From 04966b7ee35821b9f026fc2cb3a8ddaa58a8f3fe Mon Sep 17 00:00:00 2001
From: Matthew B <106352182+artntek@users.noreply.github.com>
Date: Mon, 26 Feb 2024 12:51:54 -0800
Subject: [PATCH] clearer code path for empty/null cert names array

---
 src/main/java/org/dataone/portal/TokenGenerator.java | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/dataone/portal/TokenGenerator.java b/src/main/java/org/dataone/portal/TokenGenerator.java
index 117dd5e..da29ef9 100644
--- a/src/main/java/org/dataone/portal/TokenGenerator.java
+++ b/src/main/java/org/dataone/portal/TokenGenerator.java
@@ -229,15 +229,20 @@ protected synchronized void setPublicKeys() throws IOException {
         // now add any local certificates, if configured
         String[] certificateFileNames =
             Settings.getConfiguration().getStringArray("cn.server.publiccert.filename");
-        if (certificateFileNames == null) {
+        if (certificateFileNames == null || certificateFileNames.length == 0) {
             log.info("No local certs defined in Settings");
-            certificateFileNames = new String[0];
+            return;
         }
         log.debug("local certificate FileNames to be loaded: \n"
                       + Arrays.toString(certificateFileNames));
         for (String certFileName : certificateFileNames) {
             Path certPath = Paths.get(certFileName);
             if (Files.isDirectory(certPath) || !Files.isReadable(certPath)) {
+                // Note: see https://docs.oracle.com/javase/8/docs/api/java/nio/file/Path.html -
+                // "Accessing a file using an empty path is equivalent to accessing the default
+                // directory of the file system".
+                // So if certFileName == "", Files.isReadable(certPath) will be true. However,
+                // the Files.isDirectory("") check will filter out this value
                 log.warn("No readable Certificate file found at path: " + certFileName);
                 continue;
             }