Interface idiocy: When is returning an empty List not good enough?

Posted on March 15, 2010 by Tommy McGuire
Labels: SAML, software development, authentication, OpenAM, java
This is just a quick post to mention a ghastly API decision I just ran across. (Certainly, I have seen similar monstrosities before, and you probably have as well. However, when I saw this one, I realized I could not let it go this time.)

Consider com.sun.identity.saml2.protocol.Response, specifically the getAssertion method. Now, I will leave aside the wisdom of a "getAssertion" (singular) method that returns a List of Assertions (plural). However, what does the implementation of this method do when there are no (unencrypted) Assertions in the SAML 2.0 response?
...wait for it...
It returns null. Not an empty List, because that wouldn't be empty enough. null. So, this method which is obviously intended to normally return a single Assertion, but can handle multiple Assertions, indicates that there are no Assertions by returning null.
active directory applied formal logic ashurbanipal authentication books c c++ comics conference continuations coq data structure digital humanities Dijkstra eclipse virgo electronics emacs goodreads haskell http java job Knuth ldap link linux lisp math naming nimrod notation OpenAM osgi parsing pony programming language protocols python quote R random REST ruby rust SAML scala scheme shell software development system administration theory tip toy problems unix vmware yeti
Member of The Internet Defense League
Site proudly generated by Hakyll.