From 7a98fdc16a5e3077324a789cd53725171c23bacd Mon Sep 17 00:00:00 2001
From: Joze RIHTARSIC <joze.RIHTARSIC@ext.ec.europa.eu>
Date: Tue, 26 Apr 2022 10:26:49 +0200
Subject: [PATCH] Fix sonar warnings
---
.../edelivery/smp/auth/SMPAuthenticationToken.java | 12 ++++++------
.../smp/data/ui/ServiceGroupValidationRO.java | 6 +++---
.../edelivery/smp/services/ui/UIPropertyService.java | 2 +-
.../smp/auth/SMPAuthenticationProvider.java | 10 ++++++----
.../smp/config/WSSecurityConfigurerAdapter.java | 11 ++++++-----
5 files changed, 22 insertions(+), 19 deletions(-)
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationToken.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationToken.java
index f34588bdb..adf1c0621 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationToken.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationToken.java
@@ -13,17 +13,17 @@ import java.util.Objects;
public class SMPAuthenticationToken extends UsernamePasswordAuthenticationToken {
private static final SMPLogger LOG = SMPLoggerFactory.getLogger(SMPAuthenticationToken.class);
- DBUser user;
+ private final DBUser user;
// session encryption key to encrypt sensitive data
// at the moment used for UI sessions
- SecurityUtils.Secret secret=null;
+ private SecurityUtils.Secret secret = null;
public SMPAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities) {
- super(principal,credentials, authorities );
+ this(principal, credentials, authorities, null);
}
public SMPAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities, DBUser user) {
- super(principal,credentials, authorities );
+ super(principal, credentials, authorities);
this.user = user;
}
@@ -31,8 +31,8 @@ public class SMPAuthenticationToken extends UsernamePasswordAuthenticationToken
return user;
}
- public SecurityUtils.Secret getSecret(){
- if (secret==null) {
+ public SecurityUtils.Secret getSecret() {
+ if (secret == null) {
LOG.debug("Secret does not yet exist. Create user session secret!");
secret = SecurityUtils.generatePrivateSymmetricKey();
LOG.debug("User session secret created!");
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/ServiceGroupValidationRO.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/ServiceGroupValidationRO.java
index ac351c569..9f149578b 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/ServiceGroupValidationRO.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/ServiceGroupValidationRO.java
@@ -3,9 +3,9 @@ package eu.europa.ec.edelivery.smp.data.ui;
public class ServiceGroupValidationRO extends BaseRO {
private static final long serialVersionUID = -7555221767041516157L;
- public static int ERROR_CODE_OK =0;
- public static int ERROR_CODE_SERVICE_GROUP_EXISTS =1;
- public static int ERROR_CODE_INVALID_EXTENSION =2;
+ public static final int ERROR_CODE_OK =0;
+ public static final int ERROR_CODE_SERVICE_GROUP_EXISTS =1;
+ public static final int ERROR_CODE_INVALID_EXTENSION =2;
Long serviceGroupId;
String extension;
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIPropertyService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIPropertyService.java
index b7aca20ca..0ba7dcdff 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIPropertyService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIPropertyService.java
@@ -66,7 +66,7 @@ public class UIPropertyService {
.collect(Collectors.toMap(DBConfiguration::getProperty, Function.identity()));
List<PropertyRO> properties = filteredProperties.stream()
- .skip(page * pageSize)
+ .skip( page * (long)pageSize)
.limit(pageSize)
.map(prop -> createProperty(prop, changedProps))
.collect(Collectors.toList());
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationProvider.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationProvider.java
index 527742a1a..625c9fb9e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationProvider.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthenticationProvider.java
@@ -51,6 +51,8 @@ import static java.util.Locale.US;
@Component
public class SMPAuthenticationProvider implements AuthenticationProvider {
+ public static final String LOGIN_FAILED_MESSAGE="Login failed; Invalid userID or password";
+
private static final SMPLogger LOG = SMPLoggerFactory.getLogger(SMPAuthenticationProvider.class);
/**
* thread safe validator
@@ -136,7 +138,7 @@ public class SMPAuthenticationProvider implements AuthenticationProvider {
LOG.securityWarn(SMPMessageCode.SEC_USER_NOT_EXISTS, userToken);
//https://www.owasp.org/index.php/Authentication_Cheat_Sheet
// Do not reveal the status of an existing account. Not to use UsernameNotFoundException
- throw new BadCredentialsException("Login failed; Invalid userID or password");
+ throw new BadCredentialsException(LOGIN_FAILED_MESSAGE);
}
user = oUsr.get();
} catch (AuthenticationException ex) {
@@ -258,7 +260,7 @@ public class SMPAuthenticationProvider implements AuthenticationProvider {
//https://www.owasp.org/index.php/Authentication_Cheat_Sheet
// Do not reveal the status of an existing account. Not to use UsernameNotFoundException
- throw new BadCredentialsException("Login failed; Invalid userID or password");
+ throw new BadCredentialsException(LOGIN_FAILED_MESSAGE);
}
user = oUsr.get();
} catch (AuthenticationException ex) {
@@ -278,12 +280,12 @@ public class SMPAuthenticationProvider implements AuthenticationProvider {
user.setLastTokenFailedLoginAttempt(LocalDateTime.now());
mUserDao.update(user);
LOG.securityWarn(SMPMessageCode.SEC_INVALID_PASSWORD, authenticationTokenId);
- throw new BadCredentialsException("Login failed; Invalid userID or password");
+ throw new BadCredentialsException(LOGIN_FAILED_MESSAGE);
}
} catch (java.lang.IllegalArgumentException ex) {
// password is not hashed;
LOG.securityWarn(SMPMessageCode.SEC_INVALID_PASSWORD, ex, authenticationTokenId);
- throw new BadCredentialsException("Login failed; Invalid userID or password");
+ throw new BadCredentialsException(LOGIN_FAILED_MESSAGE);
}
String role = "WS_"+user.getRole();
SMPAuthenticationToken smpAuthenticationToken = new SMPAuthenticationToken(authenticationTokenId, authenticationTokenValue, Collections.singletonList(new SMPAuthority(role)), user);
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/WSSecurityConfigurerAdapter.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/WSSecurityConfigurerAdapter.java
index e575b1999..24204d58c 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/WSSecurityConfigurerAdapter.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/WSSecurityConfigurerAdapter.java
@@ -21,6 +21,7 @@ import eu.europa.ec.edelivery.smp.error.SMPSecurityExceptionHandler;
import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.services.ConfigurationService;
+import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -163,11 +164,11 @@ public class WSSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
.maxAgeInSeconds(maxAge)
.requestMatcher(AnyRequestMatcher.INSTANCE).and().and();
}
-/*
+
String contentSecurityPolicy = configurationService.getHttpHeaderContentSecurityPolicy();
if (StringUtils.isNotBlank(contentSecurityPolicy)) {
- httpSecurity = httpSecurity.headers().contentSecurityPolicy(contentSecurityPolicy).and().and();
- }*/
+ httpSecurity.headers().contentSecurityPolicy(contentSecurityPolicy).and().and();
+ }
}
@Override
@@ -223,7 +224,7 @@ public class WSSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
try {
getClientCertAuthenticationFilter().setClientCertAuthenticationEnabled(clientCertEnabled);
} catch (Exception e) {
- new SMPRuntimeException(ErrorCode.INTERNAL_ERROR, "Error occurred while setting the ClientCert feature (enable [" + clientCertEnabled + "])", ExceptionUtils.getRootCauseMessage(e));
+ throw new SMPRuntimeException(ErrorCode.INTERNAL_ERROR, "Error occurred while setting the ClientCert feature (enable [" + clientCertEnabled + "])", ExceptionUtils.getRootCauseMessage(e));
}
}
@@ -231,7 +232,7 @@ public class WSSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
try {
getEDeliveryX509AuthenticationFilter().setHttpHeaderAuthenticationEnabled(sslClientCertEnabled);
} catch (Exception e) {
- new SMPRuntimeException(ErrorCode.INTERNAL_ERROR, "Error occurred while setting the ClientCert feature (enable [" + sslClientCertEnabled + "])", ExceptionUtils.getRootCauseMessage(e));
+ throw new SMPRuntimeException(ErrorCode.INTERNAL_ERROR, "Error occurred while setting the ClientCert feature (enable [" + sslClientCertEnabled + "])", ExceptionUtils.getRootCauseMessage(e));
}
}
--
GitLab