#13 fix sonar issue: move OpenID claim names into constant class

aws/gateway/jrestless-aws-gateway-handler/src/main/java/com/jrestless/aws/gateway/security/CognitoUserPoolAuthorizerFilter.java

@@ -28,7 +28,7 @@
 import com.jrestless.aws.security.CognitoUserPoolAuthorizerClaims;
 import com.jrestless.aws.security.CognitoUserPoolAuthorizerPrincipal;
 import com.jrestless.security.OpenIdAddressClaims;
-import com.jrestless.security.OpenIdStandardClaims;
+import com.jrestless.security.OpenIdClaimFieldNames;
 
 /**
  * Filter to set a security context with a
@@ -70,14 +70,14 @@ protected SecurityContext createSecurityContext(@Nonnull CognitoUserPoolAuthoriz
 	final SecurityContext createSecurityContext(Map<String, Object> authorizerData) {
 		Map<String, Object> claims = (Map<String, Object>) authorizerData.get("claims");
 		if (claims != null) {
-			Object subClaimObj = claims.get(OpenIdStandardClaims.OPEN_ID_CLAIM_STANDARD_SUB);
+			Object subClaimObj = claims.get(OpenIdClaimFieldNames.STANDARD_CLAIM_SUB);
 			if (subClaimObj == null) {
 				LOG.warn("sub claim is not set");
 			} else if (subClaimObj instanceof String) {
 				String subClaim = (String) subClaimObj;
 				if (!subClaim.trim().isEmpty()) {
 					OpenIdAddressClaims openIdAddressClaims = createAddressClaims(
-							(Map<String, Object>) claims.get(OpenIdStandardClaims.OPEN_ID_CLAIM_STANDARD_ADDRESS));
+							(Map<String, Object>) claims.get(OpenIdClaimFieldNames.STANDARD_CLAIM_ADDRESS));
 
 					CognitoUserPoolAuthorizerPrincipal principal = new CognitoUserPoolAuthorizerPrincipal() {
 						@Override

core/jrestless-core/src/main/java/com/jrestless/security/OpenIdAddressClaims.java

@@ -15,6 +15,13 @@
  */
 package com.jrestless.security;
 
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_COUNTRY;
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_FORMATTED;
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_LOCALITY;
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_POSTAL_CODE;
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_REGION;
+import static com.jrestless.security.OpenIdClaimFieldNames.ADDRESS_CLAIM_STREET_ADDRESS;
+
 /**
  * OpenID Address claims.
  * <p>
@@ -27,21 +34,14 @@
  */
 public interface OpenIdAddressClaims extends Claims {
 
-	String OPEN_ID_CLAIM_ADDRESS_FORMATTED = "formatted";
-	String OPEN_ID_CLAIM_ADDRESS_STREET_ADDRESS = "street_address";
-	String OPEN_ID_CLAIM_ADDRESS_LOCALITY = "locality";
-	String OPEN_ID_CLAIM_ADDRESS_REGION = "region";
-	String OPEN_ID_CLAIM_ADDRESS_POSTAL_CODE = "postal_code";
-	String OPEN_ID_CLAIM_ADDRESS_COUNTRY = "country";
-
 	/**
 	 * Full mailing address, formatted for display or use on a mailing label.
 	 * This field MAY contain multiple lines, separated by newlines. Newlines
 	 * can be represented either as a carriage return/line feed pair ("\r\n") or
 	 * as a single line feed character ("\n").
 	 */
 	default String getFormatted() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_FORMATTED);
+		return (String) getClaim(ADDRESS_CLAIM_FORMATTED);
 	}
 
 	/**
@@ -52,35 +52,35 @@ default String getFormatted() {
 	 * feed pair ("\r\n") or as a single line feed character ("\n").
 	 */
 	default String getStreetAddress() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_STREET_ADDRESS);
+		return (String) getClaim(ADDRESS_CLAIM_STREET_ADDRESS);
 	}
 
 	/**
 	 * City or locality component.
 	 */
 	default String getLocality() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_LOCALITY);
+		return (String) getClaim(ADDRESS_CLAIM_LOCALITY);
 	}
 
 	/**
 	 * State, province, prefecture, or region component.
 	 */
 	default String getRegion() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_REGION);
+		return (String) getClaim(ADDRESS_CLAIM_REGION);
 	}
 
 	/**
 	 * Zip code or postal code component.
 	 */
 	default String getPostalCode() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_POSTAL_CODE);
+		return (String) getClaim(ADDRESS_CLAIM_POSTAL_CODE);
 	}
 
 	/**
 	 * Country name component.
 	 */
 	default String getCountry() {
-		return (String) getClaim(OPEN_ID_CLAIM_ADDRESS_COUNTRY);
+		return (String) getClaim(ADDRESS_CLAIM_COUNTRY);
 	}
 
 }

core/jrestless-core/src/main/java/com/jrestless/security/OpenIdClaimFieldNames.java

@@ -0,0 +1,69 @@
+/*
+ * Copyright 2016 Bjoern Bilger
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.jrestless.security;
+
+/**
+ * Claim field name constants.
+ *
+ * @author Bjoern Bilger
+ *
+ */
+public final class OpenIdClaimFieldNames {
+
+	private OpenIdClaimFieldNames() {
+	}
+
+	static final String CLAIM_SUB = "sub";
+
+	public static final String ID_TOKEN_CLAIM_ISS = "iss";
+	public static final String ID_TOKEN_CLAIM_SUB = CLAIM_SUB;
+	public static final String ID_TOKEN_CLAIM_AUD = "aud";
+	public static final String ID_TOKEN_CLAIM_EXP = "exp";
+	public static final String ID_TOKEN_CLAIM_IAT = "iat";
+	public static final String ID_TOKEN_CLAIM_AUTH_TIME = "auth_time";
+	public static final String ID_TOKEN_CLAIM_NONCE = "nonce";
+	public static final String ID_TOKEN_CLAIM_ACR = "acr";
+	public static final String ID_TOKEN_CLAIM_AMR = "amr";
+	public static final String ID_TOKEN_CLAIM_AZP = "azp";
+
+	public static final String STANDARD_CLAIM_SUB = CLAIM_SUB;
+	public static final String STANDARD_CLAIM_NAME = "name";
+	public static final String STANDARD_CLAIM_GIVEN_NAME = "given_name";
+	public static final String STANDARD_CLAIM_FAMILY_NAME = "family_name";
+	public static final String STANDARD_CLAIM_MIDDLE_NAME = "middle_name";
+	public static final String STANDARD_CLAIM_NICKNAME = "nickname";
+	public static final String STANDARD_CLAIM_PREFERRED_USERNAME = "preferred_username";
+	public static final String STANDARD_CLAIM_PROFILE = "profile";
+	public static final String STANDARD_CLAIM_PICTURE = "picture";
+	public static final String STANDARD_CLAIM_WEBSITE = "website";
+	public static final String STANDARD_CLAIM_EMAIL = "email";
+	public static final String STANDARD_CLAIM_EMAIL_VERIFIED = "email_verified";
+	public static final String STANDARD_CLAIM_GENDER = "gender";
+	public static final String STANDARD_CLAIM_BIRTHDATE = "birthdate";
+	public static final String STANDARD_CLAIM_ZONEINFO = "zoneinfo";
+	public static final String STANDARD_CLAIM_LOCALE = "locale";
+	public static final String STANDARD_CLAIM_PHONE_NUMBER = "phone_number";
+	public static final String STANDARD_CLAIM_PHONE_NUMBER_VERIFIED = "phone_number_verified";
+	public static final String STANDARD_CLAIM_ADDRESS = "address";
+	public static final String STANDARD_CLAIM_UPDATED_AT = "updated_at";
+
+	public static final String ADDRESS_CLAIM_FORMATTED = "formatted";
+	public static final String ADDRESS_CLAIM_STREET_ADDRESS = "street_address";
+	public static final String ADDRESS_CLAIM_LOCALITY = "locality";
+	public static final String ADDRESS_CLAIM_REGION = "region";
+	public static final String ADDRESS_CLAIM_POSTAL_CODE = "postal_code";
+	public static final String ADDRESS_CLAIM_COUNTRY = "country";
+}

core/jrestless-core/src/main/java/com/jrestless/security/OpenIdIdTokenClaims.java

@@ -15,6 +15,17 @@
  */
 package com.jrestless.security;
 
+import static com.jrestless.security.OpenIdClaimFieldNames.CLAIM_SUB;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_ACR;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_AMR;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_AUD;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_AUTH_TIME;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_AZP;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_EXP;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_IAT;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_ISS;
+import static com.jrestless.security.OpenIdClaimFieldNames.ID_TOKEN_CLAIM_NONCE;
+
 import java.util.Arrays;
 import java.util.Collection;
 
@@ -29,24 +40,13 @@
  */
 public interface OpenIdIdTokenClaims extends Claims, OpenIdSubClaim {
 
-	String OPEN_ID_CLAIM_ID_TOKEN_ISS = "iss";
-	String OPEN_ID_CLAIM_ID_TOKEN_SUB = OPEN_ID_CLAIM_SUB;
-	String OPEN_ID_CLAIM_ID_TOKEN_AUD = "aud";
-	String OPEN_ID_CLAIM_ID_TOKEN_EXP = "exp";
-	String OPEN_ID_CLAIM_ID_TOKEN_IAT = "iat";
-	String OPEN_ID_CLAIM_ID_TOKEN_AUTH_TIME = "auth_time";
-	String OPEN_ID_CLAIM_ID_TOKEN_NONCE = "nonce";
-	String OPEN_ID_CLAIM_ID_TOKEN_ACR = "acr";
-	String OPEN_ID_CLAIM_ID_TOKEN_AMR = "amr";
-	String OPEN_ID_CLAIM_ID_TOKEN_AZP = "azp";
-
 	/**
 	 * @throws NullPointerException
 	 *             if the value is not set
 	 */
 	@Override
 	default String getSub() {
-		String sub = (String) getClaim(OPEN_ID_CLAIM_SUB);
+		String sub = (String) getClaim(CLAIM_SUB);
 		if (sub == null) {
 			throw new NullPointerException("sub not set");
 		}
@@ -63,7 +63,7 @@ default String getSub() {
 	 *             if the value is not set
 	 */
 	default String getIss() {
-		String iss = (String) getClaim(OPEN_ID_CLAIM_ID_TOKEN_ISS);
+		String iss = (String) getClaim(ID_TOKEN_CLAIM_ISS);
 		if (iss == null) {
 			throw new NullPointerException("iss not set");
 		}
@@ -86,7 +86,7 @@ default String getIss() {
 	 */
 	@SuppressWarnings("unchecked")
 	default Collection<String> getAud() {
-		Object amrObj = getClaim(OPEN_ID_CLAIM_ID_TOKEN_AUD);
+		Object amrObj = getClaim(ID_TOKEN_CLAIM_AUD);
 		if (amrObj == null) {
 			throw new NullPointerException("aud is not set");
 		} else if (amrObj instanceof Collection) {
@@ -105,7 +105,7 @@ default Collection<String> getAud() {
 	 *             if the value is not set
 	 */
 	default String getSingleAud() {
-		String aud = (String) getClaim(OPEN_ID_CLAIM_ID_TOKEN_AUD);
+		String aud = (String) getClaim(ID_TOKEN_CLAIM_AUD);
 		if (aud == null) {
 			throw new NullPointerException("aud not set");
 		}
@@ -126,7 +126,7 @@ default String getSingleAud() {
 	 *             if the value is not set
 	 */
 	default long getExp() {
-		return (long) getClaim(OPEN_ID_CLAIM_ID_TOKEN_EXP);
+		return (long) getClaim(ID_TOKEN_CLAIM_EXP);
 	}
 
 	/**
@@ -138,7 +138,7 @@ default long getExp() {
 	 *             if the value is not set
 	 */
 	default long getIat() {
-		return (long) getClaim(OPEN_ID_CLAIM_ID_TOKEN_IAT);
+		return (long) getClaim(ID_TOKEN_CLAIM_IAT);
 	}
 
 	/**
@@ -151,7 +151,7 @@ default long getIat() {
 	 * response parameter.)
 	 */
 	default Long getAuthTime() {
-		return (Long) getClaim(OPEN_ID_CLAIM_ID_TOKEN_AUTH_TIME);
+		return (Long) getClaim(ID_TOKEN_CLAIM_AUTH_TIME);
 	}
 
 	/**
@@ -167,7 +167,7 @@ default Long getAuthTime() {
 	 * string.
 	 */
 	default String getNonce() {
-		return (String) getClaim(OPEN_ID_CLAIM_ID_TOKEN_NONCE);
+		return (String) getClaim(ID_TOKEN_CLAIM_NONCE);
 	}
 
 	/**
@@ -191,7 +191,7 @@ default String getNonce() {
 	 * case sensitive string.
 	 */
 	default String getAcr() {
-		return (String) getClaim(OPEN_ID_CLAIM_ID_TOKEN_ACR);
+		return (String) getClaim(ID_TOKEN_CLAIM_ACR);
 	}
 
 	/**
@@ -209,7 +209,7 @@ default String getAcr() {
 	 */
 	@SuppressWarnings({ "unchecked" })
 	default Collection<String> getAmr() {
-		Object amrObj = getClaim(OPEN_ID_CLAIM_ID_TOKEN_AMR);
+		Object amrObj = getClaim(ID_TOKEN_CLAIM_AMR);
 		if (amrObj == null) {
 			return null;
 		} else if (amrObj instanceof Collection) {
@@ -230,6 +230,6 @@ default Collection<String> getAmr() {
 	 * value is a case sensitive string containing a StringOrURI value.
 	 */
 	default String getAzp() {
-		return (String) getClaim(OPEN_ID_CLAIM_ID_TOKEN_AZP);
+		return (String) getClaim(ID_TOKEN_CLAIM_AZP);
 	}
 }