Apply CRAI suggestions

Author: HenrikJannsen

api/src/main/java/bisq/api/rest_api/endpoints/RestApiBase.java

@@ -42,7 +42,7 @@ protected Response buildOkResponse(Object entity) {
      * @return The HTTP response.
      */
     protected Response buildNoContentResponse( ) {
-        return buildResponse(Response.Status.NO_CONTENT, "");
+        return Response.status(Response.Status.NO_CONTENT).build();
     }
 
     protected Response buildNotFoundResponse(String message) {

api/src/main/java/bisq/api/rest_api/endpoints/devices/DevicesRestApi.java

@@ -49,9 +49,7 @@
         description = "API for registering and unregistering mobile devices for push notifications"
 )
 public class DevicesRestApi extends RestApiBase {
-
-    private static final int APNS_TOKEN_LENGTH = 64;
-    private static final String ALPHANUMERIC_REGEX = "^[a-zA-Z0-9]+$";
+    private static final String APNS_HEX_REGEX = "^[0-9a-fA-F]+$";
 
     private final DeviceRegistrationService deviceRegistrationService;
 
@@ -92,20 +90,16 @@ public Response registerDevice(RegisterDeviceRequest request) {
                 deviceId, deviceDescriptor, deviceToken.length(), platform
         );
 
-        // Basic structural validation only; platform-specific rules belong in the service
-        if (!deviceToken.matches(ALPHANUMERIC_REGEX)) {
+        // Platform-specific token validation
+        if (platform == MobileDevicePlatform.IOS && !deviceToken.matches(APNS_HEX_REGEX)) {
             return buildResponse(
                     Response.Status.BAD_REQUEST,
-                    "deviceToken must contain only alphanumeric characters"
+                    "APNs device token must be a hex-encoded string"
             );
         }
 
-        if (platform == MobileDevicePlatform.IOS && deviceToken.length() != APNS_TOKEN_LENGTH) {
-            log.warn("Unexpected APNs token length: {}", deviceToken.length());
-        }
-
         try {
-           deviceRegistrationService.register(
+            deviceRegistrationService.register(
                     deviceId,
                     deviceToken,
                     publicKeyBase64,
@@ -157,10 +151,10 @@ public Response unregisterDevice(@PathParam("deviceId") String deviceId) {
 
     private boolean isValid(RegisterDeviceRequest request) {
         return request != null
-                && !StringUtils.isEmpty(request.getDeviceId())
-                && !StringUtils.isEmpty(request.getDeviceToken())
-                && !StringUtils.isEmpty(request.getPublicKeyBase64())
-                && !StringUtils.isEmpty(request.getDeviceDescriptor())
+                && StringUtils.isNotEmpty(request.getDeviceId())
+                && StringUtils.isNotEmpty(request.getDeviceToken())
+                && StringUtils.isNotEmpty(request.getPublicKeyBase64())
+                && StringUtils.isNotEmpty(request.getDeviceDescriptor())
                 && request.getPlatform() != null;
     }
 }

bonded-roles/src/main/java/bisq/bonded_roles/mobile_notification_relay/MobileNotificationRelayClient.java

@@ -93,13 +93,20 @@ public static Config from(com.typesafe.config.Config typesafeConfig) {
         }
 
         private static TransportType getTransportTypeFromUrl(String url) {
-            if (url.endsWith(".i2p")) {
-                return TransportType.I2P;
-            } else if (url.endsWith(".onion")) {
-                return TransportType.TOR;
-            } else {
-                return TransportType.CLEAR;
+            try {
+                java.net.URI uri = java.net.URI.create(url);
+                String host = uri.getHost();
+                if (host != null) {
+                    if (host.endsWith(".i2p")) {
+                        return TransportType.I2P;
+                    } else if (host.endsWith(".onion")) {
+                        return TransportType.TOR;
+                    }
+                }
+            } catch (IllegalArgumentException e) {
+                log.warn("Failed to parse URL for transport type detection: {}", url);
             }
+            return TransportType.CLEAR;
         }
 
         private final Set<Provider> providers;
@@ -214,7 +221,7 @@ private CompletableFuture<Boolean> sendToRelayServer(boolean isAndroid,
                                                          String encryptedMessageHex,
                                                          AtomicInteger recursionDepth) {
         if (noProviderAvailable) {
-            return CompletableFuture.failedFuture(new RuntimeException("No block explorer provider available"));
+            return CompletableFuture.failedFuture(new RuntimeException("No mobile notification relay provider available"));
         }
         if (shutdownStarted) {
             return CompletableFuture.failedFuture(new RuntimeException("Shutdown has already started"));
@@ -235,7 +242,7 @@ private CompletableFuture<Boolean> sendToRelayServer(boolean isAndroid,
                             Pair<String, String> header = new Pair<>("User-Agent", userAgent);
                             String result = client.get(param, Optional.of(header));
 
-                            log.info("Received response from {}/{} after {} ms", client.getBaseUrl(), param, System.currentTimeMillis() - ts);
+                            log.info("Received response from {}/{} after {} ms", client.getBaseUrl(), ENDPOINT, System.currentTimeMillis() - ts);
                             selectedProvider.set(selectNextProvider());
                             shutdownHttpClient(client);
                             return result.equals(SUCCESS);

notifications/src/main/java/bisq/notifications/mobile/registration/DeviceRegistrationService.java

@@ -47,29 +47,28 @@ public void register(String deviceId,
                          String publicKeyBase64,
                          String deviceDescriptor,
                          MobileDevicePlatform platform) {
-        checkArgument(StringUtils.isEmpty(deviceId), "deviceId must not be null or empty");
-        checkArgument(StringUtils.isEmpty(deviceToken), "deviceToken must not be null or empty");
-        checkArgument(StringUtils.isEmpty(publicKeyBase64), "publicKeyBase64 must not be null or empty");
-        checkArgument(StringUtils.isEmpty(deviceDescriptor), "deviceDescriptor must not be null or empty");
+        checkArgument(StringUtils.isNotEmpty(deviceId), "deviceId must not be null or empty");
+        checkArgument(StringUtils.isNotEmpty(deviceToken), "deviceToken must not be null or empty");
+        checkArgument(StringUtils.isNotEmpty(publicKeyBase64), "publicKeyBase64 must not be null or empty");
+        checkArgument(StringUtils.isNotEmpty(deviceDescriptor), "deviceDescriptor must not be null or empty");
         checkNotNull(platform, "platform must not be null");
 
-        String tokenPreview = deviceToken.substring(0, Math.min(10, deviceToken.length())) + "...";
-        String publicKeyPreview = publicKeyBase64.substring(0, Math.min(20, publicKeyBase64.length())) + "...";
-
-        log.info("Registering device - deviceId: {}, deviceDescriptor: {}, token: {}, publicKeyBase64: {}, platform: {}",
-                deviceId, deviceDescriptor, tokenPreview, publicKeyPreview, platform);
+        log.info("Registering device - deviceId: {}, deviceDescriptor: {}, platform: {}",
+                deviceId, deviceDescriptor, platform);
 
         MobileDeviceProfile mobileDeviceProfile = new MobileDeviceProfile(deviceId,
                 deviceToken,
                 publicKeyBase64,
                 deviceDescriptor,
                 platform);
-        persistableStore.getDeviceByDeviceId().putIfAbsent(deviceId, mobileDeviceProfile);
-        persist();
+        MobileDeviceProfile previous = persistableStore.getDeviceByDeviceId().put(deviceId, mobileDeviceProfile);
+        if (previous == null || !previous.equals(mobileDeviceProfile)) {
+            persist();
+        }
     }
 
     public boolean unregister(String deviceId) {
-        checkArgument(StringUtils.isEmpty(deviceId), "deviceId must not be null or empty");
+        checkArgument(StringUtils.isNotEmpty(deviceId), "deviceId must not be null or empty");
 
         MobileDeviceProfile previous = persistableStore.getDeviceByDeviceId().remove(deviceId);
         boolean hadValue = previous != null;

security/src/main/java/bisq/security/mobile_notifications/MobileNotificationEncryption.java

@@ -36,8 +36,8 @@ public class MobileNotificationEncryption {
     /**
      * Encrypt the message using the device's public key (ECIES for EC keys).
      *
-     * @param message         The message to encrypt
      * @param publicKeyBase64 The Base64 encoded public key
+     * @param message         The message to encrypt
      * @return Base64 encoded encrypted message
      */
     public static String encrypt(String publicKeyBase64, String message) throws GeneralSecurityException {
@@ -59,15 +59,8 @@ public static String encrypt(String publicKeyBase64, String message) throws Gene
             // Any mismatch in these parameters will cause decryption to fail silently or produce garbage.
             byte[] derivation = new byte[0];  // Intentionally empty, not null
             byte[] encoding = new byte[0];    // Intentionally empty, not null
-
-            // Size (in bits) of the symmetric encryption key derived via ECIES KDF.
-            // 128 bits → AES-128-CBC is used internally by Bouncy Castle ECIES.
-            // The MAC key (HMAC-SHA1) is derived alongside it.
-            // NOTE: This value MUST match exactly on all platforms.
             int macKeySize = 128;
-
             IESParameterSpec iesSpec = new IESParameterSpec(derivation, encoding, macKeySize);
-
             Cipher cipher = Cipher.getInstance("ECIES", BouncyCastleProvider.PROVIDER_NAME);
             cipher.init(Cipher.ENCRYPT_MODE, publicKey, iesSpec);
             byte[] encryptedBytes = cipher.doFinal(message.getBytes(StandardCharsets.UTF_8));