org.sonar.java.checks.HardCodedPasswordCheck

All Implemented Interfaces:: JavaCheck, JavaFileScanner

public class HardCodedPasswordCheck extends AbstractHardCodedCredentialChecker

Field Summary

Fields

Modifier and Type

Field

Description

String

passwordWords

Fields inherited from class org.sonar.java.checks.AbstractHardCodedCredentialChecker
EQUALS_MATCHER, STRING_TO_CHAR_ARRAY

Fields inherited from class org.sonar.java.ast.visitors.SubscriptionVisitor
context
Constructor Summary

Constructors

Constructor

Description

HardCodedPasswordCheck()
Method Summary

Modifier and Type

Method

Description

protected String

getCredentialWords()

protected void

handleStringLiteral(LiteralTree tree)

protected boolean

isCredentialContainingPattern(ExpressionTree expression)

Determine if the actual hardcoded credential from the expression, contains one of the credentials pattern.

List<Tree.Kind>

nodesToVisit()

protected void

report(Tree tree, String match)

void

visitNode(Tree tree)

Methods inherited from class org.sonar.java.checks.AbstractHardCodedCredentialChecker
handleAssignment, handleEqualsMethod, handleVariable, isCallOnStringLiteral, isCredentialLikeName, isCredentialVariable, isPotentialCredential, isPotentialCredential, isSettingCredential

Methods inherited from class org.sonar.plugins.java.api.IssuableSubscriptionVisitor
addIssue, addIssueOnFile, leaveFile, reportIssue, reportIssue, reportIssue, scanFile, scanTree, setContext

Methods inherited from class org.sonar.java.ast.visitors.SubscriptionVisitor
leaveNode, visitToken, visitTrivia

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.sonar.plugins.java.api.JavaFileScanner
scanWithoutParsing

Field Details
- passwordWords
  
  public String passwordWords
Constructor Details
- HardCodedPasswordCheck
  
  public HardCodedPasswordCheck()
Method Details
- getCredentialWords
  
  protected String getCredentialWords()
  
  Specified by:
  
  getCredentialWords in class AbstractHardCodedCredentialChecker
- nodesToVisit
  
  public List<Tree.Kind> nodesToVisit()
  
  Specified by:
  
  nodesToVisit in class SubscriptionVisitor
- visitNode
  
  public void visitNode(Tree tree)
  
  Overrides:
  
  visitNode in class SubscriptionVisitor
- handleStringLiteral
  
  protected void handleStringLiteral(LiteralTree tree)
  
  Overrides:
  
  handleStringLiteral in class AbstractHardCodedCredentialChecker
- report
  
  protected void report(Tree tree, String match)
  
  Specified by:
  
  report in class AbstractHardCodedCredentialChecker
- isCredentialContainingPattern
  
  protected boolean isCredentialContainingPattern(ExpressionTree expression)
  
  Description copied from class: AbstractHardCodedCredentialChecker
  
  Determine if the actual hardcoded credential from the expression, contains one of the credentials pattern. This is typically used to ignore constant declaration.
  
  Specified by:
  
  isCredentialContainingPattern in class AbstractHardCodedCredentialChecker

Class HardCodedPasswordCheck

Field Summary

Fields inherited from class org.sonar.java.checks.AbstractHardCodedCredentialChecker

Fields inherited from class org.sonar.java.ast.visitors.SubscriptionVisitor

Constructor Summary

Method Summary

Methods inherited from class org.sonar.java.checks.AbstractHardCodedCredentialChecker

Methods inherited from class org.sonar.plugins.java.api.IssuableSubscriptionVisitor

Methods inherited from class org.sonar.java.ast.visitors.SubscriptionVisitor

Methods inherited from class java.lang.Object

Methods inherited from interface org.sonar.plugins.java.api.JavaFileScanner

Field Details

passwordWords

Constructor Details

HardCodedPasswordCheck

Method Details

getCredentialWords

nodesToVisit

visitNode

handleStringLiteral

report

isCredentialContainingPattern