Code style (#696)

* Remove Guava dependency from WebGoat * Add Checkstyle to the project with very basic standards so we have a style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
parent 66bd1d8c1a
commit 1a83e2825e
94 changed files with 829 additions and 828 deletions
--- a/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/JWTFinalEndpointTest.java
+++ b/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/JWTFinalEndpointTest.java
@ -1,6 +1,5 @@
 package org.owasp.webgoat.jwt;

-import com.google.common.collect.Maps;
 import io.jsonwebtoken.Jwts;
 import org.hamcrest.CoreMatchers;
 import org.junit.Before;
@ -8,12 +7,12 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.owasp.webgoat.plugins.LessonTest;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.autoconfigure.core.AutoConfigureCache;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;

 import java.util.Date;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;

@ -39,7 +38,7 @@ public class JWTFinalEndpointTest extends LessonTest {
    @Test
    public void solveAssignment() throws Exception {
        String key = "deletingTom";
-        Map<String, Object> claims = Maps.newHashMap();
+        Map<String, Object> claims = new HashMap<>();
        claims.put("username", "Tom");
        String token = Jwts.builder()
                .setHeaderParam("kid", "hacked' UNION select '" + key + "' from INFORMATION_SCHEMA.SYSTEM_USERS --")
--- a/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/JWTRefreshEndpointTest.java
+++ b/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/JWTRefreshEndpointTest.java
@ -23,7 +23,6 @@
 package org.owasp.webgoat.jwt;

 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.common.collect.Maps;
 import org.hamcrest.CoreMatchers;
 import org.junit.Before;
 import org.junit.Test;
@ -36,6 +35,7 @@ import org.springframework.test.web.servlet.MvcResult;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;

+import java.util.HashMap;
 import java.util.Map;

 import static org.hamcrest.Matchers.is;
@ -62,9 +62,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
        ObjectMapper objectMapper = new ObjectMapper();

        //First login to obtain tokens for Jerry
-        Map<String, Object> loginJson = Maps.newHashMap();
-        loginJson.put("user", "Jerry");
-        loginJson.put("password", PASSWORD);
+        var loginJson = Map.of("user", "Jerry", "password", PASSWORD);
        MvcResult result = mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
                .contentType(MediaType.APPLICATION_JSON)
                .content(objectMapper.writeValueAsString(loginJson)))
@ -76,7 +74,7 @@ public class JWTRefreshEndpointTest extends LessonTest {

        //Now create a new refresh token for Tom based on Toms old access token and send the refresh token of Jerry
        String accessTokenTom = "eyJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE1MjYxMzE0MTEsImV4cCI6MTUyNjIxNzgxMSwiYWRtaW4iOiJmYWxzZSIsInVzZXIiOiJUb20ifQ.DCoaq9zQkyDH25EcVWKcdbyVfUL4c9D4jRvsqOqvi9iAd4QuqmKcchfbU8FNzeBNF9tLeFXHZLU4yRkq-bjm7Q";
-        Map<String, Object> refreshJson = Maps.newHashMap();
+        Map<String, Object> refreshJson = new HashMap<>();
        refreshJson.put("refresh_token", refreshToken);
        result = mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/newToken")
                .contentType(MediaType.APPLICATION_JSON)
@ -116,9 +114,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
    public void flowForJerryAlwaysWorks() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();

-        Map<String, Object> loginJson = Maps.newHashMap();
-        loginJson.put("user", "Jerry");
-        loginJson.put("password", PASSWORD);
+        var loginJson = Map.of("user", "Jerry", "password", PASSWORD);
        MvcResult result = mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
                .contentType(MediaType.APPLICATION_JSON)
                .content(objectMapper.writeValueAsString(loginJson)))
@ -137,9 +133,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
    public void loginShouldNotWorkForJerryWithWrongPassword() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();

-        Map<String, Object> loginJson = Maps.newHashMap();
-        loginJson.put("user", "Jerry");
-        loginJson.put("password", PASSWORD + "wrong");
+        var loginJson = Map.of("user", "Jerry", "password", PASSWORD + "wrong");
        mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
                .contentType(MediaType.APPLICATION_JSON)
                .content(objectMapper.writeValueAsString(loginJson)))
@ -150,9 +144,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
    public void loginShouldNotWorkForTom() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();

-        Map<String, Object> loginJson = Maps.newHashMap();
-        loginJson.put("user", "Tom");
-        loginJson.put("password", PASSWORD);
+        var loginJson = Map.of("user", "Tom", "password", PASSWORD);
        mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
                .contentType(MediaType.APPLICATION_JSON)
                .content(objectMapper.writeValueAsString(loginJson)))
@ -162,7 +154,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
    @Test
    public void newTokenShouldWorkForJerry() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();
-        Map<String, Object> loginJson = Maps.newHashMap();
+        Map<String, Object> loginJson = new HashMap<>();
        loginJson.put("user", "Jerry");
        loginJson.put("password", PASSWORD);
        MvcResult result = mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
@ -174,8 +166,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
        String accessToken = tokens.get("access_token");
        String refreshToken = tokens.get("refresh_token");

-        Map<String, Object> refreshJson = Maps.newHashMap();
-        refreshJson.put("refresh_token", refreshToken);
+        var refreshJson = Map.of("refresh_token", refreshToken);
        mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/newToken")
                .contentType(MediaType.APPLICATION_JSON)
                .header("Authorization", "Bearer " + accessToken)
@ -186,7 +177,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
    @Test
    public void unknownRefreshTokenShouldGiveUnauthorized() throws Exception {
        ObjectMapper objectMapper = new ObjectMapper();
-        Map<String, Object> loginJson = Maps.newHashMap();
+        Map<String, Object> loginJson = new HashMap<>();
        loginJson.put("user", "Jerry");
        loginJson.put("password", PASSWORD);
        MvcResult result = mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/login")
@ -197,8 +188,7 @@ public class JWTRefreshEndpointTest extends LessonTest {
        Map<String, String> tokens = objectMapper.readValue(result.getResponse().getContentAsString(), Map.class);
        String accessToken = tokens.get("access_token");

-        Map<String, Object> refreshJson = Maps.newHashMap();
-        refreshJson.put("refresh_token", "wrong_refresh_token");
+        var refreshJson = Map.of("refresh_token", "wrong_refresh_token");
        mockMvc.perform(MockMvcRequestBuilders.post("/JWT/refresh/newToken")
                .contentType(MediaType.APPLICATION_JSON)
                .header("Authorization", "Bearer " + accessToken)
--- a/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/TokenTest.java
+++ b/webgoat-lessons/jwt/src/test/java/org/owasp/webgoat/jwt/TokenTest.java
@ -22,16 +22,12 @@

 package org.owasp.webgoat.jwt;

-import com.google.common.base.Charsets;
-import com.google.common.collect.Maps;
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.impl.TextCodec;
 import org.junit.Test;

 import java.time.Duration;
 import java.time.Instant;
-import java.time.LocalDateTime;
-import java.time.Period;
 import java.util.Date;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
@ -41,10 +37,7 @@ public class TokenTest {
    @Test
    public void test() {
        String key = "qwertyqwerty1234";
-        Map<String, Object> claims = Maps.newHashMap();
-        claims.put("username", "Jerry");
-        claims.put("aud", "webgoat.org");
-        claims.put("email", "jerry@webgoat.com");
+        Map<String, Object> claims = Map.of("username", "Jerry", "aud", "webgoat.org", "email", "jerry@webgoat.com");
        String token = Jwts.builder()
                .setHeaderParam("kid", "webgoat_key")
                .setIssuedAt(new Date(System.currentTimeMillis() + TimeUnit.DAYS.toDays(10)))
@ -52,7 +45,7 @@ public class TokenTest {
                .signWith(io.jsonwebtoken.SignatureAlgorithm.HS512, key).compact();
        System.out.println(token);
        Jwt jwt = Jwts.parser().setSigningKey("qwertyqwerty1234").parse(token);
-        jwt = Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter(){
+        jwt = Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter() {
            @Override
            public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) {
                return TextCodec.BASE64.decode(key);