http: Add animal-sniffer plugin and fix reported errors

https://code.google.com/p/google-http-java-client/issues/detail?id=232

Author: ngmiceli-g

google-http-client-appengine/pom.xml

@@ -34,6 +34,18 @@
  </execution>
  </executions>
  </plugin>
+ <!--App Engine uses Java 6 and above-->
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-maven-plugin</artifactId>
+ <configuration>
+ <signature>
+ <groupId>org.codehaus.mojo.signature</groupId>
+ <artifactId>java16</artifactId>
+ <version>1.0</version>
+ </signature>
+ </configuration>
+ </plugin>
  </plugins>
  </build>
  <dependencies>

google-http-client-findbugs/pom.xml

@@ -23,6 +23,15 @@
  </execution>
  </executions>
  </plugin>
+ <!--The animal-sniffer plugin crashes on FindBugs on the icu4j:2.6.1
+ dependency-->
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-maven-plugin</artifactId>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+ </plugin>
  </plugins>
  </build>
  <dependencies>

google-http-client/src/main/java/com/google/api/client/util/IOUtils.java

@@ -178,7 +178,9 @@ public static <S extends Serializable> S deserialize(InputStream inputStream) th
  try {
  return (S) new ObjectInputStream(inputStream).readObject();
  } catch (ClassNotFoundException exception) {
- throw new IOException("Failed to deserialize object", exception);
+ IOException ioe = new IOException("Failed to deserialize object");
+ ioe.initCause(exception);
+ throw ioe;
  } finally {
  inputStream.close();
  }

google-http-client/src/main/java/com/google/api/client/util/store/FileDataStoreFactory.java

@@ -17,18 +17,27 @@
 import com.google.api.client.util.Beta;
 import com.google.api.client.util.IOUtils;
 import com.google.api.client.util.Maps;
+import com.google.api.client.util.Throwables;
 
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.Serializable;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.util.logging.Logger;
 
 /**
  * {@link Beta} <br/>
  * Thread-safe file implementation of a credential store.
  *
+ * <p>
+ * For security purposes, the file's permissions are set to be accessible only by the file's owner.
+ * Note that Java 1.5 does not support manipulating file permissions, and must be done manually or
+ * using the JNI.
+ * </p>
+ *
  * @since 1.16
  * @author Yaniv Inbar
  */
@@ -54,16 +63,7 @@ public FileDataStoreFactory(File dataDirectory) throws IOException {
  if (!dataDirectory.exists() && !dataDirectory.mkdirs()) {
  throw new IOException("unable to create directory: " + dataDirectory);
  }
- // disable access by other users if O/S allows it
- if (!dataDirectory.setReadable(false, false) || !dataDirectory.setWritable(false, false)
- || !dataDirectory.setExecutable(false, false)) {
- LOGGER.warning("unable to change permissions for everybody: " + dataDirectory);
- }
- // set file permissions to readable and writable by user
- if (!dataDirectory.setReadable(true) || !dataDirectory.setWritable(true)
- || !dataDirectory.setExecutable(true)) {
- throw new IOException("unable to set permissions: " + dataDirectory);
- }
+ setPermissionsToOwnerOnly(dataDirectory);
  }
 
  /** Returns the data directory. */
@@ -117,4 +117,45 @@ public FileDataStoreFactory getDataStoreFactory() {
  return (FileDataStoreFactory) super.getDataStoreFactory();
  }
  }
+
+ /**
+ * Attempts to set the given file's permissions such that it can only be read, written, and
+ * executed by the file's owner.
+ *
+ * @param file the file's permissions to modify
+ * @throws IOException
+ */
+ static void setPermissionsToOwnerOnly(File file) throws IOException {
+ // Disable access by other users if O/S allows it and set file permissions to readable and
+ // writable by user. Use reflection since JDK 1.5 will not have these methods
+ try {
+ Method setReadable = File.class.getMethod("setReadable", boolean.class, boolean.class);
+ Method setWritable = File.class.getMethod("setWritable", boolean.class, boolean.class);
+ Method setExecutable = File.class.getMethod("setExecutable", boolean.class, boolean.class);
+ if (!(Boolean) setReadable.invoke(file, false, false)
+ || !(Boolean) setWritable.invoke(file, false, false)
+ || !(Boolean) setExecutable.invoke(file, false, false)) {
+ LOGGER.warning("unable to change permissions for everybody: " + file);
+ }
+ if (!(Boolean) setReadable.invoke(file, true, true)
+ || !(Boolean) setWritable.invoke(file, true, true)
+ || !(Boolean) setExecutable.invoke(file, true, true)) {
+ LOGGER.warning("unable to change permissions for owner: " + file);
+ }
+ } catch (InvocationTargetException exception) {
+ Throwable cause = exception.getCause();
+ Throwables.propagateIfPossible(cause, IOException.class);
+ // shouldn't reach this point, but just in case...
+ throw new RuntimeException(cause);
+ } catch (NoSuchMethodException exception) {
+ LOGGER.warning("Unable to set permissions for " + file
+ + ", likely because you are running a version of Java prior to 1.6");
+ } catch (SecurityException exception) {
+ // ignored
+ } catch (IllegalAccessException exception) {
+ // ignored
+ } catch (IllegalArgumentException exception) {
+ // ignored
+ }
+ }
 }

pom.xml

@@ -357,6 +357,11 @@
  <artifactId>clirr-maven-plugin</artifactId>
  <version>2.5</version>
  </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-maven-plugin</artifactId>
+ <version>1.9</version>
+ </plugin>
  <plugin>
  <groupId>org.sonatype.plugins</groupId>
  <artifactId>jarjar-maven-plugin</artifactId>
@@ -534,6 +539,24 @@
  <logResults>true</logResults>
  </configuration>
  </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>animal-sniffer-maven-plugin</artifactId>
+ <configuration>
+ <signature>
+ <groupId>org.codehaus.mojo.signature</groupId>
+ <artifactId>java15</artifactId>
+ <version>1.0</version>
+ </signature>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
  </plugins>
  </build>
  <properties>