diff --git a/config/core/src/main/java/org/apache/shiro/config/Ini.java b/config/core/src/main/java/org/apache/shiro/config/Ini.java index 656ee57714..a5bd67d4e2 100644 --- a/config/core/src/main/java/org/apache/shiro/config/Ini.java +++ b/config/core/src/main/java/org/apache/shiro/config/Ini.java @@ -44,6 +44,7 @@ * * @since 1.0 */ +@SuppressWarnings({"checkstyle:MethodCount", "checkstyle:CyclomaticComplexity"}) public final class Ini implements Map { /** diff --git a/config/ogdl/src/main/java/org/apache/shiro/config/ogdl/ReflectionBuilder.java b/config/ogdl/src/main/java/org/apache/shiro/config/ogdl/ReflectionBuilder.java index 4493f41555..b0270a441c 100644 --- a/config/ogdl/src/main/java/org/apache/shiro/config/ogdl/ReflectionBuilder.java +++ b/config/ogdl/src/main/java/org/apache/shiro/config/ogdl/ReflectionBuilder.java @@ -67,6 +67,7 @@ * * @since 0.9 */ +@SuppressWarnings("checkstyle:MethodCount") public class ReflectionBuilder { private static final Logger LOGGER = LoggerFactory.getLogger(ReflectionBuilder.class); diff --git a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/AesCipherService.java b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/AesCipherService.java index 3b1a0585b5..eaf2f96c12 100644 --- a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/AesCipherService.java +++ b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/AesCipherService.java @@ -27,10 +27,12 @@ * The AES algorithm can support key sizes of {@code 128}, {@code 192} and {@code 256} bits*. This implementation * defaults to 128 bits. *

- * Note that this class retains changes the parent class's default {@link OperationMode#CBC CBC} mode to {@link OperationMode#GCM GCM} of operation - * instead of the typical JDK default of {@link OperationMode#ECB ECB}. {@code ECB} should not be used in - * security-sensitive environments because {@code ECB} does not allow for initialization vectors, which are - * considered necessary for strong encryption. See the {@link DefaultBlockCipherService parent class}'s JavaDoc and the + * Note that this class retains changes the parent class's default + * {@link OperationMode#CBC CBC} modeto {@link OperationMode#GCM GCM} of operation + * instead of the typical JDK default of {@link OperationMode#ECB ECB}. + * {@code ECB} should not be used in security-sensitive environments because {@code ECB} + * does not allow for initialization vectors, which are considered necessary for strong encryption. + * See the {@link DefaultBlockCipherService parent class}'s JavaDoc and the * {@link JcaCipherService JcaCipherService} JavaDoc for more on why the JDK default should not be used and is not * used in this implementation. *

diff --git a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/DefaultBlockCipherService.java b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/DefaultBlockCipherService.java index 4f923ae8f4..8186fee885 100644 --- a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/DefaultBlockCipherService.java +++ b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/DefaultBlockCipherService.java @@ -122,7 +122,8 @@ * *

* These attributes have the same meaning as the {@code mode}, {@code blockSize}, and {@code paddingScheme} attributes - * described above, but they are applied during streaming method invocations only ({@link #encrypt(java.io.InputStream, java.io.OutputStream, byte[])} + * described above, but they are applied during streaming method invocations only + * ({@link #encrypt(java.io.InputStream, java.io.OutputStream, byte[])} * and {@link #decrypt(java.io.InputStream, java.io.OutputStream, byte[])}). * * @see BlowfishCipherService diff --git a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/JcaCipherService.java b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/JcaCipherService.java index c3d117fbcd..2cd08eab25 100644 --- a/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/JcaCipherService.java +++ b/crypto/cipher/src/main/java/org/apache/shiro/crypto/cipher/JcaCipherService.java @@ -67,6 +67,7 @@ * * @since 1.0 */ +@SuppressWarnings("checkstyle:MethodCount") public abstract class JcaCipherService implements CipherService { /** diff --git a/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashProvider.java b/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashProvider.java index 99ded3d9d2..b402931c82 100644 --- a/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashProvider.java +++ b/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashProvider.java @@ -113,6 +113,7 @@ protected ByteSource getPublicSalt(HashRequest request) { } // generate salt if absent from the request. + @SuppressWarnings("checkstyle:MagicNumber") byte[] ps = new byte[16]; random.nextBytes(ps); @@ -204,7 +205,8 @@ static final class Parameters { /** * A secret part added to the salt. Sometimes also referred to as {@literal "Pepper"}. * - *

For more information, see Pepper (cryptography) on Wikipedia.

+ *

For more information, see + * Pepper (cryptography) on Wikipedia.

*/ public static final String PARAMETER_SECRET_SALT = "SimpleHash.secretSalt"; diff --git a/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashRequest.java b/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashRequest.java index 14e9d4979e..302b8b4eb1 100644 --- a/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashRequest.java +++ b/crypto/hash/src/main/java/org/apache/shiro/crypto/hash/SimpleHashRequest.java @@ -52,9 +52,10 @@ public class SimpleHashRequest implements HashRequest { * Creates a new SimpleHashRequest instance. * * @param algorithmName the name of the hash algorithm to use. This is often null as the - * {@link HashService} implementation is usually configured with an appropriate algorithm name, but this - * can be non-null if the hash service's algorithm should be overridden with a specific one for the duration - * of the request. + * {@link HashService} implementation is usually configured with an + * appropriate algorithm name, but this can be non-null + * if the hash service's algorithm should be overridden with a + * specific one for the duration of the request. * @param source the source to be hashed * @param salt any public salt which should be used when computing the hash * @param parameters e.g. the number of hash iterations to execute or other parameters. diff --git a/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java b/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java index beead08b25..0ab730b6f2 100644 --- a/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java +++ b/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2Hash.java @@ -41,6 +41,7 @@ import static java.util.Collections.unmodifiableSet; import static java.util.Objects.requireNonNull; +@SuppressWarnings("checkstyle:LineLength") /** * The Argon2 key derivation function (KDF) is a modern algorithm to shade and hash passwords. * @@ -123,6 +124,7 @@ protected static ByteSource createSalt() { return createSalt(new SecureRandom()); } + @SuppressWarnings("checkstyle:MagicNumber") public static ByteSource createSalt(SecureRandom random) { return new SimpleByteSource(random.generateSeed(SALT_LENGTH_BITS / 8)); } @@ -237,6 +239,7 @@ public static Argon2Hash generate( final Argon2BytesGenerator gen = new Argon2BytesGenerator(); gen.init(parameters); + @SuppressWarnings("checkstyle:MagicNumber") final byte[] hash = new byte[outputLengthBits / 8]; gen.generateBytes(source.getBytes(), hash); @@ -277,6 +280,7 @@ public int getIterations() { @Override public boolean matchesPassword(ByteSource plaintextBytes) { try { + @SuppressWarnings("checkstyle:MagicNumber") Argon2Hash compare = generate( this.getAlgorithmName(), this.argonVersion, @@ -296,6 +300,7 @@ public boolean matchesPassword(ByteSource plaintextBytes) { } @Override + @SuppressWarnings("checkstyle:MagicNumber") public int getSaltLength() { return SALT_LENGTH_BITS / 8; } diff --git a/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java b/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java index 843fb32f1f..469793ed91 100644 --- a/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java +++ b/crypto/support/hashes/argon2/src/main/java/org/apache/shiro/crypto/support/hashes/argon2/Argon2HashProvider.java @@ -99,7 +99,8 @@ public Argon2Hash generate(HashRequest hashRequest) { .flatMap(algoV -> intOrEmpty(algoV, Parameters.PARAMETER_PARALLELISM)) .orElse(Parameters.DEFAULT_PARALLELISM); - final int outputLengthBits = Optional.ofNullable(hashRequest.getParameters().get(Parameters.PARAMETER_OUTPUT_LENGTH_BITS)) + final int outputLengthBits = Optional.ofNullable(hashRequest.getParameters() + .get(Parameters.PARAMETER_OUTPUT_LENGTH_BITS)) .flatMap(algoV -> intOrEmpty(algoV, Parameters.PARAMETER_OUTPUT_LENGTH_BITS)) .orElse(Parameters.DEFAULT_OUTPUT_LENGTH_BITS); @@ -123,6 +124,7 @@ private ByteSource parseSalt(HashRequest hashRequest) { .orElseGet(() -> Argon2Hash.createSalt(random)); } + @SuppressWarnings("checkstyle:MagicNumber") private Optional lengthValidOrEmpty(ByteSource bytes) { if (bytes.getBytes().length != 16) { return Optional.empty(); @@ -131,6 +133,7 @@ private Optional lengthValidOrEmpty(ByteSource bytes) { return Optional.of(bytes); } + @SuppressWarnings("checkstyle:MagicNumber") private Optional intOrEmpty(Object maybeInt, String parameterName) { try { return Optional.of(Integer.parseInt((String) maybeInt, 10)); diff --git a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptHash.java b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptHash.java index ea2b94c582..7517a70c58 100644 --- a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptHash.java +++ b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptHash.java @@ -82,6 +82,7 @@ protected final void checkValidCost() { checkValidCost(this.cost); } + @SuppressWarnings("checkstyle:MagicNumber") public static int checkValidCost(final int cost) { if (cost < 4 || cost > 31) { final String message = String.format( diff --git a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptProvider.java b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptProvider.java index 09e61a6a44..6a31c432d8 100644 --- a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptProvider.java +++ b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/BCryptProvider.java @@ -96,6 +96,7 @@ private int getCost(HashRequest hashRequest) { String costStr = optCostStr.orElseThrow(NoSuchElementException::new); try { + @SuppressWarnings("checkstyle:MagicNumber") int cost = Integer.parseInt(costStr, 10); BCryptHash.checkValidCost(cost); return cost; diff --git a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/OpenBSDBase64.java b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/OpenBSDBase64.java index ca0e354062..020e143df3 100644 --- a/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/OpenBSDBase64.java +++ b/crypto/support/hashes/bcrypt/src/main/java/org/apache/shiro/crypto/support/hashes/bcrypt/OpenBSDBase64.java @@ -28,12 +28,15 @@ * *
* Unix stores password hashes computed with crypt in the /etc/passwd file using radix-64 encoding called B64. It uses a - * mostly-alphanumeric set of characters, plus . and /. Its 64-character set is "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz". + * mostly-alphanumeric set of characters, plus . and /. + * Its 64-character set is "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz". * Padding is not used. *
* * @since 2.0 */ +@SuppressWarnings({"checkstyle:MagicNumber", "checkstyle:BooleanExpressionComplexity", +"checkstyle:NPathComplexity", "checkstyle:CyclomaticComplexity"}) interface OpenBSDBase64 { @@ -46,9 +49,11 @@ interface OpenBSDBase64 { byte[] encode(byte[] rawBytes); /** - * From a UTF-8 encoded string representing radix64 encoded data as byte array, decodes the raw bytes from it. + * From a UTF-8 encoded string representing radix64 encoded data as byte array, + * decodes the raw bytes from it. * - * @param utf8EncodedRadix64String from a string get it with "m0CrhHm10qJ3lXRY.5zDGO".getBytes(StandardCharsets.UTF8) + * @param utf8EncodedRadix64String from a string get it with + * "m0CrhHm10qJ3lXRY.5zDGO".getBytes(StandardCharsets.UTF8) * @return the raw bytes encoded by this utf-8 radix4 string */ byte[] decode(byte[] utf8EncodedRadix64String); diff --git a/lang/src/main/java/org/apache/shiro/lang/codec/CodecSupport.java b/lang/src/main/java/org/apache/shiro/lang/codec/CodecSupport.java index 84a11d44e1..56dd4d11b1 100644 --- a/lang/src/main/java/org/apache/shiro/lang/codec/CodecSupport.java +++ b/lang/src/main/java/org/apache/shiro/lang/codec/CodecSupport.java @@ -33,6 +33,7 @@ * * @since 0.9 */ +@SuppressWarnings("checkstyle:BooleanExpressionComplexity") public abstract class CodecSupport { /** diff --git a/lang/src/main/java/org/apache/shiro/lang/codec/H64.java b/lang/src/main/java/org/apache/shiro/lang/codec/H64.java index ec5a175c4f..82c06fede9 100644 --- a/lang/src/main/java/org/apache/shiro/lang/codec/H64.java +++ b/lang/src/main/java/org/apache/shiro/lang/codec/H64.java @@ -45,6 +45,7 @@ * * @since 1.2 */ +@SuppressWarnings("checkstyle:MagicNumber") public final class H64 { private static final byte FF = (byte) 0xff; diff --git a/lang/src/main/java/org/apache/shiro/lang/codec/Hex.java b/lang/src/main/java/org/apache/shiro/lang/codec/Hex.java index 779400571c..5c116e02cb 100644 --- a/lang/src/main/java/org/apache/shiro/lang/codec/Hex.java +++ b/lang/src/main/java/org/apache/shiro/lang/codec/Hex.java @@ -32,6 +32,7 @@ * @see Wikipedia: Hexadecimal * @since 0.9 */ +@SuppressWarnings("checkstyle:MagicNumber") public final class Hex { /** diff --git a/lang/src/main/java/org/apache/shiro/lang/util/SimpleByteSource.java b/lang/src/main/java/org/apache/shiro/lang/util/SimpleByteSource.java index 2c49a18d2f..5202ab8647 100644 --- a/lang/src/main/java/org/apache/shiro/lang/util/SimpleByteSource.java +++ b/lang/src/main/java/org/apache/shiro/lang/util/SimpleByteSource.java @@ -44,6 +44,7 @@ * * @since 1.0 */ +@SuppressWarnings("checkstyle:BooleanExpressionComplexity") public class SimpleByteSource implements ByteSource { private final byte[] bytes; diff --git a/lang/src/main/java/org/apache/shiro/lang/util/StringUtils.java b/lang/src/main/java/org/apache/shiro/lang/util/StringUtils.java index ffbb572148..76743a4fdd 100644 --- a/lang/src/main/java/org/apache/shiro/lang/util/StringUtils.java +++ b/lang/src/main/java/org/apache/shiro/lang/util/StringUtils.java @@ -37,6 +37,7 @@ * * @since 0.9 */ +@SuppressWarnings("checkstyle:CyclomaticComplexity") public final class StringUtils { /** @@ -468,6 +469,7 @@ public static String join(Iterator iterator, String separator) { // two or more elements // Java default is 16, probably too small + @SuppressWarnings("checkstyle:MagicNumber") StringBuilder buf = new StringBuilder(256); if (first != null) { buf.append(first); diff --git a/lang/src/test/java/org/apache/shiro/lang/util/ClassUtilsTest.java b/lang/src/test/java/org/apache/shiro/lang/util/ClassUtilsTest.java index 497e58eb08..04883a47b4 100644 --- a/lang/src/test/java/org/apache/shiro/lang/util/ClassUtilsTest.java +++ b/lang/src/test/java/org/apache/shiro/lang/util/ClassUtilsTest.java @@ -22,7 +22,6 @@ import static org.junit.jupiter.api.Assertions.assertEquals; - class ClassUtilsTest { @Test diff --git a/src/suppressions.xml b/src/suppressions.xml index de66e9f0f4..b0c3dbee76 100644 --- a/src/suppressions.xml +++ b/src/suppressions.xml @@ -23,6 +23,13 @@ + + + + + + + diff --git a/support/ehcache/src/main/java/org/apache/shiro/cache/ehcache/EhCacheManager.java b/support/ehcache/src/main/java/org/apache/shiro/cache/ehcache/EhCacheManager.java index 3fef27789e..ed00e2f19c 100644 --- a/support/ehcache/src/main/java/org/apache/shiro/cache/ehcache/EhCacheManager.java +++ b/support/ehcache/src/main/java/org/apache/shiro/cache/ehcache/EhCacheManager.java @@ -62,7 +62,7 @@ public class EhCacheManager implements CacheManager, Initializable, Destroyable * Indicates if the CacheManager instance was implicitly/automatically created by this instance, indicating that * it should be automatically cleaned up as well on shutdown. */ - private boolean cacheManagerImplicitlyCreated = false; + private boolean cacheManagerImplicitlyCreated; /** * Classpath file location of the ehcache CacheManager config file. diff --git a/support/ehcache/src/test/java/org/apache/shiro/cache/ehcache/EhCacheManagerTest.java b/support/ehcache/src/test/java/org/apache/shiro/cache/ehcache/EhCacheManagerTest.java index 7817f615ae..811f4fd309 100644 --- a/support/ehcache/src/test/java/org/apache/shiro/cache/ehcache/EhCacheManagerTest.java +++ b/support/ehcache/src/test/java/org/apache/shiro/cache/ehcache/EhCacheManagerTest.java @@ -24,7 +24,10 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; -import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assertions.assertTrue; import java.util.Collection; import java.util.Set; diff --git a/support/hazelcast/src/main/java/org/apache/shiro/hazelcast/cache/HazelcastCacheManager.java b/support/hazelcast/src/main/java/org/apache/shiro/hazelcast/cache/HazelcastCacheManager.java index dc2497bf41..909d5557e7 100644 --- a/support/hazelcast/src/main/java/org/apache/shiro/hazelcast/cache/HazelcastCacheManager.java +++ b/support/hazelcast/src/main/java/org/apache/shiro/hazelcast/cache/HazelcastCacheManager.java @@ -77,7 +77,7 @@ public class HazelcastCacheManager implements CacheManager, Initializable, Destr private static final Logger LOGGER = LoggerFactory.getLogger(HazelcastCacheManager.class); - private boolean implicitlyCreated = false; + private boolean implicitlyCreated; private HazelcastInstance hazelcastInstance; private Config config; diff --git a/support/jcache/src/main/java/org/apache/shiro/cache/jcache/JCacheManager.java b/support/jcache/src/main/java/org/apache/shiro/cache/jcache/JCacheManager.java index 63134b154d..01380ea715 100644 --- a/support/jcache/src/main/java/org/apache/shiro/cache/jcache/JCacheManager.java +++ b/support/jcache/src/main/java/org/apache/shiro/cache/jcache/JCacheManager.java @@ -67,7 +67,7 @@ public class JCacheManager implements CacheManager, Initializable, Destroyable { * Indicates if the CacheManager instance was implicitly/automatically created by this instance, indicating that * it should be automatically cleaned up as well on shutdown. */ - private boolean cacheManagerImplicitlyCreated = false; + private boolean cacheManagerImplicitlyCreated; @Override public Cache getCache(String name) throws CacheException { @@ -146,7 +146,8 @@ public void destroy() { try { jCacheManager.close(); } catch (Throwable t) { - LOGGER.warn("Unable to cleanly shutdown implicitly created CacheManager instance. Ignoring (shutting down)...", t); + LOGGER.warn("Unable to cleanly shutdown implicitly created CacheManager instance. " + + "Ignoring (shutting down)...", t); } finally { this.jCacheManager = null; this.cacheManagerImplicitlyCreated = false;