code cleanup

Author: anhefti

pom.xml

@@ -43,8 +43,8 @@
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
                 <configuration>
-                    <source>17</source>
-                    <target>17</target>
+                    <source>21</source>
+                    <target>21</target>
                     <parameters>true</parameters>
                 </configuration>
             </plugin>

src/main/java/ch/ethz/seb/sps/server/weblayer/WebConfig.java

@@ -47,9 +47,6 @@ public class WebConfig implements WebMvcConfigurer {
             API.HEALTH_ENDPOINT + "/",
             API.GUI_REDIRECT_ENDPOINT,
             API.OAUTH_JWTTOKEN_ENDPOINT + "/**",
-            "/swagger-ui/**",
-            "/v3/api-docs/**",
-            "/api-docs/**"
     };
 
     /** Used to get real remote IP address by using "X-Forwarded-For" and "X-Forwarded-Proto" header.

src/main/java/ch/ethz/seb/sps/server/weblayer/oauth/authserver/OAuth2ClientCredentialsGrantProvider.java

@@ -36,9 +36,7 @@
 public class OAuth2ClientCredentialsGrantProvider implements AuthenticationProvider  {
 
     private static final Logger logger = LoggerFactory.getLogger(OAuth2ClientCredentialsGrantProvider.class);
-    private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
-    
-    
+
     private final OAuth2AuthorizationService authorizationService;
     private OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator;
     private Consumer<OAuth2ClientCredentialsAuthenticationContext> authenticationValidator = new OAuth2ClientCredentialsAuthenticationValidator();
@@ -68,7 +66,7 @@ public Authentication authenticate(Authentication authentication) throws Authent
         } else {
             OAuth2ClientCredentialsAuthenticationContext authenticationContext = OAuth2ClientCredentialsAuthenticationContext.with(clientCredentialsAuthentication).registeredClient(registeredClient).build();
             this.authenticationValidator.accept(authenticationContext);
-            Set<String> authorizedScopes = new LinkedHashSet(clientCredentialsAuthentication.getScopes());
+            Set<String> authorizedScopes = new LinkedHashSet<>(clientCredentialsAuthentication.getScopes());
             authorizedScopes.add(API.SEB_API_SCOPE_NAME);
             if (logger.isTraceEnabled()) {
                 logger.trace("Validated token request parameters");

src/main/java/ch/ethz/seb/sps/server/weblayer/oauth/authserver/RegisteredGuiClient.java

@@ -36,11 +36,9 @@ public RegisteredGuiClient(
             @Value("${sps.api.admin.gui.clientId}") final String clientId,
             @Value("${sps.api.admin.gui.clientSecret}") final String clientSecret,
             @Value("${sps.api.admin.accessTokenValiditySeconds:3600}") final Integer accessTokenValiditySeconds,
-            @Value("${sps.api.admin.refreshTokenValiditySeconds:-1}") final Integer refreshTokenValiditySeconds) {
+            @Value("${sps.api.admin.refreshTokenValiditySeconds:86400}") final Integer refreshTokenValiditySeconds) {
 
-            Duration refreshTokenValDuration = (refreshTokenValiditySeconds == null || refreshTokenValiditySeconds.longValue() < 0)
-                    ? Duration.of(1, YEARS)
-                    : Duration.of(refreshTokenValiditySeconds, SECONDS);
+            final Duration refreshTokenValDuration = Duration.of(refreshTokenValiditySeconds, SECONDS);
 
             client = RegisteredClient
                     .withId(clientId)

src/main/java/ch/ethz/seb/sps/server/weblayer/oauth/resserver/SEBClientResourceServerConfig.java

@@ -42,12 +42,8 @@ public class SEBClientResourceServerConfig {
 
     @Autowired
     private JwtDecoder jwtDecoder;
-    @Value("${server.error.path}")
-    private String errorPath;
     @Value("${sps.api.session.endpoint}")
     private String sessionAPIEndpoint;
-    @Value("${sps.http.redirect}")
-    private String unauthorizedRedirect;
 
     @Bean
     @Order(2)