You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ja...@apache.org on 2024/03/15 07:14:41 UTC
(camel-quarkus) 02/03: Avoid potential NPE when handling Jasypt password prefixes
This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch 3.8.x
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 75b40ee8afe1c4b508e23489fe8c3e3251a8e15f
Author: James Netherton <ja...@gmail.com>
AuthorDate: Thu Mar 14 07:43:30 2024 +0000
Avoid potential NPE when handling Jasypt password prefixes
Fixes #5874
---
.../JasyptPasswordSysEnvValueMissingTest.java | 38 ++++++++++++++++++++++
.../jasypt/JasyptPasswordSysValueMissingTest.java | 38 ++++++++++++++++++++++
.../CamelJasyptSecretKeysHandlerFactory.java | 4 +--
3 files changed, 77 insertions(+), 3 deletions(-)
diff --git a/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysEnvValueMissingTest.java b/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysEnvValueMissingTest.java
new file mode 100644
index 0000000000..10299440b1
--- /dev/null
+++ b/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysEnvValueMissingTest.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.jasypt;
+
+import io.quarkus.test.QuarkusUnitTest;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+public class JasyptPasswordSysEnvValueMissingTest {
+ private static final String PASSWORD_VAR_NAME = "JASYPT_BAD_DECRYPT_SECRET";
+
+ @RegisterExtension
+ static final QuarkusUnitTest CONFIG = new QuarkusUnitTest()
+ .overrideConfigKey("quarkus.camel.jasypt.password", "sysenv:" + PASSWORD_VAR_NAME)
+ .setExpectedException(IllegalStateException.class)
+ .setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class));
+
+ @Test
+ void nonExistentPasswordEnvironmentVariableHandledGracefully() {
+ // Nothing to test as we just verify the application fails to start
+ }
+}
diff --git a/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysValueMissingTest.java b/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysValueMissingTest.java
new file mode 100644
index 0000000000..b78a6486c5
--- /dev/null
+++ b/extensions/jasypt/deployment/src/test/java/org/apache/camel/quarkus/component/jasypt/JasyptPasswordSysValueMissingTest.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.jasypt;
+
+import io.quarkus.test.QuarkusUnitTest;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+public class JasyptPasswordSysValueMissingTest {
+ private static final String PASSWORD_PROPERTY_NAME = "jasyptBadDecryptSecret";
+
+ @RegisterExtension
+ static final QuarkusUnitTest CONFIG = new QuarkusUnitTest()
+ .overrideConfigKey("quarkus.camel.jasypt.password", "sys:" + PASSWORD_PROPERTY_NAME)
+ .setExpectedException(IllegalStateException.class)
+ .setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class));
+
+ @Test
+ void nonExistentPasswordSystemPropertyHandledGracefully() {
+ // Nothing to test as we just verify the application fails to start
+ }
+}
diff --git a/extensions/jasypt/runtime/src/main/java/org/apache/camel/quarkus/component/jasypt/CamelJasyptSecretKeysHandlerFactory.java b/extensions/jasypt/runtime/src/main/java/org/apache/camel/quarkus/component/jasypt/CamelJasyptSecretKeysHandlerFactory.java
index 5440998066..9be3557c04 100644
--- a/extensions/jasypt/runtime/src/main/java/org/apache/camel/quarkus/component/jasypt/CamelJasyptSecretKeysHandlerFactory.java
+++ b/extensions/jasypt/runtime/src/main/java/org/apache/camel/quarkus/component/jasypt/CamelJasyptSecretKeysHandlerFactory.java
@@ -119,9 +119,7 @@ public class CamelJasyptSecretKeysHandlerFactory implements SecretKeysHandlerFac
// Preserve backwards compat with the Camel way of configuring the master password
if (password.startsWith(SYS_ENV_CONFIG_PREFIX)) {
password = System.getenv(StringHelper.after(password, SYS_ENV_CONFIG_PREFIX));
- }
-
- if (password.startsWith(SYS_CONFIG_PREFIX)) {
+ } else if (password.startsWith(SYS_CONFIG_PREFIX)) {
password = System.getProperty(StringHelper.after(password, SYS_CONFIG_PREFIX));
}
}