From 0400fe2ca6bb8ba3c783854fa1256096d13ad3b8 Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:53:39 +0530 Subject: [PATCH 1/7] [ELY-2603] replace switch statement with if condition to improve readability This closes ticket https://issues.redhat.com/browse/ELY-2603 --- .../security/auth/client/ElytronXmlParser.java | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/auth/client/src/main/java/org/wildfly/security/auth/client/ElytronXmlParser.java b/auth/client/src/main/java/org/wildfly/security/auth/client/ElytronXmlParser.java index 0a9702d1c87..2268b276428 100644 --- a/auth/client/src/main/java/org/wildfly/security/auth/client/ElytronXmlParser.java +++ b/auth/client/src/main/java/org/wildfly/security/auth/client/ElytronXmlParser.java @@ -714,13 +714,10 @@ private static void parseCertificateRevocationLists(ConfigurationXMLStreamReader while (reader.hasNext()) { final int tag = reader.nextTag(); if (tag == START_ELEMENT) { - switch (reader.getLocalName()) { - case "certificate-revocation-list": { - parseCertificateRevocationList(reader, builder, xmlVersion, true); - break; - } - default: - throw reader.unexpectedElement(); + if (reader.getLocalName().equals("certificate-revocation-list")) { + parseCertificateRevocationList(reader, builder, xmlVersion, true); + } else { + throw reader.unexpectedElement(); } } else if (tag != END_ELEMENT) { throw reader.unexpectedContent(); From 50f5108fa49809e10bdfd77f98ef61bfaab2f80d Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:54:18 +0530 Subject: [PATCH 2/7] [ELY-2596] add missing @Override annotation on override method This add missing @Override annotation on dispose() method of class FileSystemSecurityRealm This closes ticket https://issues.redhat.com/browse/ELY-2596 --- .../org/wildfly/security/auth/realm/FileSystemSecurityRealm.java | 1 + 1 file changed, 1 insertion(+) diff --git a/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java b/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java index 6ef7cc4cc9a..ba1ef0c0418 100644 --- a/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java +++ b/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java @@ -1099,6 +1099,7 @@ private void writeIdentity(final XMLStreamWriter streamWriter, final LoadedIdent streamWriter.writeEndDocument(); } + @Override public void dispose() { // Release the lock for this realm identity IdentityLock identityLock = lock; From 6dbf7f98adcd2850d5ceb007e46d8a7f195b31cf Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:12:21 +0530 Subject: [PATCH 3/7] [ELY-2607] directly append iterationCount(int) to String instead of using String.valueOf() This closes ticket https://issues.redhat.com/browse/ELY-2607 --- tool/src/main/java/org/wildfly/security/tool/VaultCommand.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java b/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java index 11181c5fd57..edf7fb18acb 100644 --- a/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java +++ b/tool/src/main/java/org/wildfly/security/tool/VaultCommand.java @@ -446,7 +446,7 @@ private void printSummary (String keystorePassword, String salt, int iterationCo if (keystorePassword != null) { password = keystorePassword; if (salt != null && iterationCount > -1) { - password = keystorePassword.startsWith(MASK_PREFIX) ? keystorePassword + ";" + salt + ";" + String.valueOf(iterationCount) + password = keystorePassword.startsWith(MASK_PREFIX) ? keystorePassword + ";" + salt + ";" + iterationCount : MaskCommand.computeMasked(keystorePassword, salt, iterationCount); } } From 7529e8929c7ac6fdc83a44b5f5d60af8030bd9b7 Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:14:29 +0530 Subject: [PATCH 4/7] [ELY-2606] make two Elytron class data members final This makes data members ElytronToolExitStatus_unrecognizedCommand & ElytronToolExitStatus_OK final (they're already declared as public static) since their values don't change. This closes ticket https://issues.redhat.com/browse/ELY-2606 --- tool/src/main/java/org/wildfly/security/tool/ElytronTool.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tool/src/main/java/org/wildfly/security/tool/ElytronTool.java b/tool/src/main/java/org/wildfly/security/tool/ElytronTool.java index 0d0d4193a10..2cae692d978 100644 --- a/tool/src/main/java/org/wildfly/security/tool/ElytronTool.java +++ b/tool/src/main/java/org/wildfly/security/tool/ElytronTool.java @@ -36,11 +36,11 @@ public class ElytronTool { /** * status code for unrecognized command */ - public static int ElytronToolExitStatus_unrecognizedCommand = 1; + public static final int ElytronToolExitStatus_unrecognizedCommand = 1; /** * status code for no problems */ - public static int ElytronToolExitStatus_OK = 0; + public static final int ElytronToolExitStatus_OK = 0; private Map commandRegistry = new HashMap<>(); /** From 96f93ef6c27ea749c5f080f11b45c7a32375af1a Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:18:34 +0530 Subject: [PATCH 5/7] [ELY-2605] make two CredentialStoreCommand class data members final This makes data members ACTION_NOT_DEFINED & ALIAS_NOT_FOUND final (they're already declared as public static) since their values don't change. This closes ticket https://issues.redhat.com/browse/ELY-2605 --- .../org/wildfly/security/tool/CredentialStoreCommand.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tool/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java b/tool/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java index 62b2637a773..493d5df134c 100644 --- a/tool/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java +++ b/tool/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java @@ -92,8 +92,8 @@ */ class CredentialStoreCommand extends Command { - public static int ACTION_NOT_DEFINED = 5; - public static int ALIAS_NOT_FOUND = 6; + public static final int ACTION_NOT_DEFINED = 5; + public static final int ALIAS_NOT_FOUND = 6; public static final String RSA_ALGORITHM = "RSA"; public static final String DSA_ALGORITHM = "DSA"; From e681ae54a117c6051acae4bca2e7b3502a363669 Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:22:30 +0530 Subject: [PATCH 6/7] [ELY-2595] remove unused parameter This removes unused parameter identityToWrite from requiredVersion method signature. This closes ticket https://issues.redhat.com/browse/ELY-2595 --- .../wildfly/security/auth/realm/FileSystemSecurityRealm.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java b/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java index ba1ef0c0418..2b04bf1ca19 100644 --- a/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java +++ b/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/FileSystemSecurityRealm.java @@ -1000,7 +1000,7 @@ private Void replaceIdentityPrivileged(final LoadedIdentity newIdentity) throws } } - private Version requiredVersion(final LoadedIdentity identityToWrite) { + private Version requiredVersion() { // As new functionality is added we will identify if we need to use a later version // if new functionality is used then use the required schema version otherwise fallback // to an older version. @@ -1018,7 +1018,7 @@ private void writeIdentity(final XMLStreamWriter streamWriter, final LoadedIdent streamWriter.writeStartDocument(); streamWriter.writeCharacters("\n"); streamWriter.writeStartElement("identity"); - streamWriter.writeDefaultNamespace(requiredVersion(newIdentity).getNamespace()); + streamWriter.writeDefaultNamespace(requiredVersion().getNamespace()); if (integrityEnabled) { streamWriter.writeCharacters("\n "); From 4c6214100ceecc3e222e9585f5e06a84dbe5701a Mon Sep 17 00:00:00 2001 From: Abhishek Nigam Date: Sat, 7 Oct 2023 00:25:46 +0530 Subject: [PATCH 7/7] [ELY-2597] merge if statements in verifyCertificate method This merges an if statement with it's enclosing if statement to increase readability. This closes ticket https://issues.redhat.com/browse/ELY-2597 --- .../security/auth/realm/ldap/X509EvidenceVerifier.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/auth/realm/ldap/src/main/java/org/wildfly/security/auth/realm/ldap/X509EvidenceVerifier.java b/auth/realm/ldap/src/main/java/org/wildfly/security/auth/realm/ldap/X509EvidenceVerifier.java index 8b2bd7bd61a..b764ee60f50 100644 --- a/auth/realm/ldap/src/main/java/org/wildfly/security/auth/realm/ldap/X509EvidenceVerifier.java +++ b/auth/realm/ldap/src/main/java/org/wildfly/security/auth/realm/ldap/X509EvidenceVerifier.java @@ -176,10 +176,8 @@ public boolean verifyCertificate(X509Certificate certificate, Attributes attribu for (int i = 0; i < size; i++) { Object attrDigest = attribute.get(i); - if (attrDigest != null){ - if (digest.equalsIgnoreCase((String) attrDigest)) { - return true; - } + if (attrDigest != null && digest.equalsIgnoreCase((String) attrDigest)){ + return true; } } } catch (NoSuchAlgorithmException | CertificateEncodingException e) {