Resolve several issues reported by Sonar (#109)

* Resolve several issues reported by Sonar

- Correct JavaDoc errors/warnings

* Remove Sonar-specific warning suppression; use try/catch with JsonReader

* Restore several previously-removed methods

* Restore JWTCallerPrincipal.wrapClaimValue as delegate to JsonUtils

Fix JavaDoc error

* Revert type parameter and use raw type

Author: MikeEdgar

implementation/pom.xml

@@ -93,17 +93,27 @@
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-surefire-plugin</artifactId>
         <configuration>
-          <environmentVariables>
-          </environmentVariables>
           <redirectTestOutputToFile>true</redirectTestOutputToFile>
-          <enableAssertions>true</enableAssertions>
-          <argLine>-Xmx512m</argLine>
-          <includes>
-            <include>**/*TestCase.java</include>
-          </includes>
-          <forkMode>once</forkMode>
         </configuration>
       </plugin>
     </plugins>
   </build>
+
+  <profiles>
+    <profile>
+      <id>coverage</id>
+      <properties>
+        <argLine>@{jacocoArgLine}</argLine>
+      </properties>
+
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.jacoco</groupId>
+            <artifactId>jacoco-maven-plugin</artifactId>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
 </project>

implementation/src/main/java/io/smallrye/jwt/JsonUtils.java

@@ -0,0 +1,87 @@
+package io.smallrye.jwt;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+
+import javax.json.Json;
+import javax.json.JsonArray;
+import javax.json.JsonArrayBuilder;
+import javax.json.JsonObject;
+import javax.json.JsonObjectBuilder;
+import javax.json.JsonValue;
+
+public class JsonUtils {
+
+    private JsonUtils() {
+    }
+
+    public static JsonObject replaceMap(Map<String, Object> map) {
+        JsonObjectBuilder builder = Json.createObjectBuilder();
+        for (Map.Entry<String, Object> entry : map.entrySet()) {
+            Object entryValue = entry.getValue();
+            if (entryValue instanceof Map) {
+                @SuppressWarnings("unchecked")
+                JsonObject entryJsonObject = replaceMap((Map<String, Object>) entryValue);
+                builder.add(entry.getKey(), entryJsonObject);
+            } else if (entryValue instanceof List) {
+                JsonArray array = (JsonArray) wrapValue(entryValue);
+                builder.add(entry.getKey(), array);
+            } else if (entryValue instanceof Long || entryValue instanceof Integer) {
+                long lvalue = ((Number) entryValue).longValue();
+                builder.add(entry.getKey(), lvalue);
+            } else if (entryValue instanceof Double || entryValue instanceof Float) {
+                double dvalue = ((Number) entryValue).doubleValue();
+                builder.add(entry.getKey(), dvalue);
+            } else if (entryValue instanceof Boolean) {
+                boolean flag = ((Boolean) entryValue).booleanValue();
+                builder.add(entry.getKey(), flag);
+            } else if (entryValue instanceof String) {
+                builder.add(entry.getKey(), entryValue.toString());
+            }
+        }
+        return builder.build();
+    }
+
+    private static JsonArray toJsonArray(Collection<?> collection) {
+        JsonArrayBuilder arrayBuilder = Json.createArrayBuilder();
+
+        for (Object element : collection) {
+            if (element instanceof String) {
+                arrayBuilder.add(element.toString());
+            } else if (element == null) {
+                arrayBuilder.add(JsonValue.NULL);
+            } else {
+                JsonValue jvalue = wrapValue(element);
+                arrayBuilder.add(jvalue);
+            }
+        }
+
+        return arrayBuilder.build();
+    }
+
+    public static JsonValue wrapValue(Object value) {
+        JsonValue jsonValue = null;
+
+        if (value instanceof JsonValue) {
+            // This may already be a JsonValue
+            jsonValue = (JsonValue) value;
+        } else if (value instanceof String) {
+            jsonValue = Json.createValue(value.toString());
+        } else if ((value instanceof Long) || (value instanceof Integer)) {
+            jsonValue = Json.createValue(((Number) value).longValue());
+        } else if (value instanceof Number) {
+            jsonValue = Json.createValue(((Number) value).doubleValue());
+        } else if (value instanceof Boolean) {
+            jsonValue = (Boolean) value ? JsonValue.TRUE : JsonValue.FALSE;
+        } else if (value instanceof Collection) {
+            jsonValue = toJsonArray((Collection<?>) value);
+        } else if (value instanceof Map) {
+            @SuppressWarnings("unchecked")
+            JsonObject entryJsonObject = replaceMap((Map<String, Object>) value);
+            jsonValue = entryJsonObject;
+        }
+
+        return jsonValue;
+    }
+}

implementation/src/main/java/io/smallrye/jwt/KeyUtils.java

@@ -17,9 +17,13 @@
 package io.smallrye.jwt;
 
 import java.io.ByteArrayInputStream;
+import java.io.IOException;
 import java.io.InputStream;
+import java.io.Reader;
 import java.io.StringReader;
+import java.io.UncheckedIOException;
 import java.math.BigInteger;
+import java.security.GeneralSecurityException;
 import java.security.KeyFactory;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
@@ -34,53 +38,50 @@
 import javax.json.Json;
 import javax.json.JsonArray;
 import javax.json.JsonObject;
+import javax.json.JsonReader;
 
 /**
  * Utility methods for dealing with decoding public and private keys resources
  */
 public class KeyUtils {
     private static final String RSA = "RSA";
 
-    public static PrivateKey readPrivateKey(String pemResName) throws Exception {
+    public static PrivateKey readPrivateKey(String pemResName) throws IOException, GeneralSecurityException {
         InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName);
         byte[] tmp = new byte[4096];
         int length = contentIS.read(tmp);
-        PrivateKey privateKey = decodePrivateKey(new String(tmp, 0, length));
-        return privateKey;
+        return decodePrivateKey(new String(tmp, 0, length));
     }
 
-    public static PublicKey readPublicKey(String pemResName) throws Exception {
+    public static PublicKey readPublicKey(String pemResName) throws IOException, GeneralSecurityException {
         InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName);
         byte[] tmp = new byte[4096];
         int length = contentIS.read(tmp);
-        PublicKey publicKey = decodePublicKey(new String(tmp, 0, length));
-        return publicKey;
+        return decodePublicKey(new String(tmp, 0, length));
     }
 
     public static KeyPair generateKeyPair(int keySize) throws NoSuchAlgorithmException {
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
         keyPairGenerator.initialize(keySize);
-        KeyPair keyPair = keyPairGenerator.genKeyPair();
-        return keyPair;
+        return keyPairGenerator.genKeyPair();
     }
 
     /**
      * Decode a PEM RSA private key
      * 
      * @param pemEncoded - pem string for key
      * @return RSA private key instance
-     * @throws Exception - on failure to decode and create key
+     * @throws GeneralSecurityException - on failure to decode and create key
      */
-    public static PrivateKey decodePrivateKey(String pemEncoded) throws Exception {
+    public static PrivateKey decodePrivateKey(String pemEncoded) throws GeneralSecurityException {
         pemEncoded = removeBeginEnd(pemEncoded);
         byte[] pkcs8EncodedBytes = Base64.getDecoder().decode(pemEncoded);
 
         // extract the private key
 
         PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes);
         KeyFactory kf = KeyFactory.getInstance(RSA);
-        PrivateKey privKey = kf.generatePrivate(keySpec);
-        return privKey;
+        return kf.generatePrivate(keySpec);
     }
 
     /**
@@ -89,15 +90,24 @@ public static PrivateKey decodePrivateKey(String pemEncoded) throws Exception {
      * 
      * @param jwksValue - JWKS string value
      * @return PublicKey from RSAPublicKeySpec
+     * @throws GeneralSecurityException when RSA security is not supported or public key cannot be decoded
      */
-    public static PublicKey decodeJWKSPublicKey(String jwksValue) throws Exception {
+    public static PublicKey decodeJWKSPublicKey(String jwksValue) throws GeneralSecurityException {
         JsonObject jwks;
-        try {
-            jwks = Json.createReader(new StringReader(jwksValue)).readObject();
+
+        try (Reader reader = new StringReader(jwksValue);
+                JsonReader json = Json.createReader(reader)) {
+            jwks = json.readObject();
         } catch (Exception e) {
             // See if this is base64 encoded
             byte[] decoded = Base64.getDecoder().decode(jwksValue);
-            jwks = Json.createReader(new ByteArrayInputStream(decoded)).readObject();
+
+            try (InputStream stream = new ByteArrayInputStream(decoded);
+                    JsonReader json = Json.createReader(stream)) {
+                jwks = json.readObject();
+            } catch (IOException ioe) {
+                throw new UncheckedIOException(ioe);
+            }
         }
         JsonArray keys = jwks.getJsonArray("keys");
         JsonObject jwk;
@@ -116,18 +126,17 @@ public static PublicKey decodeJWKSPublicKey(String jwksValue) throws Exception {
         BigInteger modulus = new BigInteger(1, nbytes);
         KeyFactory kf = KeyFactory.getInstance(RSA);
         RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(modulus, publicExponent);
-        PublicKey publicKey = kf.generatePublic(rsaPublicKeySpec);
-        return publicKey;
+        return kf.generatePublic(rsaPublicKeySpec);
     }
 
     /**
      * Decode a PEM encoded public key string to an RSA PublicKey
      * 
      * @param pemEncoded - PEM string for public key
      * @return PublicKey
-     * @throws Exception on decode failure
+     * @throws GeneralSecurityException on decode failure
      */
-    public static PublicKey decodePublicKey(String pemEncoded) throws Exception {
+    public static PublicKey decodePublicKey(String pemEncoded) throws GeneralSecurityException {
         pemEncoded = removeBeginEnd(pemEncoded);
         byte[] encodedBytes = Base64.getDecoder().decode(pemEncoded);
 

implementation/src/main/java/io/smallrye/jwt/SmallryeJwtUtils.java

@@ -60,7 +60,7 @@ public static void setContextGroupsPath(JWTAuthContextInfo contextInfo, Optional
     }
 
     private static boolean checkClaimPath(String claimName, Optional<String> claimPath) {
-        if (claimPath != null && claimPath.isPresent()) {
+        if (claimPath.isPresent()) {
             final String[] pathSegments = claimPath.get().split("/");
             if (MAX_PATH_DEPTH < pathSegments.length) {
                 log.errorf("path." + claimName + " configuration will be ignored because the path depth is too large:"
@@ -73,7 +73,7 @@ private static boolean checkClaimPath(String claimName, Optional<String> claimPa
     }
 
     public static void setContextTokenCookie(JWTAuthContextInfo contextInfo, Optional<String> cookieName) {
-        if (cookieName != null && cookieName.isPresent()) {
+        if (cookieName.isPresent()) {
             if (!COOKIE_HEADER.equals(contextInfo.getTokenHeader())) {
                 log.error("Token header is not 'Cookie', the cookie name value will be ignored");
             } else {
@@ -83,7 +83,7 @@ public static void setContextTokenCookie(JWTAuthContextInfo contextInfo, Optiona
     }
 
     public static void setWhitelistAlgorithms(JWTAuthContextInfo contextInfo, Optional<String> whitelistAlgorithms) {
-        if (whitelistAlgorithms != null && whitelistAlgorithms.isPresent()) {
+        if (whitelistAlgorithms.isPresent()) {
             final List<String> algorithms = Arrays.stream(whitelistAlgorithms.get().split(","))
                     .map(String::trim)
                     .collect(Collectors.toList());

implementation/src/main/java/io/smallrye/jwt/auth/AbstractBearerTokenExtractor.java

@@ -19,7 +19,6 @@
 import org.jboss.logging.Logger;
 
 import io.smallrye.jwt.auth.principal.JWTAuthContextInfo;
-import io.smallrye.jwt.auth.principal.JWTCallerPrincipal;
 import io.smallrye.jwt.auth.principal.JWTCallerPrincipalFactory;
 import io.smallrye.jwt.auth.principal.ParseException;
 
@@ -33,10 +32,10 @@
  */
 public abstract class AbstractBearerTokenExtractor {
 
-    protected final static String AUTHORIZATION_HEADER = "Authorization";
-    protected final static String COOKIE_HEADER = "Cookie";
-    protected final static String BEARER = "Bearer";
-    protected final static String BEARER_SCHEME_PREFIX = BEARER + ' ';
+    protected static final String AUTHORIZATION_HEADER = "Authorization";
+    protected static final String COOKIE_HEADER = "Cookie";
+    protected static final String BEARER = "Bearer";
+    protected static final String BEARER_SCHEME_PREFIX = BEARER + ' ';
     private static Logger logger = Logger.getLogger(AbstractBearerTokenExtractor.class);
 
     private final JWTAuthContextInfo authContextInfo;
@@ -60,39 +59,52 @@ public String getBearerToken() {
         final String bearerValue;
 
         if (COOKIE_HEADER.equals(tokenHeaderName)) {
-            String tokenCookieName = authContextInfo.getTokenCookie();
+            bearerValue = getBearerTokenCookie();
+        } else if (AUTHORIZATION_HEADER.equals(tokenHeaderName)) {
+            bearerValue = getBearerTokenAuthHeader();
+        } else {
+            bearerValue = getHeaderValue(tokenHeaderName);
 
-            if (tokenCookieName == null) {
-                tokenCookieName = BEARER;
+            if (bearerValue == null) {
+                logger.debugf("Header %s was null", tokenHeaderName);
             }
+        }
+
+        return bearerValue;
+    }
 
-            logger.debugf("tokenCookieName = %s", tokenCookieName);
+    private String getBearerTokenCookie() {
+        String tokenCookieName = authContextInfo.getTokenCookie();
 
-            bearerValue = getCookieValue(tokenCookieName);
+        if (tokenCookieName == null) {
+            tokenCookieName = BEARER;
+        }
 
-            if (bearerValue == null) {
-                logger.debugf("Cookie %s was null", tokenCookieName);
-            }
-        } else if (AUTHORIZATION_HEADER.equals(tokenHeaderName)) {
-            final String tokenHeader = getHeaderValue(tokenHeaderName);
-
-            if (tokenHeader != null) {
-                if (isBearerScheme(tokenHeader)) {
-                    bearerValue = tokenHeader.substring(BEARER_SCHEME_PREFIX.length());
-                } else {
-                    logger.debugf("Authorization header does not contain a Bearer prefix");
-                    bearerValue = null;
-                }
+        logger.debugf("tokenCookieName = %s", tokenCookieName);
+
+        String bearerValue = getCookieValue(tokenCookieName);
+
+        if (bearerValue == null) {
+            logger.debugf("Cookie %s was null", tokenCookieName);
+        }
+
+        return bearerValue;
+    }
+
+    private String getBearerTokenAuthHeader() {
+        final String tokenHeader = getHeaderValue(AUTHORIZATION_HEADER);
+        final String bearerValue;
+
+        if (tokenHeader != null) {
+            if (isBearerScheme(tokenHeader)) {
+                bearerValue = tokenHeader.substring(BEARER_SCHEME_PREFIX.length());
             } else {
-                logger.debugf("Authorization header was null");
+                logger.debugf("Authorization header does not contain a Bearer prefix");
                 bearerValue = null;
             }
         } else {
-            bearerValue = getHeaderValue(tokenHeaderName);
-
-            if (bearerValue == null) {
-                logger.debugf("Header %s was null", tokenHeaderName);
-            }
+            logger.debugf("Authorization header was null");
+            bearerValue = null;
         }
 
         return bearerValue;
@@ -110,8 +122,7 @@ private static boolean isBearerScheme(String authorizationHeader) {
 
     public JsonWebToken validate(String bearerToken) throws ParseException {
         JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
-        JWTCallerPrincipal callerPrincipal = factory.parse(bearerToken, authContextInfo);
-        return callerPrincipal;
+        return factory.parse(bearerToken, authContextInfo);
     }
 
     /**