8290975: Minor cleanup could be done in javax.security

Reviewed-by: wetmore, mullan

Author: Mark Powers

src/java.base/share/classes/javax/security/auth/AuthPermission.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,7 +31,7 @@
  * list; you either have the named permission or you don't.
  *
  * <p> The target name is the name of a security configuration parameter
- * (see below).  Currently the {@code AuthPermission} object is used to
+ * (see below).  Currently, the {@code AuthPermission} object is used to
  * guard access to the {@link Subject},
  * {@link javax.security.auth.login.LoginContext}, and
  * {@link javax.security.auth.login.Configuration} objects.

src/java.base/share/classes/javax/security/auth/Destroyable.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@ public interface Destroyable {
      * @exception SecurityException if the caller does not have permission
      *          to destroy this {@code Object}.
      */
-    public default void destroy() throws DestroyFailedException {
+    default void destroy() throws DestroyFailedException {
         throw new DestroyFailedException();
     }
 
@@ -63,7 +63,7 @@ public default void destroy() throws DestroyFailedException {
      * @return true if this {@code Object} has been destroyed,
      *          false otherwise.
      */
-    public default boolean isDestroyed() {
+    default boolean isDestroyed() {
         return false;
     }
 }

src/java.base/share/classes/javax/security/auth/PrivateCredentialPermission.java

@@ -127,7 +127,7 @@ public final class PrivateCredentialPermission extends Permission {
     /**
      * @serial
      */
-    private boolean testing = false;
+    private final boolean testing = false;
 
     /**
      * Create a new {@code PrivateCredentialPermission}
@@ -269,11 +269,9 @@ public boolean equals(Object obj) {
         if (obj == this)
             return true;
 
-        if (! (obj instanceof PrivateCredentialPermission))
+        if (! (obj instanceof PrivateCredentialPermission that))
             return false;
 
-        PrivateCredentialPermission that = (PrivateCredentialPermission)obj;
-
         return (this.implies(that) && that.implies(this));
     }
 
@@ -316,8 +314,8 @@ private void init(String name) {
 
         ArrayList<CredOwner> pList = new ArrayList<>();
         StringTokenizer tokenizer = new StringTokenizer(name, " ", true);
-        String principalClass = null;
-        String principalName = null;
+        String principalClass;
+        String principalName;
 
         if (testing)
             System.out.println("whole name = " + name);
@@ -327,7 +325,7 @@ private void init(String name) {
         if (testing)
             System.out.println("Credential Class = " + credentialClass);
 
-        if (tokenizer.hasMoreTokens() == false) {
+        if (!tokenizer.hasMoreTokens()) {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
                 ("permission.name.name.syntax.invalid."));
             Object[] source = {name};
@@ -346,7 +344,7 @@ private void init(String name) {
             if (testing)
                 System.out.println("    Principal Class = " + principalClass);
 
-            if (tokenizer.hasMoreTokens() == false) {
+            if (!tokenizer.hasMoreTokens()) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
                         ("permission.name.name.syntax.invalid."));
                 Object[] source = {name};
@@ -428,7 +426,7 @@ private boolean impliesCredentialClass(String thisC, String thatC) {
         if (thisC.equals("*"))
             return true;
 
-        /**
+        /*
          * XXX let's not enable this for now --
          *      if people want it, we'll enable it later
          */
@@ -533,7 +531,7 @@ public boolean implies(Object obj) {
                 }
             }
 
-            /**
+            /*
              * XXX no code yet to support a.b.*
              */
 

src/java.base/share/classes/javax/security/auth/Subject.java

@@ -25,20 +25,16 @@
 
 package javax.security.auth;
 
-import java.util.*;
-import java.io.*;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.ObjectStreamField;
+import java.security.*;
 import java.text.MessageFormat;
-import java.security.AccessController;
-import java.security.AccessControlContext;
-import java.security.DomainCombiner;
-import java.security.Principal;
-import java.security.PrivilegedExceptionAction;
-import java.security.PrivilegedActionException;
-import java.security.ProtectionDomain;
+import java.util.*;
 import java.util.concurrent.Callable;
 import java.util.concurrent.CompletionException;
 
-import sun.security.action.GetBooleanAction;
 import sun.security.util.ResourcesMgr;
 
 /**
@@ -90,7 +86,7 @@
  * While the Principals associated with the {@code Subject} are serialized,
  * the credentials associated with the {@code Subject} are not.
  * Note that the {@code java.security.Principal} class
- * does not implement {@code Serializable}.  Therefore all concrete
+ * does not implement {@code Serializable}.  Therefore, all concrete
  * {@code Principal} implementations associated with Subjects
  * must implement {@code Serializable}.
  *
@@ -752,7 +748,7 @@ public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
-        return new ClassSet<T>(PRINCIPAL_SET, c);
+        return new ClassSet<>(PRINCIPAL_SET, c);
     }
 
     /**
@@ -846,7 +842,7 @@ public <T> Set<T> getPublicCredentials(Class<T> c) {
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
-        return new ClassSet<T>(PUB_CREDENTIAL_SET, c);
+        return new ClassSet<>(PUB_CREDENTIAL_SET, c);
     }
 
     /**
@@ -890,7 +886,7 @@ public <T> Set<T> getPrivateCredentials(Class<T> c) {
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
-        return new ClassSet<T>(PRIV_CREDENTIAL_SET, c);
+        return new ClassSet<>(PRIV_CREDENTIAL_SET, c);
     }
 
     /**
@@ -923,9 +919,7 @@ public boolean equals(Object o) {
             return true;
         }
 
-        if (o instanceof Subject) {
-
-            final Subject that = (Subject)o;
+        if (o instanceof final Subject that) {
 
             // check the principal and credential sets
             Set<Principal> thatPrincipals;
@@ -1180,7 +1174,7 @@ private static class SecureSet<E>
         SecureSet(Subject subject, int which) {
             this.subject = subject;
             this.which = which;
-            this.elements = new LinkedList<E>();
+            this.elements = new LinkedList<>();
         }
 
         SecureSet(Subject subject, int which, LinkedList<E> list) {
@@ -1195,10 +1189,12 @@ public int size() {
 
         public Iterator<E> iterator() {
             final LinkedList<E> list = elements;
-            return new Iterator<E>() {
-                ListIterator<E> i = list.listIterator(0);
+            return new Iterator<>() {
+                final ListIterator<E> i = list.listIterator(0);
 
-                public boolean hasNext() {return i.hasNext();}
+                public boolean hasNext() {
+                    return i.hasNext();
+                }
 
                 public E next() {
                     if (which != Subject.PRIV_CREDENTIAL_SET) {
@@ -1337,7 +1333,7 @@ public boolean contains(Object o) {
                     // For private credentials:
                     // If the caller does not have read permission
                     // for o.getClass(), we throw a SecurityException.
-                    // Otherwise we check the private cred set to see whether
+                    // Otherwise, we check the private cred set to see whether
                     // it contains the Object
 
                     SecurityManager sm = System.getSecurityManager();
@@ -1472,7 +1468,7 @@ public Object[] toArray() {
                 // The next() method performs a security manager check
                 // on each element in the SecureSet.  If we make it all
                 // the way through we should be able to simply return
-                // element's toArray results.  Otherwise we'll let
+                // element's toArray results.  Otherwise, we'll let
                 // the SecurityException pass up the call stack.
                 e.next();
             }
@@ -1486,7 +1482,7 @@ public <T> T[] toArray(T[] a) {
                 // The next() method performs a security manager check
                 // on each element in the SecureSet.  If we make it all
                 // the way through we should be able to simply return
-                // element's toArray results.  Otherwise we'll let
+                // element's toArray results.  Otherwise, we'll let
                 // the SecurityException pass up the call stack.
                 e.next();
             }
@@ -1586,14 +1582,14 @@ private void readObject(ObjectInputStream ois)
      */
     private class ClassSet<T> extends AbstractSet<T> {
 
-        private int which;
-        private Class<T> c;
-        private Set<T> set;
+        private final int which;
+        private final Class<T> c;
+        private final Set<T> set;
 
         ClassSet(int which, Class<T> c) {
             this.which = which;
             this.c = c;
-            set = new HashSet<T>();
+            set = new HashSet<>();
 
             switch (which) {
             case Subject.PRINCIPAL_SET:

src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -70,7 +70,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
     /**
      * Construct a {@code ChoiceCallback} with a prompt,
      * a list of choices, a default choice, and a boolean specifying
-     * whether or not multiple selections from the list of choices are allowed.
+     * whether multiple selections from the list of choices are allowed.
      *
      *
      * @param prompt the prompt used to describe the list of choices.
@@ -83,9 +83,8 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
      *                  is represented as an index into the
      *                  {@code choices} array.
      *
-     * @param multipleSelectionsAllowed boolean specifying whether or
-     *                  not multiple selections can be made from the
-     *                  list of choices.
+     * @param multipleSelectionsAllowed boolean specifying whether multiple
+     *                  selections can be made from the list of choices.
      *
      * @exception IllegalArgumentException if {@code prompt} is null,
      *                  if {@code prompt} has a length of 0,

src/java.base/share/classes/javax/security/auth/callback/NameCallback.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,12 +42,12 @@ public class NameCallback implements Callback, java.io.Serializable {
      * @serial
      * @since 1.4
      */
-    private String prompt;
+    private final String prompt;
     /**
      * @serial
      * @since 1.4
      */
-    private String defaultName;
+    private final String defaultName;
     /**
      * @serial
      * @since 1.4
@@ -66,6 +66,7 @@ public NameCallback(String prompt) {
         if (prompt == null || prompt.isEmpty())
             throw new IllegalArgumentException();
         this.prompt = prompt;
+        this.defaultName = null;
     }
 
     /**

src/java.base/share/classes/javax/security/auth/callback/PasswordCallback.java

@@ -155,8 +155,6 @@ public void clearPassword() {
     }
 
     private static Runnable cleanerFor(char[] password) {
-        return () -> {
-            Arrays.fill(password, ' ');
-        };
+        return () -> Arrays.fill(password, ' ');
     }
 }

src/java.base/share/classes/javax/security/auth/callback/TextInputCallback.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,12 +43,12 @@ public class TextInputCallback implements Callback, java.io.Serializable {
      * @serial
      * @since 1.4
      */
-    private String prompt;
+    private final String prompt;
     /**
      * @serial
      * @since 1.4
      */
-    private String defaultText;
+    private final String defaultText;
     /**
      * @serial
      * @since 1.4
@@ -67,6 +67,7 @@ public TextInputCallback(String prompt) {
         if (prompt == null || prompt.isEmpty())
             throw new IllegalArgumentException();
         this.prompt = prompt;
+        this.defaultText = null;
     }
 
     /**

src/java.base/share/classes/javax/security/auth/callback/TextOutputCallback.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,12 +50,12 @@ public class TextOutputCallback implements Callback, java.io.Serializable {
      * @serial
      * @since 1.4
      */
-    private int messageType;
+    private final int messageType;
     /**
      * @serial
      * @since 1.4
      */
-    private String message;
+    private final String message;
 
     /**
      * Construct a TextOutputCallback with a message type and message

src/java.base/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,7 +40,7 @@ public class UnsupportedCallbackException extends Exception {
      * @serial
      */
     @SuppressWarnings("serial") // Not statically typed as Serializable
-    private Callback callback;
+    private final Callback callback;
 
     /**
      * Constructs an {@code UnsupportedCallbackException}