From 7f1de02ca0167ab61894d3887d6cb8ea7e1283a9 Mon Sep 17 00:00:00 2001 From: Andrei Arlou Date: Sun, 10 Nov 2019 21:44:23 +0300 Subject: [PATCH] KEYCLOAK-11994 Fix minor warnings in module in adapters/oidc/adapter-core --- .../adapters/BasicAuthRequestAuthenticator.java | 4 ++-- .../adapters/BearerTokenRequestAuthenticator.java | 8 ++++---- .../authentication/ClientCredentialsProviderUtils.java | 5 +---- .../authentication/JWTClientCredentialsProvider.java | 2 +- .../JWTClientSecretCredentialsProvider.java | 10 +++------- .../adapters/authorization/PolicyEnforcer.java | 6 +----- .../cip/ClaimsInformationPointProvider.java | 6 ++---- .../cip/HttpClaimInformationPointProvider.java | 10 ++++------ .../adapters/authorization/util/JsonUtils.java | 5 +---- .../adapters/KeycloakDeploymentBuilderTest.java | 9 ++++----- 10 files changed, 23 insertions(+), 42 deletions(-) diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java index 6e7c885884..c1b89b53b1 100755 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java @@ -50,7 +50,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat public AuthOutcome authenticate(HttpFacade exchange) { List authHeaders = exchange.getRequest().getHeaders("Authorization"); - if (authHeaders == null || authHeaders.size() == 0) { + if (authHeaders == null || authHeaders.isEmpty()) { challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_AUTHORIZATION_HEADER, null, null); return AuthOutcome.NOT_ATTEMPTED; } @@ -58,7 +58,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat tokenString = null; for (String authHeader : authHeaders) { String[] split = authHeader.trim().split("\\s+"); - if (split == null || split.length != 2) continue; + if (split.length != 2) continue; if (!split[0].equalsIgnoreCase("Basic")) continue; tokenString = split[1]; } diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java index e1ba188411..f9de531fff 100755 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java @@ -63,7 +63,7 @@ public class BearerTokenRequestAuthenticator { public AuthOutcome authenticate(HttpFacade exchange) { List authHeaders = exchange.getRequest().getHeaders("Authorization"); - if (authHeaders == null || authHeaders.size() == 0) { + if (authHeaders == null || authHeaders.isEmpty()) { challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, null, null); return AuthOutcome.NOT_ATTEMPTED; } @@ -71,13 +71,13 @@ public class BearerTokenRequestAuthenticator { tokenString = null; for (String authHeader : authHeaders) { String[] split = authHeader.trim().split("\\s+"); - if (split == null || split.length != 2) continue; + if (split.length != 2) continue; if (split[0].equalsIgnoreCase("Bearer")) { tokenString = split[1]; log.debugf("Found [%d] values in authorization header, selecting the first value for Bearer.", (Integer) authHeaders.size()); break; - }; + } } if (tokenString == null) { @@ -119,7 +119,7 @@ public class BearerTokenRequestAuthenticator { } surrogate = null; if (verifyCaller) { - if (token.getTrustedCertificates() == null || token.getTrustedCertificates().size() == 0) { + if (token.getTrustedCertificates() == null || token.getTrustedCertificates().isEmpty()) { log.warn("No trusted certificates in token"); challenge = clientCertChallenge(); return AuthOutcome.FAILED; diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/ClientCredentialsProviderUtils.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/ClientCredentialsProviderUtils.java index 4df727d937..e886a2d82e 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/ClientCredentialsProviderUtils.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/ClientCredentialsProviderUtils.java @@ -24,7 +24,6 @@ import org.jboss.logging.Logger; import org.keycloak.adapters.KeycloakDeployment; import java.util.HashMap; -import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.ServiceConfigurationError; @@ -74,10 +73,8 @@ public class ClientCredentialsProviderUtils { } private static void loadAuthenticators(Map authenticators, ClassLoader classLoader) { - Iterator iterator = ServiceLoader.load(ClientCredentialsProvider.class, classLoader).iterator(); - while (iterator.hasNext()) { + for (ClientCredentialsProvider authenticator : ServiceLoader.load(ClientCredentialsProvider.class, classLoader)) { try { - ClientCredentialsProvider authenticator = iterator.next(); logger.debugf("Loaded clientCredentialsProvider %s", authenticator.getId()); authenticators.put(authenticator.getId(), authenticator); } catch (ServiceConfigurationError e) { diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java index 4e109ce285..90629c758b 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java @@ -70,7 +70,7 @@ public class JWTClientCredentialsProvider implements ClientCredentialsProvider { @Override public void init(KeycloakDeployment deployment, Object config) { - if (config == null || !(config instanceof Map)) { + if (!(config instanceof Map)) { throw new RuntimeException("Configuration of jwt credentials is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration"); } diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientSecretCredentialsProvider.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientSecretCredentialsProvider.java index 5a89234a21..3537d80ac1 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientSecretCredentialsProvider.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientSecretCredentialsProvider.java @@ -1,6 +1,6 @@ package org.keycloak.adapters.authentication; -import java.io.UnsupportedEncodingException; +import java.nio.charset.StandardCharsets; import java.util.Map; import javax.crypto.SecretKey; @@ -35,7 +35,7 @@ public class JWTClientSecretCredentialsProvider implements ClientCredentialsProv @Override public void init(KeycloakDeployment deployment, Object config) { - if (config == null || !(config instanceof Map)) { + if (!(config instanceof Map)) { throw new RuntimeException("Configuration of jwt credentials by client secret is missing or incorrect for client '" + deployment.getResourceName() + "'. Check your adapter configuration"); } @@ -60,11 +60,7 @@ public class JWTClientSecretCredentialsProvider implements ClientCredentialsProv // The HMAC (Hash-based Message Authentication Code) is calculated using the octets of the UTF-8 representation of the client_secret as the shared key. // Use "HmacSHA256" consulting java8 api // because it must be implemented in every java platform. - try { - clientSecret = new SecretKeySpec(clientSecretString.getBytes("UTF-8"), "HmacSHA256"); - } catch (UnsupportedEncodingException e) { - throw new RuntimeException("Failed to create secret key spec due to unsupported encoding."); - } + clientSecret = new SecretKeySpec(clientSecretString.getBytes(StandardCharsets.UTF_8), "HmacSHA256"); } public String createSignedRequestToken(String clientId, String realmInfoUrl) { diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java index 65a982184d..bcdcf0d976 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/PolicyEnforcer.java @@ -21,7 +21,6 @@ import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.HashMap; -import java.util.Iterator; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -131,11 +130,8 @@ public class PolicyEnforcer { } private void loadClaimInformationPointProviders(ServiceLoader loader) { - Iterator iterator = loader.iterator(); - - while (iterator.hasNext()) { - ClaimInformationPointProviderFactory factory = iterator.next(); + for (ClaimInformationPointProviderFactory factory : loader) { factory.init(this); claimInformationPointProviderFactories.put(factory.getName(), factory); diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/ClaimsInformationPointProvider.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/ClaimsInformationPointProvider.java index 0221c8dd6a..93d31b6785 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/ClaimsInformationPointProvider.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/ClaimsInformationPointProvider.java @@ -19,7 +19,6 @@ package org.keycloak.adapters.authorization.cip; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; -import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; @@ -51,10 +50,9 @@ public class ClaimsInformationPointProvider implements ClaimInformationPointProv if (claimValue instanceof String) { values = getValues(claimValue.toString(), httpFacade); } else if (claimValue instanceof Collection) { - Iterator iterator = Collection.class.cast(claimValue).iterator(); - while (iterator.hasNext()) { - List resolvedValues = getValues(iterator.next().toString(), httpFacade); + for (Object value : Collection.class.cast(claimValue)) { + List resolvedValues = getValues(value.toString(), httpFacade); if (!resolvedValues.isEmpty()) { values.addAll(resolvedValues); diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/HttpClaimInformationPointProvider.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/HttpClaimInformationPointProvider.java index 51efb90e64..2229cafde3 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/HttpClaimInformationPointProvider.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/cip/HttpClaimInformationPointProvider.java @@ -164,10 +164,9 @@ public class HttpClaimInformationPointProvider implements ClaimInformationPointP if (value instanceof Collection) { Collection values = Collection.class.cast(value); - Iterator iterator = values.iterator(); - while (iterator.hasNext()) { - headerValues.addAll(PlaceHolders.resolve(iterator.next().toString(), httpFacade)); + for (Object item : values) { + headerValues.addAll(PlaceHolders.resolve(item.toString(), httpFacade)); } } else { headerValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade)); @@ -192,10 +191,9 @@ public class HttpClaimInformationPointProvider implements ClaimInformationPointP if (value instanceof Collection) { Collection values = Collection.class.cast(value); - Iterator iterator = values.iterator(); - while (iterator.hasNext()) { - paramValues.addAll(PlaceHolders.resolve(iterator.next().toString(), httpFacade)); + for (Object item : values) { + paramValues.addAll(PlaceHolders.resolve(item.toString(), httpFacade)); } } else { paramValues.addAll(PlaceHolders.resolve(value.toString(), httpFacade)); diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/JsonUtils.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/JsonUtils.java index 631f2ad6a0..c3d03659fb 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/JsonUtils.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/authorization/util/JsonUtils.java @@ -18,7 +18,6 @@ package org.keycloak.adapters.authorization.util; import java.io.IOException; import java.util.ArrayList; -import java.util.Iterator; import java.util.List; import com.fasterxml.jackson.databind.JsonNode; @@ -37,10 +36,8 @@ public class JsonUtils { List values = new ArrayList<>(); if (jsonNode.isArray()) { - Iterator iterator = jsonNode.iterator(); - while (iterator.hasNext()) { - JsonNode node = iterator.next(); + for (JsonNode node : jsonNode) { String value; if (node.isObject()) { diff --git a/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java b/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java index fa465807b4..957db00236 100644 --- a/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java +++ b/adapters/oidc/adapter-core/src/test/java/org/keycloak/adapters/KeycloakDeploymentBuilderTest.java @@ -28,7 +28,6 @@ import org.keycloak.common.enums.RelativeUrlsUsed; import org.keycloak.common.enums.SslRequired; import org.keycloak.common.util.PemUtils; import org.keycloak.enums.TokenStore; -import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; @@ -42,7 +41,7 @@ import static org.junit.Assert.assertTrue; public class KeycloakDeploymentBuilderTest { @Test - public void load() throws Exception { + public void load() { KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak.json")); assertEquals("demo", deployment.getRealm()); assertEquals("customer-portal", deployment.getResourceName()); @@ -81,7 +80,7 @@ public class KeycloakDeploymentBuilderTest { } @Test - public void loadNoClientCredentials() throws Exception { + public void loadNoClientCredentials() { KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-no-credentials.json")); assertEquals(ClientIdAndSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); @@ -91,13 +90,13 @@ public class KeycloakDeploymentBuilderTest { } @Test - public void loadJwtCredentials() throws Exception { + public void loadJwtCredentials() { KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-jwt.json")); assertEquals(JWTClientCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); } @Test - public void loadSecretJwtCredentials() throws Exception { + public void loadSecretJwtCredentials() { KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/keycloak-secret-jwt.json")); assertEquals(JWTClientSecretCredentialsProvider.PROVIDER_ID, deployment.getClientAuthenticator().getId()); }