refactor: replace NullPointerException with more suitable IllegalArgumentException

WE2-1030

Signed-off-by: Sven Mitt <svenzik@users.noreply.github.com>

Author: svenzik

src/main/java/eu/webeid/security/certificate/CertificateValidator.java

@@ -102,7 +102,6 @@ public static void requireCertificateIsValidOnDate(X509Certificate cert, Date da
      * {@link RevocationMode#CUSTOM_PKIX} when the provided {@code customPkixRevocationChecker}
      * has an explicit OCSP responder URI configured; otherwise it is empty.
      * <p>
-     * @throws NullPointerException            if any required parameter is {@code null}
      * @throws IllegalArgumentException        if the supplied checker parameters are inconsistent with {@code revocationMode}
      * @throws CertificateNotYetValidException if the subject or trust anchor certificate is not yet valid at {@code now}
      * @throws CertificateExpiredException     if the subject or trust anchor certificate is expired at {@code now}

src/main/java/eu/webeid/security/validator/AuthTokenValidationConfiguration.java

@@ -34,7 +34,6 @@
 import java.security.cert.X509Certificate;
 import java.util.Collection;
 import java.util.HashSet;
-import java.util.Objects;
 import java.util.Set;
 
 /**
@@ -116,11 +115,9 @@ public RevocationMode getRevocationMode() {
     /**
      * Checks that the configuration parameters are valid.
      *
-     * @throws NullPointerException     when required parameters are null
      * @throws IllegalArgumentException when any parameter is invalid
      */
     void validate() {
-        Objects.requireNonNull(siteOrigin, "Origin URI must not be null");
         validateIsOriginURL(siteOrigin);
         if (trustedCACertificates.isEmpty()) {
             throw new IllegalArgumentException("At least one trusted certificate authority must be provided");
@@ -141,6 +138,9 @@ AuthTokenValidationConfiguration copy() {
      */
     public static void validateIsOriginURL(URI uri) throws IllegalArgumentException {
         try {
+            if (uri == null) {
+                throw new IllegalArgumentException("Origin URI must not be null");
+            }
             // 1. Verify that the URI can be converted to absolute URL.
             uri.toURL();
             // 2. Verify that the URI contains only HTTPS scheme, host and optional port components.

src/main/java/eu/webeid/security/validator/AuthTokenValidatorBuilder.java

@@ -146,11 +146,10 @@ public AuthTokenValidatorBuilder withPKIXRevocationChecker(PKIXRevocationChecker
      * The returned {@link AuthTokenValidator} object is immutable/thread-safe.
      *
      * @return the configured authentication token validator object
-     * @throws NullPointerException     when required parameters are null
      * @throws IllegalArgumentException when any parameter is invalid
-     * @throws RuntimeException         when JCE configuration is invalid
+     * @throws JceException             when JCE configuration is invalid
      */
-    public AuthTokenValidator build() throws NullPointerException, IllegalArgumentException, JceException {
+    public AuthTokenValidator build() throws IllegalArgumentException, JceException {
         configuration.validate();
         return new AuthTokenValidatorImpl(configuration);
     }

src/test/java/eu/webeid/security/validator/AuthTokenValidatorBuilderTest.java

@@ -44,7 +44,7 @@ public class AuthTokenValidatorBuilderTest {
     @Test
     void testOriginMissing() {
         assertThatThrownBy(builder::build)
-            .isInstanceOf(NullPointerException.class)
+            .isInstanceOf(IllegalArgumentException.class)
             .hasMessageStartingWith("Origin URI must not be null");
     }