Resolve api review comments for azure-security-keyvault-jca

sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java

@@ -182,16 +182,19 @@ public static KeyStore getKeyVaultKeyStoreBySystemProperty()
         throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
 
         KeyStore keyStore = KeyStore.getInstance(KeyVaultJcaProvider.PROVIDER_NAME);
-        KeyVaultLoadStoreParameter keyVaultLoadStoreParameter = new KeyVaultLoadStoreParameter(
-            System.getProperty("azure.keyvault.uri"), System.getProperty("azure.keyvault.tenant-id"),
-            System.getProperty("azure.keyvault.client-id"), System.getProperty("azure.keyvault.client-secret"),
-            System.getProperty("azure.keyvault.managed-identity"), System.getProperty("azure.keyvault.access-token"));
+        KeyVaultLoadStoreParameter.Builder builder
+            = KeyVaultLoadStoreParameter.createBuilder(System.getProperty("azure.keyvault.uri"))
+                .tenantId(System.getProperty("azure.keyvault.tenant-id"))
+                .clientId(System.getProperty("azure.keyvault.client-id"))
+                .clientSecret(System.getProperty("azure.keyvault.client-secret"))
+                .managedIdentity(System.getProperty("azure.keyvault.managed-identity"))
+                .accessToken(System.getProperty("azure.keyvault.access-token"));
 
         if (Boolean.parseBoolean(System.getProperty("azure.keyvault.disable-challenge-resource-verification"))) {
-            keyVaultLoadStoreParameter.disableChallengeResourceVerification();
+            builder.disableChallengeResourceVerification();
         }
 
-        keyStore.load(keyVaultLoadStoreParameter);
+        keyStore.load(builder.build());
 
         return keyStore;
     }

sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java

@@ -50,19 +50,23 @@ public final class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParam
      * Constructor.
      *
      * @param keyVaultUri The Azure Key Vault URI.
+     * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API.
      */
+    @Deprecated
     public KeyVaultLoadStoreParameter(String keyVaultUri) {
-        this(keyVaultUri, null, null, null, null, null);
+        this(new Builder(keyVaultUri));
     }
 
     /**
      * Constructor.
      *
      * @param keyVaultUri The Azure Key Vault URI.
      * @param managedIdentity The managed identity.
+     * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API.
      */
+    @Deprecated
     public KeyVaultLoadStoreParameter(String keyVaultUri, String managedIdentity) {
-        this(keyVaultUri, null, null, null, managedIdentity, null);
+        this(new Builder(keyVaultUri).managedIdentity(managedIdentity));
     }
 
     /**
@@ -72,9 +76,11 @@ public KeyVaultLoadStoreParameter(String keyVaultUri, String managedIdentity) {
      * @param tenantId The tenant id.
      * @param clientId The client id.
      * @param clientSecret The client secret.
+     * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API.
      */
+    @Deprecated
     public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret) {
-        this(keyVaultUri, tenantId, clientId, clientSecret, null, null);
+        this(new Builder(keyVaultUri).tenantId(tenantId).clientId(clientId).clientSecret(clientSecret));
     }
 
     /**
@@ -85,31 +91,30 @@ public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String cl
      * @param clientId The client id.
      * @param clientSecret The client secret.
      * @param managedIdentity The managed identity.
+     * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API.
      */
+    @Deprecated
     public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret,
         String managedIdentity) {
-        this(keyVaultUri, tenantId, clientId, clientSecret, managedIdentity, null);
+        this(new Builder(keyVaultUri).tenantId(tenantId)
+            .clientId(clientId)
+            .clientSecret(clientSecret)
+            .managedIdentity(managedIdentity));
     }
 
     /**
-     * Constructor.
+     * Private constructor used by the builder.
      *
-     * @param keyVaultUri The Azure Key Vault URI.
-     * @param tenantId The tenant id.
-     * @param clientId The client id.
-     * @param clientSecret The client secret.
-     * @param managedIdentity The managed identity.
-     * @param accessToken The access token.
+     * @param builder The builder instance.
      */
-    public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret,
-        String managedIdentity, String accessToken) {
-
-        this.keyVaultUri = keyVaultUri;
-        this.tenantId = tenantId;
-        this.clientId = clientId;
-        this.clientSecret = clientSecret;
-        this.managedIdentity = managedIdentity;
-        this.accessToken = accessToken;
+    private KeyVaultLoadStoreParameter(Builder builder) {
+        this.keyVaultUri = builder.keyVaultUri;
+        this.tenantId = builder.tenantId;
+        this.clientId = builder.clientId;
+        this.clientSecret = builder.clientSecret;
+        this.managedIdentity = builder.managedIdentity;
+        this.accessToken = builder.accessToken;
+        this.disableChallengeResourceVerification = builder.disableChallengeResourceVerification;
     }
 
     /**
@@ -154,7 +159,7 @@ public String getManagedIdentity() {
      *
      * @return The access token.
      */
-    public String getAccessToken() {
+    String getAccessToken() {
         return accessToken;
     }
 
@@ -193,4 +198,116 @@ boolean isChallengeResourceVerificationDisabled() {
     public void disableChallengeResourceVerification() {
         disableChallengeResourceVerification = true;
     }
+
+    /**
+     * Creates a new builder instance for constructing KeyVaultLoadStoreParameter.
+     *
+     * @param keyVaultUri The Azure Key Vault URI (required).
+     * @return A new builder instance.
+     */
+    public static Builder createBuilder(String keyVaultUri) {
+        return new Builder(keyVaultUri);
+    }
+
+    /**
+     * Builder class for constructing KeyVaultLoadStoreParameter instances with a fluent API.
+     * This provides a clearer and more maintainable way to create instances compared to
+     * multiple overloaded constructors.
+     */
+    public static final class Builder {
+        private final String keyVaultUri;
+        private String tenantId;
+        private String clientId;
+        private String clientSecret;
+        private String managedIdentity;
+        private String accessToken;
+        private boolean disableChallengeResourceVerification = false;
+
+        /**
+         * Creates a new builder with the required Key Vault URI.
+         *
+         * @param keyVaultUri The Azure Key Vault URI (required).
+         */
+        private Builder(String keyVaultUri) {
+            if (keyVaultUri == null) {
+                throw new IllegalArgumentException("keyVaultUri cannot be null");
+            }
+            this.keyVaultUri = keyVaultUri;
+        }
+
+        /**
+         * Sets the tenant id for authentication.
+         *
+         * @param tenantId The tenant id.
+         * @return This builder instance.
+         */
+        public Builder tenantId(String tenantId) {
+            this.tenantId = tenantId;
+            return this;
+        }
+
+        /**
+         * Sets the client id for authentication.
+         *
+         * @param clientId The client id.
+         * @return This builder instance.
+         */
+        public Builder clientId(String clientId) {
+            this.clientId = clientId;
+            return this;
+        }
+
+        /**
+         * Sets the client secret for authentication.
+         *
+         * @param clientSecret The client secret.
+         * @return This builder instance.
+         */
+        public Builder clientSecret(String clientSecret) {
+            this.clientSecret = clientSecret;
+            return this;
+        }
+
+        /**
+         * Sets the managed identity for authentication.
+         *
+         * @param managedIdentity The user-assigned managed identity.
+         * @return This builder instance.
+         */
+        public Builder managedIdentity(String managedIdentity) {
+            this.managedIdentity = managedIdentity;
+            return this;
+        }
+
+        /**
+         * Sets the access token for authentication.
+         *
+         * @param accessToken The access token.
+         * @return This builder instance.
+         */
+        public Builder accessToken(String accessToken) {
+            this.accessToken = accessToken;
+            return this;
+        }
+
+        /**
+         * Disables verifying if the authentication challenge resource matches the Key Vault or
+         * Managed HSM domain. This verification is performed by default.
+         *
+         * @return This builder instance.
+         */
+        public Builder disableChallengeResourceVerification() {
+            this.disableChallengeResourceVerification = true;
+            return this;
+        }
+
+        /**
+         * Builds and returns a new KeyVaultLoadStoreParameter instance with the configured values.
+         *
+         * @return A new KeyVaultLoadStoreParameter instance.
+         */
+        public KeyVaultLoadStoreParameter build() {
+            return new KeyVaultLoadStoreParameter(this);
+        }
+    }
 }

sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultKeyStoreTest.java

@@ -31,11 +31,12 @@ public class KeyVaultKeyStoreTest {
     public static void setEnvironmentProperty() {
         PropertyConvertorUtils.putEnvironmentPropertyToSystemPropertyForKeyVaultJca();
         keystore = new KeyVaultKeyStore();
-        KeyVaultLoadStoreParameter parameter
-            = new KeyVaultLoadStoreParameter(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_ENDPOINT"),
-                PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_TENANT_ID"),
-                PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_ID"),
-                PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_SECRET"));
+        KeyVaultLoadStoreParameter parameter = KeyVaultLoadStoreParameter
+            .createBuilder(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_ENDPOINT"))
+            .tenantId(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_TENANT_ID"))
+            .clientId(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_ID"))
+            .clientSecret(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_SECRET"))
+            .build();
         certificateName = PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CERTIFICATE_NAME");
         keystore.engineLoad(parameter);
     }