Improve Type-Safe Casting with Pattern Matching (#2990)

# Description of Changes Please provide a summary of the changes, including: This PR refactors multiple instances of type casting throughout the codebase by replacing them with Java's pattern matching for `instanceof`. This approach eliminates redundant type casting, improves code readability, and reduces the chances of `ClassCastException`. The changes primarily affect authentication handling, PDF processing, and certificate validation. ### Key Changes: - Replaced traditional `instanceof` checks followed by explicit casting with pattern matching. - Improved readability and maintainability of type-related operations. - Applied changes across security modules, PDF utilities, and image processing functions. This refactor does not introduce new functionality but enhances the robustness and clarity of the existing code. pending until #2818 is published --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details.
2025-02-25 22:31:50 +01:00
parent a1f7bb3e4a
commit 2ab951e080
27 changed files with 175 additions and 165 deletions
--- a/src/main/java/stirling/software/SPDF/config/security/CustomLogoutSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomLogoutSuccessHandler.java
@@ -45,12 +45,12 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
            throws IOException {
        if (!response.isCommitted()) {
            if (authentication != null) {
-                if (authentication instanceof Saml2Authentication) {
+                if (authentication instanceof Saml2Authentication samlAuthentication) {
                    // Handle SAML2 logout redirection
-                    getRedirect_saml2(request, response, authentication);
-                } else if (authentication instanceof OAuth2AuthenticationToken) {
+                    getRedirect_saml2(request, response, samlAuthentication);
+                } else if (authentication instanceof OAuth2AuthenticationToken oAuthToken) {
                    // Handle OAuth2 logout redirection
-                    getRedirect_oauth2(request, response, authentication);
+                    getRedirect_oauth2(request, response, oAuthToken);
                } else if (authentication instanceof UsernamePasswordAuthenticationToken) {
                    // Handle Username/Password logout
                    getRedirectStrategy().sendRedirect(request, response, LOGOUT_PATH);
@@ -71,13 +71,14 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {

    // Redirect for SAML2 authentication logout
    private void getRedirect_saml2(
-            HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+            HttpServletRequest request,
+            HttpServletResponse response,
+            Saml2Authentication samlAuthentication)
            throws IOException {

        SAML2 samlConf = applicationProperties.getSecurity().getSaml2();
        String registrationId = samlConf.getRegistrationId();

-        Saml2Authentication samlAuthentication = (Saml2Authentication) authentication;
        CustomSaml2AuthenticatedPrincipal principal =
                (CustomSaml2AuthenticatedPrincipal) samlAuthentication.getPrincipal();

@@ -115,32 +116,46 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {

    // Redirect for OAuth2 authentication logout
    private void getRedirect_oauth2(
-            HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+            HttpServletRequest request,
+            HttpServletResponse response,
+            OAuth2AuthenticationToken oAuthToken)
            throws IOException {
        String registrationId;
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        String path = checkForErrors(request);

-        if (authentication instanceof OAuth2AuthenticationToken oauthToken) {
-            registrationId = oauthToken.getAuthorizedClientRegistrationId();
-        } else {
-            registrationId = oauth.getProvider() != null ? oauth.getProvider() : "";
-        }
-
        String redirectUrl = UrlUtils.getOrigin(request) + "/login?" + path;
+        registrationId = oAuthToken.getAuthorizedClientRegistrationId();

        // Redirect based on OAuth2 provider
        switch (registrationId.toLowerCase()) {
            case "keycloak" -> {
                KeycloakProvider keycloak = oauth.getClient().getKeycloak();
-                String logoutUrl =
-                        keycloak.getIssuer()
-                                + "/protocol/openid-connect/logout"
-                                + "?client_id="
-                                + keycloak.getClientId()
-                                + "&post_logout_redirect_uri="
-                                + response.encodeRedirectURL(redirectUrl);
-                log.info("Redirecting to Keycloak logout URL: {}", logoutUrl);
+
+                boolean isKeycloak = !keycloak.getIssuer().isBlank();
+                boolean isCustomOAuth = !oauth.getIssuer().isBlank();
+
+                String logoutUrl = redirectUrl;
+
+                if (isKeycloak) {
+                    logoutUrl = keycloak.getIssuer();
+                } else if (isCustomOAuth) {
+                    logoutUrl = oauth.getIssuer();
+                }
+                if (isKeycloak || isCustomOAuth) {
+                    logoutUrl +=
+                            "/protocol/openid-connect/logout"
+                                    + "?client_id="
+                                    + oauth.getClientId()
+                                    + "&post_logout_redirect_uri="
+                                    + response.encodeRedirectURL(redirectUrl);
+                    log.info("Redirecting to Keycloak logout URL: {}", logoutUrl);
+                } else {
+                    log.info(
+                            "No redirect URL for {} available. Redirecting to default logout URL: {}",
+                            registrationId,
+                            logoutUrl);
+                }
                response.sendRedirect(logoutUrl);
            }
            case "github", "google" -> {