diff --git a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/ContinuousAccessEvaluationClaims.java b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/ContinuousAccessEvaluationClaims.java index 2431e2097..96295ed84 100644 --- a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/ContinuousAccessEvaluationClaims.java +++ b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/ContinuousAccessEvaluationClaims.java @@ -21,7 +21,9 @@ public final class ContinuousAccessEvaluationClaims { private static final Pattern claimsPattern = Pattern.compile("\\s?claims=\"([^\"]+)\"", Pattern.CASE_INSENSITIVE); - private static final String wwwAuthenticateHeader = "WWW-Authenticate"; + private static final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate"; + + private ContinuousAccessEvaluationClaims() {} /** * Extracts the claims from the WWW-Authenticate header in a response. @@ -33,7 +35,7 @@ public final class ContinuousAccessEvaluationClaims { if (response.code() != 401) { return null; } - final List authenticateHeader = response.headers(wwwAuthenticateHeader); + final List authenticateHeader = response.headers(WWW_AUTHENTICATE_HEADER); if (!authenticateHeader.isEmpty()) { String rawHeaderValue = null; for (final String authenticateEntry : authenticateHeader) { diff --git a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/KiotaClientFactory.java b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/KiotaClientFactory.java index 68aa51bc1..ee6583bae 100644 --- a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/KiotaClientFactory.java +++ b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/KiotaClientFactory.java @@ -73,7 +73,8 @@ private KiotaClientFactory() {} */ @Nonnull public static OkHttpClient.Builder create( @Nonnull final BaseBearerTokenAuthenticationProvider authenticationProvider) { - ArrayList interceptors = createDefaultInterceptorsAsList(); + ArrayList interceptors = + new ArrayList<>(createDefaultInterceptorsAsList()); interceptors.add(new AuthorizationHandler(authenticationProvider)); return create(interceptors); } @@ -96,7 +97,7 @@ private KiotaClientFactory() {} * Creates the default interceptors for the client. * @return an array of interceptors. */ - @Nonnull public static ArrayList createDefaultInterceptorsAsList() { + @Nonnull public static List createDefaultInterceptorsAsList() { return new ArrayList<>(Arrays.asList(createDefaultInterceptors())); } } diff --git a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/middleware/AuthorizationHandler.java b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/middleware/AuthorizationHandler.java index cf26b7b2a..c80b16177 100644 --- a/components/http/okHttp/src/main/java/com/microsoft/kiota/http/middleware/AuthorizationHandler.java +++ b/components/http/okHttp/src/main/java/com/microsoft/kiota/http/middleware/AuthorizationHandler.java @@ -33,7 +33,7 @@ public class AuthorizationHandler implements Interceptor { @Nonnull private final BaseBearerTokenAuthenticationProvider authenticationProvider; - private static final String authorizationHeaderKey = "Authorization"; + private static final String AUTHORIZATION_HEADER = "Authorization"; /** * Instantiates a new AuthorizationHandler. @@ -65,7 +65,7 @@ public AuthorizationHandler( try { // Auth provider already added auth header - if (request.headers().names().contains(authorizationHeaderKey)) { + if (request.headers().names().contains(AUTHORIZATION_HEADER)) { if (span != null) span.setAttribute( "com.microsoft.kiota.handler.authorization.token_present", true); @@ -132,7 +132,7 @@ public AuthorizationHandler( if (accessToken != null && !accessToken.isEmpty()) { span.setAttribute("com.microsoft.kiota.handler.authorization.token_obtained", true); final Request.Builder requestBuilder = request.newBuilder(); - requestBuilder.addHeader(authorizationHeaderKey, "Bearer " + accessToken); + requestBuilder.addHeader(AUTHORIZATION_HEADER, "Bearer " + accessToken); return requestBuilder.build(); } return request; diff --git a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/AuthorizationHandlerTest.java b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/AuthorizationHandlerTest.java index ea66bc17c..605aaf69d 100644 --- a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/AuthorizationHandlerTest.java +++ b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/AuthorizationHandlerTest.java @@ -27,14 +27,14 @@ import java.net.URI; import java.util.Arrays; -public class AuthorizationHandlerTest { - - private static final String token = "token"; - private static final String tokenAfterCAE = "tokenAfterCAE"; - private static final String authHeader = "Authorization"; - private static final String prevAuthHeaderValue = "Bearer 123"; - private static final String newAuthHeaderValue = "Bearer " + token; - private static final String claimsChallengeHeaderValue = +class AuthorizationHandlerTest { + + private static final String ACCESS_TOKEN_STRING = "token"; + private static final String TOKEN_AFTER_CAE = "TOKEN_AFTER_CAE"; + private static final String AUTHORIZATION_HEADER = "Authorization"; + private static final String PREV_AUTHORIZATION_HEADER_VALUE = "Bearer 123"; + private static final String NEW_AUTHORIZATION_HEADER_VALUE = "Bearer " + ACCESS_TOKEN_STRING; + private static final String CLAIMS_CHALLENGE_HEADER_VALUE = "Bearer authorization_uri=\"https://login.windows.net/common/oauth2/authorize\"," + "error=\"insufficient_claims\"," + "claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwNDEwNjY1MSJ9fX0=\""; @@ -51,8 +51,9 @@ void testDoesNotAddAuthorizationHeaderIfAlreadyPresent() throws IOException { new AuthorizationHandler(getMockAuthenticationProvider()); Response response = handler.intercept(mockChain); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(prevAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + PREV_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); } @Test @@ -64,8 +65,9 @@ void testAddsAuthorizationHeaderIfNotPresent() throws IOException { new AuthorizationHandler(getMockAuthenticationProvider()); Response response = handler.intercept(mockChain); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(newAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + NEW_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); } @Test @@ -77,7 +79,7 @@ void testAddsAuthHeaderOnlyToAllowedHosts() throws IOException { final AuthorizationHandler handler = new AuthorizationHandler(authProvider); Response response = handler.intercept(mockChain); - assertTrue(!response.request().headers().names().contains(authHeader)); + assertTrue(!response.request().headers().names().contains(AUTHORIZATION_HEADER)); } @Test @@ -90,8 +92,8 @@ void testAttemptsCAEChallenge() throws IOException { final AuthorizationHandler handler = new AuthorizationHandler(authProvider); Response response = handler.intercept(mockChain); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals("Bearer " + tokenAfterCAE, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals("Bearer " + TOKEN_AFTER_CAE, response.request().header(AUTHORIZATION_HEADER)); } @Test @@ -111,8 +113,9 @@ void testOtherRequestPropertiesAreNotAltered() throws IOException { assertEquals(request.method(), response.request().method()); assertTrue(response.request().headers().names().contains("content-type")); assertEquals("application/json", response.request().header("content-type")); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(newAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + NEW_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); } @Test @@ -130,8 +133,9 @@ void testDoesNotRetryCAEChallengeForOneShotBodyRequests() throws IOException { final AuthorizationHandler handler = new AuthorizationHandler(authProvider); Response response = handler.intercept(mockChain); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(newAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + NEW_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); } @Test @@ -145,8 +149,9 @@ void testDoesNotAttemptCAEChallengeIfNoClaimsPresent() throws IOException { final AuthorizationHandler handler = new AuthorizationHandler(authProvider); Response response = handler.intercept(mockChain); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(newAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + NEW_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); assertEquals(401, response.code()); } @@ -162,8 +167,9 @@ void testAuthorizationHandlerAddedByClientFactory() throws IOException { new Request.Builder().url("https://graph.microsoft.com/v1.0/me").build(); Response response = okHttpClient.newCall(request).execute(); - assertTrue(response.request().headers().names().contains(authHeader)); - assertEquals(newAuthHeaderValue, response.request().header(authHeader)); + assertTrue(response.request().headers().names().contains(AUTHORIZATION_HEADER)); + assertEquals( + NEW_AUTHORIZATION_HEADER_VALUE, response.request().header(AUTHORIZATION_HEADER)); } private Chain getMockChain(Request mockRequest, Response mockResponse) throws IOException { @@ -188,7 +194,7 @@ private BaseBearerTokenAuthenticationProvider getMockAuthenticationProvider() { new AllowedHostsValidator("graph.microsoft.com"); when(mockAccessTokenProvider.getAllowedHostsValidator()).thenReturn(allowedHostsValidator); when(mockAccessTokenProvider.getAuthorizationToken(any(URI.class), anyMap())) - .thenReturn(token, tokenAfterCAE); + .thenReturn(ACCESS_TOKEN_STRING, TOKEN_AFTER_CAE); final BaseBearerTokenAuthenticationProvider mockAuthenticationProvider = mock(BaseBearerTokenAuthenticationProvider.class); when(mockAuthenticationProvider.getAccessTokenProvider()) @@ -200,7 +206,7 @@ private Response getMockResponseWithClaimsChallengeHeader(Request request) { final Response mockResponse = mock(Response.class); when(mockResponse.code()).thenReturn(HttpURLConnection.HTTP_UNAUTHORIZED); when(mockResponse.headers("WWW-Authenticate")) - .thenReturn(Arrays.asList(claimsChallengeHeaderValue)); + .thenReturn(Arrays.asList(CLAIMS_CHALLENGE_HEADER_VALUE)); when(mockResponse.request()).thenReturn(request); return mockResponse; } diff --git a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UrlReplaceHandlerTest.java b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UrlReplaceHandlerTest.java index dd8d90283..0c04f014e 100644 --- a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UrlReplaceHandlerTest.java +++ b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UrlReplaceHandlerTest.java @@ -18,7 +18,7 @@ class UrlReplaceHandlerTest { - private static final String defaultUsersWithTokenUrl = + private static final String DEFAULT_URL_WITH_TOKEN = "https://graph.microsoft.com/v1.0/users/TokenToReplace"; private static final HashMap defaultReplacementPairs = new HashMap<>(); @@ -27,12 +27,12 @@ void testUrlReplaceHandler_no_replacementPairs() throws IOException { Interceptor[] interceptors = new Interceptor[] {new UrlReplaceHandler(new UrlReplaceHandlerOption())}; final OkHttpClient client = KiotaClientFactory.create(interceptors).build(); - final Request request = new Request.Builder().url(defaultUsersWithTokenUrl).build(); + final Request request = new Request.Builder().url(DEFAULT_URL_WITH_TOKEN).build(); final Response response = client.newCall(request).execute(); assertNotNull(response); assertEquals( - defaultUsersWithTokenUrl, + DEFAULT_URL_WITH_TOKEN, response.request() .url() .toString()); // url should remain the same without replacement pairs @@ -46,7 +46,7 @@ void testUrlReplaceHandler_default_url() throws IOException { new UrlReplaceHandler(new UrlReplaceHandlerOption(defaultReplacementPairs)) }; final OkHttpClient client = KiotaClientFactory.create(interceptors).build(); - final Request request = new Request.Builder().url(defaultUsersWithTokenUrl).build(); + final Request request = new Request.Builder().url(DEFAULT_URL_WITH_TOKEN).build(); final Response response = client.newCall(request).execute(); final String expectedNewUrl = "https://graph.microsoft.com/v1.0/me"; diff --git a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UserAgentHandlerTest.java b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UserAgentHandlerTest.java index f46adb98a..1b8fe4498 100644 --- a/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UserAgentHandlerTest.java +++ b/components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/UserAgentHandlerTest.java @@ -59,8 +59,8 @@ void addsTheProductOnce() throws IOException { final UserAgentHandler handler = new UserAgentHandler(); final Request request = new Request.Builder().url("http://localhost").build(); when(mockChain.request()).thenReturn(request); + handler.intercept(mockChain); Response response = handler.intercept(mockChain); - response = handler.intercept(mockChain); final Request result = response.request(); assertNotNull(response); assertNotNull(result);