You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by cs...@apache.org on 2022/09/13 19:45:39 UTC
[maven-resolver] branch remote-repository-filter updated: WIP
This is an automated email from the ASF dual-hosted git repository.
cstamas pushed a commit to branch remote-repository-filter
in repository https://gitbox.apache.org/repos/asf/maven-resolver.git
The following commit(s) were added to refs/heads/remote-repository-filter by this push:
new 9748c009 WIP
9748c009 is described below
commit 9748c009bbf8c75e6b3d3aab71a366bc989657cf
Author: Tamas Cservenak <ta...@cservenak.net>
AuthorDate: Tue Sep 13 21:45:28 2022 +0200
WIP
---
.../impl/DefaultRepositoryConnectorProvider.java | 24 +++++++++++++++++++---
.../DefaultRemoteRepositoryFilterSource.java | 18 +++++++++++++---
.../impl/filter/FilteringRepositoryConnector.java | 12 +++++++++--
3 files changed, 46 insertions(+), 8 deletions(-)
diff --git a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/DefaultRepositoryConnectorProvider.java b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/DefaultRepositoryConnectorProvider.java
index e1f0b319..5a36c69e 100644
--- a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/DefaultRepositoryConnectorProvider.java
+++ b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/DefaultRepositoryConnectorProvider.java
@@ -31,11 +31,13 @@ import javax.inject.Singleton;
import org.eclipse.aether.RepositorySystemSession;
import org.eclipse.aether.impl.RepositoryConnectorProvider;
+import org.eclipse.aether.internal.impl.filter.FilteringRepositoryConnector;
import org.eclipse.aether.repository.Authentication;
import org.eclipse.aether.repository.Proxy;
import org.eclipse.aether.repository.RemoteRepository;
import org.eclipse.aether.spi.connector.RepositoryConnector;
import org.eclipse.aether.spi.connector.RepositoryConnectorFactory;
+import org.eclipse.aether.spi.connector.filter.RemoteRepositoryFilterSource;
import org.eclipse.aether.spi.locator.Service;
import org.eclipse.aether.spi.locator.ServiceLocator;
import org.eclipse.aether.transfer.NoRepositoryConnectorException;
@@ -54,20 +56,25 @@ public class DefaultRepositoryConnectorProvider
private Collection<RepositoryConnectorFactory> connectorFactories = new ArrayList<>();
+ private RemoteRepositoryFilterSource remoteRepositoryFilterSource;
+
public DefaultRepositoryConnectorProvider()
{
// enables default constructor
}
@Inject
- DefaultRepositoryConnectorProvider( Set<RepositoryConnectorFactory> connectorFactories )
+ DefaultRepositoryConnectorProvider( Set<RepositoryConnectorFactory> connectorFactories,
+ RemoteRepositoryFilterSource remoteRepositoryFilterSource )
{
setRepositoryConnectorFactories( connectorFactories );
+ setRemoteRepositoryFilterSource( remoteRepositoryFilterSource );
}
public void initService( ServiceLocator locator )
{
- connectorFactories = locator.getServices( RepositoryConnectorFactory.class );
+ setRepositoryConnectorFactories( locator.getServices( RepositoryConnectorFactory.class ) );
+ setRemoteRepositoryFilterSource( locator.getService( RemoteRepositoryFilterSource.class ) );
}
public DefaultRepositoryConnectorProvider addRepositoryConnectorFactory( RepositoryConnectorFactory factory )
@@ -90,6 +97,13 @@ public class DefaultRepositoryConnectorProvider
return this;
}
+ public DefaultRepositoryConnectorProvider setRemoteRepositoryFilterSource(
+ RemoteRepositoryFilterSource remoteRepositoryFilterSource )
+ {
+ this.remoteRepositoryFilterSource = requireNonNull( remoteRepositoryFilterSource );
+ return this;
+ }
+
public RepositoryConnector newRepositoryConnector( RepositorySystemSession session, RemoteRepository repository )
throws NoRepositoryConnectorException
{
@@ -137,7 +151,11 @@ public class DefaultRepositoryConnectorProvider
LOGGER.debug( buffer.toString() );
}
- return connector;
+ return new FilteringRepositoryConnector(
+ repository,
+ connector,
+ remoteRepositoryFilterSource.getRemoteRepositoryFilter( session )
+ );
}
catch ( NoRepositoryConnectorException e )
{
diff --git a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/DefaultRemoteRepositoryFilterSource.java b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/DefaultRemoteRepositoryFilterSource.java
index 2b18673c..aefd4c5d 100644
--- a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/DefaultRemoteRepositoryFilterSource.java
+++ b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/DefaultRemoteRepositoryFilterSource.java
@@ -42,7 +42,9 @@ import org.slf4j.LoggerFactory;
public final class DefaultRemoteRepositoryFilterSource
implements RemoteRepositoryFilterSource
{
- private static final String CONFIG_PROP_VALUE = "aether.artifactResolver.remoteRepositoryFilterSource.filter";
+ private static final String CONFIG_PROP_VALUE = "aether.remoteRepositoryFilterSource.filter";
+
+ private static final String INSTANCE_KEY = "aether.remoteRepositoryFilterSource.instance";
private static final Logger LOGGER = LoggerFactory.getLogger( DefaultRemoteRepositoryFilterSource.class );
@@ -68,11 +70,21 @@ public final class DefaultRemoteRepositoryFilterSource
}
}
+ private static final StaticRemoteRepositoryFilter ALWAYS_ALLOW_ALL = new StaticRemoteRepositoryFilter( true );
+
@Override
public RemoteRepositoryFilter getRemoteRepositoryFilter( RepositorySystemSession session )
{
+ // TODO: implement several strategies
+ // - user provided G/A/V list
+ // - auto discovery of prefixes
+ // - maybe blacklist? like vuln log4j?
boolean value = ConfigUtils.getBoolean( session, true, CONFIG_PROP_VALUE );
- LOGGER.debug( "Creating static filter with value={}", value );
- return new StaticRemoteRepositoryFilter( value );
+ return (RemoteRepositoryFilter) session.getData().computeIfAbsent( INSTANCE_KEY, () ->
+ {
+ LOGGER.debug( "Creating static filter with value={}", value );
+ return new StaticRemoteRepositoryFilter( value );
+ }
+ );
}
}
diff --git a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/FilteringRepositoryConnector.java b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/FilteringRepositoryConnector.java
index 406e920a..03c8879e 100644
--- a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/FilteringRepositoryConnector.java
+++ b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/filter/FilteringRepositoryConnector.java
@@ -29,6 +29,8 @@ import org.eclipse.aether.spi.connector.MetadataDownload;
import org.eclipse.aether.spi.connector.MetadataUpload;
import org.eclipse.aether.spi.connector.RepositoryConnector;
import org.eclipse.aether.spi.connector.filter.RemoteRepositoryFilter;
+import org.eclipse.aether.transfer.ArtifactNotFoundException;
+import org.eclipse.aether.transfer.MetadataNotFoundException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -51,8 +53,8 @@ public final class FilteringRepositoryConnector
private final RemoteRepositoryFilter remoteRepositoryFilter;
public FilteringRepositoryConnector( RemoteRepository remoteRepository,
- RepositoryConnector repositoryConnector,
- RemoteRepositoryFilter remoteRepositoryFilter )
+ RepositoryConnector repositoryConnector,
+ RemoteRepositoryFilter remoteRepositoryFilter )
{
this.remoteRepository = requireNonNull( remoteRepository );
this.repositoryConnector = requireNonNull( repositoryConnector );
@@ -80,6 +82,9 @@ public final class FilteringRepositoryConnector
{
LOGGER.debug( "Artifact {} filtered out from remote repository {}",
artifactDownload.getArtifact(), remoteRepository );
+ artifactDownload.setException( new ArtifactNotFoundException( artifactDownload.getArtifact(),
+ remoteRepository, "Artifact " + artifactDownload.getArtifact() + " not allowed from "
+ + remoteRepository ) );
}
}
ArrayList<MetadataDownload> filteredMetadataDownloads = new ArrayList<>( metadataDownloads.size() );
@@ -93,6 +98,9 @@ public final class FilteringRepositoryConnector
{
LOGGER.debug( "Metadata {} filtered out from remote repository {}",
metadataDownload.getMetadata(), remoteRepository );
+ metadataDownload.setException( new MetadataNotFoundException( metadataDownload.getMetadata(),
+ remoteRepository, "Metadata " + metadataDownload.getMetadata() + " not allowed from "
+ + remoteRepository ) );
}
}
repositoryConnector.get( filteredArtifactDownloads, filteredMetadataDownloads );