Skip to content

Commit

Permalink
[ISSUE #10734] Implement http request param check filter and http par…
Browse files Browse the repository at this point in the history
…am extractors (#10758)

* For #10734,Implement grpc server interceptor and grpc param extractors

* For #10734,add unit test for grpc server interceptor and grpc param extractors

* For #10734,alter the test case

* For #10734,delete the ConnectionSetupRequestParamExtractor

* For #10734,add the naming http request param check filter and implement the naming http request param extractors

* For #10734,add unit test for naming http request param extractors

* For #10734,Implement grpc server interceptor and grpc param extractors

* For #10734,add unit test for grpc server interceptor and grpc param extractors

* For #10734,delete the ConnectionSetupRequestParamExtractor

* For #10734,add the naming http request param check filter and implement the naming http request param extractors

* For #10734,add unit test for naming http request param extractors

* For #10734,add the config http request param check filter and implement the config http request param extractors and unit test

* For #10734,add the console http request param check filter and implement the console http request param extractors and unit test

* For #10734,fix code style

* For #10734,alter the logic of exception handle in filter

* For #10734,fix code style
  • Loading branch information
Sunrisea authored Jul 11, 2023
1 parent 1f5dbf0 commit c7a20bd
Show file tree
Hide file tree
Showing 24 changed files with 1,174 additions and 4 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 1999-2018 Alibaba Group Holding Ltd.
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -16,8 +16,9 @@

package com.alibaba.nacos.config.server.configuration;

import com.alibaba.nacos.config.server.filter.NacosWebFilter;
import com.alibaba.nacos.config.server.filter.CircuitFilter;
import com.alibaba.nacos.config.server.filter.ConfigParamCheckFilter;
import com.alibaba.nacos.config.server.filter.NacosWebFilter;
import com.alibaba.nacos.persistence.configuration.condition.ConditionDistributedEmbedStorage;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
Expand Down Expand Up @@ -65,4 +66,19 @@ public CircuitFilter transferToLeader() {
return new CircuitFilter();
}

@Bean
public FilterRegistrationBean<ConfigParamCheckFilter> configParamCheckFilterRegistration() {
FilterRegistrationBean<ConfigParamCheckFilter> registration = new FilterRegistrationBean<>();
registration.setFilter(configParamCheckFilter());
registration.addUrlPatterns("/v1/cs/*");
registration.addUrlPatterns("/v2/cs/*");
registration.setName("configparamcheckfilter");
registration.setOrder(8);
return registration;
}

@Bean
public ConfigParamCheckFilter configParamCheckFilter() {
return new ConfigParamCheckFilter();
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.alibaba.nacos.config.server.filter;

import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import com.alibaba.nacos.sys.env.EnvUtil;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
* Config param check filter.
*
* @author zhuoguang
*/
public class ConfigParamCheckFilter implements Filter {

private static final String MODULE = "config";

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
boolean ifParamCheck = EnvUtil.getProperty("nacos.paramcheck", Boolean.class, true);
if (!ifParamCheck) {
chain.doFilter(request, response);
return;
}
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
try {
String uri = req.getRequestURI();
String method = req.getMethod();
HttpParamExtractorManager extractorManager = HttpParamExtractorManager.getInstance();
AbstractHttpParamExtractor paramExtractor = extractorManager.getExtractor(uri, method, MODULE);
paramExtractor.extractParamAndCheck(req);
chain.doFilter(req, resp);
} catch (Exception e) {
resp.setStatus(400);
PrintWriter writer = resp.getWriter();
writer.print(e.getMessage());
writer.flush();
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.alibaba.nacos.config.server.paramcheck;

import com.alibaba.nacos.common.paramcheck.ParamCheckUtils;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.common.utils.StringUtils;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;

import javax.servlet.http.HttpServletRequest;

/**
* Config default http param extractor.
*
* @author zhuoguang
*/
public class ConfigDefaultHttpParamExtractor extends AbstractHttpParamExtractor {

@Override
public void init() {
addDefaultTargetRequest("config");
}

@Override
public void extractParamAndCheck(HttpServletRequest request) {
ParamInfo paramInfo = new ParamInfo();
paramInfo.setNamespaceId(getAliasNamespaceId(request));
paramInfo.setDataId(getAliasDataId(request));
paramInfo.setGroup(getAliasGroup(request));
paramInfo.setIp(getAliasIp(request));
ParamCheckUtils.checkParamInfoFormat(paramInfo);
}

private String getAliasNamespaceId(HttpServletRequest request) {
String namespaceid = request.getParameter("namespaceId");
if (StringUtils.isBlank(namespaceid)) {
namespaceid = request.getParameter("tenant");
}
if (StringUtils.isBlank(namespaceid)) {
namespaceid = request.getParameter("namespace");
}
return namespaceid;
}

private String getAliasDataId(HttpServletRequest request) {
String dataid = request.getParameter("dataId");
return dataid;
}

private String getAliasGroup(HttpServletRequest request) {
String group = request.getParameter("group");
return group;
}

private String getAliasIp(HttpServletRequest request) {
String ip = request.getParameter("ip");
return ip;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.alibaba.nacos.config.server.paramcheck;

import com.alibaba.nacos.common.paramcheck.ParamCheckUtils;
import com.alibaba.nacos.common.paramcheck.ParamInfo;
import com.alibaba.nacos.common.utils.HttpMethod;
import com.alibaba.nacos.common.utils.StringUtils;
import com.alibaba.nacos.config.server.constant.Constants;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;

import javax.servlet.http.HttpServletRequest;
import java.net.URLDecoder;

/**
* ConfigListener http param extractor.
*
* @author zhuoguang
*/
public class ConfigListenerHttpParamExtractor extends AbstractHttpParamExtractor {

static final char WORD_SEPARATOR_CHAR = (char) 2;

static final char LINE_SEPARATOR_CHAR = (char) 1;

@Override
public void init() {
addTargetRequest(Constants.CONFIG_CONTROLLER_PATH + "/listener", HttpMethod.POST);
}

@Override
public void extractParamAndCheck(HttpServletRequest request) throws Exception {
String listenConfigs = request.getParameter("Listening-Configs");
if (StringUtils.isBlank(listenConfigs)) {
return;
}
listenConfigs = URLDecoder.decode(listenConfigs, Constants.ENCODE);
if (StringUtils.isBlank(listenConfigs)) {
return;
}
String[] lines = listenConfigs.split(Character.toString(LINE_SEPARATOR_CHAR));
for (String line : lines) {
ParamInfo paramInfo = new ParamInfo();
String[] words = line.split(Character.toString(WORD_SEPARATOR_CHAR));
if (words.length < 3 || words.length > 4) {
throw new IllegalArgumentException("invalid probeModify");
}
paramInfo.setDataId(words[0]);
paramInfo.setGroup(words[1]);
if (words.length == 4) {
paramInfo.setNamespaceId(words[3]);
}
ParamCheckUtils.checkParamInfoFormat(paramInfo);
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#
# Copyright 1999-2023 Alibaba Group Holding Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

com.alibaba.nacos.config.server.paramcheck.ConfigDefaultHttpParamExtractor
com.alibaba.nacos.config.server.paramcheck.ConfigListenerHttpParamExtractor
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.alibaba.nacos.config.server.paramcheck;

import com.alibaba.nacos.common.utils.HttpMethod;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;

import static org.junit.Assert.assertEquals;

/**
* The type Config default http param extractor test.
*
* @author zhuoguang
*/
public class ConfigDefaultHttpParamExtractorTest {

/**
* Extract param and check.
*/
@Test
public void extractParamAndCheck() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/nacos/v1/cs/testst");
request.setMethod(HttpMethod.PUT);
HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance();
AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "config");
assertEquals(ConfigDefaultHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName());
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
/*
* Copyright 1999-2023 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.alibaba.nacos.config.server.paramcheck;

import com.alibaba.nacos.common.utils.HttpMethod;
import com.alibaba.nacos.config.server.constant.Constants;
import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor;
import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;

import static org.junit.Assert.assertEquals;

/**
* The type Config listener http param extractor test.
*
* @author zhuoguang
*/
public class ConfigListenerHttpParamExtractorTest {

@Test
public void extractParamAndCheck() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/nacos" + Constants.CONFIG_CONTROLLER_PATH + "/listener");
request.setMethod(HttpMethod.POST);
HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance();
AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "config");
assertEquals(ConfigListenerHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName());
}
}
Loading

0 comments on commit c7a20bd

Please sign in to comment.