Unwrap log guard condition.

Author: dkocher

hub/src/main/java/ch/iterate/hub/crypto/wot/WoT.java

@@ -134,9 +134,7 @@ public static int computeTrustLevel(final UserDto trustedUser, final TrustedUser
             return signatureChain.size();
         }
         catch(SecurityFailure | NoSuchAlgorithmException | InvalidKeySpecException | NotECKeyException e) {
-            if(log.isWarnEnabled()) {
-                log.warn("WoT signature verification failed.", e);
-            }
+            log.warn("Web of Trust signature chain verification failed for user {}", trustedUser, e);
             return -1; // unverified
         }
     }
@@ -157,27 +155,21 @@ public static Map<TrustedUserDto, Integer> verifyTrusts(final List<TrustedUserDt
         for(final TrustedUserDto trust : trusts) {
             final String trustedUserId = trust.getTrustedUserId();
             if(trustedUserId == null) {
-                if(log.isWarnEnabled()) {
-                    log.warn("Verification for {} failed. No ID found for trustee.", trust);
-                }
+                log.warn("Verification for {} failed. No ID found for trustee.", trust);
                 continue;
             }
             final UserDto user = users.stream().filter(u -> trustedUserId.equals(u.getId())).findFirst().orElse(null);
             final List<String> signatureChain = trust.getSignatureChain();
             if(user == null || signatureChain == null) {
-                if(log.isWarnEnabled()) {
-                    log.warn("Verification for {} failed. No user or no signature chain found.", trust);
-                }
+                log.warn("Verification for {} failed. No user or no signature chain found.", trust);
                 continue;
             }
             try {
                 WoT.verifyRecursive(signatureChain, signerPublicKey, SignedKeys.fromUser(user));
                 verified.put(trust, signatureChain.size());
             }
             catch(SecurityFailure e) {
-                if(log.isWarnEnabled()) {
-                    log.warn("Verification for {} failed - not granting access.", trust, e);
-                }
+                log.warn("Verification for {} failed - not granting access.", trust, e);
             }
         }
         return verified;

hub/src/main/java/ch/iterate/hub/protocols/hub/HubCryptoVault.java

@@ -64,9 +64,7 @@ public HubCryptoVault(final Path home, final String masterkey, final String conf
     // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 review @dko check method signature?
     public synchronized Path create(final Session<?> session, final String region, final VaultCredentials credentials, final int version, final String metadata, final String rootDirHash) throws BackgroundException {
         final Path home = new Path(session.getHost().getDefaultPath(), EnumSet.of(AbstractPath.Type.directory));
-        if(log.isDebugEnabled()) {
-            log.debug("Uploading vault template {} in {} ", home, session.getHost());
-        }
+        log.debug("Uploading vault template {} in {} ", home, session.getHost());
 
         // N.B. there seems to be no API to check write permissions without actually writing.
         if(!session.getFeature(ListService.class).list(home, new DisabledListProgressListener()).isEmpty()) {
@@ -84,9 +82,7 @@ public synchronized Path create(final Session<?> session, final String region, f
         final Path secondLevel = new Path(String.format("/%s/d/%s/%s/", session.getHost().getDefaultPath(), rootDirHash.substring(0, 2), rootDirHash.substring(2)), EnumSet.of(AbstractPath.Type.directory));
         final Path firstLevel = secondLevel.getParent();
         final Path dataDir = firstLevel.getParent();
-        if(log.isDebugEnabled()) {
-            log.debug("Create vault root directory at {}", secondLevel);
-        }
+        log.debug("Create vault root directory at {}", secondLevel);
         final TransferStatus status = (new TransferStatus()).withRegion(region);
 
         directory.mkdir(dataDir, status);

hub/src/main/java/ch/iterate/hub/protocols/hub/HubStorageProfileSyncSchedulerService.java

@@ -62,9 +62,7 @@ public Optional<ProfileDescription> compare(final Set<ProfileDescription> reposi
             if(p.isInstalled()) {
                 continue;
             }
-            if(log.isInfoEnabled()) {
-                log.info("Register {}", p);
-            }
+            log.info("Register {}", p);
             p.getFile().ifPresent(registry::register);
         }
         return profiles;

hub/src/main/java/ch/iterate/hub/protocols/hub/HubStorageVaultSyncSchedulerService.java

@@ -87,9 +87,7 @@ public List<VaultDto> operate(final PasswordCallback callback) throws Background
                             bookmark.getCredentials().reset();
                         }
                         bookmarks.add(bookmark);
-                        if(log.isInfoEnabled()) {
-                            log.info("Added bookmark {} for vault {} for hub {}", bookmarks, vaultDto, session.getHost());
-                        }
+                        log.info("Added bookmark {} for vault {} for hub {}", bookmarks, vaultDto, session.getHost());
                     }
                 }
                 catch(AccessDeniedException e) {

hub/src/main/java/ch/iterate/hub/protocols/s3/STSChainedAssumeRoleRequestInterceptor.java

@@ -85,9 +85,7 @@ public void refresh() {
                         // nothing to do
                     }
                 });
-        if(log.isDebugEnabled()) {
-            log.debug("Chained assume role for {}", bookmark);
-        }
+        log.debug("Chained assume role for {}", bookmark);
         log.debug("Assume role with temporary credentials {}", tokens);
         final PreferencesReader preferences = new HostPreferences(bookmark);
         if(preferences.getInteger(S3AutoLoadVaultProtocol.S3_ASSUMEROLE_DURATIONSECONDS) != -1) {
@@ -124,13 +122,9 @@ public void refresh() {
                     .withValue(preferences.getProperty(S3AutoLoadVaultProtocol.OAUTH_TOKENEXCHANGE_ADDITIONAL_SCOPES))));
         }
         try {
-            if(log.isDebugEnabled()) {
-                log.debug("Use request {}", request);
-            }
+            log.debug("Use request {}", request);
             final AssumeRoleResult result = service.assumeRole(request);
-            if(log.isDebugEnabled()) {
-                log.debug("Received assume role result {} for host {}", result, bookmark);
-            }
+            log.debug("Received assume role result {} for host {}", result, bookmark);
             return new TemporaryAccessTokens(result.getCredentials().getAccessKeyId(),
                     result.getCredentials().getSecretAccessKey(),
                     result.getCredentials().getSessionToken(),

hub/src/main/java/ch/iterate/hub/protocols/s3/TokenExchangeRequestInterceptor.java

@@ -92,18 +92,14 @@ public OAuthTokens exchange(final OAuthTokens previous) throws BackgroundExcepti
             scopes.addAll(Arrays.asList(preferences.getProperty(S3AutoLoadVaultProtocol.OAUTH_TOKENEXCHANGE_ADDITIONAL_SCOPES).split(" ")));
         }
         request.setScopes(scopes);
-        if(log.isDebugEnabled()) {
-            log.debug("Token exchange request {} for {}", request, bookmark);
-        }
+        log.debug("Token exchange request {} for {}", request, bookmark);
         try {
             final TokenResponse tokenExchangeResponse = request.execute();
             // N.B. token exchange with Id token does not work!
             final OAuthTokens tokens = new OAuthTokens(tokenExchangeResponse.getAccessToken(),
                     tokenExchangeResponse.getRefreshToken(),
                     System.currentTimeMillis() + tokenExchangeResponse.getExpiresInSeconds() * 1000);
-            if(log.isDebugEnabled()) {
-                log.debug("Received exchanged token {} for {}", tokens, bookmark);
-            }
+            log.debug("Received exchanged token {} for {}", tokens, bookmark);
             return tokens;
         }
         catch(TokenResponseException e) {

hub/src/main/java/ch/iterate/hub/workflows/CreateVaultService.java

@@ -85,9 +85,7 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
                             .enabled(vaultModel.automaticAccessGrant())
                             .maxWotDepth(vaultModel.maxWotLevel())
                     );
-            if(log.isDebugEnabled()) {
-                log.debug("Created metadata JWE {}", metadataJWE);
-            }
+            log.debug("Created metadata JWE {}", metadataJWE);
             final String uvfMetadataFile = metadataJWE.encrypt(
                     String.format("%s/api", new HostUrlProvider(false, true).get(hubSession.getHost())),
                     vaultModel.vaultId(),
@@ -109,9 +107,7 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
                     // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 do we need to store here?
                     .rootDirHash(metadataJWE.computeRootDirIdHash(metadataJWE.computeRootDirId()))
                     .region(metadataJWE.storage().getRegion());
-            if(log.isDebugEnabled()) {
-                log.debug("Created storage dto {}", storageDto);
-            }
+            log.debug("Created storage dto {}", storageDto);
             final Host bookmark = HubStorageVaultSyncSchedulerService.toBookmark(hubSession.getHost(), vaultDto.getId(), metadataJWE.storage());
             if(storageProfileWrapper.getStsEndpoint() == null) {
                 // permanent: template upload into existing bucket
@@ -134,24 +130,18 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
                         String.format("%s%s", storageProfileWrapper.getBucketPrefix(), vaultDto.getId()),
                         storageProfileWrapper.getBucketAcceleration()
                 );
-                if(log.isDebugEnabled()) {
-                    log.debug("Create STS bucket {} for vault {}", storageDto, vaultDto);
-                }
+                log.debug("Create STS bucket {} for vault {}", storageDto, vaultDto);
                 new StorageResourceApi(hubSession.getClient()).apiStorageVaultIdPut(vaultDto.getId(),
                         storageDto.awsAccessKey(stsTokens.getAccessKeyId())
                                 .awsSecretKey(stsTokens.getSecretAccessKey())
                                 .sessionToken(stsTokens.getSessionToken()));
             }
             // create vault in hub
-            if(log.isDebugEnabled()) {
-                log.debug("Create vault {}", vaultDto);
-            }
+            log.debug("Create vault {}", vaultDto);
             new VaultResourceApi(hubSession.getClient()).apiVaultsVaultIdPut(vaultDto.getId(), vaultDto);
 
             // upload JWE
-            if(log.isDebugEnabled()) {
-                log.debug("Upload JWE {} for vault {}", uvfMetadataFile, vaultDto);
-            }
+            log.debug("Upload JWE {} for vault {}", uvfMetadataFile, vaultDto);
             final UserDto userDto = new UsersResourceApi(hubSession.getClient()).apiUsersMeGet(false);
             new VaultResourceApi(hubSession.getClient()).apiVaultsVaultIdAccessTokensPost(vaultDto.getId(), Collections.singletonMap(userDto.getId(), jwks.toOwnerAccessToken().encryptForUser(userKeys.ecdhKeyPair().getPublic())));
         }
@@ -164,9 +154,7 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
     }
 
     private static TemporaryAccessTokens getSTSTokensFromAccessTokenWithCreateBucketInlinePoliy(final String token, final String roleArn, final String roleSessionName, final String stsEndpoint, final String bucketName, final Boolean bucketAcceleration) throws IOException {
-        if(log.isDebugEnabled()) {
-            log.debug("Get STS tokens from {} to pass to backend {} with role {} and session name {}", token, stsEndpoint, roleArn, roleSessionName);
-        }
+        log.debug("Get STS tokens from {} to pass to backend {} with role {} and session name {}", token, stsEndpoint, roleArn, roleSessionName);
 
         final AssumeRoleWithWebIdentityRequest request = new AssumeRoleWithWebIdentityRequest();
 
@@ -191,13 +179,9 @@ private static TemporaryAccessTokens getSTSTokensFromAccessTokenWithCreateBucket
                 .build();
 
 
-        if(log.isDebugEnabled()) {
-            log.debug("Use request {}", request);
-        }
+        log.debug("Use request {}", request);
         final AssumeRoleWithWebIdentityResult result = service.assumeRoleWithWebIdentity(request);
-        if(log.isDebugEnabled()) {
-            log.debug("Received assume role identity result {}", result);
-        }
+        log.debug("Received assume role identity result {}", result);
         return new TemporaryAccessTokens(result.getCredentials().getAccessKeyId(),
                 result.getCredentials().getSecretAccessKey(),
                 result.getCredentials().getSessionToken(),

hub/src/main/java/ch/iterate/hub/workflows/GrantAccessServiceImpl.java

@@ -131,8 +131,6 @@ public void grantAccessToUsersRequiringAccessGrant(final Host hub, final UUID va
         }
         // 3. Bulk-upload the collection of these JWEs to the server. (POST /vaults/${vaultId}/access-tokens, {"user1": "jwe1", "user2": "jwe2", ...)
         vaultResourceApi.apiVaultsVaultIdAccessTokensPost(vaultId, accessTokens);
-        if(log.isInfoEnabled()) {
-            log.info("Uploaded JWE for users {} and vault {}", accessTokens.keySet(), vaultId);
-        }
+        log.info("Uploaded JWE for users {} and vault {}", accessTokens.keySet(), vaultId);
     }
 }