxf/pull/462#discussion_r231090994
########## File path: rt/rs/security/http-signature/src/main/java/org/apache/cxf/rs/security/httpsignature/AlgorithmProvider.java ########## @@ -0,0 +1,12 @@ +package org.apache.cxf.rs.security.httpsignature; + +@FunctionalInterface +public interface AlgorithmProvider { + + /** + * + * @param keyId + * @return the algorithm name (which is never {@code null}) + */ + String getAlgorithmName(String keyId); Review comment: Hm ... The usage of this method in this PR implies it could be `null`, the example from the `MessageVerifier` class: ``` String providedAlgorithm = algorithmProvider.getAlgorithmName(signature.getKeyId()); Objects.requireNonNull(providedAlgorithm, "provided algorithm is null"); ``` If it cannot be null, we could add `javadoc` with the exception description to throw and remove such `null` checks since they are not relevant. What do you think? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services