fix review findings and code smells

2026-03-05 20:00:55 +01:00 · 2020-08-12 12:00:57 +02:00
parent a4d0ff2b24
commit 82f752a7fc
16 changed files with 134 additions and 108 deletions
--- a/scm-core/src/main/java/sonia/scm/repository/spi/MergeCommandRequest.java
+++ b/scm-core/src/main/java/sonia/scm/repository/spi/MergeCommandRequest.java
@@ -101,7 +101,7 @@ public class MergeCommandRequest implements Validateable, Resetable, Serializabl
  public void reset() {
    this.setBranchToMerge(null);
    this.setTargetBranch(null);
-    this.setSign(false);
+    this.setSign(true);
  }

  @Override
--- a/scm-core/src/main/java/sonia/scm/repository/spi/ModifyCommandRequest.java
+++ b/scm-core/src/main/java/sonia/scm/repository/spi/ModifyCommandRequest.java
@@ -58,7 +58,7 @@ public class ModifyCommandRequest implements Resetable, Validateable, CommandWit
    commitMessage = null;
    branch = null;
    defaultPath = false;
-    sign = false;
+    sign = true;
  }

  public void addRequest(PartialRequest request) {
--- a/scm-ui/ui-components/src/snapshots/storyshots.test.ts.snap
+++ b/scm-ui/ui-components/src/snapshots/storyshots.test.ts.snap
@@ -1716,7 +1716,7 @@ exports[`Storyshots CardColumnSmall Minimal 1`] = `

 exports[`Storyshots Changesets Co-Authors with avatar 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -1886,7 +1886,7 @@ exports[`Storyshots Changesets Co-Authors with avatar 1`] = `

 exports[`Storyshots Changesets Commiter and Co-Authors with avatar 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2045,7 +2045,7 @@ exports[`Storyshots Changesets Commiter and Co-Authors with avatar 1`] = `

 exports[`Storyshots Changesets Default 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2162,7 +2162,7 @@ exports[`Storyshots Changesets Default 1`] = `

 exports[`Storyshots Changesets Replacements 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2289,7 +2289,7 @@ exports[`Storyshots Changesets Replacements 1`] = `

 exports[`Storyshots Changesets With Committer 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2418,7 +2418,7 @@ exports[`Storyshots Changesets With Committer 1`] = `

 exports[`Storyshots Changesets With Committer and Co-Author 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2556,7 +2556,7 @@ exports[`Storyshots Changesets With Committer and Co-Author 1`] = `

 exports[`Storyshots Changesets With avatar 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2686,7 +2686,7 @@ exports[`Storyshots Changesets With avatar 1`] = `

 exports[`Storyshots Changesets With contactless signature 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2811,7 +2811,7 @@ exports[`Storyshots Changesets With contactless signature 1`] = `

 exports[`Storyshots Changesets With invalid signature 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -2936,7 +2936,7 @@ exports[`Storyshots Changesets With invalid signature 1`] = `

 exports[`Storyshots Changesets With multiple Co-Authors 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3066,7 +3066,7 @@ exports[`Storyshots Changesets With multiple Co-Authors 1`] = `

 exports[`Storyshots Changesets With multiple signatures and invalid status 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3191,7 +3191,7 @@ exports[`Storyshots Changesets With multiple signatures and invalid status 1`] =

 exports[`Storyshots Changesets With multiple signatures and not found status 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3316,7 +3316,7 @@ exports[`Storyshots Changesets With multiple signatures and not found status 1`]

 exports[`Storyshots Changesets With multiple signatures and valid status 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3441,7 +3441,7 @@ exports[`Storyshots Changesets With multiple signatures and valid status 1`] = `

 exports[`Storyshots Changesets With unknown signature 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3566,7 +3566,7 @@ exports[`Storyshots Changesets With unknown signature 1`] = `

 exports[`Storyshots Changesets With unowned signature 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
@@ -3691,7 +3691,7 @@ exports[`Storyshots Changesets With unowned signature 1`] = `

 exports[`Storyshots Changesets With valid signature 1`] = `
 <div
-  className="Changesetsstories__Wrapper-sc-122npan-0 gDnzNS box box-link-shadow"
+  className="Changesetsstories__Wrapper-sc-122npan-0 dylUKL box box-link-shadow"
 >
  <div
    className="ChangesetRow__Wrapper-tkpti5-0 bRWdJS"
--- a/scm-ui/ui-components/src/repos/changesets/Changesets.stories.tsx
+++ b/scm-ui/ui-components/src/repos/changesets/Changesets.stories.tsx
@@ -22,22 +22,22 @@
 * SOFTWARE.
 */

-import { storiesOf } from "@storybook/react";
+import {storiesOf} from "@storybook/react";
 import * as React from "react";
 import styled from "styled-components";
-import { MemoryRouter } from "react-router-dom";
+import {MemoryRouter} from "react-router-dom";
 import repository from "../../__resources__/repository";
 import ChangesetRow from "./ChangesetRow";
-import { one, two, three, four, five } from "../../__resources__/changesets";
-import { Binder, BinderContext } from "@scm-manager/ui-extensions";
+import {one, two, three, four, five} from "../../__resources__/changesets";
+import {Binder, BinderContext} from "@scm-manager/ui-extensions";
 // @ts-ignore
 import hitchhiker from "../../__resources__/hitchhiker.png";
-import { Person } from "../../avatar/Avatar";
-import { Changeset } from "@scm-manager/ui-types";
-import { Replacement } from "../../SplitAndReplace";
+import {Person} from "../../avatar/Avatar";
+import {Changeset} from "@scm-manager/ui-types";
+import {Replacement} from "../../SplitAndReplace";

 const Wrapper = styled.div`
-  margin: 4rem;
+  margin: 25rem 4rem;
 `;

 const robohash = (person: Person) => {
@@ -49,7 +49,7 @@ const withAvatarFactory = (factory: (person: Person) => string, changeset: Chang
  binder.bind("avatar.factory", factory);
  return (
    <BinderContext.Provider value={binder}>
-      <ChangesetRow repository={repository} changeset={changeset} />
+      <ChangesetRow repository={repository} changeset={changeset}/>
    </BinderContext.Provider>
  );
 };
@@ -62,22 +62,22 @@ const withReplacements = (
  replacements.forEach(replacement => binder.bind("changeset.description.tokens", replacement));
  return (
    <BinderContext.Provider value={binder}>
-      <ChangesetRow repository={repository} changeset={changeset} />
+      <ChangesetRow repository={repository} changeset={changeset}/>
    </BinderContext.Provider>
  );
 };

 function copy<T>(input: T): T {
  return JSON.parse(JSON.stringify(input));
-};
+}

 storiesOf("Changesets", module)
  .addDecorator(story => <MemoryRouter initialEntries={["/"]}>{story()}</MemoryRouter>)
  .addDecorator(storyFn => <Wrapper className="box box-link-shadow">{storyFn()}</Wrapper>)
-  .add("Default", () => <ChangesetRow repository={repository} changeset={three} />)
-  .add("With Committer", () => <ChangesetRow repository={repository} changeset={two} />)
-  .add("With Committer and Co-Author", () => <ChangesetRow repository={repository} changeset={one} />)
-  .add("With multiple Co-Authors", () => <ChangesetRow repository={repository} changeset={four} />)
+  .add("Default", () => <ChangesetRow repository={repository} changeset={three}/>)
+  .add("With Committer", () => <ChangesetRow repository={repository} changeset={two}/>)
+  .add("With Committer and Co-Author", () => <ChangesetRow repository={repository} changeset={one}/>)
+  .add("With multiple Co-Authors", () => <ChangesetRow repository={repository} changeset={four}/>)
  .add("With avatar", () => {
    return withAvatarFactory(() => hitchhiker, three);
  })
@@ -92,8 +92,8 @@ storiesOf("Changesets", module)
    const mail = <a href={"mailto:hog@example.com"}>Arthur</a>;
    return withReplacements(
      [
-        () => [{ textToReplace: "HOG-42", replacement: link }],
-        () => [{ textToReplace: "arthur@guide.galaxy", replacement: mail }]
+        () => [{textToReplace: "HOG-42", replacement: link}],
+        () => [{textToReplace: "arthur@guide.galaxy", replacement: mail}]
      ],
      five
    );
@@ -105,7 +105,7 @@ storiesOf("Changesets", module)
      type: "gpg",
      status: "NOT_FOUND"
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With valid signature", () => {
    const changeset = copy(three);
@@ -119,7 +119,7 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With unowned signature", () => {
    const changeset = copy(three);
@@ -132,7 +132,7 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With contactless signature", () => {
    const changeset = copy(three);
@@ -142,7 +142,7 @@ storiesOf("Changesets", module)
      status: "VERIFIED",
      owner: "trillian"
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With invalid signature", () => {
    const changeset = copy(three);
@@ -156,7 +156,7 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With multiple signatures and invalid status", () => {
    const changeset = copy(three);
@@ -188,7 +188,7 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With multiple signatures and valid status", () => {
    const changeset = copy(three);
@@ -220,7 +220,7 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  })
  .add("With multiple signatures and not found status", () => {
    const changeset = copy(three);
@@ -243,5 +243,5 @@ storiesOf("Changesets", module)
        mail: "trillian@hitchhiker.com"
      }]
    }];
-    return <ChangesetRow repository={repository} changeset={changeset} />;
+    return <ChangesetRow repository={repository} changeset={changeset}/>;
  });
--- a/scm-ui/ui-components/src/repos/changesets/SignatureIcon.tsx
+++ b/scm-ui/ui-components/src/repos/changesets/SignatureIcon.tsx
@@ -57,12 +57,12 @@ const SignatureIcon: FC<Props> = ({signatures, className}) => {
    return null;
  }

-  const getColor = (signatures: Signature[]) => {
-    const invalid = signatures.some(sig => sig.status === "INVALID");
+  const getColor = (signaturesToVerify: Signature[]) => {
+    const invalid = signaturesToVerify.some(sig => sig.status === "INVALID");
    if (invalid) {
      return "danger";
    }
-    const verified = signatures.some(sig => sig.status === "VERIFIED");
+    const verified = signaturesToVerify.some(sig => sig.status === "VERIFIED");
    if (verified) {
      return "success";
    }
@@ -104,7 +104,7 @@ const SignatureIcon: FC<Props> = ({signatures, className}) => {

  return (
    <>
-      <Popover title={<h1>{t("changeset.signatures")}</h1>} width={500} {...popoverProps}>
+      <Popover title={<h1 className="has-text-weight-bold is-size-5">{t("changeset.signatures")}</h1>} width={500} {...popoverProps}>
        <StyledDiv>
          {signatureElements}
        </StyledDiv>
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultGPG.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultGPG.java
@@ -77,7 +77,7 @@ public class DefaultGPG implements GPG {
  public Optional<PublicKey> findPublicKey(String id) {
    Optional<RawGpgKey> key = publicKeyStore.findById(id);

-    return key.map(rawGpgKey -> new DefaultPublicKey(rawGpgKey.getId(), rawGpgKey.getOwner(), rawGpgKey.getRaw(), rawGpgKey.getContacts()));
+    return key.map(RawGpgKeyToDefaultPublicKeyMapper::map);
  }

  @Override
@@ -109,12 +109,12 @@ public class DefaultGPG implements GPG {
        privateKeyStore.setForUserId(userId, rawPrivateKey);
        publicKeyStore.add("Default SCM-Manager Signing Key", userId, rawPublicKey, true);

-        return new DefaultPrivateKey(rawPrivateKey);
+        return DefaultPrivateKey.parseRaw(rawPrivateKey);
      } catch (PGPException | NoSuchAlgorithmException | NoSuchProviderException | IOException e) {
        throw new GPGException("Private key could not be generated", e);
      }
    } else {
-      return new DefaultPrivateKey(privateRawKey.get());
+      return DefaultPrivateKey.parseRaw(privateRawKey.get());
    }
  }

--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultPrivateKey.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/DefaultPrivateKey.java
@@ -37,22 +37,26 @@ import org.bouncycastle.openpgp.PGPSignatureGenerator;
 import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
 import sonia.scm.security.PrivateKey;

+import javax.validation.constraints.NotNull;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.util.Optional;

 class DefaultPrivateKey implements PrivateKey {

-  final Optional<PGPPrivateKey> privateKey;
+  static DefaultPrivateKey parseRaw(String rawPrivateKey) {
+    return new DefaultPrivateKey(KeysExtractor.extractPrivateKey(rawPrivateKey));
+  }

-  DefaultPrivateKey(String rawPrivateKey) {
-    privateKey = KeysExtractor.extractPrivateKey(rawPrivateKey);
+  private final PGPPrivateKey privateKey;
+
+  private DefaultPrivateKey(@NotNull PGPPrivateKey privateKey) {
+    this.privateKey = privateKey;
  }

  @Override
  public String getId() {
-    return privateKey.map(Keys::createId).orElse(null);
+    return Keys.createId(privateKey);
  }

  @Override
@@ -64,14 +68,10 @@ class DefaultPrivateKey implements PrivateKey {
        HashAlgorithmTags.SHA1).setProvider(BouncyCastleProvider.PROVIDER_NAME)
    );

-    if (privateKey.isPresent()) {
-      try {
-        signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, privateKey.get());
-      } catch (PGPException e) {
-        throw new GPGException("Could not initialize signature generator", e);
-      }
-    } else {
-      throw new GPGException("Missing private key");
+    try {
+      signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, privateKey);
+    } catch (PGPException e) {
+      throw new GPGException("Could not initialize signature generator", e);
    }

    ByteArrayOutputStream buffer = new ByteArrayOutputStream();
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/GPGKeyPairGenerator.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/GPGKeyPairGenerator.java
@@ -45,7 +45,9 @@ import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.util.Date;

-class GPGKeyPairGenerator {
+final class GPGKeyPairGenerator {
+  private GPGKeyPairGenerator() {}
+
  static PGPKeyRingGenerator generateKeyPair() throws PGPException, NoSuchProviderException, NoSuchAlgorithmException {
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
    keyPairGenerator.initialize(2048);
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/KeysExtractor.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/KeysExtractor.java
@@ -33,41 +33,31 @@ import org.bouncycastle.openpgp.PGPUtil;
 import org.bouncycastle.openpgp.jcajce.JcaPGPSecretKeyRingCollection;
 import org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
 import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;

 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.util.Optional;

-public class KeysExtractor {
+final class KeysExtractor {

  private KeysExtractor() {}

-  private static final Logger LOG = LoggerFactory.getLogger(KeysExtractor.class);
-
-  static Optional<PGPPrivateKey> extractPrivateKey(String rawKey) {
+  static PGPPrivateKey extractPrivateKey(String rawKey) {
    try (final InputStream decoderStream = PGPUtil.getDecoderStream(new ByteArrayInputStream(rawKey.getBytes()))) {
      JcaPGPSecretKeyRingCollection secretKeyRingCollection = new JcaPGPSecretKeyRingCollection(decoderStream);
-      final PGPPrivateKey privateKey = secretKeyRingCollection.getKeyRings().next().getSecretKey().extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().build(new char[]{}));
-      return Optional.of(privateKey);
+      return secretKeyRingCollection.getKeyRings().next().getSecretKey().extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().build(new char[]{}));
    } catch (Exception e) {
-      LOG.error("Invalid PGP key", e);
-      return Optional.empty();
+      throw new GPGException("Invalid PGP key", e);
    }
  }

-  static Optional<PGPPublicKey> extractPublicKey(String rawKey) {
+  static PGPPublicKey extractPublicKey(String rawKey) {
    try {
      ArmoredInputStream armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(rawKey.getBytes()));
      PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream, new JcaKeyFingerprintCalculator());
-      PGPPublicKey publicKey = ((PGPPublicKeyRing) pgpObjectFactory.nextObject()).getPublicKey();
-      return Optional.of(publicKey);
-
+      return ((PGPPublicKeyRing) pgpObjectFactory.nextObject()).getPublicKey();
    } catch (IOException e) {
-      LOG.error("Invalid PGP key", e);
+      throw new GPGException("Invalid PGP key", e);
    }
-    return Optional.empty();
  }
 }
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/PublicKeyStore.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/PublicKeyStore.java
@@ -84,7 +84,7 @@ public class PublicKeyStore {
    RawGpgKey key = new RawGpgKey(master, displayName, username, rawKey, getContactsFromPublicKey(rawKey), Instant.now(), readonly);

    store.put(master, key);
-    eventBus.post(new PublicKeyCreatedEvent(new DefaultPublicKey(key.getId(), key.getOwner(), key.getRaw(), key.getContacts())));
+    eventBus.post(new PublicKeyCreatedEvent(RawGpgKeyToDefaultPublicKeyMapper.map(key)));

    return key;

@@ -92,8 +92,8 @@ public class PublicKeyStore {

  private Set<Person> getContactsFromPublicKey(String rawKey) {
    List<String> userIds = new ArrayList<>();
-    Optional<PGPPublicKey> publicKeyFromRawKey = extractPublicKey(rawKey);
-    publicKeyFromRawKey.ifPresent(pgpPublicKey -> pgpPublicKey.getUserIDs().forEachRemaining(userIds::add));
+    PGPPublicKey publicKeyFromRawKey = extractPublicKey(rawKey);
+    publicKeyFromRawKey.getUserIDs().forEachRemaining(userIds::add);

    return userIds.stream().map(Person::toPerson).collect(Collectors.toSet());
  }
@@ -104,7 +104,7 @@ public class PublicKeyStore {
      if (!rawGpgKey.isReadonly()) {
        UserPermissions.changePublicKeys(rawGpgKey.getOwner()).check();
        store.remove(id);
-        eventBus.post(new PublicKeyDeletedEvent(new DefaultPublicKey(rawGpgKey.getId(), rawGpgKey.getOwner(), rawGpgKey.getRaw(), rawGpgKey.getContacts())));
+        eventBus.post(new PublicKeyDeletedEvent(RawGpgKeyToDefaultPublicKeyMapper.map(rawGpgKey)));
      } else {
        throw new DeletingReadonlyKeyNotAllowedException(id);
      }
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/RawGpgKey.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/RawGpgKey.java
@@ -27,7 +27,6 @@ package sonia.scm.security.gpg;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
-import lombok.Setter;
 import sonia.scm.repository.Person;
 import sonia.scm.xml.XmlInstantAdapter;

--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/RawGpgKeyToDefaultPublicKeyMapper.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/RawGpgKeyToDefaultPublicKeyMapper.java
@@ -0,0 +1,37 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.security.gpg;
+
+import sonia.scm.security.PublicKey;
+
+final class RawGpgKeyToDefaultPublicKeyMapper {
+
+  private RawGpgKeyToDefaultPublicKeyMapper() {}
+
+  static PublicKey map(RawGpgKey key) {
+    return new DefaultPublicKey(key.getId(), key.getOwner(), key.getRaw(), key.getContacts());
+  }
+
+}
--- a/scm-webapp/src/test/java/sonia/scm/security/gpg/DefaultGPGTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/gpg/DefaultGPGTest.java
@@ -144,8 +144,8 @@ class DefaultGPGTest {
  void shouldImportExportedGeneratedPrivateKey() throws NoSuchProviderException, NoSuchAlgorithmException, PGPException, IOException {
    final PGPKeyRingGenerator keyRingGenerator = GPGKeyPairGenerator.generateKeyPair();
    final String exportedPrivateKey = GPGKeyExporter.exportKeyRing(keyRingGenerator.generateSecretKeyRing());
-    final Optional<PGPPrivateKey> privateKey = KeysExtractor.extractPrivateKey(exportedPrivateKey);
-    assertThat(privateKey).isPresent();
+    final PGPPrivateKey privateKey = KeysExtractor.extractPrivateKey(exportedPrivateKey);
+    assertThat(privateKey).isNotNull();
  }

  @Test
@@ -155,12 +155,13 @@ class DefaultGPGTest {
    ThreadContext.bind(subjectUnderTest);

    String raw = GPGTestHelper.readResourceAsString("private-key.asc");
-    final DefaultPrivateKey privateKey = new DefaultPrivateKey(raw);
+    final DefaultPrivateKey privateKey = DefaultPrivateKey.parseRaw(raw);
    final byte[] signature = privateKey.sign("This is a test commit".getBytes());
    final String signatureString = new String(signature);
    assertThat(signature).isNotEmpty();
-    assertThat(signatureString).startsWith("-----BEGIN PGP SIGNATURE-----");
-    assertThat(signatureString).contains("-----END PGP SIGNATURE-----");
+    assertThat(signatureString)
+      .startsWith("-----BEGIN PGP SIGNATURE-----")
+      .contains("-----END PGP SIGNATURE-----");
  }

  @Test
--- a/scm-webapp/src/test/java/sonia/scm/security/gpg/GPGKeyExporterTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/gpg/GPGKeyExporterTest.java
@@ -70,14 +70,16 @@ class GPGKeyExporterTest {
    final PGPKeyRingGenerator keyRingGenerator = GPGKeyPairGenerator.generateKeyPair();

    final String exportedPublicKey = GPGKeyExporter.exportKeyRing(keyRingGenerator.generatePublicKeyRing());
-    assertThat(exportedPublicKey).isNotBlank();
-    assertThat(exportedPublicKey).startsWith("-----BEGIN PGP PUBLIC KEY BLOCK-----");
-    assertThat(exportedPublicKey).contains("-----END PGP PUBLIC KEY BLOCK-----");
+    assertThat(exportedPublicKey)
+      .isNotBlank()
+      .startsWith("-----BEGIN PGP PUBLIC KEY BLOCK-----")
+      .contains("-----END PGP PUBLIC KEY BLOCK-----");

    final String exportedPrivateKey = GPGKeyExporter.exportKeyRing(keyRingGenerator.generateSecretKeyRing());
-    assertThat(exportedPrivateKey).isNotBlank();
-    assertThat(exportedPrivateKey).startsWith("-----BEGIN PGP PRIVATE KEY BLOCK-----");
-    assertThat(exportedPrivateKey).contains("-----END PGP PRIVATE KEY BLOCK-----");
+    assertThat(exportedPrivateKey)
+      .isNotBlank()
+      .startsWith("-----BEGIN PGP PRIVATE KEY BLOCK-----")
+      .contains("-----END PGP PRIVATE KEY BLOCK-----");
  }

 }
--- a/scm-webapp/src/test/java/sonia/scm/security/gpg/KeysExtractorTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/gpg/KeysExtractorTest.java
@@ -29,7 +29,6 @@ import org.bouncycastle.openpgp.PGPPublicKey;
 import org.junit.jupiter.api.Test;

 import java.io.IOException;
-import java.util.Optional;

 import static org.assertj.core.api.Assertions.assertThat;

@@ -39,17 +38,17 @@ class KeysExtractorTest {
  void shouldExtractPublicKeyFromRawKey() throws IOException {
    String raw = GPGTestHelper.readResourceAsString("single.asc");

-    Optional<PGPPublicKey> publicKey = KeysExtractor.extractPublicKey(raw);
+    PGPPublicKey publicKey = KeysExtractor.extractPublicKey(raw);

-    assertThat(publicKey).isPresent();
-    assertThat(Long.toHexString(publicKey.get().getKeyID())).isEqualTo("975922f193b07d6e");
+    assertThat(publicKey).isNotNull();
+    assertThat(Long.toHexString(publicKey.getKeyID())).isEqualTo("975922f193b07d6e");
  }

  @Test
  void shouldExtractPrivateKeyFromRawKey() throws IOException {
    String raw = GPGTestHelper.readResourceAsString("private-key.asc");
-    final Optional<PGPPrivateKey> privateKey = KeysExtractor.extractPrivateKey(raw);
-    assertThat(privateKey).isPresent();
+    final PGPPrivateKey privateKey = KeysExtractor.extractPrivateKey(raw);
+    assertThat(privateKey).isNotNull();
  }

 }
--- a/scm-webapp/src/test/java/sonia/scm/security/gpg/PrivateKeyStoreTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/gpg/PrivateKeyStoreTest.java
@@ -24,11 +24,9 @@

 package sonia.scm.security.gpg;

-import org.assertj.core.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
-import org.mockito.Mockito;
 import org.mockito.junit.jupiter.MockitoExtension;
 import sonia.scm.store.DataStoreFactory;
 import sonia.scm.store.InMemoryDataStoreFactory;
@@ -36,7 +34,6 @@ import sonia.scm.store.InMemoryDataStoreFactory;
 import java.util.Optional;

 import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.jupiter.api.Assertions.*;

@ExtendWith(MockitoExtension.class)
 class PrivateKeyStoreTest {
@@ -61,7 +58,6 @@ class PrivateKeyStoreTest {
  void setForUserId() {
    keyStore.setForUserId("testId", "Test Key");
    final Optional<String> rawKey = keyStore.getForUserId("testId");
-    assertThat(rawKey).isNotEmpty();
-    assertThat(rawKey.get()).isEqualTo("Test Key");
+    assertThat(rawKey).contains("Test Key");
  }
 }