Open
Conversation
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
6 times, most recently
from
ed385dd to
2c1de73
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| * @throws AuthTokenException when user certificate is revoked or revocation check fails. | ||
| */ | ||
| public void validateCertificateNotRevoked(X509Certificate subjectCertificate) throws AuthTokenException { | ||
| public RevocationInfo validateCertificateNotRevoked(X509Certificate subjectCertificate, X509Certificate issuerCertificate) throws AuthTokenException { |
Check notice
Code scanning / CodeQL
Missing Override annotation
| private static class OcpClientThatThrowsException extends IOException { | ||
| } | ||
|
|
||
| public static AuthTokenValidator getAuthTokenValidatorWithOverriddenOcspClient(OcspClient ocspClient) throws CertificateException, JceException, IOException { |
Check notice
Code scanning / CodeQL
Useless parameter
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 2 months ago
The best way to fix this problem is to remove the unused parameter from the method signature and update all method calls to stop passing the unnecessary argument. This keeps the code clean and prevents confusion for future maintainers. Specifically, in src/test/java/eu/webeid/ocsp/client/OcspClientOverrideTest.java, modify the signature of getAuthTokenValidatorWithOverriddenOcspClient to remove the OcspClient ocspClient parameter, and update invocations at lines 47 and 63 to call it without arguments. No additional imports or method definitions are required; only method signatures and usages need updating.
Suggested changeset
1
src/test/java/eu/webeid/ocsp/client/OcspClientOverrideTest.java
| @@ -44,7 +44,7 @@ | ||
|
|
||
| @Test | ||
| void whenOcspClientIsOverridden_thenItIsUsed() throws JceException, CertificateException, IOException { | ||
| final AuthTokenValidator validator = getAuthTokenValidatorWithOverriddenOcspClient(new OcpClientThatThrows()); | ||
| final AuthTokenValidator validator = getAuthTokenValidatorWithOverriddenOcspClient(); | ||
| assertThatThrownBy(() -> validator.validate(validAuthToken, VALID_CHALLENGE_NONCE)) | ||
| .cause() | ||
| .isInstanceOf(OcpClientThatThrowsException.class); | ||
| @@ -60,9 +60,7 @@ | ||
| @Test | ||
| @Disabled("Demonstrates how to configure the built-in HttpClient instance for OcspClientImpl") | ||
| void whenOcspClientIsConfiguredWithCustomHttpClient_thenOcspCallSucceeds() throws JceException, CertificateException, IOException { | ||
| final AuthTokenValidator validator = getAuthTokenValidatorWithOverriddenOcspClient( | ||
| new OcspClientImpl(HttpClient.newBuilder().build(), Duration.ofSeconds(5)) | ||
| ); | ||
| final AuthTokenValidator validator = getAuthTokenValidatorWithOverriddenOcspClient(); | ||
| assertThatCode(() -> validator.validate(validAuthToken, VALID_CHALLENGE_NONCE)) | ||
| .doesNotThrowAnyException(); | ||
| } | ||
| @@ -77,7 +75,7 @@ | ||
| private static class OcpClientThatThrowsException extends IOException { | ||
| } | ||
|
|
||
| public static AuthTokenValidator getAuthTokenValidatorWithOverriddenOcspClient(OcspClient ocspClient) throws CertificateException, JceException, IOException { | ||
| public static AuthTokenValidator getAuthTokenValidatorWithOverriddenOcspClient() throws CertificateException, JceException, IOException { | ||
| // FIXME: test override | ||
| return AuthTokenValidators.getAuthTokenValidator(); | ||
| } |
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
7 times, most recently
from
9f7fb95 to
2e783f3
Compare
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
4 times, most recently
from
20426da to
7e98567
Compare
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
3 times, most recently
from
daf2a6c to
d6eebea
Compare
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
3 times, most recently
from
b7b0220 to
10e86be
Compare
…tation to eu.webeid.ocsp and make it optional WE2-1030 Signed-off-by: Mart Somermaa <mrts@users.noreply.github.com>
mrts
force-pushed
the
WE2-1030-use-platform-ocsp
branch
from
10e86be to
310224e
Compare
|
mrts
commented
Jan 26, 2026
| * depending on {@code revocationMode}. | ||
| * <p> | ||
| * Trust validation is performed by building a certification path from {@code certificate} to one of the | ||
| * configured {@code trustedCACertificateAnchors} using the supplied {@code trustedCACertificateCertStore}. |
Member
Author
There was a problem hiding this comment.
Add that it is assumed that the trust anchor is the intermediate certificate authority that is the issuer of the subject certificate.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
WE2-1030
Signed-off-by: Mart Somermaa mrts@users.noreply.github.com