tomaswolf commented on code in PR #222:
URL: https://github.com/apache/mina-sshd/pull/222#discussion_r871043739
##########
sshd-core/src/main/java/org/apache/sshd/certificate/OpenSshCertificateBuilder.java:
##########
@@ -267,4 +275,38 @@ public OpenSshCertificate sign(KeyPair caKeypair, String
signatureAlgorithm) thr
return cert;
}
+
+ /**
+ * Validate if certificate options are correct
+ *
+ * @param options Options
+ */
+ private void validateOptions(List<OpenSshCertificate.CertificateOption>
options) {
+ if (options != null && !options.isEmpty()) {
+ // check if any duplicates
+ Set<String> names = new HashSet<>();
+ Set<String> duplicates = options.stream().filter(option ->
!names.add(option.getName()))
+ .map(option -> option.getName())
+ .collect(Collectors.toSet());
+ if (!duplicates.isEmpty()) {
+ throw new IllegalArgumentException("Duplicate option: " +
String.join(",", duplicates));
+ }
+ }
+ }
+
+ /**
+ * Lexically order certificate options by "name"
+ *
+ * @param options Options
+ * @return Lexically ordered options
+ */
+ private List<OpenSshCertificate.CertificateOption> lexicallyOrderOptions(
+ List<OpenSshCertificate.CertificateOption> options) {
+ if (options != null && !options.isEmpty()) {
+ return options.stream()
+
.sorted(Comparator.comparing(OpenSshCertificate.CertificateOption::getName))
+ .collect(Collectors.toList());
+ }
+ return options;
Review Comment:
I would return here `Collections.emptyList()`. That would ensure that the
builder stores a copy of the parameter the user passed in, and that subsequent
modifications of the original list can have no effect on the builder.
##########
sshd-core/src/main/java/org/apache/sshd/certificate/OpenSshCertificateBuilder.java:
##########
@@ -267,4 +275,38 @@ public OpenSshCertificate sign(KeyPair caKeypair, String
signatureAlgorithm) thr
return cert;
}
+
+ /**
+ * Validate if certificate options are correct
+ *
+ * @param options Options
+ */
+ private void validateOptions(List<OpenSshCertificate.CertificateOption>
options) {
+ if (options != null && !options.isEmpty()) {
+ // check if any duplicates
+ Set<String> names = new HashSet<>();
+ Set<String> duplicates = options.stream().filter(option ->
!names.add(option.getName()))
+ .map(option -> option.getName())
Review Comment:
Why not `.map(OpenSshCertificate.CertificateOption::getName)`?
##########
sshd-core/src/main/java/org/apache/sshd/certificate/OpenSshCertificateBuilder.java:
##########
@@ -267,4 +275,38 @@ public OpenSshCertificate sign(KeyPair caKeypair, String
signatureAlgorithm) thr
return cert;
}
+
+ /**
+ * Validate if certificate options are correct
+ *
+ * @param options Options
+ */
+ private void validateOptions(List<OpenSshCertificate.CertificateOption>
options) {
+ if (options != null && !options.isEmpty()) {
+ // check if any duplicates
+ Set<String> names = new HashSet<>();
+ Set<String> duplicates = options.stream().filter(option ->
!names.add(option.getName()))
+ .map(option -> option.getName())
+ .collect(Collectors.toSet());
+ if (!duplicates.isEmpty()) {
+ throw new IllegalArgumentException("Duplicate option: " +
String.join(",", duplicates));
Review Comment:
`Set.toString()` will enumerate the content. So perhaps just `+ duplicates`
instead of the `String.join(...)`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
