Skip to content

Commit

Permalink
chore: sync from gitlab
Browse files Browse the repository at this point in the history
  • Loading branch information
ReleaseBot committed Feb 3, 2025
1 parent 401b6b7 commit f0646d8
Show file tree
Hide file tree
Showing 4 changed files with 77 additions and 47 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog

## [3.19.1](https://gitlab.devops.telekom.de/dhei/teams/hyperion/dev/src/jumper-sse/compare/3.19.0...3.19.1) (2025-02-03)

### 🛠 Fixes

* DHEI-16971 en/decoding for tracing as well as splitting query params manually ([406f63d](https://gitlab.devops.telekom.de/dhei/teams/hyperion/dev/src/jumper-sse/commit/406f63dd616bd3faeb3f2026dd50bc1a10550d50))

## [3.19.0](https://gitlab.devops.telekom.de/dhei/teams/hyperion/dev/src/jumper-sse/compare/3.18.0...3.19.0) (2025-01-24)

### 💈 Style
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ SPDX-License-Identifier: Apache-2.0

<groupId>de.telekom.ei.jumper</groupId>
<artifactId>jumper-sse</artifactId>
<version>3.19.0</version>
<version>3.19.1</version>

<parent>
<groupId>org.springframework.boot</groupId>
Expand Down
76 changes: 30 additions & 46 deletions src/main/java/jumper/config/SleuthConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,18 @@

import brave.http.HttpRequestParser;
import brave.http.HttpResponseParser;
import java.net.*;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.List;
import java.util.regex.*;
import java.util.stream.Collectors;
import java.util.regex.Pattern;
import jumper.Constants;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.sleuth.instrument.web.HttpClientRequestParser;
import org.springframework.cloud.sleuth.instrument.web.HttpClientResponseParser;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

@Configuration(proxyBeanMethods = false)
@Slf4j
Expand Down Expand Up @@ -60,50 +59,35 @@ HttpRequestParser httpRequestParser() {
};
}

private String filterQueryParams(String urlString, List<String> patterns) {
protected static String filterQueryParams(String urlString, List<String> patterns) {
// first check, if there is something to do
if (!urlString.contains("?") || queryFilterList.isEmpty()) {
if (!urlString.contains("?") || patterns.isEmpty()) {
return urlString;
}

try {
URI uri = new URI(urlString);
String query = uri.getQuery();
String[] params = query.split("&");

List<Pattern> compiledPatterns = patterns.stream().map(Pattern::compile).toList();

String filteredParams =
Arrays.stream(params)
.filter(
param -> {
String[] keyValue = param.split("=");
return compiledPatterns.stream()
.noneMatch(pattern -> pattern.matcher(keyValue[0]).matches());
})
.map(
param -> {
String[] keyValue = param.split("=");
return URLEncoder.encode(keyValue[0], StandardCharsets.UTF_8)
+ "="
+ URLEncoder.encode(keyValue[1], StandardCharsets.UTF_8);
})
.collect(Collectors.joining("&"));

URI filteredUri;
// just avoid trailing ?
if (!filteredParams.isEmpty()) {
filteredUri =
new URI(uri.getScheme(), uri.getAuthority(), uri.getPath(), filteredParams, null);
} else {
filteredUri = new URI(uri.getScheme(), uri.getAuthority(), uri.getPath(), null, null);
}
return filteredUri.toString();

} catch (URISyntaxException e) {
// we do not want to affect processing, just log and return original url
log.error("Problem occurred while filtering query params");
return urlString;
}
List<Pattern> compiledPatterns = patterns.stream().map(Pattern::compile).toList();

var uriComponents = UriComponentsBuilder.fromHttpUrl(urlString).build(urlString.contains("%"));

MultiValueMap<String, String> filteredParams = new LinkedMultiValueMap<>();

uriComponents
.getQueryParams()
.forEach(
(key, values) -> {
if (compiledPatterns.stream().noneMatch(p -> p.matcher(key).matches())) {
filteredParams.put(key, values);
}
});

return UriComponentsBuilder.newInstance()
.scheme(uriComponents.getScheme())
.host(uriComponents.getHost())
.port(uriComponents.getPort())
.path(uriComponents.getPath())
.queryParams(filteredParams)
.fragment(uriComponents.getFragment())
.build()
.toUriString();
}
}
40 changes: 40 additions & 0 deletions src/test/java/jumper/config/SleuthConfigurationTest.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
// SPDX-FileCopyrightText: 2023 Deutsche Telekom AG
//
// SPDX-License-Identifier: Apache-2.0

package jumper.config;

import static org.junit.jupiter.api.Assertions.assertEquals;

import java.util.List;
import org.junit.jupiter.api.Test;

public class SleuthConfigurationTest {

@Test
void filterQueryParams() {
String alreadyEncodedUri =
"http://localhost:8080/actuator/health?sig=57DjUa%2F9u6KdgCgTZVrHzsm9ZOQA0U%2B3K%2BvqQ7PRrgc%3D";
String filtered = SleuthConfiguration.filterQueryParams(alreadyEncodedUri, List.of("nothing"));

assertEquals(alreadyEncodedUri, filtered);
}

@Test
void filterQueryParamsUnencodedEvenIfUrlIsInvalid() {
String rawUri =
"http://localhost:8080/actuator/health?sig=57DjUa/9u6KdgCgTZVrHzsm9ZOQA0U+3K+vqQ7PRrgc=";
String filtered = SleuthConfiguration.filterQueryParams(rawUri, List.of("nothing"));

assertEquals(rawUri, filtered);
}

@Test
void filterBlacklistedQueryParameters() {
String alreadyEncodedUri =
"http://localhost:8080/actuator/health?sig-b=57DjUa%2F9u6KdgCgTZVrHzsm9ZOQA0U%2B3K%2BvqQ7PRrgc%3D";
String filtered = SleuthConfiguration.filterQueryParams(alreadyEncodedUri, List.of("sig-.*"));

assertEquals("http://localhost:8080/actuator/health", filtered);
}
}

0 comments on commit f0646d8

Please sign in to comment.