Fix formatting issues in Challenge 57 files

Co-authored-by: commjoen <[email protected]>

Author: Copilot

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge57.java

@@ -15,9 +15,9 @@
 public class Challenge57 implements Challenge {
 
   // Simulated database connection string with embedded credentials
-  private static final String DB_CONNECTION_STRING = 
+  private static final String DB_CONNECTION_STRING =
       "jdbc:postgresql://db.example.com:5432/userdb?user=dbadmin&password=SuperSecretDB2024!&ssl=true";
-  
+
   private static final String EXPECTED_SECRET = "SuperSecretDB2024!";
 
   @Override
@@ -31,27 +31,30 @@ public boolean answerCorrect(String answer) {
   }
 
   /**
-   * This method simulates what happens when an application tries to connect to a database
-   * but fails, exposing the full connection string (including credentials) in error messages.
-   * This is a common real-world mistake where developers include sensitive information
-   * in connection strings and don't properly handle/sanitize database connection errors.
+   * This method simulates what happens when an application tries to connect to a database but
+   * fails, exposing the full connection string (including credentials) in error messages. This is a
+   * common real-world mistake where developers include sensitive information in connection strings
+   * and don't properly handle/sanitize database connection errors.
    */
   public String simulateDatabaseConnectionError() {
     try {
-      // This will fail since we don't have a real database, but it demonstrates 
+      // This will fail since we don't have a real database, but it demonstrates
       // how connection errors can expose credentials
       Connection conn = DriverManager.getConnection(DB_CONNECTION_STRING);
       conn.close();
       return "Connection successful";
     } catch (SQLException e) {
       // Poor error handling - exposing the full connection string in the error message
-      String errorMessage = "Database connection failed with connection string: " + DB_CONNECTION_STRING 
-          + "\nError: " + e.getMessage();
-      
+      String errorMessage =
+          "Database connection failed with connection string: "
+              + DB_CONNECTION_STRING
+              + "\nError: "
+              + e.getMessage();
+
       // Log the error (another way credentials get exposed)
       log.error("Failed to connect to database: {}", errorMessage);
-      
+
       return errorMessage;
     }
   }
-}
+}

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge57Controller.java

@@ -14,12 +14,13 @@ public class Challenge57Controller {
   private final Challenge57 challenge;
 
   /**
-   * Endpoint to trigger a database connection error that exposes connection string with credentials.
-   * This simulates what happens when applications try to connect to unavailable databases.
+   * Endpoint to trigger a database connection error that exposes connection string with
+   * credentials. This simulates what happens when applications try to connect to unavailable
+   * databases.
    */
   @GetMapping("/error-demo/database-connection")
   public String triggerDatabaseError() {
     log.info("Attempting database connection for Challenge 57...");
     return challenge.simulateDatabaseConnectionError();
   }
-}
+}

src/main/resources/explanations/challenge57.adoc

@@ -30,4 +30,4 @@ Visit the `/error-demo/database-connection` endpoint to simulate a database conn
 
 Can you find the database password that gets exposed when the application tries to connect to the database?
 
-**Hint:** Look for database connection error messages that reveal more than they should.
+**Hint:** Look for database connection error messages that reveal more than they should.

src/main/resources/explanations/challenge57_hint.adoc

@@ -1 +1 @@
-Try visiting the `/error-demo/database-connection` endpoint to trigger a database connection error. Look at both the HTTP response and the application logs - database connection failures often expose connection strings with embedded credentials in error messages.
+Try visiting the `/error-demo/database-connection` endpoint to trigger a database connection error. Look at both the HTTP response and the application logs - database connection failures often expose connection strings with embedded credentials in error messages.

src/main/resources/explanations/challenge57_reason.adoc

@@ -40,4 +40,4 @@ The application doesn't sanitize sensitive information before logging or display
 
 5. **Monitor and audit:** Regularly review logs and error messages to ensure sensitive information isn't being inadvertently exposed.
 
-This type of credential exposure is extremely common in production applications and represents one of the most frequent ways database credentials are accidentally leaked.
+This type of credential exposure is extremely common in production applications and represents one of the most frequent ways database credentials are accidentally leaked.

src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge57ControllerTest.java

@@ -28,4 +28,4 @@ void triggerDatabaseErrorShouldReturnErrorMessage() {
     assertThat(result).isEqualTo(expectedError);
     org.mockito.Mockito.verify(challenge).simulateDatabaseConnectionError();
   }
-}
+}

src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge57Test.java

@@ -37,11 +37,11 @@ void answerCorrectShouldTrimWhitespace() {
   void simulateDatabaseConnectionErrorShouldExposeConnectionString() {
     var challenge = new Challenge57();
     String errorMessage = challenge.simulateDatabaseConnectionError();
-    
+
     // Verify that the error message contains the exposed connection string
     assertThat(errorMessage).contains("jdbc:postgresql://db.example.com:5432/userdb");
     assertThat(errorMessage).contains("user=dbadmin");
     assertThat(errorMessage).contains("password=SuperSecretDB2024!");
     assertThat(errorMessage).contains("Database connection failed");
   }
-}
+}