Remove Optional from field types

Author: emlun

webauthn-server-core/src/main/java/com/yubico/webauthn/AssertionRequest.java

@@ -28,8 +28,6 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.yubico.webauthn.data.PublicKeyCredentialRequestOptions;
 import java.util.Optional;
-import lombok.AccessLevel;
-import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.NonNull;
 import lombok.Value;
@@ -39,7 +37,6 @@
  * A combination of a {@link PublicKeyCredentialRequestOptions} and, optionally, a {@link #getUsername() username}.
  */
 @Value
-@AllArgsConstructor(access = AccessLevel.PRIVATE)
 @Builder(toBuilder = true)
 public class AssertionRequest {
 
@@ -58,23 +55,35 @@ public class AssertionRequest {
      * credential</a>, and identification of the user has been deferred until the response is received.
      * </p>
      */
-    @NonNull
-    private final Optional<String> username;
+    private final String username;
 
     @JsonCreator
     private AssertionRequest(
         @NonNull @JsonProperty("publicKeyCredentialRequestOptions") PublicKeyCredentialRequestOptions publicKeyCredentialRequestOptions,
         @JsonProperty("username") String username
     ) {
-        this(publicKeyCredentialRequestOptions, Optional.ofNullable(username));
+        this.publicKeyCredentialRequestOptions = publicKeyCredentialRequestOptions;
+        this.username = username;
+    }
+
+    /**
+     * The username of the user to authenticate, if the user has already been identified.
+     * <p>
+     * If this is absent, this indicates that this is a request for an assertion by a <a
+     * href="https://www.w3.org/TR/2019/PR-webauthn-20190117/#client-side-resident-public-key-credential-source">client-side-resident
+     * credential</a>, and identification of the user has been deferred until the response is received.
+     * </p>
+     */
+    public Optional<String> getUsername() {
+        return Optional.ofNullable(username);
     }
 
     public static AssertionRequestBuilder.MandatoryStages builder() {
         return new AssertionRequestBuilder.MandatoryStages();
     }
 
     public static class AssertionRequestBuilder {
-        private Optional<String> username = Optional.empty();
+        private String username = null;
 
         public static class MandatoryStages {
             private final AssertionRequestBuilder builder = new AssertionRequestBuilder();
@@ -97,8 +106,7 @@ public AssertionRequestBuilder publicKeyCredentialRequestOptions(PublicKeyCreden
          * </p>
          */
         public AssertionRequestBuilder username(@NonNull Optional<String> username) {
-            this.username = username;
-            return this;
+            return this.username(username.orElse(null));
         }
 
         /**
@@ -109,8 +117,9 @@ public AssertionRequestBuilder username(@NonNull Optional<String> username) {
          * credential</a>, and identification of the user has been deferred until the response is received.
          * </p>
          */
-        public AssertionRequestBuilder username(@NonNull String username) {
-            return this.username(Optional.of(username));
+        public AssertionRequestBuilder username(String username) {
+            this.username = username;
+            return this;
         }
     }
 

webauthn-server-core/src/main/java/com/yubico/webauthn/FinishAssertionOptions.java

@@ -60,15 +60,24 @@ public class FinishAssertionOptions {
      *
      * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
      */
-    @NonNull
-    private final Optional<ByteArray> callerTokenBindingId;
+    private final ByteArray callerTokenBindingId;
+
+    /**
+     * The <a href="https://tools.ietf.org/html/rfc8471#section-3.2">token binding ID</a> of the connection to the
+     * client, if any.
+     *
+     * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
+     */
+    public Optional<ByteArray> getCallerTokenBindingId() {
+        return Optional.ofNullable(callerTokenBindingId);
+    }
 
     public static FinishAssertionOptionsBuilder.MandatoryStages builder() {
         return new FinishAssertionOptionsBuilder.MandatoryStages();
     }
 
     public static class FinishAssertionOptionsBuilder {
-        private Optional<ByteArray> callerTokenBindingId = Optional.empty();
+        private ByteArray callerTokenBindingId = null;
 
         public static class MandatoryStages {
             private final FinishAssertionOptionsBuilder builder = new FinishAssertionOptionsBuilder();
@@ -92,7 +101,7 @@ public FinishAssertionOptionsBuilder response(PublicKeyCredential<AuthenticatorA
          * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
          */
         public FinishAssertionOptionsBuilder callerTokenBindingId(@NonNull Optional<ByteArray> callerTokenBindingId) {
-            this.callerTokenBindingId = callerTokenBindingId;
+            this.callerTokenBindingId = callerTokenBindingId.orElse(null);
             return this;
         }
 

webauthn-server-core/src/main/java/com/yubico/webauthn/FinishRegistrationOptions.java

@@ -61,15 +61,24 @@ public class FinishRegistrationOptions {
      *
      * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
      */
-    @NonNull
-    private final Optional<ByteArray> callerTokenBindingId;
+    private final ByteArray callerTokenBindingId;
+
+    /**
+     * The <a href="https://tools.ietf.org/html/rfc8471#section-3.2">token binding ID</a> of the connection to the
+     * client, if any.
+     *
+     * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
+     */
+    public Optional<ByteArray> getCallerTokenBindingId() {
+        return Optional.ofNullable(callerTokenBindingId);
+    }
 
     public static FinishRegistrationOptionsBuilder.MandatoryStages builder() {
         return new FinishRegistrationOptionsBuilder.MandatoryStages();
     }
 
     public static class FinishRegistrationOptionsBuilder {
-        private Optional<ByteArray> callerTokenBindingId = Optional.empty();
+        private ByteArray callerTokenBindingId = null;
 
         public static class MandatoryStages {
             private final FinishRegistrationOptionsBuilder builder = new FinishRegistrationOptionsBuilder();
@@ -93,7 +102,7 @@ public FinishRegistrationOptionsBuilder response(PublicKeyCredential<Authenticat
          * @see <a href="https://tools.ietf.org/html/rfc8471">The Token Binding Protocol Version 1.0</a>
          */
         public FinishRegistrationOptionsBuilder callerTokenBindingId(@NonNull Optional<ByteArray> callerTokenBindingId) {
-            this.callerTokenBindingId = callerTokenBindingId;
+            this.callerTokenBindingId = callerTokenBindingId.orElse(null);
             return this;
         }
 

webauthn-server-core/src/main/java/com/yubico/webauthn/RegistrationResult.java

@@ -112,9 +112,9 @@ public class RegistrationResult {
      * @see <a href="https://www.w3.org/TR/2019/PR-webauthn-20190117/#sctn-attestation">§6.4. Attestation</a>
      * @see com.yubico.webauthn.RelyingParty.RelyingPartyBuilder#metadataService(Optional)
      */
-    @NonNull
     @Builder.Default
-    private final Optional<Attestation> attestationMetadata = Optional.empty();
+    @Builder.ObtainVia(method = "getAttestationMetadata")
+    private final Attestation attestationMetadata = null;
 
     @JsonCreator
     private RegistrationResult(
@@ -123,7 +123,7 @@ private RegistrationResult(
         @NonNull @JsonProperty("attestationType") AttestationType attestationType,
         @NonNull @JsonProperty("publicKeyCose") ByteArray publicKeyCose,
         @NonNull @JsonProperty("warnings") List<String> warnings,
-        @NonNull @JsonProperty("attestationMetadata") Optional<Attestation> attestationMetadata
+        @JsonProperty("attestationMetadata") Attestation attestationMetadata
     ) {
         this.keyId = keyId;
         this.attestationTrusted = attestationTrusted;
@@ -133,6 +133,10 @@ private RegistrationResult(
         this.attestationMetadata = attestationMetadata;
     }
 
+    public Optional<Attestation> getAttestationMetadata() {
+        return Optional.ofNullable(attestationMetadata);
+    }
+
     static RegistrationResultBuilder.MandatoryStages builder() {
         return new RegistrationResultBuilder.MandatoryStages();
     }
@@ -166,6 +170,11 @@ public RegistrationResultBuilder publicKeyCose(ByteArray publicKeyCose) {
                 }
             }
         }
+
+        public RegistrationResultBuilder attestationMetadata(@NonNull Optional<Attestation> attestationMetadata) {
+            this.attestationMetadata = attestationMetadata.orElse(null);
+            return this;
+        }
     }
 
 }

webauthn-server-core/src/main/java/com/yubico/webauthn/StartAssertionOptions.java

@@ -53,8 +53,7 @@ public class StartAssertionOptions {
      * @see <a href="https://www.w3.org/TR/2019/PR-webauthn-20190117/#client-side-resident-public-key-credential-source">Client-side-resident
      * credential</a>
      */
-    @NonNull
-    private final Optional<String> username;
+    private final String username;
 
     /**
      * Extension inputs for this authentication operation.
@@ -77,8 +76,7 @@ public class StartAssertionOptions {
      * The default is {@link UserVerificationRequirement#PREFERRED}.
      * </p>
      */
-    @NonNull
-    private final Optional<UserVerificationRequirement> userVerification;
+    private final UserVerificationRequirement userVerification;
 
     /**
      * The value for {@link PublicKeyCredentialRequestOptions#getTimeout()} for this authentication operation.
@@ -91,13 +89,55 @@ public class StartAssertionOptions {
      * The default is empty.
      * </p>
      */
-    @NonNull
-    private final Optional<Long> timeout;
+    private final Long timeout;
+
+    /**
+     * The username of the user to authenticate, if the user has already been identified.
+     * <p>
+     * If this is absent, that implies a first-factor authentication operation - meaning identification of the user is
+     * deferred until after receiving the response from the client.
+     * </p>
+     *
+     * <p>
+     * The default is empty (absent).
+     * </p>
+     *
+     * @see <a href="https://www.w3.org/TR/2019/PR-webauthn-20190117/#client-side-resident-public-key-credential-source">Client-side-resident
+     * credential</a>
+     */
+    public Optional<String> getUsername() {
+        return Optional.ofNullable(username);
+    }
+
+    /**
+     * The value for {@link PublicKeyCredentialRequestOptions#getUserVerification()} for this authentication operation.
+     * <p>
+     * The default is {@link UserVerificationRequirement#PREFERRED}.
+     * </p>
+     */
+    public Optional<UserVerificationRequirement> getUserVerification() {
+        return Optional.ofNullable(userVerification);
+    }
+
+    /**
+     * The value for {@link PublicKeyCredentialRequestOptions#getTimeout()} for this authentication operation.
+     * <p>
+     * This library does not take the timeout into account in any way, other than passing it through to the {@link
+     * PublicKeyCredentialRequestOptions} so it can be used as an argument to
+     * <code>navigator.credentials.get()</code> on the client side.
+     * </p>
+     * <p>
+     * The default is empty.
+     * </p>
+     */
+    public Optional<Long> getTimeout() {
+        return Optional.ofNullable(timeout);
+    }
 
     public static class StartAssertionOptionsBuilder {
-        private @NonNull Optional<String> username = Optional.empty();
-        private @NonNull Optional<UserVerificationRequirement> userVerification = Optional.empty();
-        private @NonNull Optional<Long> timeout = Optional.empty();
+        private String username = null;
+        private UserVerificationRequirement userVerification = null;
+        private Long timeout = null;
 
         /**
          * The username of the user to authenticate, if the user has already been identified.
@@ -114,7 +154,7 @@ public static class StartAssertionOptionsBuilder {
          * credential</a>
          */
         public StartAssertionOptionsBuilder username(@NonNull Optional<String> username) {
-            this.username = username;
+            this.username = username.orElse(null);
             return this;
         }
 
@@ -143,7 +183,7 @@ public StartAssertionOptionsBuilder username(@NonNull String username) {
          * </p>
          */
         public StartAssertionOptionsBuilder userVerification(@NonNull Optional<UserVerificationRequirement> userVerification) {
-            this.userVerification = userVerification;
+            this.userVerification = userVerification.orElse(null);
             return this;
         }
 
@@ -172,7 +212,7 @@ public StartAssertionOptionsBuilder timeout(@NonNull Optional<Long> timeout) {
             if (timeout.isPresent() && timeout.get() <= 0) {
                 throw new IllegalArgumentException("timeout must be positive, was: " + timeout.get());
             }
-            this.timeout = timeout;
+            this.timeout = timeout.orElse(null);
             return this;
         }
 

webauthn-server-core/src/main/java/com/yubico/webauthn/StartRegistrationOptions.java

@@ -49,8 +49,7 @@ public class StartRegistrationOptions {
     /**
      * Constraints on what kind of authenticator the user is allowed to use to create the credential.
      */
-    @NonNull
-    private final Optional<AuthenticatorSelectionCriteria> authenticatorSelection;
+    private final AuthenticatorSelectionCriteria authenticatorSelection;
 
     /**
      * Extension inputs for this registration operation.
@@ -70,16 +69,37 @@ public class StartRegistrationOptions {
      * The default is empty.
      * </p>
      */
-    @NonNull
-    private final Optional<Long> timeout;
+    private final Long timeout;
+
+    /**
+     * Constraints on what kind of authenticator the user is allowed to use to create the credential.
+     */
+    public Optional<AuthenticatorSelectionCriteria> getAuthenticatorSelection() {
+        return Optional.ofNullable(authenticatorSelection);
+    }
+
+    /**
+     * The value for {@link PublicKeyCredentialCreationOptions#getTimeout()} for this registration operation.
+     * <p>
+     * This library does not take the timeout into account in any way, other than passing it through to the {@link
+     * PublicKeyCredentialCreationOptions} so it can be used as an argument to
+     * <code>navigator.credentials.create()</code> on the client side.
+     * </p>
+     * <p>
+     * The default is empty.
+     * </p>
+     */
+    public Optional<Long> getTimeout() {
+        return Optional.ofNullable(timeout);
+    }
 
     public static StartRegistrationOptionsBuilder.MandatoryStages builder() {
         return new StartRegistrationOptionsBuilder.MandatoryStages();
     }
 
     public static class StartRegistrationOptionsBuilder {
-        private @NonNull Optional<AuthenticatorSelectionCriteria> authenticatorSelection = Optional.empty();
-        private @NonNull Optional<Long> timeout = Optional.empty();
+        private AuthenticatorSelectionCriteria authenticatorSelection = null;
+        private Long timeout = null;
 
         public static class MandatoryStages {
             private final StartRegistrationOptionsBuilder builder = new StartRegistrationOptionsBuilder();
@@ -93,15 +113,15 @@ public StartRegistrationOptionsBuilder user(UserIdentity user) {
          * Constraints on what kind of authenticator the user is allowed to use to create the credential.
          */
         public StartRegistrationOptionsBuilder authenticatorSelection(@NonNull Optional<AuthenticatorSelectionCriteria> authenticatorSelection) {
-            this.authenticatorSelection = authenticatorSelection;
-            return this;
+            return this.authenticatorSelection(authenticatorSelection.orElse(null));
         }
 
         /**
          * Constraints on what kind of authenticator the user is allowed to use to create the credential.
          */
-        public StartRegistrationOptionsBuilder authenticatorSelection(@NonNull AuthenticatorSelectionCriteria authenticatorSelection) {
-            return this.authenticatorSelection(Optional.of(authenticatorSelection));
+        public StartRegistrationOptionsBuilder authenticatorSelection(AuthenticatorSelectionCriteria authenticatorSelection) {
+            this.authenticatorSelection = authenticatorSelection;
+            return this;
         }
 
         /**
@@ -119,7 +139,7 @@ public StartRegistrationOptionsBuilder timeout(@NonNull Optional<Long> timeout)
             if (timeout.isPresent() && timeout.get() <= 0) {
                 throw new IllegalArgumentException("timeout must be positive, was: " + timeout.get());
             }
-            this.timeout = timeout;
+            this.timeout = timeout.orElse(null);
             return this;
         }