nanuchi · github-actions · Mar 25, 2024
diff --git a/src/main/java/org/owasp/wrongsecrets/ChallengeUiTemplateResolver.java b/src/main/java/org/owasp/wrongsecrets/ChallengeUiTemplateResolver.java
@@ -23,8 +23,8 @@
 public class ChallengeUiTemplateResolver extends FileTemplateResolver {
 
   private static final String PREFIX = "ui-snippet:";
-  private ResourceLoader resourceLoader;
-  private Map<String, byte[]> resources = new HashMap<>();
+  private final ResourceLoader resourceLoader;
+  private final Map<String, byte[]> resources = new HashMap<>();
 
   public ChallengeUiTemplateResolver(ResourceLoader resourceLoader) {
     this.resourceLoader = resourceLoader;

diff --git a/src/main/java/org/owasp/wrongsecrets/RuntimeEnvironment.java b/src/main/java/org/owasp/wrongsecrets/RuntimeEnvironment.java
@@ -43,10 +43,7 @@ public boolean canRun(ChallengeDefinition challengeDefinition) {
     if (isVaultUnlockedInCTFMode() && isK8sUnlockedInCTFMode()) {
       return challengeDefinition.supportedEnvironments().contains(runtimeEnvironment);
     }
-    if (isK8sUnlockedInCTFMode()) {
-      return challengeDefinition.supportedEnvironments().contains(runtimeEnvironment);
-    }
-    return challengeDefinition.supportedEnvironments().contains(this.runtimeEnvironment);
+      return challengeDefinition.supportedEnvironments().contains(this.runtimeEnvironment);
   }
 
   public boolean runtimeInCTFMode() {
@@ -85,8 +82,8 @@ public static RuntimeEnvironment fromString(
                       challengeDefinitions.environments().stream()
                           .map(Environment::name)
                           .collect(Collectors.joining()));
-                  throw new MissingEnvironmentException(
-                      currentRuntimeEnvironment, challengeDefinitions.environments());
+                    return new MissingEnvironmentException(
+                            currentRuntimeEnvironment, challengeDefinitions.environments());
                 });
     return new RuntimeEnvironment(runtimeEnvironment);
   }

diff --git a/src/main/java/org/owasp/wrongsecrets/StatsController.java b/src/main/java/org/owasp/wrongsecrets/StatsController.java
@@ -12,8 +12,8 @@
 @Controller
 public class StatsController {
 
-  @Autowired private CanaryCounter canaryCounter;
-  @Autowired private SessionConfiguration sessionConfiguration;
+  private final CanaryCounter canaryCounter;
+  private SessionConfiguration sessionConfiguration;
 
   @Value("${hints_enabled}")
   private boolean hintsEnabled;
@@ -39,7 +39,16 @@ public class StatsController {
   @Value("${springdoc.swagger-ui.path}")
   private String swaggerURI;
 
-  @GetMapping("/stats")
+    public StatsController(CanaryCounter canaryCounter) {
+        this.canaryCounter = canaryCounter;
+    }
+
+    @Autowired
+    public StatsController(SessionConfiguration sessionConfiguration) {
+        this.sessionConfiguration = sessionConfiguration;
+    }
+
+    @GetMapping("/stats")
   @Operation(description = "Returns all dynamic data for the stats screen")
   public String getStats(Model model) {
     model.addAttribute("canaryCounter", canaryCounter.getTotalCount());

diff --git a/src/main/java/org/owasp/wrongsecrets/canaries/CanariesController.java b/src/main/java/org/owasp/wrongsecrets/canaries/CanariesController.java
@@ -20,9 +20,13 @@
 @RestController
 public class CanariesController {
 
-  @Autowired CanaryCounter canaryCounter;
+  final CanaryCounter canaryCounter;
 
-  @PostMapping(path = "/canaries/tokencallback", consumes = MediaType.APPLICATION_JSON_VALUE)
+    public CanariesController(CanaryCounter canaryCounter) {
+        this.canaryCounter = canaryCounter;
+    }
+
+    @PostMapping(path = "/canaries/tokencallback", consumes = MediaType.APPLICATION_JSON_VALUE)
   @Operation(
       summary = "Callback method for canarytokens.com",
       requestBody =

diff --git a/src/main/java/org/owasp/wrongsecrets/canaries/CanaryToken.java b/src/main/java/org/owasp/wrongsecrets/canaries/CanaryToken.java
@@ -6,12 +6,12 @@
 
 /**
  * Actual canaryToken as received by <a href="http://canarytokens.com/">canarytokens.com</a> Example
- * content: json: { "manage_url": "http://canarytokens.org/manage?token....", "memo": "debugtoken",
+ * content: json: { "manage_url": "<a href="http://canarytokens.org/manage?token">...</a>....", "memo": "debugtoken",
  * "additional_data": { "src_ip": "83.128.90.255", "useragent": "Mozilla/5.0 (Windows NT 10.0;
  * Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36",
  * "referer": null, "location": null }, "channel": "HTTP", "time": "2022-03-07 06:14:36 (UTC)" }
  *
- * @see org.owasp.wrongsecrets.canaries.AdditionalCanaryData
+ * @see AdditionalCanaryData
  */
 @RequiredArgsConstructor
 @Getter

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/FixedAnswerChallenge.java b/src/main/java/org/owasp/wrongsecrets/challenges/FixedAnswerChallenge.java
@@ -16,7 +16,7 @@
  */
 public abstract class FixedAnswerChallenge implements Challenge {
 
-  private Supplier<String> cachedAnswer = Suppliers.memoize(() -> getAnswer());
+  private final Supplier<String> cachedAnswer = Suppliers.memoize(() -> getAnswer());
 
   @Override
   public final Spoiler spoiler() {

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java
@@ -50,9 +50,7 @@ private boolean isKeyCorrect(String base64EncodedKey) {
         || !isBase64(base64EncodedKey)
         || Strings.isNullOrEmpty(plainText)
         || Strings.isNullOrEmpty(cipherText)) {
-      // log.debug("Checking secret with values {}, {}, {}", base64EncodedKey, plainText,
-      // cipherText);
-      return false;
+        return false;
     }
 
     try {

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge32.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge32.java
@@ -13,7 +13,7 @@
 
 /**
  * This is a challenge based on LLM where people need to extract the secret from
- * https://https://gandalf.lakera.ai//
+ * <a href="https://https://gandalf.lakera.ai//">...</a>
  */
 @Slf4j
 @Component

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge36.java
@@ -14,7 +14,7 @@
 @Component
 public class Challenge36 implements Challenge {
   private final BinaryExecutionHelper binaryExecutionHelper;
-  private String executable;
+  private final String executable;
 
   public Challenge36() {
     this.executable = "wrongsecrets-advanced-c";

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge37.java b/src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge37.java
@@ -17,7 +17,7 @@
 @Component
 public class Challenge37 extends FixedAnswerChallenge {
 
-  private String secret;
+  private final String secret;
   private static final String password = "YjNCbGJpQnpaWE5oYldVPQo=";
 
   public Challenge37() {

diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Vaultinjected.java b/src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Vaultinjected.java
@@ -1,18 +1,15 @@
 package org.owasp.wrongsecrets.challenges.kubernetes;
 
+import lombok.Getter;
+import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
 /** Class used to get value from vault using the springboot cloud integration with vault. */
+@Setter
+@Getter
 @ConfigurationProperties("vaultinjected")
 public class Vaultinjected {
 
   private String value;
 
-  public void setValue(String value) {
-    this.value = value;
-  }
-
-  public String getValue() {
-    return value;
-  }
 }
diff --git a/src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Vaultpassword.java b/src/main/java/org/owasp/wrongsecrets/challenges/kubernetes/Vaultpassword.java
@@ -1,18 +1,16 @@
 package org.owasp.wrongsecrets.challenges.kubernetes;
 
+import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
 /** Class used to get password from vault using the springboot cloud integration with vault. */
+@Setter
 @ConfigurationProperties("vaultpassword")
 public class Vaultpassword {
 
   private String password;
 
-  public void setPassword(String password) {
-    this.password = password;
-  }
-
-  public String getPasssword() {
+    public String getPasssword() {
     return password;
   }
 }
diff --git a/src/main/java/org/owasp/wrongsecrets/definitions/ChallengeConfig.java b/src/main/java/org/owasp/wrongsecrets/definitions/ChallengeConfig.java
@@ -5,6 +5,7 @@
 import java.util.function.Supplier;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FilenameUtils;
+import org.jetbrains.annotations.NotNull;
 import org.owasp.wrongsecrets.Challenges;
 import org.owasp.wrongsecrets.asciidoc.TemplateGenerator;
 import org.owasp.wrongsecrets.challenges.Challenge;
@@ -43,7 +44,7 @@ private record TextWithFileLocationConverter(TemplateGenerator templateGenerator
       implements Converter<String, TextWithFileLocation> {
 
     @Override
-    public TextWithFileLocation convert(String source) {
+    public TextWithFileLocation convert(@NotNull String source) {
       return new TextWithFileLocation(source, read(source));
     }
 
@@ -61,7 +62,7 @@ private Supplier<String> read(String name) {
   private record StringToChallengeNameConverter() implements Converter<String, ChallengeName> {
 
     @Override
-    public ChallengeName convert(String name) {
+    public ChallengeName convert(@NotNull String name) {
       return new ChallengeName(name, name.strip().replace(" ", "-").toLowerCase());
     }
   }