This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-plugins.git
The following commit(s) were added to refs/heads/trunk by this push:
new b3a0b83 Improved: Fix some bugs Spotbugs reports (OFBIZ-12386)
b3a0b83 is described below
commit b3a0b8344c6f324facdb1e33cdf7c9c13468a7ae
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Tue Dec 28 09:42:32 2021 +0100
Improved: Fix some bugs Spotbugs reports (OFBIZ-12386)
In GitHubEvents::gitHubRedirect and LinkedInEvents::linkedInRedirect random
object created and used only once.
Fixes a typo for MESSAGE_LABLES
Adds a FIXME in
OFBizCasAuthenticationHandler::OFBizCasAuthenticationHandler.
It's only an "empty" constructor supposed to "initializes some required
member
variables". I see nothing happening here and it's never called, remove it?
---
.../org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java | 3 +--
.../src/main/java/org/apache/ofbiz/passport/event/GitHubEvents.java | 5 +++--
.../main/java/org/apache/ofbiz/passport/event/LinkedInEvents.java | 5 +++--
.../java/org/apache/ofbiz/htmlreport/sample/SampleHtmlThread.java | 4 ++--
4 files changed, 9 insertions(+), 8 deletions(-)
diff --git
a/ldap/src/main/java/org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java
b/ldap/src/main/java/org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java
index 36a3e34..8e327b5 100644
---
a/ldap/src/main/java/org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java
+++
b/ldap/src/main/java/org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java
@@ -55,8 +55,7 @@ public final class OFBizCasAuthenticationHandler extends
AbstractOFBizAuthentica
/**
* Public constructor, initializes some required member variables.<p>
*/
- public OFBizCasAuthenticationHandler() {
-
+ public OFBizCasAuthenticationHandler() { // FIXME: I see nothing happening
here and it's never called, remove it?
}
diff --git
a/passport/src/main/java/org/apache/ofbiz/passport/event/GitHubEvents.java
b/passport/src/main/java/org/apache/ofbiz/passport/event/GitHubEvents.java
index 043de1f..05c77f2 100644
--- a/passport/src/main/java/org/apache/ofbiz/passport/event/GitHubEvents.java
+++ b/passport/src/main/java/org/apache/ofbiz/passport/event/GitHubEvents.java
@@ -76,6 +76,8 @@ public class GitHubEvents {
private static final String TOKEN_END_POINT = "https://github.com";;
private static final String SESSION_GITHUB_STATE = "_GITHUB_STATE_";
+ private static final SecureRandom SECURE_RANDOM = new SecureRandom();
+
public static final String ENV_PREFIX =
UtilProperties.getPropertyValue(GitHubAuthenticator.PROPS, "github.env.prefix",
"test");
public static String getApiEndPoint() {
@@ -97,11 +99,10 @@ public class GitHubEvents {
}
String clientId =
oauth2GitHub.getString(PassportUtil.COMMON_CLIENT_ID);
String returnURI =
oauth2GitHub.getString(PassportUtil.COMMON_RETURN_RUL);
- SecureRandom secureRandom = new SecureRandom();
// Get user authorization code
try {
- String state = System.currentTimeMillis() +
String.valueOf((secureRandom.nextLong()));
+ String state = System.currentTimeMillis() +
String.valueOf((SECURE_RANDOM.nextLong()));
request.getSession().setAttribute(SESSION_GITHUB_STATE, state);
String redirectUrl = TOKEN_END_POINT + AUTHORIZE_URI
+ "?client_id=" + clientId
diff --git
a/passport/src/main/java/org/apache/ofbiz/passport/event/LinkedInEvents.java
b/passport/src/main/java/org/apache/ofbiz/passport/event/LinkedInEvents.java
index c9b9929..923f7fa 100644
--- a/passport/src/main/java/org/apache/ofbiz/passport/event/LinkedInEvents.java
+++ b/passport/src/main/java/org/apache/ofbiz/passport/event/LinkedInEvents.java
@@ -79,6 +79,8 @@ public class LinkedInEvents {
public static final String SESSION_LINKEDIN_STATE = "_LINKEDIN_STATE_";
public static final String ENV_PREFIX =
UtilProperties.getPropertyValue(LinkedInAuthenticator.getPROPS(),
"linkedin.env.prefix", "test");
+ private static final SecureRandom SECURE_RANDOM = new SecureRandom();
+
/**
* Redirect to LinkedIn login page.
* @return string "success" or "error"
@@ -93,9 +95,8 @@ public class LinkedInEvents {
String returnURI = oauth2LinkedIn.getString(ENV_PREFIX +
PassportUtil.RETURN_URL_LABEL);
// Get user authorization code
- SecureRandom secureRandom = new SecureRandom();
try {
- String state = System.currentTimeMillis() +
String.valueOf((secureRandom.nextLong()));
+ String state = System.currentTimeMillis() +
String.valueOf((SECURE_RANDOM.nextLong()));
request.getSession().setAttribute(SESSION_LINKEDIN_STATE, state);
String redirectUrl = TOKEN_END_POINT + AUTHORIZE_URI
+ "?client_id=" + clientId
diff --git
a/pricat/src/main/java/org/apache/ofbiz/htmlreport/sample/SampleHtmlThread.java
b/pricat/src/main/java/org/apache/ofbiz/htmlreport/sample/SampleHtmlThread.java
index 867d12a..7adb1f2 100644
---
a/pricat/src/main/java/org/apache/ofbiz/htmlreport/sample/SampleHtmlThread.java
+++
b/pricat/src/main/java/org/apache/ofbiz/htmlreport/sample/SampleHtmlThread.java
@@ -39,9 +39,9 @@ public class SampleHtmlThread extends AbstractReportThread {
public static final String COUNT_DOWN = "countdown";
public static final String COUNT_UP = "countup";
public static final String CONFIRM = "confirm_action";
- public static final String[] MESSAGE_LABLES = new String[]
{"FORMAT_DEFAULT", "FORMAT_WARNING", "FORMAT_HEADLINE", "FORMAT_NOTE",
+ public static final String[] MESSAGE_LABELS = new String[] {
"FORMAT_DEFAULT", "FORMAT_WARNING", "FORMAT_HEADLINE", "FORMAT_NOTE",
"FORMAT_OK", "FORMAT_ERROR", "FORMAT_THROWABLE"};
- public static final List<String> MESSAGES =
Collections.unmodifiableList(Arrays.asList(MESSAGE_LABLES));
+ public static final List<String> MESSAGES =
Collections.unmodifiableList(Arrays.asList(MESSAGE_LABELS));
private static final String RESOURCE = "PricatUiLabels";
private static final SecureRandom SECURE_RANDOM = new SecureRandom();
