Merge "UpdateSwagger annotations and OpenAPI.yaml"

diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
index 85b85ff..e7d63e2 100644 (file)
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
@@ -28,7 +28,7 @@ import java.security.NoSuchAlgorithmException;
 
 public class KeyPairFactory {
 
-    private final static Logger LOGGER = LoggerFactory.getLogger(KeyPairFactory.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(KeyPairFactory.class);
     private final String encryptionAlgorithm;
     private final int keySize;
 

diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
index 6dc2ef8..4378460 100644 (file)
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
@@ -43,13 +43,13 @@ public class KeystoreTruststoreCreator {
         throws PemToPKCS12ConverterException {
         Password password = generator.generate(PASSWORD_LENGTH);
         creator.saveKeystoreData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey),
-            password.getPassword());
+            password.getCurrentPassword());
     }
 
     public void createTruststore(List<String> data)
         throws PemToPKCS12ConverterException {
         Password password = generator.generate(PASSWORD_LENGTH);
         creator.saveTruststoreData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS),
-            password.getPassword());
+            password.getCurrentPassword());
     }
 }

diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
index 09c65ca..35ae9f9 100644 (file)
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
@@ -21,22 +21,26 @@
 package org.onap.aaf.certservice.client.certification.conversion;
 
 class Password {
+    // We are excluding this line in Sonar due to fact that
+    // PASSWORD_PATTERN does not contain password. This solution
+    // is safe.
+    // NOSONAR
     private static final String PASSWORD_PATTERN = "[\\w$#]{16,}";
-    private final String password;
+    private final String currentPassword;
 
-    Password(String password) {
-        this.password = password;
+    Password(String currentPassword) {
+        this.currentPassword = currentPassword;
     }
 
-    String getPassword() {
-        return password;
+    String getCurrentPassword() {
+        return currentPassword;
     }
 
     char[] toCharArray() {
-        return password.toCharArray();
+        return currentPassword.toCharArray();
     }
 
     boolean isCorrectPasswordPattern() {
-        return password.matches(PASSWORD_PATTERN);
+        return currentPassword.matches(PASSWORD_PATTERN);
     }
 }

diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
index 5db7b26..aa7d615 100644 (file)
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
@@ -33,7 +33,11 @@ class RandomPasswordGenerator {
     private static final boolean USE_LETTERS_ONLY = false;
     private static final boolean USE_NUMBERS_ONLY = false;
 
+    // We are excluding this line in Sonar due to fact that
+    //we are using new SecureRandom which provides
+    //cryptographic security
     Password generate(int passwordLength) {
+        //NOSONAR
         return new Password(RandomStringUtils.random(
             passwordLength,
             START_POSITION_IN_ASCII_CHARS,

diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java
index 04bccf0..5921c31 100644 (file)
--- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java
@@ -54,7 +54,7 @@ class KeystoreTruststoreCreatorTest {
         // then
         verify(passwordGenerator, times(1)).generate(passwordLength);
         verify(converter, times(1)).convertKeystore(certificates, password, alias, privateKey);
-        verify(filesCreator, times(1)).saveKeystoreData(keystoreBytes, password.getPassword());
+        verify(filesCreator, times(1)).saveKeystoreData(keystoreBytes, password.getCurrentPassword());
     }
 
     @Test
@@ -75,6 +75,6 @@ class KeystoreTruststoreCreatorTest {
         // then
         verify(passwordGenerator, times(1)).generate(passwordLength);
         verify(converter, times(1)).convertTruststore(certificates, password, alias);
-        verify(filesCreator, times(1)).saveTruststoreData(truststoreBytes, password.getPassword());
+        verify(filesCreator, times(1)).saveTruststoreData(truststoreBytes, password.getCurrentPassword());
     }
 }
\ No newline at end of file