PushCertificateChecker: Convert to a builder pattern

Change-Id: Ic32ad26ea89b5cbe9c0c4bfa33ace23d09a35750

gerrit-gpg/src/main/java/com/google/gerrit/gpg/GerritPushCertificateChecker.java

@@ -26,8 +26,7 @@ import java.io.IOException;
 
 public class GerritPushCertificateChecker extends PushCertificateChecker {
   public interface Factory {
-    GerritPushCertificateChecker create(IdentifiedUser expectedUser,
+    GerritPushCertificateChecker create(IdentifiedUser expectedUser);
-        boolean checkNonce);
   }
 
   private final GitRepositoryManager repoManager;
@@ -38,9 +37,8 @@ public class GerritPushCertificateChecker extends PushCertificateChecker {
       GerritPublicKeyChecker.Factory keyCheckerFactory,
       GitRepositoryManager repoManager,
       AllUsersName allUsers,
-      @Assisted IdentifiedUser expectedUser,
+      @Assisted IdentifiedUser expectedUser) {
-      @Assisted boolean checkNonce) {
+    super(keyCheckerFactory.create().setExpectedUser(expectedUser));
-    super(keyCheckerFactory.create().setExpectedUser(expectedUser), checkNonce);
     this.repoManager = repoManager;
     this.allUsers = allUsers;
   }

gerrit-gpg/src/main/java/com/google/gerrit/gpg/PushCertificateChecker.java

@@ -67,12 +67,18 @@ public abstract class PushCertificateChecker {
   }
 
   private final PublicKeyChecker publicKeyChecker;
-  private final boolean checkNonce;
 
-  protected PushCertificateChecker(PublicKeyChecker publicKeyChecker,
+  private boolean checkNonce;
-      boolean checkNonce) {
+
+  protected PushCertificateChecker(PublicKeyChecker publicKeyChecker) {
     this.publicKeyChecker = publicKeyChecker;
+    checkNonce = true;
+  }
+
+  /** Set whether to check the status of the nonce; defaults to true. */
+  public PushCertificateChecker setCheckNonce(boolean checkNonce) {
     this.checkNonce = checkNonce;
+    return this;
   }
 
   /**

gerrit-gpg/src/main/java/com/google/gerrit/gpg/SignedPushPreReceiveHook.java

@@ -54,7 +54,8 @@ public class SignedPushPreReceiveHook implements PreReceiveHook {
     if (cert == null) {
       return;
     }
-    CheckResult result = checkerFactory.create(user.get(), true)
+    CheckResult result = checkerFactory.create(user.get())
+        .setCheckNonce(true)
         .check(cert)
         .getCheckResult();
     if (!isAllowed(result, commands)) {

gerrit-gpg/src/main/java/com/google/gerrit/gpg/api/GpgApiAdapterImpl.java

@@ -95,8 +95,10 @@ public class GpgApiAdapterImpl implements GpgApiAdapter {
       IdentifiedUser expectedUser) throws GpgException {
     try {
       PushCertificate cert = PushCertificateParser.fromString(certStr);
-      PushCertificateChecker.Result result =
+      PushCertificateChecker.Result result = pushCertCheckerFactory
-          pushCertCheckerFactory.create(expectedUser, false).check(cert);
+          .create(expectedUser)
+          .setCheckNonce(false)
+          .check(cert);
       PushCertificateInfo info = new PushCertificateInfo();
       info.certificate = certStr;
       info.key = GpgKeys.toJson(result.getPublicKey(), result.getCheckResult());

gerrit-gpg/src/test/java/com/google/gerrit/gpg/PushCertificateCheckerTest.java

@@ -72,7 +72,7 @@ public class PushCertificateCheckerTest {
   }
 
   private PushCertificateChecker newChecker(boolean checkNonce) {
-    return new PushCertificateChecker(new PublicKeyChecker(), checkNonce) {
+    return new PushCertificateChecker(new PublicKeyChecker()) {
       @Override
       protected Repository getRepository() {
         return tr.getRepository();
@@ -82,7 +82,7 @@ public class PushCertificateCheckerTest {
       protected boolean shouldClose(Repository repo) {
         return false;
       }
-    };
+    }.setCheckNonce(checkNonce);
   }
 
   @Test