From 2ef4c3f43b75c4b186ea9126d5b0a9e3a31ab1e1 Mon Sep 17 00:00:00 2001
From: Peter Nied <petern@amazon.com>
Date: Mon, 2 Oct 2023 21:38:39 +0000
Subject: [PATCH] Fix spotless issues

Signed-off-by: Peter Nied <petern@amazon.com>
---
 .../auth/http/jwt/AbstractHTTPJwtAuthenticator.java    |  5 ++---
 .../dlic/auth/http/jwt/HTTPJwtAuthenticator.java       |  6 ++----
 .../auth/http/kerberos/HTTPSpnegoAuthenticator.java    |  8 +-------
 .../dlic/auth/http/saml/HTTPSamlAuthenticator.java     | 10 ++++++----
 .../org/opensearch/security/auth/BackendRegistry.java  |  3 +--
 .../opensearch/security/auth/HTTPAuthenticator.java    |  3 ++-
 .../security/filter/SecurityRequestChannel.java        |  1 -
 .../security/filter/SecurityRequestFactory.java        |  8 ++++----
 .../opensearch/security/filter/SecurityRestFilter.java |  9 ++-------
 .../security/http/HTTPBasicAuthenticator.java          |  6 ++----
 .../security/http/HTTPClientCertAuthenticator.java     |  1 -
 .../security/http/HTTPProxyAuthenticator.java          |  4 +---
 .../security/http/OnBehalfOfAuthenticator.java         |  4 +---
 .../http/proxy/HTTPExtendedProxyAuthenticator.java     |  4 +---
 .../dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java |  2 --
 15 files changed, 25 insertions(+), 49 deletions(-)

diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
index 15e5d9546d..fbc6dc1055 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java
@@ -37,8 +37,6 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
 import org.opensearch.core.common.Strings;
-import org.opensearch.rest.BytesRestResponse;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
@@ -243,7 +241,8 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, Aut
         return request.completeWithResponse(
             HttpStatus.SC_UNAUTHORIZED,
             Map.of("WWW-Authenticate", "Bearer realm=\"OpenSearch Security\""),
-            "");
+            ""
+        );
     }
 
     public String getRequiredAudience() {
diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
index 2c60e96c48..6ce6ee86d1 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
@@ -32,9 +32,6 @@
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.BytesRestResponse;
-import org.opensearch.rest.RestChannel;
-import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.user.AuthCredentials;
@@ -178,7 +175,8 @@ public boolean reRequestAuthentication(final SecurityRequestChannel channel, Aut
         return channel.completeWithResponse(
             HttpStatus.SC_UNAUTHORIZED,
             Map.of("WWW-Authenticate", "Bearer realm=\"OpenSearch Security\""),
-            "");
+            ""
+        );
     }
 
     @Override
diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
index bf3002146a..f48b80ab07 100644
--- a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java
@@ -52,9 +52,6 @@
 import org.opensearch.common.xcontent.XContentFactory;
 import org.opensearch.core.xcontent.XContentBuilder;
 import org.opensearch.env.Environment;
-import org.opensearch.rest.BytesRestResponse;
-import org.opensearch.rest.RestChannel;
-import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.user.AuthCredentials;
@@ -294,10 +291,7 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, Aut
         if (creds == null || creds.getNativeCredentials() == null) {
             headers.put("WWW-Authenticate", "Negotiate");
         } else {
-            headers.put(
-                "WWW-Authenticate",
-                "Negotiate " + Base64.getEncoder().encodeToString((byte[]) creds.getNativeCredentials())
-            );
+            headers.put("WWW-Authenticate", "Negotiate " + Base64.getEncoder().encodeToString((byte[]) creds.getNativeCredentials()));
         }
 
         return request.completeWithResponse(HttpStatus.SC_UNAUTHORIZED, headers, responseBody);
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
index a680b0b19a..87ffbfe435 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
@@ -57,10 +57,8 @@
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.BytesRestResponse;
 import org.opensearch.rest.RestChannel;
 import org.opensearch.rest.RestRequest;
-import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auth.Destroyable;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
@@ -187,7 +185,7 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, fin
                 if (!(request instanceof SecurityRestRequest)) {
                     throw new SecurityRequetChannelUnsupported();
                 } else {
-                    final SecurityRestRequest securityRequestChannel = (SecurityRestRequest)request;
+                    final SecurityRestRequest securityRequestChannel = (SecurityRestRequest) request;
                     final RestRequest restRequest = securityRequestChannel.breakEncapulation().v1();
                     final RestChannel channel = securityRequestChannel.breakEncapulation().v2();
                     if (this.authTokenProcessorHandler.handle(restRequest, channel)) {
@@ -199,7 +197,11 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, fin
             }
 
             final Saml2Settings saml2Settings = this.saml2SettingsProvider.getCached();
-            return request.completeWithResponse(HttpStatus.SC_UNAUTHORIZED, Map.of("WWW-Authenticate", getWwwAuthenticateHeader(saml2Settings)), "");
+            return request.completeWithResponse(
+                HttpStatus.SC_UNAUTHORIZED,
+                Map.of("WWW-Authenticate", getWwwAuthenticateHeader(saml2Settings)),
+                ""
+            );
         } catch (Exception e) {
             log.error("Error in reRequestAuthentication()", e);
             return false;
diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
index cf89d1f874..7446149a37 100644
--- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java
+++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
@@ -53,7 +53,6 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.core.common.transport.TransportAddress;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.BytesRestResponse;
 import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auditlog.AuditLog;
 import org.opensearch.security.auth.blocking.ClientBlockRegistry;
@@ -342,7 +341,7 @@ public void authenticate(final SecurityRequestChannel request, final ThreadConte
                     HttpStatus.SC_FORBIDDEN,
                     null,
                     "Cannot authenticate user because admin user is not permitted to login via HTTP"
-                    );
+                );
                 return;
             }
 
diff --git a/src/main/java/org/opensearch/security/auth/HTTPAuthenticator.java b/src/main/java/org/opensearch/security/auth/HTTPAuthenticator.java
index 4946982396..ad1742b17f 100644
--- a/src/main/java/org/opensearch/security/auth/HTTPAuthenticator.java
+++ b/src/main/java/org/opensearch/security/auth/HTTPAuthenticator.java
@@ -67,7 +67,8 @@ public interface HTTPAuthenticator {
      * If the authentication flow needs another roundtrip with the request originator do not mark it as complete.
      * @throws OpenSearchSecurityException
      */
-    AuthCredentials extractCredentials(final SecurityRequestChannel request, final ThreadContext context) throws OpenSearchSecurityException;
+    AuthCredentials extractCredentials(final SecurityRequestChannel request, final ThreadContext context)
+        throws OpenSearchSecurityException;
 
     /**
      * If the {@code extractCredentials()} call was not successful or the authentication flow needs another roundtrip this method
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequestChannel.java b/src/main/java/org/opensearch/security/filter/SecurityRequestChannel.java
index 1059226a40..e3b5839f5f 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRequestChannel.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRequestChannel.java
@@ -41,6 +41,5 @@ default public String header(final String headerName) {
         return headersMap.map(headers -> headers.get(headerName)).map(List::stream).flatMap(Stream::findFirst).orElse(null);
     }
 
-
     public Map<String, String> params();
 }
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
index fcac866e6d..e6a316a182 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java
@@ -107,8 +107,8 @@ public boolean hasCompleted() {
         public boolean completeWithResponse(int statusCode, Map<String, String> headers, String body) {
             try {
                 underlyingChannel.sendResponse(null);
-                return true; 
-            } catch (final Exception e){
+                return true;
+            } catch (final Exception e) {
                 log.error("Error when attempting to send response", e);
                 throw new RuntimeException(e);
             } finally {
@@ -144,8 +144,8 @@ public SSLEngine getSSLEngine() {
 
         // @Override
         // public RestChannel getRestChannel() {
-        //     // TODO Auto-generated method stub
-        //     throw new UnsupportedOperationException("Unimplemented method 'getRestChannel'");
+        // // TODO Auto-generated method stub
+        // throw new UnsupportedOperationException("Unimplemented method 'getRestChannel'");
         // }
 
         @Override
diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
index 60fb7dc52a..8ee11d5cd4 100644
--- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
+++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java
@@ -26,12 +26,10 @@
 
 package org.opensearch.security.filter;
 
-import java.io.IOException;
 import java.nio.file.Path;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
-import java.util.function.BiConsumer;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -45,12 +43,9 @@
 import org.opensearch.OpenSearchException;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.BytesRestResponse;
 import org.opensearch.rest.NamedRoute;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.rest.RestHandler;
 import org.opensearch.rest.RestRequest.Method;
-import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auditlog.AuditLog;
 import org.opensearch.security.auditlog.AuditLog.Origin;
 import org.opensearch.security.auth.BackendRegistry;
@@ -144,12 +139,12 @@ public RestHandler wrap(RestHandler original, AdminDNs adminDNs) {
                 }
 
                 if (whitelistingSettings.checkRequestIsAllowed(request, channel, client)
-                        && allowlistingSettings.checkRequestIsAllowed(request, channel, client)) {
+                    && allowlistingSettings.checkRequestIsAllowed(request, channel, client)) {
                     authorizeRequest(original, requestChannel, user);
                 }
             }
 
-            if(!(requestChannel.hasCompleted())) {
+            if (!(requestChannel.hasCompleted())) {
 
             }
         };
diff --git a/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java
index 6c67050ecc..13c42b2f58 100644
--- a/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java
@@ -35,9 +35,6 @@
 
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.BytesRestResponse;
-import org.opensearch.rest.RestChannel;
-import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.support.HTTPHelper;
@@ -71,7 +68,8 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, Aut
         return request.completeWithResponse(
             HttpStatus.SC_UNAUTHORIZED,
             Map.of("WWW-Authenticate", "Bearer realm=\"OpenSearch Security\""),
-            "");
+            ""
+        );
     }
 
     @Override
diff --git a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
index 5be9b23739..61b428dd06 100644
--- a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java
@@ -41,7 +41,6 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
 import org.opensearch.core.common.Strings;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.support.ConfigConstants;
diff --git a/src/main/java/org/opensearch/security/http/HTTPProxyAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPProxyAuthenticator.java
index c9c7309ce1..2fb568e3eb 100644
--- a/src/main/java/org/opensearch/security/http/HTTPProxyAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/HTTPProxyAuthenticator.java
@@ -37,7 +37,6 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
 import org.opensearch.core.common.Strings;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.support.ConfigConstants;
@@ -89,8 +88,7 @@ public AuthCredentials extractCredentials(final SecurityRequestChannel request,
     }
 
     @Override
-    public boolean reRequestAuthentication(final 
-SecurityRequestChannel response, AuthCredentials creds) {
+    public boolean reRequestAuthentication(final SecurityRequestChannel response, AuthCredentials creds) {
         return false;
     }
 
diff --git a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
index 2033054c3e..7a924f6c92 100644
--- a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java
@@ -33,7 +33,6 @@
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.rest.RestRequest;
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil;
@@ -245,8 +244,7 @@ public Boolean isRequestAllowed(final SecurityRequestChannel request) {
     }
 
     @Override
-    public boolean reRequestAuthentication(final 
-SecurityRequestChannel response, AuthCredentials creds) {
+    public boolean reRequestAuthentication(final SecurityRequestChannel response, AuthCredentials creds) {
         return false;
     }
 
diff --git a/src/main/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticator.java b/src/main/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticator.java
index cd08b4ca95..4eb615c23f 100644
--- a/src/main/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticator.java
+++ b/src/main/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticator.java
@@ -37,7 +37,6 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
 import org.opensearch.core.common.Strings;
-import org.opensearch.rest.RestChannel;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.http.HTTPProxyAuthenticator;
 import org.opensearch.security.user.AuthCredentials;
@@ -85,8 +84,7 @@ public AuthCredentials extractCredentials(final SecurityRequestChannel request,
     }
 
     @Override
-    public boolean reRequestAuthentication(final 
-SecurityRequestChannel response, AuthCredentials creds) {
+    public boolean reRequestAuthentication(final SecurityRequestChannel response, AuthCredentials creds) {
         return false;
     }
 
diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
index f8da4a9812..fecc8d834c 100644
--- a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
+++ b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java
@@ -53,7 +53,6 @@
 import org.opensearch.rest.RestResponse;
 import org.opensearch.core.rest.RestStatus;
 import org.opensearch.security.DefaultObjectMapper;
-import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.filter.SecurityRequestFactory;
 import org.opensearch.security.filter.SecurityRequestFactory.SecurityRestRequest;
 import org.opensearch.security.test.helper.file.FileHelper;
@@ -62,7 +61,6 @@
 
 import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_CONTENT;
 import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_URL;
-import static org.mockito.ArgumentMatchers.nullable;
 
 public class HTTPSamlAuthenticatorTest {
     protected MockSamlIdpServer mockSamlIdpServer;