[squash] bug fixes for parser tests and addressed more comments on th…

…e PR

auth/client/src/main/java/org/wildfly/security/auth/client/AuthenticationConfiguration.java

@@ -759,7 +759,7 @@ public AuthenticationConfiguration usePassword(Password password) {
     public AuthenticationConfiguration decryptAndUsePassword(String encryptedPassword) {
         EncryptionClientContext ctx = EncryptionClientContext.captureCurrent();
         if (ctx.encryptionClientConfiguration == null) {
-            throw new ExpressionResolutionException("No encryption client configuration available");
+            throw new EncryptedExpressionResolutionException("No encryption client configuration available");
         }
         String password = ctx.encryptionClientConfiguration.encryptedExpressionResolver.resolveExpression(encryptedPassword, ctx.encryptionClientConfiguration);
         return usePassword(password == null ? null : ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, password.toCharArray()));

auth/client/src/main/java/org/wildfly/security/auth/client/ExpressionResolutionException.java → auth/client/src/main/java/org/wildfly/security/auth/client/EncryptedExpressionResolutionException.java

@@ -24,12 +24,12 @@
  * @author <a href="mailto:prpaul@redhat.com">Prarthona Paul</a>
  */
 
-public class ExpressionResolutionException extends RuntimeException {
-    public ExpressionResolutionException(String msg) {
+public class EncryptedExpressionResolutionException extends RuntimeException {
+    public EncryptedExpressionResolutionException(String msg) {
         super(msg);
     }
 
-    public ExpressionResolutionException(String msg, Throwable cause) {
+    public EncryptedExpressionResolutionException(String msg, Throwable cause) {
         super(msg, cause);
     }
 }

auth/client/src/main/java/org/wildfly/security/auth/client/EncryptionClientConfiguration.java

@@ -97,14 +97,6 @@ private EncryptionClientConfiguration(final EncryptionClientConfiguration origin
         this.defaultResolverName = other.defaultResolverName;
     }
 
-    private static <T> T getOrDefault(T value, T defVal) {
-        return value != null ? value : defVal;
-    }
-
-    private static int getOrDefault(int value, int defVal) {
-        return value != -1 ? value : defVal;
-    }
-
     Map<String, CredentialStore> getCredentialStoreMap() {
         return credentialStoreMap;
     }

auth/client/src/main/java/org/wildfly/security/auth/client/EncryptionClientXmlParser.java

@@ -705,45 +705,6 @@ private static void parseResolverType(ConfigurationXMLStreamReader reader, final
         throw reader.unexpectedContent();
     }
 
-//    private static String parseDefaultResolverType(ConfigurationXMLStreamReader reader, final Map<String, EncryptedExpressionResolver.ResolverConfiguration> resolverMap) throws ConfigXMLParseException {
-//        final int attributeCount = reader.getAttributeCount();
-//        String name = null;
-//
-//        for (int i = 0; i < attributeCount; i ++) {
-//            final String attributeNameSpace = reader.getAttributeNamespace(i);
-//            if (attributeNameSpace != null && !attributeNameSpace.isEmpty()) {
-//                throw reader.unexpectedAttribute(i);
-//            }
-//            switch (reader.getAttributeLocalName(i)) {
-//                case "name": {
-//                    if (name!= null) throw reader.unexpectedAttribute(i);
-//                    name = reader.getAttributeValueResolved(i);
-//                    break;
-//                }
-//                default: {
-//                    throw reader.unexpectedAttribute(i);
-//                }
-//            }
-//        }
-//        if (name == null) {
-//            throw missingAttribute(reader, "name");
-//        }
-//        if (reader.hasNext()) {
-//            final int tag = reader.nextTag();
-//            if (tag == START_ELEMENT) {
-//                throw reader.unexpectedElement();
-//            } else if (tag == END_ELEMENT) {
-//                if (resolverMap.containsKey(name)) {
-//                    return name;
-//                } else {
-//                    throw xmlLog.resolverNotFound();
-//                }
-//            }
-//            throw reader.unexpectedContent();
-//        }
-//        throw reader.unexpectedContent();
-//    }
-
     private static void checkElementNamespace(final ConfigurationXMLStreamReader reader, final EncryptionClientXmlParser.Version xmlVersion) throws ConfigXMLParseException {
         if (! xmlVersion.namespace.equals(reader.getNamespaceURI())) {
             throw reader.unexpectedElement();

auth/client/src/main/java/org/wildfly/security/auth/client/WildFlyClientResolverProvider.java

@@ -22,7 +22,7 @@
 import org.wildfly.client.config.ResolverProvider;
 
 /**
- * Implementation of the ResolverProvider interfact that allows another project
+ * Implementation of the ResolverProvider interface that allows another project
  * to use Functions from Encrypted Expression Resolver without adding an
  * Elytron dependency.
  * @author <a href="mailto:prpaul@redhat.com">Prarthona Paul</a>
@@ -34,10 +34,10 @@ public class WildFlyClientResolverProvider implements ResolverProvider{
     @Override
     public String resolveExpression(String expression) {
         EncryptionClientContext context = EncryptionClientContext.captureCurrent();
-        if (context != null) {
+        if (context.encryptionClientConfiguration != null) {
             return context.encryptionClientConfiguration.encryptedExpressionResolver.resolveExpression(expression, context.encryptionClientConfiguration);
         } else {
-            throw new ExpressionResolutionException("Encryption client configuration could not be found");
+            throw new EncryptedExpressionResolutionException("Encryption client configuration could not be found.");
         }
     }
 }

auth/client/src/main/java/org/wildfly/security/auth/client/_private/ElytronMessages.java

@@ -40,7 +40,7 @@
 import org.wildfly.client.config.ConfigXMLParseException;
 import org.wildfly.client.config.ConfigurationXMLStreamReader;
 import org.wildfly.client.config.XMLLocation;
-import org.wildfly.security.auth.client.ExpressionResolutionException;
+import org.wildfly.security.auth.client.EncryptedExpressionResolutionException;
 
 /**
  * Log messages and exceptions for Elytron.
@@ -216,27 +216,27 @@ ConfigXMLParseException xmlUnableToIdentifyProvider(@Param Location location, St
     NoSuchAlgorithmException couldNotObtainClientDefaultSSLContext();
 
     @Message(id = 14009, value = "The expression '%s' does not specify a resolver and no default is defined.")
-    ExpressionResolutionException expressionResolutionWithoutResolver(String expression);
+    EncryptedExpressionResolutionException expressionResolutionWithoutResolver(String expression);
 
     @Message(id = 14010, value = "The expression '%s' specifies a resolver configuration which does not exist.")
-    ExpressionResolutionException invalidResolver(String expression);
+    EncryptedExpressionResolutionException invalidResolver(String expression);
 
     @Message(id = 14011, value = "Unable to load credential from credential store.")
-    ExpressionResolutionException unableToLoadCredential(@Cause Throwable cause);
+    EncryptedExpressionResolutionException unableToLoadCredential(@Cause Throwable cause);
 
     @Message(id = 14012, value = "Unable to decrypt expression '%s'.")
-    ExpressionResolutionException unableToDecryptExpression(String expression, @Cause Throwable cause);
+    EncryptedExpressionResolutionException unableToDecryptExpression(String expression, @Cause Throwable cause);
 
     @Message(id = 14013, value = "The name of the resolver to use was not specified and no default-resolver has been defined.")
-    ExpressionResolutionException noResolverSpecifiedAndNoDefault();
+    EncryptedExpressionResolutionException noResolverSpecifiedAndNoDefault();
 
     @Message(id = 14014, value = "No expression resolver has been defined with the name '%s'.")
-    ExpressionResolutionException noResolverWithSpecifiedName(String name);
+    EncryptedExpressionResolutionException noResolverWithSpecifiedName(String name);
 
     @Message(id = 14015, value = "Credential alias '%s' of credential type '%s' does not exist in the store")
-    ExpressionResolutionException credentialDoesNotExist(String alias, String credentialType);
+    EncryptedExpressionResolutionException credentialDoesNotExist(String alias, String credentialType);
 
     @Message(id = 14016, value = "Unable to encrypt the supplied clear text.")
-    ExpressionResolutionException unableToEncryptClearText(@Cause Throwable cause);
+    EncryptedExpressionResolutionException unableToEncryptClearText(@Cause Throwable cause);
 
 }

auth/client/src/test/java/org/wildfly/security/auth/client/EncryptedExpressionXMLParserTest.java

@@ -58,13 +58,30 @@ public void testEncryptedExpressionClient() throws Exception {
         System.clearProperty("wildfly.config.url");
     }
 
+    @Test
+    public void testUnableToDecryptWithAuthClient() throws Exception {
+        URL config = getClass().getResource("test-invalid-token-encryption-auth-client-v1_0.xml");
+        System.setProperty("wildfly.config.url", config.getPath());
+        try {
+            SecurityFactory<EncryptionClientContext> clientConfiguration = EncryptionClientXmlParser.parseEncryptionClientConfiguration(config.toURI());
+            EncryptionClientContext.getContextManager().setThreadDefault(clientConfiguration.create());
+            SecurityFactory<AuthenticationContext> authClientConfiguration = ElytronXmlParser.parseAuthenticationClientConfiguration(config.toURI());
+        } catch (EncryptedExpressionResolutionException e) {
+            Assert.assertTrue(e.getMessage().contains("Unable to decrypt expression"));
+            System.clearProperty("wildfly.config.url");
+        }
+    }
+
     @Test
     public void testEncryptedExpressionWithAuthClient() throws Exception {
         URL config = getClass().getResource("test-encryption-auth-client-v1_0.xml");
         System.setProperty("wildfly.config.url", config.getPath());
 
         SecurityFactory<EncryptionClientContext> clientConfiguration = EncryptionClientXmlParser.parseEncryptionClientConfiguration(config.toURI());
-        EncryptionClientConfiguration encExpConfig = clientConfiguration.create().encryptionClientConfiguration;
+        EncryptionClientContext ctx = clientConfiguration.create();
+        EncryptionClientContext.getContextManager().setThreadDefault(ctx);
+
+        EncryptionClientConfiguration encExpConfig = ctx.encryptionClientConfiguration;
         String encryptedExpression = encExpConfig.encryptedExpressionResolver.createExpression(PASSWORD, encExpConfig);
         Assert.assertEquals(PASSWORD, encExpConfig.encryptedExpressionResolver.resolveExpression(encryptedExpression, encExpConfig));
 
@@ -79,14 +96,16 @@ public void testEncryptedExpressionWithAuthClient() throws Exception {
         System.clearProperty("ENC_EXP_PROP");
     }
 
+
     @Test
-    public void testUnableToDecryptWithAuthClient() throws Exception {
-        URL config = getClass().getResource("test-invalid-encryption-auth-client-v1_7.xml");
-        System.setProperty("wildfly.config.url", config.getPath());
+    public void testEncryptedExpressionWithoutEncryptionClient() throws Exception {
+        URL config = getClass().getResource("test-invalid-config-encryption-auth-client-v1_0.xml");
         try {
+            SecurityFactory<EncryptionClientContext> clientConfiguration = EncryptionClientXmlParser.parseEncryptionClientConfiguration(config.toURI());
+            EncryptionClientContext.getContextManager().setThreadDefault(clientConfiguration.create());
             SecurityFactory<AuthenticationContext> authClientConfiguration = ElytronXmlParser.parseAuthenticationClientConfiguration(config.toURI());
-        } catch (ExpressionResolutionException e) {
-            Assert.assertTrue(e.getMessage().contains("Unable to decrypt expression"));
+        } catch (EncryptedExpressionResolutionException e) {
+            Assert.assertTrue(e.getMessage().contains("Encryption client configuration could not be found."));
         }
     }
 

auth/client/src/test/resources/org/wildfly/security/auth/client/test-encryption-auth-client-v1_0.xml

@@ -25,8 +25,8 @@
                 </attributes>
             </credential-store>
         </credential-stores>
-        <expression-resolvers default-resolver="my-resolver">
-            <expression-resolver name="my-resolver" credential-store-name="my-credential-store" alias="secretkey1"/>
+        <expression-resolvers default-resolver="my-resolver1">
+            <expression-resolver name="my-resolver1" credential-store-name="my-credential-store" alias="secretkey1"/>
             <expression-resolver name="my-resolver2" credential-store-name="my-credential-store" alias="secretkey2"/>
         </expression-resolvers>
     </encryption-client>

auth/client/src/test/resources/org/wildfly/security/auth/client/test-encryption-client-v1_0.xml

@@ -25,9 +25,9 @@
                 </attributes>
             </credential-store>
         </credential-stores>
-        <expression-resolvers default-resolver="my-resolver">
-            <expression-resolver name="my-resolver" credential-store-name="my-credential-store" alias="secretkey1"/>
-            <expression-resolver name="my-resolver2" credential-store-name="my-credential-store" alias="secretkey2"/>
+        <expression-resolvers default-resolver="first-resolver">
+            <expression-resolver name="first-resolver" credential-store-name="my-credential-store" alias="secretkey1"/>
+            <expression-resolver name="second-resolver" credential-store-name="my-credential-store" alias="secretkey2"/>
         </expression-resolvers>
     </encryption-client>
 </configuration>

auth/client/src/test/resources/org/wildfly/security/auth/client/test-invalid-config-encryption-auth-client-v1_0.xml

@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+      ~ JBoss, Home of Professional Open Source.
+      ~ Copyright 2023 Red Hat, Inc., and individual contributors
+      ~ as indicated by the @author tags.
+      ~
+      ~ Licensed under the Apache License, Version 2.0 (the "License");
+      ~ you may not use this file except in compliance with the License.
+      ~ You may obtain a copy of the License at
+      ~
+      ~     http://www.apache.org/licenses/LICENSE-2.0
+      ~
+      ~ Unless required by applicable law or agreed to in writing, software
+      ~ distributed under the License is distributed on an "AS IS" BASIS,
+      ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      ~ See the License for the specific language governing permissions and
+      ~ limitations under the License.
+-->
+<configuration>
+    <authentication-client xmlns="urn:elytron:client:1.7">
+        <authentication-rules>
+            <rule use-configuration="default-config"/>
+        </authentication-rules>
+        <authentication-configurations>
+            <configuration name="default-config">
+                <set-user-name name="quickstartUser"/>
+                <credentials>
+                    <clear-password password="${ENC::some-resolver:RUxZAUMQvGzk6Vaadp2cahhZ6rlPhHOZcWyjXALlAthrENvRTvQ=}"/>
+                </credentials>
+                <sasl-mechanism-selector selector="SCRAM-SHA-512"/>
+                <providers>
+                    <use-service-loader />
+                </providers>
+            </configuration>
+        </authentication-configurations>
+    </authentication-client>
+</configuration>

auth/client/src/test/resources/org/wildfly/security/auth/client/test-invalid-encryption-auth-client-v1_7.xml → auth/client/src/test/resources/org/wildfly/security/auth/client/test-invalid-token-encryption-auth-client-v1_0.xml

@@ -25,9 +25,9 @@
                 </attributes>
             </credential-store>
         </credential-stores>
-        <expression-resolvers default-resolver="my-resolver">
-            <expression-resolver name="my-resolver" credential-store-name="my-credential-store" alias="secretkey1"/>
-            <expression-resolver name="my-resolver2" credential-store-name="my-credential-store" alias="secretkey2"/>
+        <expression-resolvers default-resolver="resolver1">
+            <expression-resolver name="resolver1" credential-store-name="my-credential-store" alias="secretkey1"/>
+            <expression-resolver name="resolver2" credential-store-name="my-credential-store" alias="secretkey2"/>
         </expression-resolvers>
     </encryption-client>
     <authentication-client xmlns="urn:elytron:client:1.7">
@@ -38,7 +38,7 @@
             <configuration name="default-config">
                 <set-user-name name="quickstartUser"/>
                 <credentials>
-                    <clear-password password="${ENC::my-resolver:InV4LidT0k3NTh4tC4nn0tb3d3crYpt3D=}"/>
+                    <clear-password password="${ENC::resolver1:InV4LidT0k3NTh4tC4nn0tb3d3crYpt3D=}"/>
                 </credentials>
                 <sasl-mechanism-selector selector="SCRAM-SHA-512"/>
                 <providers>