Improve code

gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/JWTAuthenticationConfig.java

@@ -18,18 +18,21 @@
 
 package org.wso2.apk.enforcer.commons.model;
 
-import java.util.ArrayList;
+import java.util.List;
 
+/**
+ * Defines JWT authentication config structure.
+ */
 public class JWTAuthenticationConfig {
-    private String Header;
+    private String header;
     private boolean sendTokenToUpstream;
-    private ArrayList<String> audience;
+    private List<String> audience;
     public String getHeader() {
-        return Header;
+        return header;
     }
 
     public void setHeader(String header) {
-        Header = header;
+        this.header = header;
     }
 
     public boolean isSendTokenToUpstream() {
@@ -40,11 +43,11 @@ public void setSendTokenToUpstream(boolean sendTokenToUpstream) {
         this.sendTokenToUpstream = sendTokenToUpstream;
     }
 
-    public ArrayList<String> getAudience() {
+    public List<String> getAudience() {
         return audience;
     }
 
-    public void setAudience(ArrayList<String> audience) {
+    public void setAudience(List<String> audience) {
         this.audience = audience;
     }
 }

gateway/enforcer/org.wso2.apk.enforcer.commons/src/main/java/org/wso2/apk/enforcer/commons/model/Oauth2AuthenticationConfig.java

@@ -18,16 +18,19 @@
 
 package org.wso2.apk.enforcer.commons.model;
 
+/**
+ * Defines OAuth2 authentication config structure.
+ */
 public class Oauth2AuthenticationConfig {
-    private String Header;
+    private String header;
     private boolean sendTokenToUpstream;
 
     public String getHeader() {
-        return Header;
+        return header;
     }
 
     public void setHeader(String header) {
-        Header = header;
+        this.header = header;
     }
 
     public boolean isSendTokenToUpstream() {

gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/api/Utils.java

@@ -128,7 +128,7 @@ private static JWTAuthenticationConfig getJwtAuthenticationConfig(Operation oper
         jwtAuthenticationConfig.setHeader(operation.getApiAuthentication().getJwt().getHeader());
         jwtAuthenticationConfig.setSendTokenToUpstream(operation.getApiAuthentication().getJwt()
                 .getSendTokenToUpstream());
-        ArrayList<String> audience = new ArrayList<>();
+        List<String> audience = new ArrayList<>();
         for (int i = 0; i < operation.getApiAuthentication().getJwt().getAudienceCount(); i++) {
             audience.add(operation.getApiAuthentication().getJwt().getAudience(i));
         }

gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/JWTAuthenticator.java

@@ -131,9 +131,9 @@ public AuthenticationContext authenticate(RequestContext requestContext) throws
                 if (validationInfo.isValid()) {
                     List<String> audFromAPI = getAudience(requestContext.getMatchedResourcePaths());
                     List<String> audFromToken = validationInfo.getAudience();
-                    if (!checkAllExist(audFromAPI, audFromToken)) {
+                    if (!checkAnyExist(audFromAPI, audFromToken)) {
                         throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(),
-                                APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Required audience not available in the JWT aud.");
+                                APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
                     }
                     Map<String, Object> claims = validationInfo.getClaims();
                     // Validate token type
@@ -267,8 +267,8 @@ private String getTokenHeader(ArrayList<ResourceConfig> matchedResourceConfigs)
         return "";
     }
 
-    private ArrayList<String> getAudience(ArrayList<ResourceConfig> matchedResourceConfigs) {
-        ArrayList<String> audience = new ArrayList<>();
+    private List<String> getAudience(ArrayList<ResourceConfig> matchedResourceConfigs) {
+        List<String> audience = new ArrayList<>();
         for (ResourceConfig resourceConfig : matchedResourceConfigs) {
             if (resourceConfig.getAuthenticationConfig() != null &&
                     resourceConfig.getAuthenticationConfig().getJwtAuthenticationConfig() != null) {
@@ -525,12 +525,13 @@ private Boolean isJWTExpired(JWTValidationInfo payload) {
     }
 
     /**
-     * Checks if all elements in the first list are present in the second list.
-     * @param list1 The list of elements to check.
-     * @param list2 The list in which to check for the elements.
-     * @return True if all elements in list1 are present in list2, false otherwise.
+     * Checks if at least one element from list1 exists in list2.
+     *
+     * @param list1 The first list to check.
+     * @param list2 The second list to check against.
+     * @return true if at least one element from list1 exists in list2, otherwise false.
      */
-    public static boolean checkAllExist(List<String> list1, List<String> list2) {
-        return list1.stream().allMatch(list2::contains);
+    public static boolean checkAnyExist(List<String> list1, List<String> list2) {
+        return list1.stream().anyMatch(list2::contains);
     }
 }