chore: Fix sonarqube violations

Author: en-milie

src/main/java/com/endava/cats/fuzzer/fields/LdapInjectionInStringFieldsFuzzer.java

@@ -20,7 +20,7 @@
 @Singleton
 @FieldFuzzer
 public class LdapInjectionInStringFieldsFuzzer extends BaseSecurityInjectionFuzzer {
-    private final static List<String> FIELDS = List.of("user", "name", "login", "username", "email", "mail", "dn", "cn", "uid", "filter",
+    private static final List<String> FIELDS = List.of("user", "name", "login", "username", "email", "mail", "dn", "cn", "uid", "filter",
             "search", "query", "account", "member", "group", "ou", "organization", "dept", "department");
 
     private static final List<String> TOP_PAYLOADS = List.of(
@@ -255,13 +255,11 @@ protected InjectionDetectionResult detectInjectionEvidence(CatsResponse response
         String responseLower = responseBody.toLowerCase(Locale.ROOT);
 
         for (String keyword : LDAP_ERROR_KEYWORDS) {
-            if (responseLower.contains(keyword)) {
-                if (appearsInErrorContext(responseBody, keyword)) {
-                    return InjectionDetectionResult.vulnerable(
-                            "LDAP injection vulnerability detected",
-                            "Response contains LDAP error message: '" + keyword + "'"
-                    );
-                }
+            if (responseLower.contains(keyword) && appearsInErrorContext(responseBody, keyword)) {
+                return InjectionDetectionResult.vulnerable(
+                        "LDAP injection vulnerability detected",
+                        "Response contains LDAP error message: '" + keyword + "'"
+                );
             }
         }
 

src/main/java/com/endava/cats/fuzzer/fields/XxeInjectionInStringFieldsFuzzer.java

@@ -175,13 +175,11 @@ protected InjectionDetectionResult detectInjectionEvidence(CatsResponse response
             }
         }
 
-        if (responseBody.length() > 100000) {
-            if (containsRepeatedPatterns(responseBody)) {
-                return InjectionDetectionResult.vulnerable(
-                        "Potential XXE DoS vulnerability detected",
-                        "Response is unusually large with repeated patterns, suggesting entity expansion attack succeeded"
-                );
-            }
+        if (responseBody.length() > 100000 && containsRepeatedPatterns(responseBody)) {
+            return InjectionDetectionResult.vulnerable(
+                    "Potential XXE DoS vulnerability detected",
+                    "Response is unusually large with repeated patterns, suggesting entity expansion attack succeeded"
+            );
         }
 
         return InjectionDetectionResult.notVulnerable();

src/main/java/com/endava/cats/fuzzer/fields/base/BaseSecurityInjectionFuzzer.java

@@ -83,7 +83,7 @@ private Set<String> getStringFields(FuzzingData data) {
                     var schema = data.getRequestPropertyTypes().get(field);
                     return CatsModelUtils.isStringSchema(schema);
                 })
-                .filter(field -> shouldFuzzField(field))
+                .filter(this::shouldFuzzField)
                 .collect(Collectors.toSet());
     }
 

src/main/java/com/endava/cats/openapi/OpenAPIModelGeneratorV2.java

@@ -329,24 +329,7 @@ private List<Map<String, Object>> generateExamplesForSchema(String name, Schema
         }
 
         if (hasOneOfOrAnyOf) {
-            List<Map<String, Object>> oneOfAnyOfExamples = resolveAnyOfOneOfSchemaProperties(name, schema);
-
-            if (!parentPropertyExamples.isEmpty()) {
-                List<Map<String, Object>> mergedExamples = new ArrayList<>();
-                for (Map<String, Object> oneOfExample : oneOfAnyOfExamples) {
-                    for (Map<String, Object> parentExample : parentPropertyExamples) {
-                        Map<String, Object> merged = new HashMap<>(oneOfExample);
-
-                        for (Map.Entry<String, Object> entry : parentExample.entrySet()) {
-                            merged.putIfAbsent(entry.getKey(), entry.getValue());
-                        }
-                        mergedExamples.add(merged);
-                    }
-                }
-                examples = combineExampleLists(examples, mergedExamples);
-            } else {
-                examples = combineExampleLists(examples, oneOfAnyOfExamples);
-            }
+            examples = handleAnyOrOneOf(name, schema, parentPropertyExamples, examples);
         }
 
         if (CatsModelUtils.isArraySchema(schema)) {
@@ -369,6 +352,28 @@ private List<Map<String, Object>> generateExamplesForSchema(String name, Schema
         return examples;
     }
 
+    private List<Map<String, Object>> handleAnyOrOneOf(String name, Schema schema, List<Map<String, Object>> parentPropertyExamples, List<Map<String, Object>> examples) {
+        List<Map<String, Object>> oneOfAnyOfExamples = resolveAnyOfOneOfSchemaProperties(name, schema);
+
+        if (!parentPropertyExamples.isEmpty()) {
+            List<Map<String, Object>> mergedExamples = new ArrayList<>();
+            for (Map<String, Object> oneOfExample : oneOfAnyOfExamples) {
+                for (Map<String, Object> parentExample : parentPropertyExamples) {
+                    Map<String, Object> merged = new HashMap<>(oneOfExample);
+
+                    for (Map.Entry<String, Object> entry : parentExample.entrySet()) {
+                        merged.putIfAbsent(entry.getKey(), entry.getValue());
+                    }
+                    mergedExamples.add(merged);
+                }
+            }
+            examples = combineExampleLists(examples, mergedExamples);
+        } else {
+            examples = combineExampleLists(examples, oneOfAnyOfExamples);
+        }
+        return examples;
+    }
+
     private Map formatExampleAsMap(Object fromExample) {
         if (!(fromExample instanceof Map)) {
             Map<String, Object> example = new HashMap<>();
@@ -662,18 +667,17 @@ private Object matchToEnumOrEmpty(String name, Schema innerSchema, String proper
                 .stream()
                 .filter(discriminator -> discriminator.getPropertyName().equalsIgnoreCase(propertyName) && discriminator.getMapping() != null)
                 .findFirst()
-                .map(discriminator -> {
-                    // Find the enum value that maps to this schema name
-                    return discriminator.getMapping().entrySet().stream()
-                            .filter(entry -> {
-                                String schemaRef = entry.getValue();
-                                String schemaName = CatsModelUtils.getSimpleRef(schemaRef);
-                                return schemaName.equalsIgnoreCase(name);
-                            })
-                            .map(Map.Entry::getKey)
-                            .findFirst()
-                            .orElse("");
-                })
+                .map(discriminator ->
+                        // Find the enum value that maps to this schema name
+                        discriminator.getMapping().entrySet().stream()
+                                .filter(entry -> {
+                                    String schemaRef = entry.getValue();
+                                    String schemaName = CatsModelUtils.getSimpleRef(schemaRef);
+                                    return schemaName.equalsIgnoreCase(name);
+                                })
+                                .map(Map.Entry::getKey)
+                                .findFirst()
+                                .orElse(""))
                 .orElse("");
 
         if (!resultFromMapping.isEmpty()) {

src/test/java/com/endava/cats/openapi/OpenAPIModelGeneratorV2Test.java

@@ -196,9 +196,7 @@ void shouldGenerateOneOfWithParentPropertiesAndDiscriminator() throws Exception
         Assertions.assertThat(examples).hasSize(2);
 
         String firstExample = examples.getFirst();
-        Assertions.assertThat(firstExample).contains("\"kind\"");
-        Assertions.assertThat(firstExample).contains("\"value\"");
-        Assertions.assertThat(firstExample).contains("\"bubulel\"");
+        Assertions.assertThat(firstExample).contains("\"kind\"").contains("\"value\"").contains("\"bubulel\"");
 
         String kindValue = JsonUtils.getVariableFromJson(firstExample, "$.kind").toString();
         Assertions.assertThat(kindValue).isNotEmpty().isNotEqualTo("");
@@ -207,9 +205,7 @@ void shouldGenerateOneOfWithParentPropertiesAndDiscriminator() throws Exception
         Assertions.assertThat(bubulel1).isNotEmpty();
 
         String secondExample = examples.get(1);
-        Assertions.assertThat(secondExample).contains("\"kind\"");
-        Assertions.assertThat(secondExample).contains("\"value\"");
-        Assertions.assertThat(secondExample).contains("\"bubulel\"");
+        Assertions.assertThat(secondExample).contains("\"kind\"").contains("\"value\"").contains("\"bubulel\"");
 
         String kindValue2 = JsonUtils.getVariableFromJson(secondExample, "$.kind").toString();
         Assertions.assertThat(kindValue2).isNotEmpty().isNotEqualTo("");