Update RevocationStrategy name to RevocationCheckingStrategy (#1283)

Author: injectives

driver/src/main/java/org/neo4j/driver/Config.java

@@ -691,7 +691,7 @@ public enum Strategy {
         private final Strategy strategy;
         private final List<File> certFiles;
         private boolean hostnameVerificationEnabled = true;
-        private RevocationStrategy revocationStrategy = RevocationStrategy.NO_CHECKS;
+        private RevocationCheckingStrategy revocationCheckingStrategy = RevocationCheckingStrategy.NO_CHECKS;
 
         private TrustStrategy(Strategy strategy) {
             this(strategy, Collections.emptyList());
@@ -802,8 +802,8 @@ public static TrustStrategy trustAllCertificates() {
          * The revocation strategy used for verifying certificates.
          * @return this {@link TrustStrategy}'s revocation strategy
          */
-        public RevocationStrategy revocationStrategy() {
-            return revocationStrategy;
+        public RevocationCheckingStrategy revocationCheckingStrategy() {
+            return revocationCheckingStrategy;
         }
 
         /**
@@ -812,7 +812,7 @@ public RevocationStrategy revocationStrategy() {
          * @return the current trust strategy
          */
         public TrustStrategy withoutCertificateRevocationChecks() {
-            this.revocationStrategy = RevocationStrategy.NO_CHECKS;
+            this.revocationCheckingStrategy = RevocationCheckingStrategy.NO_CHECKS;
             return this;
         }
 
@@ -824,7 +824,7 @@ public TrustStrategy withoutCertificateRevocationChecks() {
          * @return the current trust strategy
          */
         public TrustStrategy withVerifyIfPresentRevocationChecks() {
-            this.revocationStrategy = RevocationStrategy.VERIFY_IF_PRESENT;
+            this.revocationCheckingStrategy = RevocationCheckingStrategy.VERIFY_IF_PRESENT;
             return this;
         }
 
@@ -838,7 +838,7 @@ public TrustStrategy withVerifyIfPresentRevocationChecks() {
          * @return the current trust strategy
          */
         public TrustStrategy withStrictRevocationChecks() {
-            this.revocationStrategy = RevocationStrategy.STRICT;
+            this.revocationCheckingStrategy = RevocationCheckingStrategy.STRICT;
             return this;
         }
     }

driver/src/main/java/org/neo4j/driver/RevocationStrategy.java renamed to driver/src/main/java/org/neo4j/driver/RevocationCheckingStrategy.java

@@ -18,15 +18,18 @@
  */
 package org.neo4j.driver;
 
-public enum RevocationStrategy {
+/**
+ * Defines strategy for revocation checks.
+ */
+public enum RevocationCheckingStrategy {
     /** Don't do any OCSP revocation checks, regardless whether there are stapled revocation statuses or not. */
     NO_CHECKS,
     /** Verify OCSP revocation checks when the revocation status is stapled to the certificate, continue if not. */
     VERIFY_IF_PRESENT,
     /** Require stapled revocation status and verify OCSP revocation checks, fail if no revocation status is stapled to the certificate. */
     STRICT;
 
-    public static boolean requiresRevocationChecking(RevocationStrategy revocationStrategy) {
-        return revocationStrategy.equals(STRICT) || revocationStrategy.equals(VERIFY_IF_PRESENT);
+    public static boolean requiresRevocationChecking(RevocationCheckingStrategy revocationCheckingStrategy) {
+        return revocationCheckingStrategy.equals(STRICT) || revocationCheckingStrategy.equals(VERIFY_IF_PRESENT);
     }
 }

driver/src/main/java/org/neo4j/driver/internal/SecuritySettings.java

@@ -26,7 +26,7 @@
 import java.io.Serializable;
 import java.security.GeneralSecurityException;
 import org.neo4j.driver.Config;
-import org.neo4j.driver.RevocationStrategy;
+import org.neo4j.driver.RevocationCheckingStrategy;
 import org.neo4j.driver.exceptions.ClientException;
 import org.neo4j.driver.internal.security.SecurityPlan;
 import org.neo4j.driver.internal.security.SecurityPlanImpl;
@@ -67,7 +67,7 @@ private boolean hasEqualTrustStrategy(SecuritySettings other) {
         return t1.isHostnameVerificationEnabled() == t2.isHostnameVerificationEnabled()
                 && t1.strategy() == t2.strategy()
                 && t1.certFiles().equals(t2.certFiles())
-                && t1.revocationStrategy() == t2.revocationStrategy();
+                && t1.revocationCheckingStrategy() == t2.revocationCheckingStrategy();
     }
 
     public SecurityPlan createSecurityPlan(String uriScheme) {
@@ -93,9 +93,9 @@ private void assertSecuritySettingsNotUserConfigured(String uriScheme) {
 
     private SecurityPlan createSecurityPlanFromScheme(String scheme) throws GeneralSecurityException, IOException {
         if (isHighTrustScheme(scheme)) {
-            return SecurityPlanImpl.forSystemCASignedCertificates(true, RevocationStrategy.NO_CHECKS);
+            return SecurityPlanImpl.forSystemCASignedCertificates(true, RevocationCheckingStrategy.NO_CHECKS);
         } else {
-            return SecurityPlanImpl.forAllCertificates(false, RevocationStrategy.NO_CHECKS);
+            return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS);
         }
     }
 
@@ -107,16 +107,16 @@ private static SecurityPlan createSecurityPlanImpl(boolean encrypted, Config.Tru
             throws GeneralSecurityException, IOException {
         if (encrypted) {
             boolean hostnameVerificationEnabled = trustStrategy.isHostnameVerificationEnabled();
-            RevocationStrategy revocationStrategy = trustStrategy.revocationStrategy();
+            RevocationCheckingStrategy revocationCheckingStrategy = trustStrategy.revocationCheckingStrategy();
             switch (trustStrategy.strategy()) {
                 case TRUST_CUSTOM_CA_SIGNED_CERTIFICATES:
                     return SecurityPlanImpl.forCustomCASignedCertificates(
-                            trustStrategy.certFiles(), hostnameVerificationEnabled, revocationStrategy);
+                            trustStrategy.certFiles(), hostnameVerificationEnabled, revocationCheckingStrategy);
                 case TRUST_SYSTEM_CA_SIGNED_CERTIFICATES:
                     return SecurityPlanImpl.forSystemCASignedCertificates(
-                            hostnameVerificationEnabled, revocationStrategy);
+                            hostnameVerificationEnabled, revocationCheckingStrategy);
                 case TRUST_ALL_CERTIFICATES:
-                    return SecurityPlanImpl.forAllCertificates(hostnameVerificationEnabled, revocationStrategy);
+                    return SecurityPlanImpl.forAllCertificates(hostnameVerificationEnabled, revocationCheckingStrategy);
                 default:
                     throw new ClientException("Unknown TLS authentication strategy: "
                             + trustStrategy.strategy().name());

driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlan.java

@@ -19,7 +19,7 @@
 package org.neo4j.driver.internal.security;
 
 import javax.net.ssl.SSLContext;
-import org.neo4j.driver.RevocationStrategy;
+import org.neo4j.driver.RevocationCheckingStrategy;
 
 /**
  * A SecurityPlan consists of encryption and trust details.
@@ -31,5 +31,5 @@ public interface SecurityPlan {
 
     boolean requiresHostnameVerification();
 
-    RevocationStrategy revocationStrategy();
+    RevocationCheckingStrategy revocationCheckingStrategy();
 }

driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlanImpl.java

@@ -18,8 +18,8 @@
  */
 package org.neo4j.driver.internal.security;
 
-import static org.neo4j.driver.RevocationStrategy.VERIFY_IF_PRESENT;
-import static org.neo4j.driver.RevocationStrategy.requiresRevocationChecking;
+import static org.neo4j.driver.RevocationCheckingStrategy.VERIFY_IF_PRESENT;
+import static org.neo4j.driver.RevocationCheckingStrategy.requiresRevocationChecking;
 import static org.neo4j.driver.internal.util.CertificateTool.loadX509Cert;
 
 import java.io.File;
@@ -41,36 +41,39 @@
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509TrustManager;
-import org.neo4j.driver.RevocationStrategy;
+import org.neo4j.driver.RevocationCheckingStrategy;
 
 /**
  * A SecurityPlan consists of encryption and trust details.
  */
 public class SecurityPlanImpl implements SecurityPlan {
     public static SecurityPlan forAllCertificates(
-            boolean requiresHostnameVerification, RevocationStrategy revocationStrategy)
+            boolean requiresHostnameVerification, RevocationCheckingStrategy revocationCheckingStrategy)
             throws GeneralSecurityException {
         SSLContext sslContext = SSLContext.getInstance("TLS");
         sslContext.init(new KeyManager[0], new TrustManager[] {new TrustAllTrustManager()}, null);
 
-        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy);
+        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy);
     }
 
     public static SecurityPlan forCustomCASignedCertificates(
-            List<File> certFiles, boolean requiresHostnameVerification, RevocationStrategy revocationStrategy)
+            List<File> certFiles,
+            boolean requiresHostnameVerification,
+            RevocationCheckingStrategy revocationCheckingStrategy)
             throws GeneralSecurityException, IOException {
-        SSLContext sslContext = configureSSLContext(certFiles, revocationStrategy);
-        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy);
+        SSLContext sslContext = configureSSLContext(certFiles, revocationCheckingStrategy);
+        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy);
     }
 
     public static SecurityPlan forSystemCASignedCertificates(
-            boolean requiresHostnameVerification, RevocationStrategy revocationStrategy)
+            boolean requiresHostnameVerification, RevocationCheckingStrategy revocationCheckingStrategy)
             throws GeneralSecurityException, IOException {
-        SSLContext sslContext = configureSSLContext(Collections.emptyList(), revocationStrategy);
-        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy);
+        SSLContext sslContext = configureSSLContext(Collections.emptyList(), revocationCheckingStrategy);
+        return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy);
     }
 
-    private static SSLContext configureSSLContext(List<File> customCertFiles, RevocationStrategy revocationStrategy)
+    private static SSLContext configureSSLContext(
+            List<File> customCertFiles, RevocationCheckingStrategy revocationCheckingStrategy)
             throws GeneralSecurityException, IOException {
         KeyStore trustedKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
         trustedKeyStore.load(null, null);
@@ -83,7 +86,7 @@ private static SSLContext configureSSLContext(List<File> customCertFiles, Revoca
         }
 
         PKIXBuilderParameters pkixBuilderParameters =
-                configurePKIXBuilderParameters(trustedKeyStore, revocationStrategy);
+                configurePKIXBuilderParameters(trustedKeyStore, revocationCheckingStrategy);
 
         SSLContext sslContext = SSLContext.getInstance("TLS");
         TrustManagerFactory trustManagerFactory =
@@ -101,11 +104,11 @@ private static SSLContext configureSSLContext(List<File> customCertFiles, Revoca
     }
 
     private static PKIXBuilderParameters configurePKIXBuilderParameters(
-            KeyStore trustedKeyStore, RevocationStrategy revocationStrategy)
+            KeyStore trustedKeyStore, RevocationCheckingStrategy revocationCheckingStrategy)
             throws InvalidAlgorithmParameterException, KeyStoreException {
         PKIXBuilderParameters pkixBuilderParameters = null;
 
-        if (requiresRevocationChecking(revocationStrategy)) {
+        if (requiresRevocationChecking(revocationCheckingStrategy)) {
             // Configure certificate revocation checking (X509CertSelector() selects all certificates)
             pkixBuilderParameters = new PKIXBuilderParameters(trustedKeyStore, new X509CertSelector());
 
@@ -115,7 +118,7 @@ private static PKIXBuilderParameters configurePKIXBuilderParameters(
             // enables status_request extension in client hello
             System.setProperty("jdk.tls.client.enableStatusRequestExtension", "true");
 
-            if (revocationStrategy.equals(VERIFY_IF_PRESENT)) {
+            if (revocationCheckingStrategy.equals(VERIFY_IF_PRESENT)) {
                 // enables soft-fail behaviour if no stapled response found.
                 Security.setProperty("ocsp.enable", "true");
             }
@@ -146,23 +149,23 @@ private static void loadSystemCertificates(KeyStore trustedKeyStore) throws Gene
     }
 
     public static SecurityPlan insecure() {
-        return new SecurityPlanImpl(false, null, false, RevocationStrategy.NO_CHECKS);
+        return new SecurityPlanImpl(false, null, false, RevocationCheckingStrategy.NO_CHECKS);
     }
 
     private final boolean requiresEncryption;
     private final SSLContext sslContext;
     private final boolean requiresHostnameVerification;
-    private final RevocationStrategy revocationStrategy;
+    private final RevocationCheckingStrategy revocationCheckingStrategy;
 
     private SecurityPlanImpl(
             boolean requiresEncryption,
             SSLContext sslContext,
             boolean requiresHostnameVerification,
-            RevocationStrategy revocationStrategy) {
+            RevocationCheckingStrategy revocationCheckingStrategy) {
         this.requiresEncryption = requiresEncryption;
         this.sslContext = sslContext;
         this.requiresHostnameVerification = requiresHostnameVerification;
-        this.revocationStrategy = revocationStrategy;
+        this.revocationCheckingStrategy = revocationCheckingStrategy;
     }
 
     @Override
@@ -181,8 +184,8 @@ public boolean requiresHostnameVerification() {
     }
 
     @Override
-    public RevocationStrategy revocationStrategy() {
-        return revocationStrategy;
+    public RevocationCheckingStrategy revocationCheckingStrategy() {
+        return revocationCheckingStrategy;
     }
 
     private static class TrustAllTrustManager implements X509TrustManager {

driver/src/test/java/org/neo4j/driver/ConfigTest.java

@@ -26,9 +26,9 @@
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.mock;
-import static org.neo4j.driver.RevocationStrategy.NO_CHECKS;
-import static org.neo4j.driver.RevocationStrategy.STRICT;
-import static org.neo4j.driver.RevocationStrategy.VERIFY_IF_PRESENT;
+import static org.neo4j.driver.RevocationCheckingStrategy.NO_CHECKS;
+import static org.neo4j.driver.RevocationCheckingStrategy.STRICT;
+import static org.neo4j.driver.RevocationCheckingStrategy.VERIFY_IF_PRESENT;
 import static org.neo4j.driver.internal.handlers.pulln.FetchSizeUtil.DEFAULT_FETCH_SIZE;
 
 import java.io.File;
@@ -282,16 +282,16 @@ void shouldEnableAndDisableHostnameVerificationOnTrustStrategy() {
     @Test
     void shouldEnableAndDisableCertificateRevocationChecksOnTestStrategy() {
         Config.TrustStrategy trustStrategy = Config.TrustStrategy.trustSystemCertificates();
-        assertEquals(NO_CHECKS, trustStrategy.revocationStrategy());
+        assertEquals(NO_CHECKS, trustStrategy.revocationCheckingStrategy());
 
         assertSame(trustStrategy, trustStrategy.withoutCertificateRevocationChecks());
-        assertEquals(NO_CHECKS, trustStrategy.revocationStrategy());
+        assertEquals(NO_CHECKS, trustStrategy.revocationCheckingStrategy());
 
         assertSame(trustStrategy, trustStrategy.withStrictRevocationChecks());
-        assertEquals(STRICT, trustStrategy.revocationStrategy());
+        assertEquals(STRICT, trustStrategy.revocationCheckingStrategy());
 
         assertSame(trustStrategy, trustStrategy.withVerifyIfPresentRevocationChecks());
-        assertEquals(VERIFY_IF_PRESENT, trustStrategy.revocationStrategy());
+        assertEquals(VERIFY_IF_PRESENT, trustStrategy.revocationCheckingStrategy());
     }
 
     @Test
@@ -429,8 +429,8 @@ void shouldSerialize() throws Exception {
                     config.trustStrategy().isHostnameVerificationEnabled(),
                     verify.trustStrategy().isHostnameVerificationEnabled());
             assertEquals(
-                    config.trustStrategy().revocationStrategy(),
-                    verify.trustStrategy().revocationStrategy());
+                    config.trustStrategy().revocationCheckingStrategy(),
+                    verify.trustStrategy().revocationCheckingStrategy());
             assertEquals(config.userAgent(), verify.userAgent());
             assertEquals(config.isMetricsEnabled(), verify.isMetricsEnabled());
             assertEquals(config.metricsAdapter(), verify.metricsAdapter());

driver/src/test/java/org/neo4j/driver/integration/ChannelConnectorImplIT.java

@@ -49,7 +49,7 @@
 import org.junit.jupiter.api.extension.RegisterExtension;
 import org.neo4j.driver.AuthToken;
 import org.neo4j.driver.AuthTokens;
-import org.neo4j.driver.RevocationStrategy;
+import org.neo4j.driver.RevocationCheckingStrategy;
 import org.neo4j.driver.exceptions.AuthenticationException;
 import org.neo4j.driver.exceptions.ServiceUnavailableException;
 import org.neo4j.driver.internal.BoltServerAddress;
@@ -222,6 +222,6 @@ private ChannelConnectorImpl newConnector(
     }
 
     private static SecurityPlan trustAllCertificates() throws GeneralSecurityException {
-        return SecurityPlanImpl.forAllCertificates(false, RevocationStrategy.NO_CHECKS);
+        return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS);
     }
 }

driver/src/test/java/org/neo4j/driver/internal/SecuritySettingsTest.java

@@ -22,9 +22,9 @@
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
-import static org.neo4j.driver.RevocationStrategy.NO_CHECKS;
-import static org.neo4j.driver.RevocationStrategy.STRICT;
-import static org.neo4j.driver.RevocationStrategy.VERIFY_IF_PRESENT;
+import static org.neo4j.driver.RevocationCheckingStrategy.NO_CHECKS;
+import static org.neo4j.driver.RevocationCheckingStrategy.STRICT;
+import static org.neo4j.driver.RevocationCheckingStrategy.VERIFY_IF_PRESENT;
 
 import java.io.File;
 import java.io.IOException;
@@ -77,7 +77,7 @@ void testSystemCertCompatibleConfiguration(String scheme) throws Exception {
 
         assertTrue(securityPlan.requiresEncryption());
         assertTrue(securityPlan.requiresHostnameVerification());
-        assertEquals(NO_CHECKS, securityPlan.revocationStrategy());
+        assertEquals(NO_CHECKS, securityPlan.revocationCheckingStrategy());
     }
 
     @ParameterizedTest
@@ -178,7 +178,7 @@ void testConfigureStrictRevocationChecking(String scheme) {
 
         SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme);
 
-        assertEquals(STRICT, securityPlan.revocationStrategy());
+        assertEquals(STRICT, securityPlan.revocationCheckingStrategy());
     }
 
     @ParameterizedTest
@@ -192,7 +192,7 @@ void testConfigureVerifyIfPresentRevocationChecking(String scheme) {
 
         SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme);
 
-        assertEquals(VERIFY_IF_PRESENT, securityPlan.revocationStrategy());
+        assertEquals(VERIFY_IF_PRESENT, securityPlan.revocationCheckingStrategy());
     }
 
     @ParameterizedTest
@@ -205,7 +205,7 @@ void testRevocationCheckingDisabledByDefault(String scheme) {
 
         SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme);
 
-        assertEquals(NO_CHECKS, securityPlan.revocationStrategy());
+        assertEquals(NO_CHECKS, securityPlan.revocationCheckingStrategy());
     }
 
     @Nested