diff --git a/adapters/oidc/installed/src/main/java/org/keycloak/adapters/installed/KcinitDriver.java b/adapters/oidc/installed/src/main/java/org/keycloak/adapters/installed/KcinitDriver.java index 57b3f66ea86..d2643656023 100644 --- a/adapters/oidc/installed/src/main/java/org/keycloak/adapters/installed/KcinitDriver.java +++ b/adapters/oidc/installed/src/main/java/org/keycloak/adapters/installed/KcinitDriver.java @@ -286,11 +286,11 @@ public class KcinitDriver { protected byte[] readFileRaw(File fp) throws IOException { if (!fp.exists()) return null; - FileInputStream fis = new FileInputStream(fp); - byte[] data = new byte[(int) fp.length()]; - fis.read(data); - fis.close(); - return data; + try (FileInputStream fis = new FileInputStream(fp)) { + byte[] data = new byte[(int) fp.length()]; + fis.read(data); + return data; + } } protected void writeFile(File fp, String payload) { diff --git a/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/PropertiesBasedRoleMapper.java b/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/PropertiesBasedRoleMapper.java index 1c2d841a124..8848598d770 100644 --- a/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/PropertiesBasedRoleMapper.java +++ b/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/PropertiesBasedRoleMapper.java @@ -113,8 +113,8 @@ public class PropertiesBasedRoleMapper implements RoleMappingsProvider { if (path != null) { File file = new File(path); if (file.exists()) { - try { - this.roleMappings.load(new FileInputStream(file)); + try (FileInputStream is = new FileInputStream(file)){ + this.roleMappings.load(is); logger.debugf("Successfully loaded role mappings from %s", path); } catch (Exception e) { logger.debugv(e, "Unable to load role mappings from %s", path); diff --git a/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/config/parsers/DeploymentBuilder.java b/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/config/parsers/DeploymentBuilder.java index 33045ad0d4c..3ea1a47f3bb 100755 --- a/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/config/parsers/DeploymentBuilder.java +++ b/adapters/saml/core/src/main/java/org/keycloak/adapters/saml/config/parsers/DeploymentBuilder.java @@ -284,7 +284,7 @@ public class DeploymentBuilder { } catch (KeyStoreException e) { throw new RuntimeException(e); } - InputStream is = null; + InputStream is; if (key.getKeystore().getFile() != null) { File fp = new File(key.getKeystore().getFile()); if (!fp.exists()) { @@ -301,8 +301,8 @@ public class DeploymentBuilder { throw new RuntimeException("KeyStore " + key.getKeystore().getResource() + " does not exist"); } } - try { - keyStore.load(is, key.getKeystore().getPassword().toCharArray()); + try (InputStream stream = is) { + keyStore.load(stream, key.getKeystore().getPassword().toCharArray()); } catch (Exception e) { throw new RuntimeException(e); } diff --git a/common/src/main/java/org/keycloak/common/Profile.java b/common/src/main/java/org/keycloak/common/Profile.java index 1c8f25d0ff9..e94569bfa07 100755 --- a/common/src/main/java/org/keycloak/common/Profile.java +++ b/common/src/main/java/org/keycloak/common/Profile.java @@ -207,7 +207,9 @@ public class Profile { if (jbossServerConfigDir != null) { File file = new File(jbossServerConfigDir, "profile.properties"); if (file.isFile()) { - properties.load(new FileInputStream(file)); + try (FileInputStream is = new FileInputStream(file)) { + properties.load(is); + } } } } catch (IOException e) { diff --git a/common/src/main/java/org/keycloak/common/util/KeystoreUtil.java b/common/src/main/java/org/keycloak/common/util/KeystoreUtil.java index 070d517beba..2402f10fdb2 100755 --- a/common/src/main/java/org/keycloak/common/util/KeystoreUtil.java +++ b/common/src/main/java/org/keycloak/common/util/KeystoreUtil.java @@ -58,8 +58,9 @@ public class KeystoreUtil { } else { trustStream = new FileInputStream(new File(filename)); } - trustStore.load(trustStream, password.toCharArray()); - trustStream.close(); + try (InputStream is = trustStream) { + trustStore.load(is, password.toCharArray()); + } return trustStore; } diff --git a/federation/sssd/src/main/java/cx/ath/matthew/debug/Debug.java b/federation/sssd/src/main/java/cx/ath/matthew/debug/Debug.java index 30c4d8549d3..b81bf9c23dc 100644 --- a/federation/sssd/src/main/java/cx/ath/matthew/debug/Debug.java +++ b/federation/sssd/src/main/java/cx/ath/matthew/debug/Debug.java @@ -202,7 +202,9 @@ public class Debug { */ public static void loadConfig(File f) throws IOException { prop = new Properties(); - prop.load(new FileInputStream(f)); + try (FileInputStream is = new FileInputStream((f))) { + prop.load(is); + } } /** diff --git a/federation/sssd/src/main/java/org/freedesktop/dbus/DBusConnection.java b/federation/sssd/src/main/java/org/freedesktop/dbus/DBusConnection.java index 45e33a4674b..6f3adc31153 100644 --- a/federation/sssd/src/main/java/org/freedesktop/dbus/DBusConnection.java +++ b/federation/sssd/src/main/java/org/freedesktop/dbus/DBusConnection.java @@ -242,21 +242,21 @@ public class DBusConnection extends AbstractConnection { if (null == display) throw new DBusException(getString("cannotResolveSessionBusAddress")); File uuidfile = new File("/var/lib/dbus/machine-id"); if (!uuidfile.exists()) throw new DBusException(getString("cannotResolveSessionBusAddress")); - try { - BufferedReader r = new BufferedReader(new FileReader(uuidfile)); + try (BufferedReader r = new BufferedReader(new FileReader(uuidfile))) { String uuid = r.readLine(); String homedir = System.getProperty("user.home"); File addressfile = new File(homedir + "/.dbus/session-bus", uuid + "-" + display.replaceAll(":([0-9]*)\\..*", "$1")); if (!addressfile.exists()) throw new DBusException(getString("cannotResolveSessionBusAddress")); - r = new BufferedReader(new FileReader(addressfile)); - String l; - while (null != (l = r.readLine())) { - if (Debug.debug) Debug.print(Debug.VERBOSE, "Reading D-Bus session data: " + l); - if (l.matches("DBUS_SESSION_BUS_ADDRESS.*")) { - s = l.replaceAll("^[^=]*=", ""); - if (Debug.debug) Debug.print(Debug.VERBOSE, "Parsing " + l + " to " + s); + try (BufferedReader r2 = new BufferedReader(new FileReader(addressfile))) { + String l; + while (null != (l = r2.readLine())) { + if (Debug.debug) Debug.print(Debug.VERBOSE, "Reading D-Bus session data: " + l); + if (l.matches("DBUS_SESSION_BUS_ADDRESS.*")) { + s = l.replaceAll("^[^=]*=", ""); + if (Debug.debug) Debug.print(Debug.VERBOSE, "Parsing " + l + " to " + s); + } } } if (null == s || "".equals(s)) diff --git a/misc/keycloak-test-helper/src/main/java/org/keycloak/test/FluentTestsHelper.java b/misc/keycloak-test-helper/src/main/java/org/keycloak/test/FluentTestsHelper.java index f070e727f8e..767bbcd18cb 100644 --- a/misc/keycloak-test-helper/src/main/java/org/keycloak/test/FluentTestsHelper.java +++ b/misc/keycloak-test-helper/src/main/java/org/keycloak/test/FluentTestsHelper.java @@ -232,7 +232,9 @@ public class FluentTestsHelper { * @see #importTestRealm(InputStream) */ public FluentTestsHelper importTestRealm(String realmJsonPath) throws IOException { - return importTestRealm(FluentTestsHelper.class.getResourceAsStream(realmJsonPath)); + try (InputStream fis = FluentTestsHelper.class.getResourceAsStream(realmJsonPath)) { + return importTestRealm(fis); + } } /** diff --git a/misc/keycloak-test-helper/src/main/java/org/keycloak/test/TestsHelper.java b/misc/keycloak-test-helper/src/main/java/org/keycloak/test/TestsHelper.java index 07406611db6..1378719660e 100644 --- a/misc/keycloak-test-helper/src/main/java/org/keycloak/test/TestsHelper.java +++ b/misc/keycloak-test-helper/src/main/java/org/keycloak/test/TestsHelper.java @@ -158,20 +158,20 @@ public class TestsHelper { public static boolean importTestRealm(String username, String password, String realmJsonPath) throws IOException { ObjectMapper mapper = new ObjectMapper(); - ClassLoader classLoader = TestsHelper.class.getClassLoader(); - InputStream stream = TestsHelper.class.getResourceAsStream(realmJsonPath); - RealmRepresentation realmRepresentation = mapper.readValue(stream, RealmRepresentation.class); + try (InputStream stream = TestsHelper.class.getResourceAsStream(realmJsonPath)) { + RealmRepresentation realmRepresentation = mapper.readValue(stream, RealmRepresentation.class); - Keycloak keycloak = Keycloak.getInstance( - keycloakBaseUrl, - "master", - username, - password, - "admin-cli"); - keycloak.realms().create(realmRepresentation); - testRealm = realmRepresentation.getRealm(); - generateInitialAccessToken(keycloak); - return true; + Keycloak keycloak = Keycloak.getInstance( + keycloakBaseUrl, + "master", + username, + password, + "admin-cli"); + keycloak.realms().create(realmRepresentation); + testRealm = realmRepresentation.getRealm(); + generateInitialAccessToken(keycloak); + return true; + } } diff --git a/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java b/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java index b1e1a2498fd..253bd7eae56 100755 --- a/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java +++ b/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java @@ -345,17 +345,18 @@ public class SimpleHttp { } } - InputStreamReader reader = charset == null ? new InputStreamReader(is) : - new InputStreamReader(is, charset); + try (InputStreamReader reader = charset == null ? new InputStreamReader(is) : + new InputStreamReader(is, charset)) { - StringWriter writer = new StringWriter(); + StringWriter writer = new StringWriter(); - char[] buffer = new char[1024 * 4]; - for (int n = reader.read(buffer); n != -1; n = reader.read(buffer)) { - writer.write(buffer, 0, n); + char[] buffer = new char[1024 * 4]; + for (int n = reader.read(buffer); n != -1; n = reader.read(buffer)) { + writer.write(buffer, 0, n); + } + + responseString = writer.toString(); } - - responseString = writer.toString(); } finally { if (is != null) { is.close(); diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/x509/CertificateValidator.java b/services/src/main/java/org/keycloak/authentication/authenticators/x509/CertificateValidator.java index dc4654d7d70..63bec8b1890 100644 --- a/services/src/main/java/org/keycloak/authentication/authenticators/x509/CertificateValidator.java +++ b/services/src/main/java/org/keycloak/authentication/authenticators/x509/CertificateValidator.java @@ -339,8 +339,10 @@ public class CertificateValidator { if (!f.canRead()) { throw new IOException(String.format("Unable to read CRL from \"%s\"", f.getAbsolutePath())); } - X509CRL crl = loadFromStream(cf, new FileInputStream(f.getAbsolutePath())); - return Collections.singleton(crl); + try (FileInputStream is = new FileInputStream(f.getAbsolutePath())) { + X509CRL crl = loadFromStream(cf, is); + return Collections.singleton(crl); + } } } } diff --git a/services/src/main/java/org/keycloak/exportimport/dir/DirExportProvider.java b/services/src/main/java/org/keycloak/exportimport/dir/DirExportProvider.java index 7efd3f32cb7..5aa3af4eea5 100755 --- a/services/src/main/java/org/keycloak/exportimport/dir/DirExportProvider.java +++ b/services/src/main/java/org/keycloak/exportimport/dir/DirExportProvider.java @@ -74,8 +74,9 @@ public class DirExportProvider extends MultipleStepsExportProvider { @Override public void writeRealm(String fileName, RealmRepresentation rep) throws IOException { File file = new File(this.rootDirectory, fileName); - FileOutputStream stream = new FileOutputStream(file); - JsonSerialization.prettyMapper.writeValue(stream, rep); + try (FileOutputStream is = new FileOutputStream(file)) { + JsonSerialization.prettyMapper.writeValue(is, rep); + } } @Override diff --git a/services/src/main/java/org/keycloak/keys/JavaKeystoreKeyProvider.java b/services/src/main/java/org/keycloak/keys/JavaKeystoreKeyProvider.java index 85687d4b725..d085ba55b0f 100644 --- a/services/src/main/java/org/keycloak/keys/JavaKeystoreKeyProvider.java +++ b/services/src/main/java/org/keycloak/keys/JavaKeystoreKeyProvider.java @@ -23,6 +23,7 @@ import org.keycloak.component.ComponentModel; import org.keycloak.crypto.KeyWrapper; import org.keycloak.models.RealmModel; +import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; @@ -47,9 +48,9 @@ public class JavaKeystoreKeyProvider extends AbstractRsaKeyProvider { @Override protected KeyWrapper loadKey(RealmModel realm, ComponentModel model) { - try { + try (FileInputStream is = new FileInputStream(model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_KEY))) { KeyStore keyStore = KeyStore.getInstance("JKS"); - keyStore.load(new FileInputStream(model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_KEY)), model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_PASSWORD_KEY).toCharArray()); + keyStore.load(is, model.get(JavaKeystoreKeyProviderFactory.KEYSTORE_PASSWORD_KEY).toCharArray()); PrivateKey privateKey = (PrivateKey) keyStore.getKey(model.get(JavaKeystoreKeyProviderFactory.KEY_ALIAS_KEY), model.get(JavaKeystoreKeyProviderFactory.KEY_PASSWORD_KEY).toCharArray()); PublicKey publicKey = KeyUtils.extractPublicKey(privateKey); diff --git a/services/src/main/java/org/keycloak/protocol/docker/installation/DockerComposeYamlInstallationProvider.java b/services/src/main/java/org/keycloak/protocol/docker/installation/DockerComposeYamlInstallationProvider.java index 831ba380bcd..19ec55fd060 100644 --- a/services/src/main/java/org/keycloak/protocol/docker/installation/DockerComposeYamlInstallationProvider.java +++ b/services/src/main/java/org/keycloak/protocol/docker/installation/DockerComposeYamlInstallationProvider.java @@ -106,9 +106,11 @@ public class DockerComposeYamlInstallationProvider implements ClientInstallation // Write README to .zip zipOutput.putNextEntry(new ZipEntry(ROOT_DIR + "README.md")); - final String readmeContent = new BufferedReader(new InputStreamReader(DockerComposeYamlInstallationProvider.class.getResourceAsStream("/DockerComposeYamlReadme.md"))).lines().collect(Collectors.joining("\n")); - zipOutput.write(readmeContent.getBytes()); - zipOutput.closeEntry(); + try (BufferedReader br = new BufferedReader(new InputStreamReader(DockerComposeYamlInstallationProvider.class.getResourceAsStream("/DockerComposeYamlReadme.md")))) { + final String readmeContent = br.lines().collect(Collectors.joining("\n")); + zipOutput.write(readmeContent.getBytes()); + zipOutput.closeEntry(); + } zipOutput.close(); byteStream.close(); diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java index b8da8ec7326..992ab892c27 100644 --- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java +++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java @@ -56,15 +56,16 @@ public class TestJavascriptResource { } private String resourceToString(String path) throws IOException { - InputStream is = TestingResourceProvider.class.getResourceAsStream(path); - BufferedReader buf = new BufferedReader(new InputStreamReader(is)); - String line = buf.readLine(); - StringBuilder sb = new StringBuilder(); - while (line != null) { - sb.append(line).append("\n"); - line = buf.readLine(); - } + try (InputStream is = TestingResourceProvider.class.getResourceAsStream(path); + BufferedReader buf = new BufferedReader(new InputStreamReader(is))) { + String line = buf.readLine(); + StringBuilder sb = new StringBuilder(); + while (line != null) { + sb.append(line).append("\n"); + line = buf.readLine(); + } - return sb.toString().replace("${js-adapter.auth-server-url}", getAuthServerContextRoot() + "/auth"); + return sb.toString().replace("${js-adapter.auth-server-url}", getAuthServerContextRoot() + "/auth"); + } } } diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/TextFileChecker.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/TextFileChecker.java index 1a8a96bb77f..19240b55482 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/TextFileChecker.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/TextFileChecker.java @@ -64,8 +64,9 @@ public class TextFileChecker { try (InputStream in = Files.newInputStream(path)) { Long lastCheckedPosition = lastCheckedPositions.computeIfAbsent(path, p -> 0L); in.skip(lastCheckedPosition); - BufferedReader b = new BufferedReader(new InputStreamReader(in)); - lineChecker.accept(b.lines()); + try (BufferedReader b = new BufferedReader(new InputStreamReader(in))) { + lineChecker.accept(b.lines()); + } } } } diff --git a/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java b/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java index 3a501429639..658e39a87df 100644 --- a/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java +++ b/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java @@ -36,7 +36,9 @@ public class TLSUtils { } KeyStore keystore = KeyStore.getInstance("jks"); - keystore.load(new FileInputStream(keystorePath), "secret".toCharArray()); + try (FileInputStream is = new FileInputStream(keystorePath)) { + keystore.load(is, "secret".toCharArray()); + } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, "secret".toCharArray()); KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); @@ -49,7 +51,9 @@ public class TLSUtils { // Essentially, this is REQUEST CLIENT AUTH behavior. It doesn't fail if the client doesn't have a cert. // However it will challenge him to send it. KeyStore truststore = KeyStore.getInstance("jks"); - truststore.load(new FileInputStream(truststorePath), "secret".toCharArray()); + try (FileInputStream is = new FileInputStream(truststorePath)) { + truststore.load(is, "secret".toCharArray()); + } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(truststore); TrustManager[] trustManagers = new TrustManager[trustManagerFactory.getTrustManagers().length + 1]; diff --git a/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java b/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java index 87988c06626..e4bf8c9412e 100755 --- a/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java +++ b/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java @@ -137,7 +137,9 @@ public class KeycloakServer { File f = new File(System.getProperty("user.home"), ".keycloak-server.properties"); if (f.isFile()) { Properties p = new Properties(); - p.load(new FileInputStream(f)); + try (FileInputStream is = new FileInputStream(f)) { + p.load(is); + } System.getProperties().putAll(p); }