From 5e60216d030f45267124e94b82c0ab8fac3b2958 Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Mon, 29 Apr 2019 11:37:25 +0200 Subject: Improve unit tests and sonar fixes Add more test to CryptoUtilsTest and JsonUtilsTest. Correct sonar issue in CldsServiceItCase test - checking if stream is not null. Remove unused import in CldsHealthcheckServiceItCase. Remove unused field in DocumentBuilderTest. Add private constructor in PrincipalUtils and XmlTools. Add FEATURE_SECURE_PROCESSING feature to TransformerFactory. Change-Id: Ieeb561352697c131ebf11bc43162f63ea7096e81 Issue-ID: CLAMP-355 Signed-off-by: Krystian Kedron --- src/main/java/org/onap/clamp/clds/util/CryptoUtils.java | 2 +- src/main/java/org/onap/clamp/clds/util/XmlTools.java | 8 ++++++++ src/main/java/org/onap/clamp/util/PrincipalUtils.java | 6 ++++++ 3 files changed, 15 insertions(+), 1 deletion(-) (limited to 'src/main/java/org') diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java index f08bf7b28..85aae0a5d 100644 --- a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java +++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java @@ -162,7 +162,7 @@ public final class CryptoUtils { private static SecretKeySpec readSecretKeySpec(String propertiesFileName) { Properties props = new Properties(); try { - //Workaround fix to make encryption key configurable + // Workaround fix to make encryption key configurable // System environment variable takes precedence for over clds/key.properties String encryptionKey = System.getenv(AES_ENCRYPTION_KEY); if(encryptionKey != null && encryptionKey.trim().length() > 0) { diff --git a/src/main/java/org/onap/clamp/clds/util/XmlTools.java b/src/main/java/org/onap/clamp/clds/util/XmlTools.java index a812fa127..a7d4ed9fb 100644 --- a/src/main/java/org/onap/clamp/clds/util/XmlTools.java +++ b/src/main/java/org/onap/clamp/clds/util/XmlTools.java @@ -24,6 +24,7 @@ package org.onap.clamp.clds.util; import java.io.StringWriter; +import javax.xml.XMLConstants; import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerException; @@ -38,6 +39,12 @@ import org.w3c.dom.Document; public class XmlTools { + /** + * Private constructor to avoid creating instances of util class. + */ + private XmlTools(){ + } + /** * Transforms document to XML string. * @@ -47,6 +54,7 @@ public class XmlTools { public static String exportXmlDocumentAsString(Document doc) { try { TransformerFactory tf = TransformerFactory.newInstance(); + tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); Transformer transformer = tf.newTransformer(); transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); StringWriter writer = new StringWriter(); diff --git a/src/main/java/org/onap/clamp/util/PrincipalUtils.java b/src/main/java/org/onap/clamp/util/PrincipalUtils.java index d6b20f30b..d6dfacbdb 100644 --- a/src/main/java/org/onap/clamp/util/PrincipalUtils.java +++ b/src/main/java/org/onap/clamp/util/PrincipalUtils.java @@ -37,6 +37,12 @@ public class PrincipalUtils { private static UserNameHandler userNameHandler = new DefaultUserNameHandler(); private static SecurityContext securityContext = SecurityContextHolder.getContext(); + /** + * Private constructor to avoid creating instances of util class. + */ + private PrincipalUtils(){ + } + /** * Get the Full name. * -- cgit 1.2.3-korg