cleanup

[ci skip]

src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlow.java

@@ -65,8 +65,8 @@ class AuthFlow implements AutoCloseable {
 	 * @param authEndpoint Address of the <a href="https://datatracker.ietf.org/doc/html/rfc6749#section-3.1">Authorization Endpoint</a>
 	 * @param tokenEndpoint Address of the <a href="https://datatracker.ietf.org/doc/html/rfc6749#section-3.2">Token Endpoint</a>
 	 * @param clientId The <a href="https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.1"><code>client_id</code></a>
-	 * @return An authorization
-	 * @throws Exception
+	 * @return An authorization flow
+	 * @throws Exception In case of any problems starting the server
 	 */
 	public static AuthFlow init(URI authEndpoint, URI tokenEndpoint, String clientId) throws Exception {
 		var receiver = AuthFlowReceiver.start();

src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlowReceiver.java

@@ -17,7 +17,7 @@ import java.util.concurrent.LinkedBlockingQueue;
  * A basic implementation for RFC 8252, Section 7.3:
  * <p>
  * We're spawning a local http server on a system-assigned high port and
- * use <code>http://127.0.0.1:{PORT}/success</code> as a redirect URI.
+ * use <code>http://127.0.0.1:{PORT}/callback</code> as a redirect URI.
  * <p>
  * Furthermore, we can deliver a html response to inform the user that the
  * auth workflow finished and she can close the browser tab.
@@ -51,10 +51,6 @@ class AuthFlowReceiver implements AutoCloseable {
 		var server = new Server();
 		var context = new ServletContextHandler();
 
-//		var corsFilter = new FilterHolder(new CrossOriginFilter());
-//		corsFilter.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*"); // TODO restrict to hub host
-//		context.addFilter(corsFilter, "/*", EnumSet.of(DispatcherType.REQUEST));
-
 		var servlet = new CallbackServlet();
 		context.addServlet(new ServletHolder(servlet), CALLBACK_PATH);