You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2021/11/29 11:22:00 UTC
[camel] branch main updated: CAMEL-17246: camel-health - Failure endpoint uri should be sanitized.
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new 507ecfb CAMEL-17246: camel-health - Failure endpoint uri should be sanitized.
507ecfb is described below
commit 507ecfb1da4ed65e72d7c1ca9222ae6a0034a4b4
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Mon Nov 29 12:21:16 2021 +0100
CAMEL-17246: camel-health - Failure endpoint uri should be sanitized.
---
.../camel/component/telegram/TelegramException.java | 16 +++++++++++-----
.../service/TelegramServiceRestBotAPIAdapter.java | 8 +++-----
.../telegram/TelegramConsumerHealthCheckErrorTest.java | 8 ++++----
.../main/java/org/apache/camel/health/HealthCheck.java | 7 ++++++-
.../apache/camel/impl/health/ConsumerHealthCheck.java | 7 +++++++
.../camel/management/mbean/ManagedCamelHealth.java | 2 +-
.../org/apache/camel/support/ScheduledPollConsumer.java | 1 -
.../camel/support/ScheduledPollConsumerHealthCheck.java | 15 ++++++++++-----
8 files changed, 42 insertions(+), 22 deletions(-)
diff --git a/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/TelegramException.java b/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/TelegramException.java
index 593b6a7..1f8a6c9 100644
--- a/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/TelegramException.java
+++ b/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/TelegramException.java
@@ -21,19 +21,25 @@ import org.apache.camel.spi.HttpResponseAware;
public class TelegramException extends RuntimeCamelException implements HttpResponseAware {
- private int httpResponseCode;
- private String httpResponseStatus;
+ private final int httpResponseCode;
+ private final String httpResponseStatus;
- public TelegramException(String message) {
+ public TelegramException(String message, int httpResponseCode, String httpResponseStatus) {
super(message);
+ this.httpResponseCode = httpResponseCode;
+ this.httpResponseStatus = httpResponseStatus;
}
public TelegramException(String message, Throwable cause) {
super(message, cause);
+ this.httpResponseCode = 0;
+ this.httpResponseStatus = null;
}
public TelegramException(Throwable cause) {
super(cause);
+ this.httpResponseCode = 0;
+ this.httpResponseStatus = null;
}
@Override
@@ -43,7 +49,7 @@ public class TelegramException extends RuntimeCamelException implements HttpResp
@Override
public void setHttpResponseCode(int httpResponseCode) {
- this.httpResponseCode = httpResponseCode;
+ throw new UnsupportedOperationException();
}
@Override
@@ -53,6 +59,6 @@ public class TelegramException extends RuntimeCamelException implements HttpResp
@Override
public void setHttpResponseStatus(String httpResponseStatus) {
- this.httpResponseStatus = httpResponseStatus;
+ throw new UnsupportedOperationException();
}
}
diff --git a/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/service/TelegramServiceRestBotAPIAdapter.java b/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/service/TelegramServiceRestBotAPIAdapter.java
index 6b89527..73421e3 100644
--- a/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/service/TelegramServiceRestBotAPIAdapter.java
+++ b/components/camel-telegram/src/main/java/org/apache/camel/component/telegram/service/TelegramServiceRestBotAPIAdapter.java
@@ -168,12 +168,10 @@ public class TelegramServiceRestBotAPIAdapter implements TelegramService {
"Could not parse the response from " + request.getMethod() + " " + request.getUrl(), e);
}
} else {
- TelegramException cause = new TelegramException(
+ throw new TelegramException(
"Could not " + request.getMethod() + " " + request.getUrl() + ": " + response.getStatusCode() + " "
- + response.getStatusText());
- cause.setHttpResponseCode(code);
- cause.setHttpResponseStatus(status);
- throw cause;
+ + response.getStatusText(),
+ response.getStatusCode(), response.getStatusText());
}
} catch (ExecutionException e) {
throw new RuntimeCamelException("Could not request " + request.getMethod() + " " + request.getUrl(), e);
diff --git a/components/camel-telegram/src/test/java/org/apache/camel/component/telegram/TelegramConsumerHealthCheckErrorTest.java b/components/camel-telegram/src/test/java/org/apache/camel/component/telegram/TelegramConsumerHealthCheckErrorTest.java
index c0447b6..64890a4 100644
--- a/components/camel-telegram/src/test/java/org/apache/camel/component/telegram/TelegramConsumerHealthCheckErrorTest.java
+++ b/components/camel-telegram/src/test/java/org/apache/camel/component/telegram/TelegramConsumerHealthCheckErrorTest.java
@@ -85,13 +85,13 @@ public class TelegramConsumerHealthCheckErrorTest extends TelegramTestSupport {
String msg = rc.getMessage().get();
long count = (long) rc.getDetails().get(HealthCheck.FAILURE_ERROR_COUNT);
Assertions.assertEquals("Consumer failed polling " + count + " times route: telegram (telegram://bots)", msg);
- Assertions.assertEquals("telegram://bots?authorizationToken=mock-token",
- rc.getDetails().get(HealthCheck.FAILURE_ENDPOINT_URI));
+ // test that the uri is masked
+ Assertions.assertEquals("telegram://bots?authorizationToken=xxxxxx",
+ rc.getDetails().get(HealthCheck.ENDPOINT_URI));
Throwable e = rc.getError().get();
Assertions.assertTrue(e.getMessage().contains("401 Unauthorized"));
- // TODO: add http status code
- // Assertions.assertEquals(401, rc.getDetails().get(HealthCheck.HTTP_RESPONSE_CODE));
+ Assertions.assertEquals(401, rc.getDetails().get(HealthCheck.HTTP_RESPONSE_CODE));
}
@Override
diff --git a/core/camel-api/src/main/java/org/apache/camel/health/HealthCheck.java b/core/camel-api/src/main/java/org/apache/camel/health/HealthCheck.java
index 1258c73..abb8931 100644
--- a/core/camel-api/src/main/java/org/apache/camel/health/HealthCheck.java
+++ b/core/camel-api/src/main/java/org/apache/camel/health/HealthCheck.java
@@ -36,10 +36,15 @@ public interface HealthCheck extends HasGroup, HasId, Ordered {
String INVOCATION_TIME = "invocation.time";
String INVOCATION_ATTEMPT_TIME = "invocation.attempt.time";
String FAILURE_COUNT = "failure.count";
- String FAILURE_ENDPOINT_URI = "failure.endpoint.uri";
+ String ENDPOINT_URI = "endpoint.uri";
String FAILURE_ERROR_COUNT = "failure.error.count";
String SUCCESS_COUNT = "success.count";
String HTTP_RESPONSE_CODE = "http.response.code";
+ /**
+ * Use ENDPOINT_URI
+ */
+ @Deprecated
+ String FAILURE_ENDPOINT_URI = "failure.endpoint.uri";
enum State {
UP,
diff --git a/core/camel-health/src/main/java/org/apache/camel/impl/health/ConsumerHealthCheck.java b/core/camel-health/src/main/java/org/apache/camel/impl/health/ConsumerHealthCheck.java
index 99ddb25..cd6abec 100644
--- a/core/camel-health/src/main/java/org/apache/camel/impl/health/ConsumerHealthCheck.java
+++ b/core/camel-health/src/main/java/org/apache/camel/impl/health/ConsumerHealthCheck.java
@@ -24,6 +24,7 @@ import org.apache.camel.health.HealthCheck;
import org.apache.camel.health.HealthCheckAware;
import org.apache.camel.health.HealthCheckResultBuilder;
import org.apache.camel.spi.HttpResponseAware;
+import org.apache.camel.util.URISupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -35,10 +36,12 @@ public class ConsumerHealthCheck extends RouteHealthCheck {
private static final Logger LOGGER = LoggerFactory.getLogger(ConsumerHealthCheck.class);
private final Consumer consumer;
+ private final String sanitizedUri;
public ConsumerHealthCheck(Route route, String id) {
super(route, id);
this.consumer = route.getConsumer();
+ this.sanitizedUri = URISupport.sanitizeUri(consumer.getEndpoint().getEndpointUri());
}
@Override
@@ -57,6 +60,10 @@ public class ConsumerHealthCheck extends RouteHealthCheck {
LOGGER.debug("HealthCheck consumer route: {} -> {}", route.getRouteId(), result.getState());
}
+ // ensure to sanitize uri, so we do not show sensitive information such as passwords
+ builder.detail(ENDPOINT_URI, sanitizedUri);
+ builder.detail(FAILURE_ENDPOINT_URI, sanitizedUri);
+
builder.state(result.getState());
if (result.getMessage().isPresent()) {
builder.message(result.getMessage().get());
diff --git a/core/camel-management/src/main/java/org/apache/camel/management/mbean/ManagedCamelHealth.java b/core/camel-management/src/main/java/org/apache/camel/management/mbean/ManagedCamelHealth.java
index 6f198ff..aa3f886 100644
--- a/core/camel-management/src/main/java/org/apache/camel/management/mbean/ManagedCamelHealth.java
+++ b/core/camel-management/src/main/java/org/apache/camel/management/mbean/ManagedCamelHealth.java
@@ -106,7 +106,7 @@ public class ManagedCamelHealth implements ManagedCamelHealthMBean {
final CompositeType type = CamelOpenMBeanTypes.camelHealthDetailsCompositeType();
for (HealthCheck.Result result : HealthCheckHelper.invoke(context)) {
- String failureUri = (String) result.getDetails().getOrDefault(HealthCheck.FAILURE_ENDPOINT_URI, "");
+ String failureUri = (String) result.getDetails().getOrDefault(HealthCheck.ENDPOINT_URI, "");
Integer failureCount = (Integer) result.getDetails().getOrDefault(HealthCheck.FAILURE_COUNT, 0);
String stacktrace = "";
diff --git a/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumer.java b/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumer.java
index 60552bf..db4368d 100644
--- a/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumer.java
+++ b/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumer.java
@@ -21,7 +21,6 @@ import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
-import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicLong;
import org.apache.camel.Endpoint;
diff --git a/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumerHealthCheck.java b/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumerHealthCheck.java
index ec9fa57..85d9a9d 100644
--- a/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumerHealthCheck.java
+++ b/core/camel-support/src/main/java/org/apache/camel/support/ScheduledPollConsumerHealthCheck.java
@@ -30,12 +30,14 @@ public class ScheduledPollConsumerHealthCheck implements HealthCheck {
private final ScheduledPollConsumer consumer;
private final String id;
- private final String sanitizedUri; // used for error message which should mask sensitive details
+ private final String sanitizedBaseUri;
+ private final String sanitizedUri;
public ScheduledPollConsumerHealthCheck(ScheduledPollConsumer consumer, String id) {
this.consumer = consumer;
this.id = id;
- this.sanitizedUri = URISupport.sanitizeUri(consumer.getEndpoint().getEndpointBaseUri());
+ this.sanitizedBaseUri = URISupport.sanitizeUri(consumer.getEndpoint().getEndpointBaseUri());
+ this.sanitizedUri = URISupport.sanitizeUri(consumer.getEndpoint().getEndpointUri());
}
@Override
@@ -46,7 +48,10 @@ public class ScheduledPollConsumerHealthCheck implements HealthCheck {
@Override
public Result call(Map<String, Object> options) {
final HealthCheckResultBuilder builder = HealthCheckResultBuilder.on(this);
- builder.detail(FAILURE_ENDPOINT_URI, consumer.getEndpoint().getEndpointUri());
+
+ // ensure to sanitize uri, so we do not show sensitive information such as passwords
+ builder.detail(ENDPOINT_URI, sanitizedUri);
+ builder.detail(FAILURE_ENDPOINT_URI, sanitizedUri);
long ec = consumer.getErrorCounter();
boolean first = consumer.isFirstPoolDone();
@@ -62,10 +67,10 @@ public class ScheduledPollConsumerHealthCheck implements HealthCheck {
String rid = consumer.getRouteId();
if (ec > 0) {
String msg = "Consumer failed polling %s times route: %s (%s)";
- builder.message(String.format(msg, ec, rid, sanitizedUri));
+ builder.message(String.format(msg, ec, rid, sanitizedBaseUri));
} else {
String msg = "Consumer has not yet polled route: %s (%s)";
- builder.message(String.format(msg, rid, sanitizedUri));
+ builder.message(String.format(msg, rid, sanitizedBaseUri));
}
builder.error(cause);