From 48879cc2620ae271443329a11857583b41d0dcc3 Mon Sep 17 00:00:00 2001 From: Misagh Moayyed Date: Wed, 10 Dec 2014 20:44:22 -0700 Subject: [PATCH] checkstyle security issue - checking for protected classes --- .../RegisteredServiceValidatorTests.java | 20 +++++++++---------- .../DefaultServicesManagerImplTests.java | 10 +++++----- .../DistributedTicketRegistryTests.java | 18 ++++++++++++----- ...lAuthenticationMetaDataPopulatorTests.java | 15 +++++++------- .../support/ResourceCRLRevocationChecker.java | 11 ++++++---- checkstyle-rules.xml | 4 ++-- 6 files changed, 44 insertions(+), 34 deletions(-) diff --git a/cas-management-webapp/src/test/java/org/jasig/cas/services/web/support/RegisteredServiceValidatorTests.java b/cas-management-webapp/src/test/java/org/jasig/cas/services/web/support/RegisteredServiceValidatorTests.java index fd7f2fedddfd..5a89e29543de 100644 --- a/cas-management-webapp/src/test/java/org/jasig/cas/services/web/support/RegisteredServiceValidatorTests.java +++ b/cas-management-webapp/src/test/java/org/jasig/cas/services/web/support/RegisteredServiceValidatorTests.java @@ -18,16 +18,6 @@ */ package org.jasig.cas.services.web.support; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - import org.jasig.cas.authentication.principal.Service; import org.jasig.cas.services.RegisteredService; import org.jasig.cas.services.RegisteredServiceImpl; @@ -38,6 +28,14 @@ import org.springframework.validation.BindException; import org.springframework.validation.Validator; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import static org.junit.Assert.*; + /** * * @author Scott Battaglia @@ -117,7 +115,7 @@ protected void checkId(final boolean exists, final int expectedErrors, final Str } - protected class TestServicesManager implements ServicesManager { + private static class TestServicesManager implements ServicesManager { private final boolean returnValue; diff --git a/cas-server-core/src/test/java/org/jasig/cas/services/DefaultServicesManagerImplTests.java b/cas-server-core/src/test/java/org/jasig/cas/services/DefaultServicesManagerImplTests.java index e5126713c89c..54c8ee7bfa2c 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/services/DefaultServicesManagerImplTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/services/DefaultServicesManagerImplTests.java @@ -18,15 +18,15 @@ */ package org.jasig.cas.services; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - import org.jasig.cas.authentication.principal.Principal; import org.jasig.cas.authentication.principal.Service; import org.junit.Before; import org.junit.Test; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + import static org.junit.Assert.*; /** @@ -211,7 +211,7 @@ public void verifyEvaluationOrderOfServices() { } - protected class SimpleService implements Service { + private static class SimpleService implements Service { /** * Comment for serialVersionUID. diff --git a/cas-server-core/src/test/java/org/jasig/cas/ticket/registry/DistributedTicketRegistryTests.java b/cas-server-core/src/test/java/org/jasig/cas/ticket/registry/DistributedTicketRegistryTests.java index 25e0a1c7827e..8102adf178a7 100644 --- a/cas-server-core/src/test/java/org/jasig/cas/ticket/registry/DistributedTicketRegistryTests.java +++ b/cas-server-core/src/test/java/org/jasig/cas/ticket/registry/DistributedTicketRegistryTests.java @@ -39,15 +39,19 @@ * @since 3.1 * */ -public class DistributedTicketRegistryTests { +public final class DistributedTicketRegistryTests { private TestDistributedTicketRegistry ticketRegistry; private boolean wasTicketUpdated; + public void setWasTicketUpdated(final boolean wasTicketUpdated) { + this.wasTicketUpdated = wasTicketUpdated; + } + @Before public void setUp() throws Exception { - this.ticketRegistry = new TestDistributedTicketRegistry(); + this.ticketRegistry = new TestDistributedTicketRegistry(this); this.wasTicketUpdated = false; } @@ -114,12 +118,16 @@ public void verifyTicketDoesntExist() { assertNull(this.ticketRegistry.getTicket("fdfas")); } - protected class TestDistributedTicketRegistry extends AbstractDistributedTicketRegistry { - + private static class TestDistributedTicketRegistry extends AbstractDistributedTicketRegistry { + private final DistributedTicketRegistryTests parent; private Map tickets = new HashMap(); + public TestDistributedTicketRegistry(final DistributedTicketRegistryTests parent) { + this.parent = parent; + } + protected void updateTicket(final Ticket ticket) { - DistributedTicketRegistryTests.this.wasTicketUpdated = true; + this.parent.setWasTicketUpdated(true); } public void addTicket(final Ticket ticket) { diff --git a/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/SamlAuthenticationMetaDataPopulatorTests.java b/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/SamlAuthenticationMetaDataPopulatorTests.java index 1653fe3674ad..553e13e08932 100644 --- a/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/SamlAuthenticationMetaDataPopulatorTests.java +++ b/cas-server-support-saml/src/test/java/org/jasig/cas/support/saml/authentication/SamlAuthenticationMetaDataPopulatorTests.java @@ -18,25 +18,26 @@ */ package org.jasig.cas.support.saml.authentication; -import static org.junit.Assert.*; - -import java.util.HashMap; -import java.util.Map; - import org.jasig.cas.TestUtils; import org.jasig.cas.authentication.Authentication; import org.jasig.cas.authentication.AuthenticationBuilder; import org.jasig.cas.authentication.AuthenticationHandler; import org.jasig.cas.authentication.BasicCredentialMetaData; +import org.jasig.cas.authentication.Credential; import org.jasig.cas.authentication.CredentialMetaData; import org.jasig.cas.authentication.HandlerResult; import org.jasig.cas.authentication.UsernamePasswordCredential; import org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler; -import org.jasig.cas.authentication.Credential; import org.jasig.cas.authentication.principal.Principal; import org.junit.Before; import org.junit.Test; +import java.util.HashMap; +import java.util.Map; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + /** * @author Scott Battaglia * @since 3.1 @@ -91,7 +92,7 @@ public void verifyAuthenticationTypeFoundCustom() { auth.getAttributes().get(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD)); } - protected class CustomCredential implements Credential { + private static class CustomCredential implements Credential { public String getId() { return "nobody"; diff --git a/cas-server-support-x509/src/main/java/org/jasig/cas/adaptors/x509/authentication/handler/support/ResourceCRLRevocationChecker.java b/cas-server-support-x509/src/main/java/org/jasig/cas/adaptors/x509/authentication/handler/support/ResourceCRLRevocationChecker.java index abd594df5dab..58beb0f2266a 100644 --- a/cas-server-support-x509/src/main/java/org/jasig/cas/adaptors/x509/authentication/handler/support/ResourceCRLRevocationChecker.java +++ b/cas-server-support-x509/src/main/java/org/jasig/cas/adaptors/x509/authentication/handler/support/ResourceCRLRevocationChecker.java @@ -81,7 +81,7 @@ public ResourceCRLRevocationChecker(final Resource crl) { * at least one non-null element. */ public ResourceCRLRevocationChecker(final Resource[] crls) { - this.fetcher = new CRLFetcher(crls); + this.fetcher = new CRLFetcher(crls, this); } /** @@ -153,7 +153,8 @@ protected void finalize() throws Throwable { /** * Handles details of fetching CRL data from resources. */ - protected class CRLFetcher { + private static class CRLFetcher { + private final ResourceCRLRevocationChecker crlRevocationChecker; /** Logger instance. */ private final Logger logger = LoggerFactory.getLogger(getClass()); @@ -165,8 +166,9 @@ protected class CRLFetcher { * * @param crls Resources containing CRL data. MUST NOT be null and MUST have * at least one non-null element. + * @param crlRevocationChecker the crl revocation checker */ - public CRLFetcher(final Resource[] crls) { + public CRLFetcher(final Resource[] crls, final ResourceCRLRevocationChecker crlRevocationChecker) { if (crls == null) { throw new IllegalArgumentException("CRL resources cannot be null."); } @@ -179,6 +181,7 @@ public CRLFetcher(final Resource[] crls) { if (this.resources.isEmpty()) { throw new IllegalArgumentException("Must provide at least one non-null CRL resource."); } + this.crlRevocationChecker = crlRevocationChecker; } /** @@ -191,7 +194,7 @@ public void fetch(final boolean throwOnError) { for (Resource r : this.resources) { logger.debug("Fetching CRL data from {}", r); try { - addCrl(CertUtils.fetchCRL(r)); + this.crlRevocationChecker.addCrl(CertUtils.fetchCRL(r)); } catch (final Exception e) { if (throwOnError) { throw new RuntimeException("Error fetching CRL from " + r, e); diff --git a/checkstyle-rules.xml b/checkstyle-rules.xml index 101846e3cf3b..6651734ec200 100644 --- a/checkstyle-rules.xml +++ b/checkstyle-rules.xml @@ -348,8 +348,8 @@ Checkstyle configuration based on Sun's conventions, compliant with CAS coding c - - + +