refactor(infra): enforce remaining coding standards across platform (STA-249)

api-gateway-iam/api-gateway-iam/src/main/java/com/stablecoin/payments/gateway/iam/application/controller/ApiKeyController.java

@@ -42,7 +42,7 @@ public ApiKeyResponse createApiKey(@Valid @RequestBody CreateApiKeyRequest reque
                 request.merchantId(), request.name(), request.environment());
 
         var environment = ApiKeyEnvironment.valueOf(request.environment().toUpperCase());
-        Instant expiresAt = request.expiresInSeconds() != null
+        var expiresAt = request.expiresInSeconds() != null
                 ? Instant.now().plusSeconds(request.expiresInSeconds())
                 : null;
 

api-gateway-iam/api-gateway-iam/src/main/java/com/stablecoin/payments/gateway/iam/application/security/UserJwtAuthenticationFilter.java

@@ -53,27 +53,23 @@ protected void doFilterInternal(HttpServletRequest request,
             var jwt = SignedJWT.parse(token);
             var claims = jwt.getJWTClaimsSet();
 
-            // Only handle tokens issued by S13
             if (!merchantIamProperties.issuer().equals(claims.getIssuer())) {
                 chain.doFilter(request, response);
                 return;
             }
 
-            // Validate audience
             if (claims.getAudience() == null
                     || !claims.getAudience().contains(merchantIamProperties.audience())) {
                 sendUnauthorized(response, "JWT audience mismatch");
                 return;
             }
 
-            // Validate expiration
             if (claims.getExpirationTime() == null
                     || claims.getExpirationTime().before(new Date())) {
                 sendUnauthorized(response, "JWT has expired");
                 return;
             }
 
-            // Verify signature against S13 JWKS
             var jwksJson = userJwksProvider.fetchJwks();
             var jwkSet = JWKSet.parse(jwksJson);
             var kid = jwt.getHeader().getKeyID();
@@ -90,7 +86,6 @@ protected void doFilterInternal(HttpServletRequest request,
                 return;
             }
 
-            // Extract claims
             var userId = UUID.fromString(claims.getStringClaim("user_id"));
             var merchantId = UUID.fromString(claims.getStringClaim("merchant_id"));
             var roleId = UUID.fromString(claims.getStringClaim("role_id"));

api-gateway-iam/api-gateway-iam/src/test/java/com/stablecoin/payments/gateway/iam/application/controller/ApiKeyControllerTest.java

@@ -3,6 +3,7 @@
 import com.stablecoin.payments.gateway.iam.api.response.ApiKeyResponse;
 import com.stablecoin.payments.gateway.iam.application.controller.mapper.GatewayRequestResponseMapper;
 import com.stablecoin.payments.gateway.iam.domain.exception.MerchantNotFoundException;
+import com.stablecoin.payments.gateway.iam.domain.model.ApiKeyEnvironment;
 import com.stablecoin.payments.gateway.iam.domain.service.ApiKeyCommandHandler;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
@@ -17,7 +18,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.BDDMockito.then;
 
@@ -38,15 +38,18 @@ class ApiKeyControllerTest {
     @DisplayName("createApiKey should return key with raw key")
     void shouldCreateApiKey() {
         var keyId = UUID.randomUUID();
+        var merchantId = UUID.randomUUID();
+        var commandResult = new ApiKeyCommandHandler.CreateApiKeyResult(null, "pk_live_raw123");
         var response = new ApiKeyResponse(
                 keyId, "pk_live_raw123", "pk_live_abc", "My Key", "LIVE",
                 List.of("payments:read"), List.of(), Instant.now().plusSeconds(86400), Instant.now());
-        given(apiKeyCommandHandler.create(any(), any(), any(), any(), any(), any()))
-                .willReturn(new ApiKeyCommandHandler.CreateApiKeyResult(null, "pk_live_raw123"));
-        given(mapper.toApiKeyResponse(any())).willReturn(response);
+        given(apiKeyCommandHandler.create(merchantId, "My Key", ApiKeyEnvironment.LIVE,
+                List.of("payments:read"), List.of(), null))
+                .willReturn(commandResult);
+        given(mapper.toApiKeyResponse(commandResult)).willReturn(response);
 
         var request = new com.stablecoin.payments.gateway.iam.api.request.CreateApiKeyRequest(
-                UUID.randomUUID(), "My Key", "LIVE", List.of("payments:read"), null, null);
+                merchantId, "My Key", "LIVE", List.of("payments:read"), null, null);
 
         var result = controller.createApiKey(request);
 
@@ -59,7 +62,8 @@ void shouldCreateApiKey() {
     @DisplayName("createApiKey should throw when merchant not found")
     void shouldThrowWhenMerchantNotFound() {
         var merchantId = UUID.randomUUID();
-        given(apiKeyCommandHandler.create(any(), any(), any(), any(), any(), any()))
+        given(apiKeyCommandHandler.create(merchantId, "My Key", ApiKeyEnvironment.LIVE,
+                List.of(), List.of(), null))
                 .willThrow(MerchantNotFoundException.byId(merchantId));
 
         var request = new com.stablecoin.payments.gateway.iam.api.request.CreateApiKeyRequest(

api-gateway-iam/api-gateway-iam/src/test/java/com/stablecoin/payments/gateway/iam/application/controller/AuthControllerTest.java

@@ -16,10 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyList;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.BDDMockito.then;
 
@@ -42,7 +38,8 @@ void shouldIssueToken() {
         var clientId = UUID.randomUUID();
         var tokenResult = new AuthCommandHandler.TokenResult("jwt-token", UUID.randomUUID(), 3600L, List.of("payments:read"));
         var tokenResponse = new TokenResponse("jwt-token", "Bearer", 3600, "payments:read");
-        given(authCommandHandler.issueToken(eq(clientId), anyString(), anyList())).willReturn(tokenResult);
+        given(authCommandHandler.issueToken(clientId, "secret", List.of("payments:read")))
+                .willReturn(tokenResult);
         given(mapper.toTokenResponse(tokenResult)).willReturn(tokenResponse);
 
         var request = new com.stablecoin.payments.gateway.iam.api.request.TokenRequest(
@@ -58,11 +55,12 @@ void shouldIssueToken() {
     @Test
     @DisplayName("issueToken should propagate invalid credentials")
     void shouldPropagateInvalidCredentials() {
-        given(authCommandHandler.issueToken(any(), anyString(), anyList()))
+        var clientId = UUID.randomUUID();
+        given(authCommandHandler.issueToken(clientId, "wrong", List.of()))
                 .willThrow(InvalidClientCredentialsException.clientNotFound());
 
         var request = new com.stablecoin.payments.gateway.iam.api.request.TokenRequest(
-                "client_credentials", UUID.randomUUID(), "wrong", null);
+                "client_credentials", clientId, "wrong", null);
 
         assertThatThrownBy(() -> controller.issueToken(request))
                 .isInstanceOf(InvalidClientCredentialsException.class);