Work on code review remarks

* Use available constants and util methods * remove double spaces / add spaces after comment
microsoft · Jul 5, 2019 · 1efaa8e · 1efaa8e
1 parent 2e01667
commit 1efaa8e
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 9 deletions.
diff --git a/...ain/java/com/microsoft/azure/spring/autoconfigure/aad/AADAppRoleAuthenticationFilter.java b/...ain/java/com/microsoft/azure/spring/autoconfigure/aad/AADAppRoleAuthenticationFilter.java
@@ -5,6 +5,9 @@
  */
 package com.microsoft.azure.spring.autoconfigure.aad;
 
+import static org.springframework.util.StringUtils.hasText;
+
+import com.microsoft.azure.servicebus.primitives.StringUtil;
 import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.proc.BadJOSEException;
 import com.nimbusds.jwt.proc.BadJWTException;
@@ -21,6 +24,7 @@
 import net.minidev.json.JSONArray;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -31,12 +35,12 @@ public class AADAppRoleAuthenticationFilter extends OncePerRequestFilter {
 
     private static final Logger log = LoggerFactory.getLogger(AADAppRoleAuthenticationFilter.class);
 
-    private static final String TOKEN_HEADER = "Authorization";
+
     private static final String TOKEN_TYPE = "Bearer ";
     private static final JSONArray DEFAULT_ROLE_CLAIM = new JSONArray().appendElement("USER");
     private static final String ROLE_PREFIX = "ROLE_";
 
-    private UserPrincipalManager principalManager;
+    private final UserPrincipalManager principalManager;
 
     public AADAppRoleAuthenticationFilter(UserPrincipalManager principalManager) {
         this.principalManager = principalManager;
@@ -46,10 +50,10 @@ public AADAppRoleAuthenticationFilter(UserPrincipalManager principalManager) {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
         FilterChain filterChain) throws ServletException, IOException {
 
-        final String authHeader = request.getHeader(TOKEN_HEADER);
+        final String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
         boolean cleanupRequired = false;
 
-        if (authHeader != null && authHeader.startsWith(TOKEN_TYPE)) {
+        if (hasText(authHeader) && authHeader.startsWith(TOKEN_TYPE)) {
             try {
                 final String token = authHeader.replace(TOKEN_TYPE, "");
                 final UserPrincipal principal = principalManager.buildUserPrincipal(token);

diff --git a/...om/microsoft/azure/spring/autoconfigure/aad/AADAuthenticationFilterAutoConfiguration.java b/...om/microsoft/azure/spring/autoconfigure/aad/AADAuthenticationFilterAutoConfiguration.java
@@ -28,13 +28,13 @@
 
 @Configuration
 @ConditionalOnWebApplication
-@ConditionalOnProperty(prefix = "azure.activedirectory", value = {"client-id"})
+@ConditionalOnProperty(prefix = AADAuthenticationFilterAutoConfiguration.PROPERTY_PREFIX, value = {"client-id"})
 @EnableConfigurationProperties({AADAuthenticationProperties.class, ServiceEndpointsProperties.class})
 @PropertySource(value = "classpath:serviceEndpoints.properties")
 public class AADAuthenticationFilterAutoConfiguration {
     private static final Logger LOG = LoggerFactory.getLogger(AADAuthenticationProperties.class);
 
-    private static final String PROPERTY_PREFIX = "azure.activedirectory";
+    public static final String PROPERTY_PREFIX = "azure.activedirectory";
     private static final String PROPERTY_SESSION_STATELESS = "session-stateless";
 
     private final AADAuthenticationProperties aadAuthProps;

diff --git a/...boot/src/main/java/com/microsoft/azure/spring/autoconfigure/aad/UserPrincipalManager.java b/...boot/src/main/java/com/microsoft/azure/spring/autoconfigure/aad/UserPrincipalManager.java
@@ -60,11 +60,11 @@ public UserPrincipalManager(ServiceEndpointsProperties serviceEndpointsProps,
                                 ResourceRetriever resourceRetriever,
                                 boolean explicitAudienceCheck) {
         this.aadAuthProps = aadAuthProps;
-        this.explicitAudienceCheck =  explicitAudienceCheck;
+        this.explicitAudienceCheck = explicitAudienceCheck;
         if (explicitAudienceCheck) {
-            //client-id for "normal" check
+            // client-id for "normal" check
             this.validAudiences.add(this.aadAuthProps.getClientId());
-            //app id uri for client credentials flow (server to server communication)
+            // app id uri for client credentials flow (server to server communication)
             this.validAudiences.add(this.aadAuthProps.getAppIdUri());
         }
         try {