Gardening: PasswordAuthenticator polish

Modifications
-------------
Make DEFAULT_SASL_MECHANISMS unmodifiable.

Move @nullable annotation next to type.

Add a toString() method that omits auth header,
so someone doesn't come along later and add one
that leaks sensitive info.

Change-Id: I3208da9b4fd2298f00508cb2908c2bcd060e4f50
Reviewed-on: https://review.couchbase.org/c/couchbase-jvm-clients/+/233959
Reviewed-by: Michael Reiche <[email protected]>
Tested-by: Build Bot <[email protected]>

Author: dnault

core-io/src/main/java/com/couchbase/client/core/env/PasswordAuthenticator.java

@@ -51,12 +51,15 @@
 public class PasswordAuthenticator implements Authenticator {
 
   private static final Set<SaslMechanism> DEFAULT_SASL_MECHANISMS =
-    EnumSet.of(SaslMechanism.SCRAM_SHA512, SaslMechanism.SCRAM_SHA256, SaslMechanism.SCRAM_SHA1);
-
+    unmodifiableSet(EnumSet.of(
+      SaslMechanism.SCRAM_SHA512,
+      SaslMechanism.SCRAM_SHA256,
+      SaslMechanism.SCRAM_SHA1
+    ));
 
   private final Supplier<UsernameAndPassword> usernameAndPassword;
   private final Set<SaslMechanism> allowedSaslMechanisms;
-  @Nullable private final String cachedHttpAuthHeader;
+  private final @Nullable String cachedHttpAuthHeader;
 
   /**
    * Creates a new {@link Builder} which allows to customize this authenticator.
@@ -430,4 +433,12 @@ private Supplier<UsernameAndPassword> resolveUsernameAndPasswordSupplier() {
       );
     }
   }
+
+  @Override
+  public String toString() {
+    // Omit sensitive information like password or auth header.
+    return "PasswordAuthenticator{" +
+      "allowedSaslMechanisms=" + allowedSaslMechanisms +
+      '}';
+  }
 }