diff --git a/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java b/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java index ae9185d0e54..88eed922a7a 100644 --- a/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java +++ b/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java @@ -18,7 +18,7 @@ */ /* - * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. * Portions Copyright (c) 2020, Chris Fraire . */ package org.opengrok.indexer.framework; @@ -96,7 +96,7 @@ private Class loadClassFromJar(String classname) throws ClassNotFoundExceptio try (InputStream is = jar.getInputStream(entry)) { byte[] bytes = loadBytes(is); Class c = defineClass(classname, bytes, 0, bytes.length); - LOGGER.log(Level.FINE, "Class \"{0}\" found in file \"{1}\"", + LOGGER.log(Level.FINE, "Class \"{0}\" found in file ''{1}''", new Object[]{ classname, f.getAbsolutePath() @@ -122,7 +122,7 @@ private Class loadClassFromFile(String classname) throws ClassNotFoundExcepti byte[] bytes = loadBytes(in); Class c = defineClass(classname, bytes, 0, bytes.length); - LOGGER.log(Level.FINEST, "Class \"{0}\" found in file \"{1}\"", + LOGGER.log(Level.FINEST, "Class \"{0}\" found in file ''{1}''", new Object[]{ classname, f.getAbsolutePath() @@ -154,8 +154,7 @@ private boolean checkWhiteList(String name) { } private void checkClassname(String name) throws SecurityException { - if (name.startsWith("org.opengrok.") - && !checkWhiteList(name)) { + if (name.startsWith("org.opengrok.") && !checkWhiteList(name)) { throw new SecurityException("Tried to load a blacklisted class \"" + name + "\"\n" + "Allowed classes from opengrok package are only: " + Arrays.toString(CLASS_WHITELIST)); diff --git a/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginFramework.java b/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginFramework.java index 03e556d818b..988db5acbf8 100644 --- a/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginFramework.java +++ b/opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginFramework.java @@ -18,7 +18,7 @@ */ /* - * Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved. */ package org.opengrok.indexer.framework; @@ -330,11 +330,12 @@ private String getClassName(JarEntry jarEntry) { File file = new File(pluginDirectory.getAbsolutePath(), filePath); try { if (!file.getCanonicalPath().startsWith(pluginDirectory.getCanonicalPath() + File.separator)) { - LOGGER.log(Level.WARNING, "canonical path for jar entry {0} leads outside the origin", filePath); + LOGGER.log(Level.WARNING, "canonical path for jar entry ''{0}'' leads outside the origin", + filePath); return null; } } catch (IOException e) { - LOGGER.log(Level.WARNING, "failed to get canonical path for {0}", file); + LOGGER.log(Level.WARNING, "failed to get canonical path for ''{0}''", file); return null; } @@ -372,12 +373,12 @@ private String getClassName(JarEntry jarEntry) { */ public final void reload() { if (pluginDirectory == null || !pluginDirectory.isDirectory() || !pluginDirectory.canRead()) { - LOGGER.log(Level.WARNING, "Plugin directory not found or not readable: {0}. " + LOGGER.log(Level.WARNING, "Plugin directory ''{0}'' not found or not readable: " + "All requests allowed.", pluginDirectory); return; } - LOGGER.log(Level.INFO, "Plugins are being reloaded from {0}", pluginDirectory.getAbsolutePath()); + LOGGER.log(Level.INFO, "Plugins are being reloaded from ''{0}''", pluginDirectory.getAbsolutePath()); // trashing out the old instance of the loader enables us // to reload the stack at runtime diff --git a/opengrok-web/pom.xml b/opengrok-web/pom.xml index e7cf4a1df5f..6f1319748c4 100644 --- a/opengrok-web/pom.xml +++ b/opengrok-web/pom.xml @@ -18,7 +18,7 @@ information: Portions Copyright [yyyy] [name of copyright owner] CDDL HEADER END -Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. +Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved. Portions Copyright (c) 2018, 2020, Chris Fraire . --> @@ -96,6 +96,12 @@ Portions Copyright (c) 2018, 2020, Chris Fraire . jersey-media-json-jackson ${jersey.version} + + + com.fasterxml.jackson.dataformat + jackson-dataformat-yaml + ${jackson.version} + org.glassfish.jersey.ext jersey-bean-validation diff --git a/plugins/pom.xml b/plugins/pom.xml index 86dfcf98e0c..9a0b19678c3 100644 --- a/plugins/pom.xml +++ b/plugins/pom.xml @@ -18,7 +18,7 @@ information: Portions Copyright [yyyy] [name of copyright owner] CDDL HEADER END -Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. +Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. Portions Copyright (c) 2020, Chris Fraire . --> @@ -75,6 +75,11 @@ Portions Copyright (c) 2020, Chris Fraire . jersey-media-json-jackson ${jersey.version} + + com.fasterxml.jackson.dataformat + jackson-dataformat-yaml + ${jackson.version} + org.glassfish.jersey.inject jersey-hk2 diff --git a/plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java b/plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java index 901fba81c3d..fc211f8a168 100644 --- a/plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java +++ b/plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java @@ -18,15 +18,10 @@ */ /* - * Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin.configuration; -import java.beans.XMLDecoder; -import java.beans.XMLEncoder; -import java.io.BufferedInputStream; -import java.io.BufferedOutputStream; -import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; @@ -36,23 +31,44 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.List; + +import com.fasterxml.jackson.annotation.JsonAutoDetect; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; +import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator; import opengrok.auth.plugin.ldap.LdapServer; import opengrok.auth.plugin.util.WebHooks; /** * Encapsulates configuration for LDAP plugins. */ +@JsonAutoDetect( + fieldVisibility = JsonAutoDetect.Visibility.NONE, + setterVisibility = JsonAutoDetect.Visibility.NONE, + getterVisibility = JsonAutoDetect.Visibility.NONE, + isGetterVisibility = JsonAutoDetect.Visibility.NONE, + creatorVisibility = JsonAutoDetect.Visibility.NONE +) public class Configuration implements Serializable { private static final long serialVersionUID = -1; + @JsonProperty private List servers = new ArrayList<>(); + @JsonProperty private int interval; + @JsonProperty private String searchBase; + @JsonProperty private WebHooks webHooks; + @JsonProperty private int searchTimeout; + @JsonProperty private int connectTimeout; + @JsonProperty private int readTimeout; + @JsonProperty private int countLimit; public void setServers(List servers) { @@ -119,20 +135,19 @@ public void setSearchBase(String base) { this.searchBase = base; } - public String getXMLRepresentationAsString() { + String getObjectRepresentationAsString() throws IOException { ByteArrayOutputStream bos = new ByteArrayOutputStream(); this.encodeObject(bos); return bos.toString(); } - private void encodeObject(OutputStream out) { - try (XMLEncoder e = new XMLEncoder(new BufferedOutputStream(out))) { - e.writeObject(this); - } + void encodeObject(OutputStream out) throws IOException { + var mapper = new ObjectMapper(new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER)); + mapper.writeValue(out, this); } /** - * Read a configuration from a file in XML format. + * Read a configuration from a file. * * @param file input file * @return the new configuration object @@ -144,32 +159,8 @@ public static Configuration read(File file) throws IOException { } } - /** - * Read a configuration from a string in xml format. - * - * @param xmlconfig input string - * @return the new configuration object - * @throws IOException if any error occurs - */ - public static Configuration makeXMLStringAsConfiguration(String xmlconfig) throws IOException { - final Configuration ret; - final ByteArrayInputStream in = new ByteArrayInputStream(xmlconfig.getBytes()); - ret = decodeObject(in); - return ret; - } - - private static Configuration decodeObject(InputStream in) throws IOException { - final Object ret; - - try (XMLDecoder d = new XMLDecoder(new BufferedInputStream(in), null, null, - new PluginConfigurationClassLoader())) { - ret = d.readObject(); - } - - if (!(ret instanceof Configuration)) { - throw new IOException("Not a valid configuration file"); - } - - return (Configuration) ret; + static Configuration decodeObject(InputStream in) throws IOException { + var mapper = new ObjectMapper(new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER)); + return mapper.readValue(in, Configuration.class); } } diff --git a/plugins/src/main/java/opengrok/auth/plugin/configuration/PluginConfigurationClassLoader.java b/plugins/src/main/java/opengrok/auth/plugin/configuration/PluginConfigurationClassLoader.java deleted file mode 100644 index af9db624960..00000000000 --- a/plugins/src/main/java/opengrok/auth/plugin/configuration/PluginConfigurationClassLoader.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * CDDL HEADER START - * - * The contents of this file are subject to the terms of the - * Common Development and Distribution License (the "License"). - * You may not use this file except in compliance with the License. - * - * See LICENSE.txt included in this distribution for the specific - * language governing permissions and limitations under the License. - * - * When distributing Covered Code, include this CDDL HEADER in each - * file and include the License file at LICENSE.txt. - * If applicable, add the following below this CDDL HEADER, with the - * fields enclosed by brackets "[]" replaced with your own identifying - * information: Portions Copyright [yyyy] [name of copyright owner] - * - * CDDL HEADER END - */ - -/* - * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. - */ -package opengrok.auth.plugin.configuration; - -import opengrok.auth.plugin.ldap.LdapServer; -import opengrok.auth.plugin.util.WebHook; -import opengrok.auth.plugin.util.WebHooks; - -import java.beans.XMLDecoder; -import java.util.Collections; -import java.util.Set; -import java.util.stream.Collectors; - -/** - * Temporary hack to prevent {@link XMLDecoder} to deserialize other than allowed classes. This tries to prevent - * calling of methods on {@link ProcessBuilder} or {@link Runtime} (or similar) which could be used for code execution. - */ -public class PluginConfigurationClassLoader extends ClassLoader { - - private static final Set allowedClasses = Set.of( - Collections.class, - Configuration.class, - LdapServer.class, - String.class, - WebHook.class, - WebHooks.class, - XMLDecoder.class - ).stream().map(Class::getName).collect(Collectors.toSet()); - - @Override - public Class loadClass(final String name) throws ClassNotFoundException { - if (!allowedClasses.contains(name)) { - throw new IllegalAccessError(name + " is not allowed to be used in configuration"); - } - - return getClass().getClassLoader().loadClass(name); - } -} diff --git a/plugins/src/main/java/opengrok/auth/plugin/ldap/LdapServer.java b/plugins/src/main/java/opengrok/auth/plugin/ldap/LdapServer.java index fd6ae37f740..2cae1417c32 100644 --- a/plugins/src/main/java/opengrok/auth/plugin/ldap/LdapServer.java +++ b/plugins/src/main/java/opengrok/auth/plugin/ldap/LdapServer.java @@ -18,10 +18,15 @@ */ /* - * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin.ldap; +import com.fasterxml.jackson.annotation.JsonAutoDetect; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonProperty; +import org.jetbrains.annotations.Nullable; + import java.io.IOException; import java.io.Serializable; import java.net.InetAddress; @@ -44,6 +49,13 @@ import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; +@JsonAutoDetect( + fieldVisibility = JsonAutoDetect.Visibility.NONE, + setterVisibility = JsonAutoDetect.Visibility.NONE, + getterVisibility = JsonAutoDetect.Visibility.NONE, + isGetterVisibility = JsonAutoDetect.Visibility.NONE, + creatorVisibility = JsonAutoDetect.Visibility.NONE +) public class LdapServer implements Serializable { private static final long serialVersionUID = -1; @@ -55,17 +67,22 @@ public class LdapServer implements Serializable { private static final String LDAP_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; // default connectTimeout value in milliseconds - private static final int LDAP_CONNECT_TIMEOUT = 5000; + private static final int DEFAULT_LDAP_CONNECT_TIMEOUT = 5000; // default readTimeout value in milliseconds - private static final int LDAP_READ_TIMEOUT = 3000; + private static final int DEFAULT_LDAP_READ_TIMEOUT = 3000; + @JsonProperty private String url; + @JsonProperty private String username; + @JsonProperty private String password; + @JsonProperty private int connectTimeout; + @JsonProperty private int readTimeout; - private int interval = 10 * 1000; + private int interval = 10 * 1000; private final Map env; private transient LdapContext ctx; private long errorTimestamp = 0; @@ -166,6 +183,7 @@ public int getPort() throws URISyntaxException { } } + @JsonIgnore private boolean isReachable(InetAddress addr, int port, int timeOutMillis) { try (Socket soc = new Socket()) { soc.connect(new InetSocketAddress(addr, port), timeOutMillis); @@ -190,6 +208,7 @@ public InetAddress[] getAddresses(String hostname) throws UnknownHostException { * Go through all IP addresses and find out if they are reachable. * @return true if all IP addresses are reachable, false otherwise */ + @JsonIgnore public boolean isReachable() { try { InetAddress[] addresses = getAddresses(urlToHostname(getUrl())); @@ -224,6 +243,7 @@ public boolean isReachable() { * * @return true if it is working */ + @JsonIgnore public synchronized boolean isWorking() { if (ctx == null) { if (!isReachable()) { @@ -240,6 +260,7 @@ public synchronized boolean isWorking() { * * @return the new connection or null */ + @Nullable private synchronized LdapContext connect() { LOGGER.log(Level.INFO, "Connecting to LDAP server {0} ", this); @@ -354,8 +375,8 @@ private static Map prepareEnv() { var e = new HashMap(); e.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_CONTEXT_FACTORY); - e.put(LDAP_CONNECT_TIMEOUT_PARAMETER, Integer.toString(LDAP_CONNECT_TIMEOUT)); - e.put(LDAP_READ_TIMEOUT_PARAMETER, Integer.toString(LDAP_READ_TIMEOUT)); + e.put(LDAP_CONNECT_TIMEOUT_PARAMETER, Integer.toString(DEFAULT_LDAP_CONNECT_TIMEOUT)); + e.put(LDAP_READ_TIMEOUT_PARAMETER, Integer.toString(DEFAULT_LDAP_READ_TIMEOUT)); return e; } diff --git a/plugins/src/test/java/opengrok/auth/plugin/LdapAttrPluginTest.java b/plugins/src/test/java/opengrok/auth/plugin/LdapAttrPluginTest.java index dd2e2467f05..ccdf53313cd 100644 --- a/plugins/src/test/java/opengrok/auth/plugin/LdapAttrPluginTest.java +++ b/plugins/src/test/java/opengrok/auth/plugin/LdapAttrPluginTest.java @@ -18,7 +18,7 @@ */ /* - * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin; @@ -207,7 +207,7 @@ void testAttrLookup() throws LdapException { private Map getParamsMap() { Map params = new TreeMap<>(); params.put(AbstractLdapPlugin.CONFIGURATION_PARAM, - Objects.requireNonNull(getClass().getResource("config.xml")).getFile()); + Objects.requireNonNull(getClass().getResource("config.yml")).getFile()); return params; } diff --git a/plugins/src/test/java/opengrok/auth/plugin/LdapFilterPluginTest.java b/plugins/src/test/java/opengrok/auth/plugin/LdapFilterPluginTest.java index 6b166053b40..5fc744b54d2 100644 --- a/plugins/src/test/java/opengrok/auth/plugin/LdapFilterPluginTest.java +++ b/plugins/src/test/java/opengrok/auth/plugin/LdapFilterPluginTest.java @@ -18,7 +18,7 @@ */ /* - * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin; @@ -121,7 +121,7 @@ void testLoadTransformsNegative() { private Map getParamsMap() { Map params = new TreeMap<>(); params.put(AbstractLdapPlugin.CONFIGURATION_PARAM, - Objects.requireNonNull(getClass().getResource("config.xml")).getFile()); + Objects.requireNonNull(getClass().getResource("config.yml")).getFile()); return params; } diff --git a/plugins/src/test/java/opengrok/auth/plugin/LdapUserPluginTest.java b/plugins/src/test/java/opengrok/auth/plugin/LdapUserPluginTest.java index 96789e3b926..c12318d1203 100644 --- a/plugins/src/test/java/opengrok/auth/plugin/LdapUserPluginTest.java +++ b/plugins/src/test/java/opengrok/auth/plugin/LdapUserPluginTest.java @@ -18,7 +18,7 @@ */ /* - * Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin; @@ -73,7 +73,7 @@ void setUp() { private Map getParamsMap() { Map params = new TreeMap<>(); params.put(AbstractLdapPlugin.CONFIGURATION_PARAM, - getClass().getResource("config.xml").getFile()); + getClass().getResource("config.yml").getFile()); return params; } diff --git a/plugins/src/test/java/opengrok/auth/plugin/configuration/ConfigurationTest.java b/plugins/src/test/java/opengrok/auth/plugin/configuration/ConfigurationTest.java index 8006b69e60c..5834620a596 100644 --- a/plugins/src/test/java/opengrok/auth/plugin/configuration/ConfigurationTest.java +++ b/plugins/src/test/java/opengrok/auth/plugin/configuration/ConfigurationTest.java @@ -18,31 +18,26 @@ */ /* - * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. */ package opengrok.auth.plugin.configuration; -import java.beans.ExceptionListener; -import java.beans.XMLDecoder; -import java.beans.XMLEncoder; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.IOException; +import java.net.URL; import java.util.ArrayList; -import java.util.LinkedList; import java.util.List; import opengrok.auth.plugin.ldap.LdapServer; import opengrok.auth.plugin.util.WebHook; import opengrok.auth.plugin.util.WebHooks; +import org.jetbrains.annotations.NotNull; import org.junit.jupiter.api.Test; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.ValueSource; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertThrows; /** * @@ -50,103 +45,54 @@ */ class ConfigurationTest { + /** + * Create sample configuration object, encode it to a byte array, decode it to a new object, + * compare the string representations of the two objects and some of the members. + * @throws IOException on I/O error + */ @Test - void testEncodeDecode() { - // Create an exception listener to detect errors while encoding and - // decoding - final LinkedList exceptions = new LinkedList<>(); - ExceptionListener listener = exceptions::addLast; - + void testEncodeDecode() throws IOException { ByteArrayOutputStream out = new ByteArrayOutputStream(); - XMLEncoder enc = new XMLEncoder(out); - enc.setExceptionListener(listener); + Configuration configuration1 = createSampleConfiguration(); + configuration1.encodeObject(out); + ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); + + Configuration configuration2 = Configuration.decodeObject(in); + assertNotNull(configuration2); + assertEquals(configuration1.getObjectRepresentationAsString(), + configuration2.getObjectRepresentationAsString()); - Configuration configuration1 = new Configuration(); - configuration1.setInterval(500); - configuration1.setSearchTimeout(1000); - configuration1.setConnectTimeout(42); - configuration1.setCountLimit(10); - configuration1.setServers(new ArrayList<>(List.of(new LdapServer("http://server.com")))); + // Check some of the properties as a smoke test. + assertEquals(configuration1.getInterval(), configuration2.getInterval()); + assertEquals(configuration1.getServers().size(), configuration2.getServers().size()); + assertEquals(configuration1.getServers().get(0).getUrl(), configuration2.getServers().get(0).getUrl()); + assertEquals(configuration1.getWebHooks().getFail().getURI(), configuration2.getWebHooks().getFail().getURI()); + } + + private static @NotNull Configuration createSampleConfiguration() { + Configuration configuration = new Configuration(); + configuration.setInterval(500); + configuration.setSearchTimeout(1000); + configuration.setConnectTimeout(42); + configuration.setCountLimit(10); + LdapServer ldapServer1 = new LdapServer("ldap://localhost"); + LdapServer ldapServer2 = new LdapServer("ldaps://example.com", "username", "password"); + configuration.setServers(new ArrayList<>(List.of(ldapServer1, ldapServer2))); WebHooks webHooks = new WebHooks(); WebHook hook = new WebHook(); hook.setContent("foo"); hook.setURI("http://localhost:8080/source/api/v1/messages"); webHooks.setFail(hook); - configuration1.setWebHooks(webHooks); - - enc.writeObject(configuration1); - enc.close(); - - // verify that the write didn't fail - if (!exceptions.isEmpty()) { - throw new AssertionError( "Got " + exceptions.size() + " exception(s)", exceptions.getFirst()); - } - - ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); - XMLDecoder dec = new XMLDecoder(in, null, listener); - Configuration configuration2 = (Configuration) dec.readObject(); - assertNotNull(configuration2); - assertEquals(configuration1.getXMLRepresentationAsString(), - configuration2.getXMLRepresentationAsString()); - - dec.close(); - // verify that the read didn't fail - if (!exceptions.isEmpty()) { - throw new AssertionError( "Got " + exceptions.size() + " exception(s)", exceptions.getFirst()); - } - } - - @ParameterizedTest - @ValueSource(strings = { - "\n" + - "\n" + - " \n" + - " \n" + - " \n" + - " \n" + - " /usr/bin/nc\n" + - " \n" + - " \n" + - " -l\n" + - " \n" + - " \n" + - " \n" + - " \n" + - "", - "\n" + - "\n" + - " \n" + - " \n" + - " \n" + - " /usr/bin/curl https://oracle.com\n" + - " \n" + - " \n" + - " \n" + - " \n" + - "", - "\n" + - "\n" + - " \n" + - " opengrok_test.txt\n" + - " \n" + - " \n" + - " 96\n" + - " 96\n" + - " 96\n" + - " \n" + - " \n" + - " \n" + - " \n" + - "" - }) - void testDeserializationOfNotWhiteListedClassThrowsError(final String exploit) { - assertThrows(IllegalAccessError.class, () -> Configuration.makeXMLStringAsConfiguration(exploit)); + configuration.setWebHooks(webHooks); + return configuration; } @Test void testReadCacheValid() throws IOException { - File testFile = new File(ConfigurationTest.class.getClassLoader(). - getResource("opengrok/auth/plugin/configuration/plugin-config.xml").getFile()); + URL url = ConfigurationTest.class.getClassLoader(). + getResource("opengrok/auth/plugin/configuration/plugin-config.yml"); + assertNotNull(url); + File testFile = new File(url.getFile()); Configuration config = Configuration.read(testFile); assertNotNull(config); assertEquals(2, config.getServers().size()); diff --git a/plugins/src/test/resources/opengrok/auth/plugin/config.xml b/plugins/src/test/resources/opengrok/auth/plugin/config.xml deleted file mode 100644 index e7432f99659..00000000000 --- a/plugins/src/test/resources/opengrok/auth/plugin/config.xml +++ /dev/null @@ -1,23 +0,0 @@ - - - - - 100 - - - dc=foobar,dc=com - - - - - - ldap://ldap.foobar.com - - - 10 - - - - - - diff --git a/plugins/src/test/resources/opengrok/auth/plugin/config.yml b/plugins/src/test/resources/opengrok/auth/plugin/config.yml new file mode 100644 index 00000000000..e0f3aa4a1c4 --- /dev/null +++ b/plugins/src/test/resources/opengrok/auth/plugin/config.yml @@ -0,0 +1,5 @@ +servers: + - url: "ldap://example.com" + connectTimeout: 10 +interval: 100 +searchBase: dc=example,dc=com diff --git a/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.xml b/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.xml deleted file mode 100644 index 732c3c3c621..00000000000 --- a/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.xml +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - - - http://localhost:8080/source/api/v1/messages - - - { "tags": [ "main" ], "messageLevel": "error", "text": "LDAP failed", "duration": "PT1M" } - - - - - - - - 900000 - - - 500 - - - dc=foobar,dc=com - - - 5000 - - - 100 - - - - - - ldap://ldap1.foobar.com - - - 5000 - - - - - - - ldap://ldap2.foobar.com - - - - - - diff --git a/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.yml b/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.yml new file mode 100644 index 00000000000..1062a2ffba6 --- /dev/null +++ b/plugins/src/test/resources/opengrok/auth/plugin/configuration/plugin-config.yml @@ -0,0 +1,13 @@ +servers: + - url: "ldap://foo.example.com" + connectTimeout: 5000 + - url: "ldap://bar.example.com" +interval: 900000 +searchBase: dc=example,dc=com +webHooks: + fail: + uri: "http://localhost:8080/source/api/v1/messages" + content: '{ "tags": [ "main" ], "messageLevel": "error", "text": "LDAP failed", "duration": "PT1M" }' +searchTimeout: 500 +connectTimeout: 5000 +countLimit: 100