Merge branch 'main' into fix-websearchtool-security-issue

Author: zane-neo

common/src/main/java/org/opensearch/ml/common/settings/MLCommonsSettings.java

@@ -6,6 +6,8 @@
 package org.opensearch.ml.common.settings;
 
 import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_ENDPOINT_KEY;
+import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_GLOBAL_RESOURCE_CACHE_TTL_KEY;
+import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_GLOBAL_TENANT_ID_KEY;
 import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_REGION_KEY;
 import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_SERVICE_NAME_KEY;
 import static org.opensearch.remote.metadata.common.CommonValue.REMOTE_METADATA_TYPE_KEY;
@@ -372,4 +374,14 @@ private MLCommonsSettings() {}
         .boolSetting("plugins.ml_commons.agentic_memory_enabled", false, Setting.Property.NodeScope, Setting.Property.Dynamic);
     public static final String ML_COMMONS_AGENTIC_MEMORY_DISABLED_MESSAGE =
         "The Agentic Memory APIs are not enabled. To enable, please update the setting " + ML_COMMONS_AGENTIC_MEMORY_ENABLED.getKey();
+
+    public static final Setting<String> REMOTE_METADATA_GLOBAL_TENANT_ID = Setting
+        .simpleString("plugins.ml-commons." + REMOTE_METADATA_GLOBAL_TENANT_ID_KEY, Setting.Property.NodeScope, Setting.Property.Final);
+
+    public static final Setting<String> REMOTE_METADATA_GLOBAL_RESOURCE_CACHE_TTL = Setting
+        .simpleString(
+            "plugins.ml-commons." + REMOTE_METADATA_GLOBAL_RESOURCE_CACHE_TTL_KEY,
+            Setting.Property.NodeScope,
+            Setting.Property.Final
+        );
 }

common/src/main/java/org/opensearch/ml/common/utils/StringUtils.java

@@ -8,6 +8,8 @@
 import static org.apache.commons.text.StringEscapeUtils.escapeJson;
 import static org.opensearch.action.ValidateActions.addValidationError;
 
+import java.io.IOException;
+import java.math.BigDecimal;
 import java.nio.ByteBuffer;
 import java.nio.charset.StandardCharsets;
 import java.security.AccessController;
@@ -38,11 +40,15 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import com.google.gson.JsonParser;
 import com.google.gson.JsonSyntaxException;
+import com.google.gson.TypeAdapter;
 import com.google.gson.reflect.TypeToken;
+import com.google.gson.stream.JsonReader;
+import com.google.gson.stream.JsonWriter;
 import com.jayway.jsonpath.JsonPath;
 import com.jayway.jsonpath.PathNotFoundException;
 import com.networknt.schema.JsonSchema;
@@ -71,11 +77,15 @@ public class StringUtils {
 
     public static final String SAFE_INPUT_DESCRIPTION = "can only contain letters, numbers, spaces, and basic punctuation (.,!?():@-_'/\")";
 
-    public static final Gson gson;
+    public static final Gson gson = new Gson();
+    public static final Gson PLAIN_NUMBER_GSON = new GsonBuilder()
+        .serializeNulls()
+        .registerTypeAdapter(Float.class, new PlainFloatAdapter())
+        .registerTypeAdapter(float.class, new PlainFloatAdapter())
+        .registerTypeAdapter(Double.class, new PlainDoubleAdapter())
+        .registerTypeAdapter(double.class, new PlainDoubleAdapter())
+        .create();
 
-    static {
-        gson = new Gson();
-    }
     public static final String TO_STRING_FUNCTION_NAME = ".toString()";
 
     public static final ObjectMapper MAPPER = new ObjectMapper();
@@ -597,4 +607,49 @@ public static List<String> parseStringArrayToList(String jsonArrayString) {
             return Collections.emptyList();
         }
     }
+
+    /**
+     * Custom Gson adapter for Double and Float type.
+     * Serializes numbers without scientific notation.
+     * Writes null for null, NaN, and Infinity values.
+     * Deserializes JSON numbers back to Double and Float.
+     */
+    private static class PlainDoubleAdapter extends TypeAdapter<Double> {
+        @Override
+        public void write(JsonWriter out, Double value) throws IOException {
+            if (value == null || value.isNaN() || value.isInfinite()) {
+                out.nullValue();
+                return;
+            }
+
+            BigDecimal bd = BigDecimal.valueOf(value).stripTrailingZeros();
+
+            out.jsonValue(bd.toPlainString());
+        }
+
+        @Override
+        public Double read(JsonReader in) throws IOException {
+            return in.nextDouble();
+        }
+    }
+
+    public static class PlainFloatAdapter extends TypeAdapter<Float> {
+        @Override
+        public void write(JsonWriter out, Float value) throws IOException {
+            if (value == null || value.isNaN() || value.isInfinite()) {
+                out.nullValue();
+                return;
+            }
+
+            BigDecimal bd = new BigDecimal(Float.toString(value)).stripTrailingZeros();
+            out.jsonValue(bd.toPlainString());
+        }
+
+        @Override
+        public Float read(JsonReader in) throws IOException {
+            double d = in.nextDouble();
+            float f = (float) d;
+            return f;
+        }
+    }
 }

common/src/test/java/org/opensearch/ml/common/utils/StringUtilsTest.java

@@ -16,6 +16,7 @@
 import static org.opensearch.ml.common.utils.StringUtils.*;
 
 import java.io.IOException;
+import java.lang.reflect.Constructor;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -31,6 +32,9 @@
 import org.opensearch.OpenSearchParseException;
 import org.opensearch.action.ActionRequestValidationException;
 
+import com.google.gson.JsonElement;
+import com.google.gson.TypeAdapter;
+import com.google.gson.reflect.TypeToken;
 import com.jayway.jsonpath.JsonPath;
 
 public class StringUtilsTest {
@@ -949,4 +953,133 @@ public void testParseStringArrayToList_Null() {
         assertEquals(0, array.size());
     }
 
+    // reflect method for PlainDoubleAdapter
+    private static TypeAdapter<Double> createPlainDoubleAdapter() {
+        try {
+            Class<?> clazz = Class.forName("org.opensearch.ml.common.utils.StringUtils$PlainDoubleAdapter");
+            Constructor<?> constructor = clazz.getDeclaredConstructor();
+            constructor.setAccessible(true);
+            Object adapterInstance = constructor.newInstance();
+            return (TypeAdapter<Double>) adapterInstance;
+        } catch (Exception e) {
+            throw new RuntimeException("Failed to create PlainDoubleAdapter via reflection", e);
+        }
+    }
+
+    @Test
+    public void testSerializeScientificNotation_RemovesExponent() {
+        Map<String, Object> data = Map.of("test1", 1e30, "test2", 1.2e3, "test3", 9.5e-3, "test4", 1.56e-30);
+
+        String json = StringUtils.PLAIN_NUMBER_GSON.toJson(data);
+
+        assertTrue(json.contains("1000000000000000000000000000000"));
+        assertTrue(json.contains("1200"));
+        assertTrue(json.contains("0.0095"));
+        assertTrue(json.contains("0.00000000000000000000000000000156"));
+
+    }
+
+    @Test
+    public void testSerializeInteger_RemovesDecimalPoint() {
+        Map<String, Object> data = Map.of("intLike", 42.0);
+
+        String json = StringUtils.PLAIN_NUMBER_GSON.toJson(data);
+
+        assertTrue(json.contains("42"));
+        assertFalse(json.contains("42.0"));
+    }
+
+    @Test
+    public void testSerializeNaNAndInfinity_BecomesNull() {
+        Map<String, Double> data = new HashMap<>();
+        data.put("nul", null);
+        data.put("nan", Double.NaN);
+        data.put("inf", Double.POSITIVE_INFINITY);
+        data.put("ninf", Double.NEGATIVE_INFINITY);
+
+        String json = StringUtils.PLAIN_NUMBER_GSON.toJson(data);
+
+        assertTrue(json.contains("\"nan\":null"));
+        assertTrue(json.contains("\"inf\":null"));
+        assertTrue(json.contains("\"ninf\":null"));
+        assertTrue(json.contains("\"nul\":null"));
+
+        assertFalse(json.contains("NaN"));
+        assertFalse(json.contains("Infinity"));
+    }
+
+    @Test
+    public void testDeserializeBackToDouble() {
+        String json = "{\"value\": 12345.6789}";
+
+        Map<?, ?> result = StringUtils.PLAIN_NUMBER_GSON.fromJson(json, Map.class);
+
+        Object value = result.get("value");
+        assertTrue(value instanceof Double);
+        assertEquals(12345.6789, (Double) value, 1e-7);
+    }
+
+    @Test
+    public void testQuotedScientificNotation_RemainsString() {
+        String json = "{\"code\":\"1e-6\"}";
+
+        Map<?, ?> result = StringUtils.PLAIN_NUMBER_GSON.fromJson(json, Map.class);
+
+        assertEquals("1e-6", result.get("code"));
+    }
+
+    @Test
+    public void testSerializeFloatScientificNotation_RemovesExponent_InPojo() {
+        java.util.Map<String, Float> data = new java.util.LinkedHashMap<>();
+        data.put("fObj", 1.23e-5f);
+        data.put("fPrim", 9.5e-3f);
+
+        String json = StringUtils.PLAIN_NUMBER_GSON.toJson(data);
+
+        assertTrue(json.contains("\"fObj\":0.0000123"));
+
+        assertTrue(json.contains("\"fPrim\":0.0095") || json.contains("\"fPrim\":9.5E-3") || json.contains("\"fPrim\":9.5e-3"));
+    }
+
+    @Test
+    public void testSerializeFloatNaNAndInfinity_BecomesNull_InPojo() {
+        java.util.Map<String, Float> data = new java.util.LinkedHashMap<>();
+        data.put("fObj", Float.NaN);
+        data.put("fPrimBox", Float.POSITIVE_INFINITY);
+        data.put("fNull", null);
+
+        String json = StringUtils.PLAIN_NUMBER_GSON.toJson(data);
+
+        assertTrue(json.contains("\"fObj\":null"));
+        assertTrue(json.contains("\"fNull\":null"));
+        assertTrue(json.contains("\"fPrimBox\":null") || !json.contains("\"fPrimBox\""));
+    }
+
+    @Test
+    public void testDeserializeScientificNotation_ToFloatAndPrimitive() {
+        String jsonObj = "{\"fObj\":1.23e-5}";
+        java.lang.reflect.Type mapType = new com.google.gson.reflect.TypeToken<java.util.Map<String, Float>>() {
+        }.getType();
+        java.util.Map<String, Float> m = StringUtils.PLAIN_NUMBER_GSON.fromJson(jsonObj, mapType);
+        assertEquals(1.23e-5f, m.get("fObj"), 1e-9f);
+
+        String jsonArr = "[4.56e1]";
+        float[] arr = StringUtils.PLAIN_NUMBER_GSON.fromJson(jsonArr, float[].class);
+        assertEquals(45.6f, arr[0], 1e-6f);
+    }
+
+    @Test
+    public void testDeserializeNullFloat_ToNull() {
+        String json = "{\"fObj\":null,\"fPrim\":1.0}";
+
+        java.lang.reflect.Type mapType = new TypeToken<java.util.Map<String, JsonElement>>() {
+        }.getType();
+        java.util.Map<String, JsonElement> m = StringUtils.PLAIN_NUMBER_GSON.fromJson(json, mapType);
+
+        assertTrue(m.containsKey("fObj"));
+        assertTrue(m.get("fObj").isJsonNull());
+
+        assertTrue(m.get("fPrim").isJsonPrimitive());
+        assertEquals(1.0f, m.get("fPrim").getAsFloat(), 1e-9f);
+    }
 }

ml-algorithms/build.gradle

@@ -54,6 +54,7 @@ dependencies {
     // Multi-tenant SDK Client
     implementation "org.opensearch:opensearch-remote-metadata-sdk:${opensearch_build}"
     implementation 'commons-beanutils:commons-beanutils:1.11.0'
+    implementation "org.opensearch:opensearch-remote-metadata-sdk-ddb-client:${opensearch_build}"
 
     def os = DefaultNativePlatform.currentOperatingSystem
     //arm/macos doesn't support GPU

ml-algorithms/src/main/java/org/opensearch/ml/engine/MLEngine.java

@@ -150,6 +150,15 @@ public Predictable deploy(MLModel mlModel, Map<String, Object> params) {
         return predictable;
     }
 
+    public void deploy(MLModel mlModel, Map<String, Object> params, ActionListener<Predictable> listener) {
+        Predictable predictable = MLEngineClassLoader.initInstance(mlModel.getAlgorithm(), null, MLAlgoParams.class);
+        predictable.initModelAsync(mlModel, params, encryptor).thenAccept((b) -> listener.onResponse(predictable)).exceptionally(e -> {
+            log.error("Failed to init init model", e);
+            listener.onFailure(new RuntimeException(e));
+            return null;
+        });
+    }
+
     public MLExecutable deployExecute(MLModel mlModel, Map<String, Object> params) {
         MLExecutable executable = MLEngineClassLoader.initInstance(mlModel.getAlgorithm(), null, MLAlgoParams.class);
         executable.initModel(mlModel, params);

ml-algorithms/src/main/java/org/opensearch/ml/engine/Predictable.java

@@ -6,6 +6,7 @@
 package org.opensearch.ml.engine;
 
 import java.util.Map;
+import java.util.concurrent.CompletionStage;
 
 import org.opensearch.core.action.ActionListener;
 import org.opensearch.ml.common.MLModel;
@@ -19,6 +20,8 @@
  */
 public interface Predictable {
 
+    String METHOD_NOT_IMPLEMENTED_ERROR_MSG = "Method is not implemented";
+
     /**
      * Predict with given input data and model.
      * Will reload model into memory with model content.
@@ -34,11 +37,11 @@ public interface Predictable {
      * @return predicted results
      */
     default MLOutput predict(MLInput mlInput) {
-        throw new IllegalStateException("Method is not implemented");
+        throw new IllegalStateException(METHOD_NOT_IMPLEMENTED_ERROR_MSG);
     }
 
     default void asyncPredict(MLInput mlInput, ActionListener<MLTaskResponse> actionListener) {
-        actionListener.onFailure(new IllegalStateException("Method is not implemented"));
+        actionListener.onFailure(new IllegalStateException(METHOD_NOT_IMPLEMENTED_ERROR_MSG));
     }
 
     /**
@@ -47,7 +50,13 @@ default void asyncPredict(MLInput mlInput, ActionListener<MLTaskResponse> action
      * @param params other parameters
      * @param encryptor encryptor
      */
-    void initModel(MLModel model, Map<String, Object> params, Encryptor encryptor);
+    default void initModel(MLModel model, Map<String, Object> params, Encryptor encryptor) {
+        throw new IllegalStateException(METHOD_NOT_IMPLEMENTED_ERROR_MSG);
+    }
+
+    default CompletionStage<Boolean> initModelAsync(MLModel model, Map<String, Object> params, Encryptor encryptor) {
+        throw new IllegalStateException(METHOD_NOT_IMPLEMENTED_ERROR_MSG);
+    }
 
     /**
      * Close resources like deployed model.

ml-algorithms/src/main/java/org/opensearch/ml/engine/algorithms/remote/MLSdkAsyncHttpResponseHandler.java

@@ -206,6 +206,8 @@ private void response() {
             ModelTensors tensors = processOutput(action, body, connector, scriptService, parameters, mlGuard);
             tensors.setStatusCode(statusCode);
             actionListener.onResponse(new Tuple<>(executionContext.getSequence(), tensors));
+        } catch (IllegalArgumentException e) {
+            actionListener.onFailure(e);
         } catch (Exception e) {
             log.error("Failed to process response body: {}", body, e);
             actionListener.onFailure(new MLException("Fail to execute " + action + " in aws connector", e));