Amendments in javadocs and README.

Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>

java-spiffe-core/src/main/java/io/spiffe/svid/x509svid/X509SvidValidator.java

@@ -46,7 +46,7 @@ public class X509SvidValidator {
     }
 
     /**
-     * Checks that the X.509 SVID provided has a SPIFFE ID that is in the list of accepted SPIFFE IDs supplied.
+     * Checks that the X.509 SVID provided has a SPIFFE ID that is in the Set of accepted SPIFFE IDs supplied.
      *
      * @param x509Certificate            a {@link X509Svid} with a SPIFFE ID to be verified
      * @param acceptedSpiffeIdsSupplier a {@link Supplier} of a Set of SPIFFE IDs that are accepted

java-spiffe-provider/README.md

@@ -23,7 +23,7 @@ will trust for TLS connections:
 See [HttpsServer example](src/main/java/spiffe/provider/examples/HttpsServer.java).
 
 Alternatively, a different Workload API address can be used by passing it to the X509Source creation method, and a
-`Supplier` of a list of accepted SPIFFE IDs can be provided as part of the `SslContextOptions`:
+`Supplier` of a Set of accepted SPIFFE IDs can be provided as part of the `SslContextOptions`:
 
 ```
     X509SourceOptions sourceOptions = X509SourceOptions
@@ -183,8 +183,8 @@ with a [X509Source instance](../java-spiffe-core/README.md#x509source).
     X509Source x509Source = X509Source.newSource();
     KeyManager keyManager = new SpiffeKeyManager(x509Source);
 
-    // TrustManager gets the X509Source and the supplier of the list of accepted SPIFFE IDs.
-    TrustManager trustManager = new SpiffeTrustManager(x509Source, () -> SpiffeIdUtils.toListOfSpiffeIds("spiffe://example.org/workload-client", ','));
+    // TrustManager gets the X509Source and the supplier of the Set of accepted SPIFFE IDs.
+    TrustManager trustManager = new SpiffeTrustManager(x509Source, () -> SpiffeIdUtils.toSetOfSpiffeIds("spiffe://example.org/workload-client", ','));
 
     SslContextBuilder sslContextBuilder =
             SslContextBuilder
@@ -205,7 +205,7 @@ the GRPC SSL context, analogous to the config for the Server:
 ``` 
     X509Source x509Source = X509Source.newSource();
     KeyManager keyManager = new SpiffeKeyManager(x509Source);
-    TrustManager trustManager = new SpiffeTrustManager(x509Source, () -> SpiffeIdUtils.toListOfSpiffeIds("spiffe://example.org/workload-server", ','));
+    TrustManager trustManager = new SpiffeTrustManager(x509Source, () -> SpiffeIdUtils.toSetOfSpiffeIds("spiffe://example.org/workload-server", ','));
 
     SslContextBuilder sslContextBuilder = SslContextBuilder
             .forClient()

java-spiffe-provider/src/main/java/io/spiffe/provider/SpiffeProviderConstants.java

@@ -6,7 +6,7 @@ package io.spiffe.provider;
 public final class SpiffeProviderConstants {
 
     /**
-     * Name of the property to get the list of accepted SPIFFE IDs.
+     * Name of the property to get the Set of accepted SPIFFE IDs.
      * This property is read in the java.security file or from a System property.
      */
     public static final String SSL_SPIFFE_ACCEPT_PROPERTY = "ssl.spiffe.accept";

java-spiffe-provider/src/main/java/io/spiffe/provider/SpiffeSslContextFactory.java

@@ -27,7 +27,7 @@ public final class SpiffeSslContextFactory {
      * that are backed by the Workload API via a {@link X509Source}.
      *
      * @param options {@link SslContextOptions}. The option {@link X509Source} must be not null.
-     *                If the option acceptedSpiffeIdsSupplier is not provided, the list of accepted SPIFFE IDs
+     *                If the option acceptedSpiffeIdsSupplier is not provided, the Set of accepted SPIFFE IDs
      *                is read from the Security or System Property ssl.spiffe.accept.
      *                If the sslProtocol is not provided, the default TLSv1.2 is used.
      * @return a {@link SSLContext}

java-spiffe-provider/src/main/java/io/spiffe/provider/SpiffeTrustManager.java

@@ -21,7 +21,7 @@ import java.util.function.Supplier;
  * Implementation of an X.509 TrustManager for the SPIFFE Provider.
  * <p>
  * Provides methods to validate the X.509 certificate chain using trusted certs provided by a {@link BundleSource}
- * maintained via the Workload API and to verify the SPIFFE ID against a List of accepted SPIFFE IDs provided by a Supplier.
+ * maintained via the Workload API and to verify the SPIFFE ID against a Set of accepted SPIFFE IDs provided by a Supplier.
  */
 public final class SpiffeTrustManager extends X509ExtendedTrustManager {
 
@@ -33,7 +33,7 @@ public final class SpiffeTrustManager extends X509ExtendedTrustManager {
      * Constructor.
      * <p>
      * Creates a SpiffeTrustManager with an X.509 bundle source used to provide the trusted bundles,
-     * and a {@link Supplier} of a List of accepted {@link SpiffeId} to be used during peer SVID validation.
+     * and a {@link Supplier} of a Set of accepted {@link SpiffeId} to be used during peer SVID validation.
      *
      * @param x509BundleSource          an implementation of a {@link BundleSource}
      * @param acceptedSpiffeIdsSupplier a {@link Supplier} of a Set of accepted SPIFFE IDs.
@@ -52,7 +52,7 @@ public final class SpiffeTrustManager extends X509ExtendedTrustManager {
      * and a flag to indicate that any SPIFFE ID will be accepted.
      *
      * @param x509BundleSource  an implementation of a {@link BundleSource}
-     * @param acceptAnySpiffeId a Supplier of a list of accepted SPIFFE IDs.
+     * @param acceptAnySpiffeId a Supplier of a Set of accepted SPIFFE IDs.
      */
     public SpiffeTrustManager(@NonNull final BundleSource<X509Bundle> x509BundleSource,
                               final boolean acceptAnySpiffeId) {
@@ -67,7 +67,7 @@ public final class SpiffeTrustManager extends X509ExtendedTrustManager {
      * and is trusted for Client SSL authentication based on the authentication type.
      * <p>
      * Throws a {@link CertificateException} if the chain cannot be chained to a trusted bundled,
-     * or if the SPIFFE ID in the chain is not in the list of accepted SPIFFE IDs.
+     * or if the SPIFFE ID in the chain is not in the Set of accepted SPIFFE IDs.
      *
      * @param chain    the peer certificate chain
      * @param authType not used
@@ -84,7 +84,7 @@ public final class SpiffeTrustManager extends X509ExtendedTrustManager {
      * and is trusted for Server SSL authentication based on the authentication type.
      * <p>
      * Throws a {@link CertificateException} if the chain cannot be chained to a trusted bundled,
-     * or if the SPIFFE ID in the chain is not in the list of accepted SPIFFE IDs.
+     * or if the SPIFFE ID in the chain is not in the Set of accepted SPIFFE IDs.
      *
      * @param chain    the peer certificate chain
      * @param authType not used

java-spiffe-provider/src/main/java/io/spiffe/provider/SpiffeTrustManagerFactory.java

@@ -25,7 +25,7 @@ import static io.spiffe.provider.SpiffeProviderConstants.SSL_SPIFFE_ACCEPT_PROPE
  * <p>
  * The Java Security API will call <code>engineGetTrustManagers()</code> to get an instance of a {@link TrustManager}.
  * This TrustManager instance gets injected a {@link X509Source}, which implements {@link BundleSource} and keeps bundles updated.
- * The TrustManager also gets a Supplier of a List of accepted SPIFFE IDs used to validate the SPIFFE ID from the SVID
+ * The TrustManager also gets a Supplier of a Set of accepted SPIFFE IDs used to validate the SPIFFE ID from the SVID
  * presented by a peer during the handshake.
  *
  * @see SpiffeSslContextFactory