reta commented on a change in pull request #462: Httpsig
URL: https://github.com/apache/cxf/pull/462#discussion_r231090994
##########
File path:
rt/rs/security/http-signature/src/main/java/org/apache/cxf/rs/security/httpsignature/AlgorithmProvider.java
##########
@@ -0,0 +1,12 @@
+package org.apache.cxf.rs.security.httpsignature;
+
+@FunctionalInterface
+public interface AlgorithmProvider {
+
+ /**
+ *
+ * @param keyId
+ * @return the algorithm name (which is never {@code null})
+ */
+ String getAlgorithmName(String keyId);
Review comment:
Hm ... The usage of this method in this PR implies it could be `null`, the
example from the `MessageVerifier` class:
```
String providedAlgorithm =
algorithmProvider.getAlgorithmName(signature.getKeyId());
Objects.requireNonNull(providedAlgorithm, "provided algorithm is null");
```
If it cannot be null, we could add `javadoc` with the exception description
to throw and remove such `null` checks since they are not relevant. What do you
think?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
