Fix Sonar issues

duanemay · duanemay · commit 5a98fdad2bea · 2024-11-07T08:54:33.000-05:00
Signed-off-by: Duane May &lt;duane.may@broadcom.com&gt;
diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpoint.java b/server/src/main/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpoint.java
@@ -51,6 +51,7 @@
 import org.springframework.util.StringUtils;
 import org.springframework.web.HttpMediaTypeNotAcceptableException;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
@@ -863,7 +864,7 @@ public String captureImplicitValuesUsingJavascript() {
     }
 
     @GetMapping(value = "/login/callback/{origin}")
-    public String handleExternalOAuthCallback(final HttpSession session) {
+    public String handleExternalOAuthCallback(final HttpSession session, @PathVariable String origin) {
         String redirectLocation = "/home";
         SavedRequest savedRequest = SessionUtils.getSavedRequestSession(session);
         if (savedRequest != null && savedRequest.getRedirectUrl() != null) {
diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpointTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpointTests.java
@@ -920,7 +920,7 @@ void we_return_both_oauth_and_oidc_providers() throws Exception {
     void externalOAuthCallback_redirectsToHomeIfNoSavedRequest() {
         LoginInfoEndpoint endpoint = getEndpoint(IdentityZoneHolder.get());
         HttpSession session = new MockHttpSession();
-        String redirectUrl = endpoint.handleExternalOAuthCallback(session);
+        String redirectUrl = endpoint.handleExternalOAuthCallback(session, "origin");
         assertThat(redirectUrl).isEqualTo("redirect:/home");
     }
 
@@ -931,7 +931,7 @@ void externalOAuthCallback_redirectsToSavedRequestIfPresent() {
         DefaultSavedRequest savedRequest = mock(DefaultSavedRequest.class);
         when(savedRequest.getRedirectUrl()).thenReturn("/some.redirect.url");
         SessionUtils.setSavedRequestSession(session, savedRequest);
-        String redirectUrl = endpoint.handleExternalOAuthCallback(session);
+        String redirectUrl = endpoint.handleExternalOAuthCallback(session, "origin");
         assertThat(redirectUrl).isEqualTo("redirect:/some.redirect.url");
     }
 
diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/OpenSaml4AuthenticationProviderUnitTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/OpenSaml4AuthenticationProviderUnitTests.java
@@ -572,7 +572,6 @@ void setResponseValidatorWhenNullThenIllegalArgument() {
     void authenticateWhenCustomResponseValidatorThenUses() {
         Converter<ResponseToken, Saml2ResponseValidatorResult> validator = mock(
                 Converter.class);
-        OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
         // @formatter:off
         provider.setResponseValidator((responseToken) -> OpenSaml4AuthenticationProvider.createDefaultResponseValidator()
                 .convert(responseToken)
@@ -591,7 +590,6 @@ void authenticateWhenCustomResponseValidatorThenUses() {
 
     @Test
     void authenticateWhenAssertionIssuerNotValidThenFailsWithInvalidIssuer() {
-        OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
         Response response = response();
         Assertion assertion = assertion();
         assertion.setIssuer(TestOpenSamlObjects.issuer("https://invalid.idp.test/saml2/idp"));
@@ -620,7 +618,7 @@ private Consumer<Saml2AuthenticationException> errorOf(String errorCode) {
     }
 
     private Consumer<Saml2AuthenticationException> errorOf(String errorCode, String description) {
-        return (ex) -> {
+        return ex -> {
             assertThat(ex.getSaml2Error().getErrorCode()).isEqualTo(errorCode);
             if (StringUtils.hasText(description)) {
                 assertThat(ex.getSaml2Error().getDescription()).contains(description);
@@ -726,16 +724,16 @@ private RelyingPartyRegistration.Builder registration() {
         return TestRelyingPartyRegistrations.noCredentials()
                 .entityId(RELYING_PARTY_ENTITY_ID)
                 .assertionConsumerServiceLocation(DESTINATION)
-                .assertingPartyDetails((party) -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
+                .assertingPartyDetails(party -> party.entityId(ASSERTING_PARTY_ENTITY_ID));
     }
 
     private RelyingPartyRegistration.Builder verifying(RelyingPartyRegistration.Builder builder) {
-        return builder.assertingPartyDetails((party) -> party
-                .verificationX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
+        return builder.assertingPartyDetails(party -> party
+                .verificationX509Credentials(c -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
     }
 
     private RelyingPartyRegistration.Builder decrypting(RelyingPartyRegistration.Builder builder) {
         return builder
-                .decryptionX509Credentials((c) -> c.add(TestSaml2X509Credentials.relyingPartyDecryptingCredential()));
+                .decryptionX509Credentials(c -> c.add(TestSaml2X509Credentials.relyingPartyDecryptingCredential()));
     }
 }
diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/Saml2BearerGrantAuthenticationConverterTest.java b/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/Saml2BearerGrantAuthenticationConverterTest.java
@@ -21,7 +21,6 @@
 import org.opensaml.saml.saml2.core.Audience;
 import org.opensaml.saml.saml2.core.AuthnRequest;
 import org.opensaml.saml.saml2.core.Conditions;
-import org.opensaml.saml.saml2.core.EncryptedAssertion;
 import org.opensaml.saml.saml2.core.EncryptedAttribute;
 import org.opensaml.saml.saml2.core.Response;
 import org.opensaml.saml.saml2.core.SubjectConfirmation;
@@ -179,7 +178,7 @@ void authenticateWhenAssertionContainsValidationAddressThenItSucceeds() {
         Assertion assertion = assertion();
         assertion.getSubject()
                 .getSubjectConfirmations()
-                .forEach((sc) -> sc.getSubjectConfirmationData().setAddress("10.10.10.10"));
+                .forEach(sc -> sc.getSubjectConfirmationData().setAddress("10.10.10.10"));
         Saml2AuthenticationToken token = token(assertion, verifying(registration()));
         this.provider.authenticate(token);
     }
@@ -204,15 +203,6 @@ void evaluateInResponseToFailsWhenInResponseToInAssertionMismatchWithRequestID()
                 .withStackTraceContaining("invalid_assertion");
     }
 
-    @Test
-    void evaluateInResponseToSucceedsWhenNoInResponseToInResponseOrAssertions() {
-        Assertion assertion = assertion();
-        AbstractSaml2AuthenticationRequest mockAuthenticationRequest = mockedStoredAuthenticationRequest("SAML2",
-                Saml2MessageBinding.POST, false);
-        Saml2AuthenticationToken token = token(assertion, verifying(registration()), mockAuthenticationRequest);
-        this.provider.authenticate(token);
-    }
-
     @Test
     void authenticateWhenAssertionContainsAttributesThenItSucceeds() {
         Assertion assertion = assertion();
@@ -364,8 +354,6 @@ void authenticateWhenAuthenticationHasDetailsThenSucceeds() {
     void writeObjectWhenTypeIsSaml2AuthenticationThenNoException() throws IOException {
         Assertion assertion = TestOpenSamlObjects.signed(assertion(),
                 TestSaml2X509Credentials.assertingPartySigningCredential(), RELYING_PARTY_ENTITY_ID);
-        EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(assertion,
-                TestSaml2X509Credentials.assertingPartyEncryptingCredential());
         Saml2AuthenticationToken token = token(signed(assertion), decrypting(verifying(registration())));
         Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(token);
         // the following code will throw an exception if authentication isn't serializable
@@ -412,7 +400,7 @@ void authenticateWhenAssertionIssuerNotValidThenFailsWithInvalidIssuer() {
         assertion.setIssuer(TestOpenSamlObjects.issuer("https://invalid.idp.test/saml2/idp"));
         Saml2AuthenticationToken token = token(signed(assertion), verifying(registration()));
         assertThatExceptionOfType(Saml2AuthenticationException.class).isThrownBy(() -> provider.authenticate(token))
-                .withMessageContaining("from Issuer","was not valid");
+                .withMessageContaining("from Issuer", "was not valid");
     }
 
     private <T extends XMLObject> T build(QName qName) {
@@ -449,8 +437,7 @@ private Response response() {
     }
 
     private AuthnRequest request() {
-        AuthnRequest request = TestOpenSamlObjects.authnRequest();
-        return request;
+        return TestOpenSamlObjects.authnRequest();
     }
 
     private String serializedRequest(AuthnRequest request, Saml2MessageBinding binding) {
@@ -515,10 +502,6 @@ private Saml2AuthenticationToken token(Assertion assertion, RelyingPartyRegistra
         return new Saml2AuthenticationToken(registration.build(), serialize(assertion));
     }
 
-    private Saml2AuthenticationToken token(EncryptedAssertion assertion, RelyingPartyRegistration.Builder registration) {
-        return new Saml2AuthenticationToken(registration.build(), serialize(assertion));
-    }
-
     private Saml2AuthenticationToken token(Assertion assertion, RelyingPartyRegistration.Builder registration,
                                            AbstractSaml2AuthenticationRequest authenticationRequest) {
         return new Saml2AuthenticationToken(registration.build(), serialize(assertion), authenticationRequest);
diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/Saml2TestUtils.java b/server/src/test/java/org/cloudfoundry/identity/uaa/provider/saml/Saml2TestUtils.java
@@ -23,7 +23,6 @@
 import org.opensaml.core.xml.io.MarshallingException;
 import org.opensaml.core.xml.schema.XSDateTime;
 import org.opensaml.core.xml.schema.impl.XSDateTimeBuilder;
-import org.opensaml.saml.common.SignableSAMLObject;
 import org.opensaml.saml.saml2.core.Assertion;
 import org.opensaml.saml.saml2.core.Attribute;
 import org.opensaml.saml.saml2.core.AttributeStatement;
@@ -195,11 +194,6 @@ public static RelyingPartyRegistration.Builder verifying(RelyingPartyRegistratio
                 .verificationX509Credentials(c -> c.add(TestSaml2X509Credentials.relyingPartyVerifyingCredential())));
     }
 
-    private static RelyingPartyRegistration.Builder decrypting(RelyingPartyRegistration.Builder builder) {
-        return builder
-                .decryptionX509Credentials(c -> c.add(TestSaml2X509Credentials.relyingPartyDecryptingCredential()));
-    }
-
     public static Map<String, String> xmlNamespaces() {
         return Map.of(
                 // Metadata
