Added Artifact Hash Checking

Author: PulseBeat02

README.md

@@ -7,7 +7,7 @@ Bukkit Plugins. Example code can be seen here:
         .setApplicationName("MyPlugin")
         .addArtifact(ofArtifact("me:lucko", "jar-relocator", "1.5"))
         .addRelocation(ofRelocation("me:lucko", "io:github:pulsebeat02:lucko"))
-        .createEMCDepManagement();
+        .create();
     management.load();
 ```
 
@@ -16,13 +16,13 @@ Bukkit Plugins. Example code can be seen here:
 1) Add the repository:
 ```kotlin
     repositories {
-        maven("https://pulsebeat02.jfrog.io/artifactory/pulse-gradle-release-local");
+        maven("https://pulsebeat02.jfrog.io/artifactory/pulse-gradle-release-local/");
     }
 ```
 
 2) Add the dependency:
 ```kotlin
     dependencies {
-        implementation("io.github.pulsebeat02", "emc-dependency-management", "v1.0.1")
+        implementation("io.github.pulsebeat02", "emc-dependency-management", "v1.0.0")
     }
 ```

src/main/java/io/github/pulsebeat02/emcdependencymanagement/EMCDepManagement.java

@@ -39,16 +39,19 @@
 
 public final class EMCDepManagement {
 
+  private final SimpleLogger logger;
   private final Collection<Artifact> artifacts;
   private final Collection<Relocation> relocations;
   private final Collection<Repository> repositories;
   private final Path folder;
 
   EMCDepManagement(
+      final SimpleLogger logger,
       final Collection<Artifact> artifacts,
       final Collection<Relocation> relocations,
       final Collection<Repository> repositories,
       final Path folder) {
+    this.logger = logger;
     this.artifacts = artifacts == null ? new ArrayList<>() : artifacts;
     this.relocations = relocations == null ? new ArrayList<>() : relocations;
     this.repositories = repositories == null ? new ArrayList<>() : repositories;
@@ -82,7 +85,7 @@ private void relocate(final Collection<Path> paths) throws IOException {
 
   private Collection<Path> installedJars(final Collection<Artifact> download) throws IOException {
     final JarInstaller installer =
-        JarInstaller.ofInstaller(download, this.repositories, this.folder);
+        JarInstaller.ofInstaller(this.logger, download, this.repositories, this.folder);
     return installer.install();
   }
 
@@ -97,15 +100,53 @@ private Collection<Path> getJars() throws IOException {
     }
   }
 
+  public SimpleLogger getLogger() {
+    return this.logger;
+  }
+
+  public Collection<Artifact> getArtifacts() {
+    return this.artifacts;
+  }
+
+  public Collection<Relocation> getRelocations() {
+    return this.relocations;
+  }
+
+  public Collection<Repository> getRepositories() {
+    return this.repositories;
+  }
+
+  public Path getFolder() {
+    return this.folder;
+  }
+
   public static class Builder {
 
+    private SimpleLogger logger;
     private Collection<Artifact> artifacts;
     private Collection<Relocation> relocations;
     private Collection<Repository> repositories;
     private Path folder;
     private String name;
 
     {
+      this.logger =
+          new SimpleLogger() {
+            @Override
+            public void info(final String line) {
+              System.out.printf("[INFO] %s%n", line);
+            }
+
+            @Override
+            public void warning(final String line) {
+              System.out.printf("[WARN] %s%n", line);
+            }
+
+            @Override
+            public void error(final String line) {
+              System.err.printf("[ERROR] %s%n", line);
+            }
+          };
       this.artifacts = new ArrayList<>();
       this.relocations = new ArrayList<>();
       this.repositories = new ArrayList<>();
@@ -151,10 +192,16 @@ public Builder setFolder(final Path folder) {
       return this;
     }
 
-    public EMCDepManagement createEMCDepManagement() throws IOException {
+    public Builder setLogger(final SimpleLogger logger) {
+      this.logger = logger;
+      return this;
+    }
+
+    public EMCDepManagement create() throws IOException {
       final Path file = (this.folder == null ? this.getFolder() : this.folder).resolve(this.name);
       this.createFile(file);
       return new EMCDepManagement(
+          this.logger,
           new ArrayList<>(this.artifacts),
           new ArrayList<>(this.relocations),
           new ArrayList<>(this.repositories),

src/main/java/io/github/pulsebeat02/emcdependencymanagement/SimpleLogger.java

@@ -0,0 +1,10 @@
+package io.github.pulsebeat02.emcdependencymanagement;
+
+public interface SimpleLogger {
+
+  void info(final String line);
+
+  void warning(final String line);
+
+  void error(final String line);
+}

src/main/java/io/github/pulsebeat02/emcdependencymanagement/component/Artifact.java

@@ -23,7 +23,7 @@
  */
 package io.github.pulsebeat02.emcdependencymanagement.component;
 
-import static io.github.pulsebeat02.emcdependencymanagement.util.Packages.correctPackage;
+import static io.github.pulsebeat02.emcdependencymanagement.util.PackageUtils.correctPackage;
 
 public final class Artifact {
 

src/main/java/io/github/pulsebeat02/emcdependencymanagement/component/Relocation.java

@@ -23,7 +23,7 @@
  */
 package io.github.pulsebeat02.emcdependencymanagement.component;
 
-import static io.github.pulsebeat02.emcdependencymanagement.util.Packages.correctPackage;
+import static io.github.pulsebeat02.emcdependencymanagement.util.PackageUtils.correctPackage;
 
 public final class Relocation {
 

src/main/java/io/github/pulsebeat02/emcdependencymanagement/component/downloader/JarInstaller.java

@@ -1,30 +1,29 @@
 /**
  * MIT License
  *
- * Copyright (c) 2021 Brandon Li
+ * <p>Copyright (c) 2021 Brandon Li
  *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
+ * <p>Permission is hereby granted, free of charge, to any person obtaining a copy of this software
+ * and associated documentation files (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge, publish, distribute,
+ * sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
  *
- * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
+ * <p>The above copyright notice and this permission notice shall be included in all copies or
+ * substantial portions of the Software.
  *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
+ * <p>THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
+ * BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  */
 package io.github.pulsebeat02.emcdependencymanagement.component.downloader;
 
+import io.github.pulsebeat02.emcdependencymanagement.SimpleLogger;
 import io.github.pulsebeat02.emcdependencymanagement.component.Artifact;
 import io.github.pulsebeat02.emcdependencymanagement.component.Repository;
+import io.github.pulsebeat02.emcdependencymanagement.util.FileUtils;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.HttpURLConnection;
@@ -35,20 +34,25 @@
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.HashSet;
+import java.util.Locale;
 import java.util.Optional;
+import java.util.Scanner;
 import java.util.Set;
 
 public final class JarInstaller {
 
+  private final SimpleLogger logger;
   private final Collection<Artifact> artifacts;
   private final Collection<Repository> repositories;
   private final Set<Path> paths;
   private final Path target;
 
   JarInstaller(
+      final SimpleLogger logger,
       final Collection<Artifact> artifacts,
       final Collection<Repository> repositories,
       final Path target) {
+    this.logger = logger;
     this.artifacts = artifacts;
     this.repositories = repositories;
     this.target = target;
@@ -58,10 +62,11 @@ public final class JarInstaller {
   }
 
   public static JarInstaller ofInstaller(
+      final SimpleLogger logger,
       final Collection<Artifact> artifacts,
       final Collection<Repository> repositories,
       final Path target) {
-    return new JarInstaller(artifacts, repositories, target);
+    return new JarInstaller(logger, artifacts, repositories, target);
   }
 
   public Collection<Path> install() throws IOException {
@@ -87,18 +92,46 @@ private void downloadJarExceptionally(final String url) {
     try {
       this.downloadJar(url);
     } catch (final IOException e) {
-      e.printStackTrace();
+      this.logger.error(String.format("Failed to download JAR located at url %s!", url));
     }
   }
 
   private void downloadJar(final String url) throws IOException {
+
+    final Path jarPath = this.downloadFile(url);
+    if (this.checkHash(jarPath, url)) {
+      this.downloadJar(url);
+    }
+
+    this.paths.add(jarPath);
+  }
+
+  private boolean checkHash(final Path jarPath, final String url) throws IOException {
+
+    final String originalHash = this.getCheckSumArtifact(url);
+    final String newHash = FileUtils.getUppercaseHash(jarPath);
+    if (originalHash.isEmpty()) {
+      this.logger.warning(
+          String.format("Could not retrieve SHA1 hash for artifact %s! Skipping hash check!", url));
+      return false;
+    }
+
+    if (!originalHash.equals(newHash)) {
+      Files.deleteIfExists(jarPath);
+      return true;
+    }
+
+    return false;
+  }
+
+  private Path downloadFile(final String url) throws IOException {
     final URL website = new URL(url);
     final String jar = this.getFilename(url);
     final Path jarPath = this.target.resolve(jar);
     try (final InputStream in = website.openStream()) {
       Files.copy(in, jarPath, StandardCopyOption.REPLACE_EXISTING);
     }
-    this.paths.add(jarPath);
+    return jarPath;
   }
 
   private String getFilename(final String url) {
@@ -117,9 +150,7 @@ private Optional<String> tryRepository(final Repository repository, final String
   }
 
   private boolean isValidUrl(final String url) throws IOException {
-    final HttpURLConnection con = (HttpURLConnection) new URL(url).openConnection();
-    con.setRequestMethod("HEAD");
-    return con.getResponseCode() == HttpURLConnection.HTTP_OK;
+    return this.createConnection(url).getResponseCode() == HttpURLConnection.HTTP_OK;
   }
 
   private String getAppendedUrl(final Artifact artifact) {
@@ -130,6 +161,20 @@ private String getAppendedUrl(final Artifact artifact) {
     return String.format("%s/%s/%s/%s", groupId, artifactId, version, jar);
   }
 
+  private String getCheckSumArtifact(final String url) throws IOException {
+    final String hashUrl = String.format("%s.sha1", url);
+    try (final Scanner scanner =
+        new Scanner(new URL(hashUrl).openStream(), "UTF-8").useDelimiter("\\A")) {
+      return scanner.next().toUpperCase(Locale.ROOT);
+    }
+  }
+
+  private HttpURLConnection createConnection(final String url) throws IOException {
+    final HttpURLConnection con = (HttpURLConnection) new URL(url).openConnection();
+    con.setRequestMethod("HEAD");
+    return con;
+  }
+
   public Collection<Artifact> getArtifacts() {
     return this.artifacts;
   }

src/main/java/io/github/pulsebeat02/emcdependencymanagement/util/FileUtils.java

@@ -0,0 +1,51 @@
+package io.github.pulsebeat02.emcdependencymanagement.util;
+
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.MessageDigest;
+import java.util.Locale;
+
+public final class FileUtils {
+
+  private static final byte[] HEX_ARRAY;
+
+  static {
+    HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
+  }
+
+  private FileUtils() {}
+
+  public static String getUppercaseHash(final Path file) {
+    try {
+      return bytesToHex(createByteSHA(file)).toUpperCase(Locale.ROOT);
+    } catch (final Exception e) {
+      throw new AssertionError(String.format("Failed to get hash of file for %s!", file));
+    }
+  }
+
+  private static byte[] createByteSHA(final Path file) throws Exception {
+    final MessageDigest digest = MessageDigest.getInstance("SHA-1");
+    final InputStream fis = Files.newInputStream(file);
+    int n = 0;
+    final byte[] buffer = new byte[8192];
+    while (n != -1) {
+      n = fis.read(buffer);
+      if (n > 0) {
+        digest.update(buffer, 0, n);
+      }
+    }
+    return digest.digest();
+  }
+
+  private static String bytesToHex(final byte[] bytes) {
+    final byte[] hexChars = new byte[bytes.length << 1];
+    for (int j = 0; j < bytes.length; j++) {
+      final int v = bytes[j] & 0xFF;
+      hexChars[j * 2] = HEX_ARRAY[v >>> 4];
+      hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
+    }
+    return new String(hexChars, StandardCharsets.UTF_8);
+  }
+}

src/main/java/io/github/pulsebeat02/emcdependencymanagement/util/Packages.java renamed to src/main/java/io/github/pulsebeat02/emcdependencymanagement/util/PackageUtils.java

@@ -23,9 +23,9 @@
  */
 package io.github.pulsebeat02.emcdependencymanagement.util;
 
-public final class Packages {
+public final class PackageUtils {
 
-  private Packages() {}
+  private PackageUtils() {}
 
   public static String correctPackage(final String name) {
     return name.replace(':', '.');