diff --git a/config/src/main/java/com/alibaba/nacos/config/server/configuration/NacosConfigConfiguration.java b/config/src/main/java/com/alibaba/nacos/config/server/configuration/NacosConfigConfiguration.java index 3fa606b3358..85369d3bb55 100644 --- a/config/src/main/java/com/alibaba/nacos/config/server/configuration/NacosConfigConfiguration.java +++ b/config/src/main/java/com/alibaba/nacos/config/server/configuration/NacosConfigConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 Alibaba Group Holding Ltd. + * Copyright 1999-2023 Alibaba Group Holding Ltd. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,8 +16,9 @@ package com.alibaba.nacos.config.server.configuration; -import com.alibaba.nacos.config.server.filter.NacosWebFilter; import com.alibaba.nacos.config.server.filter.CircuitFilter; +import com.alibaba.nacos.config.server.filter.ConfigParamCheckFilter; +import com.alibaba.nacos.config.server.filter.NacosWebFilter; import com.alibaba.nacos.persistence.configuration.condition.ConditionDistributedEmbedStorage; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; @@ -65,4 +66,19 @@ public CircuitFilter transferToLeader() { return new CircuitFilter(); } + @Bean + public FilterRegistrationBean configParamCheckFilterRegistration() { + FilterRegistrationBean registration = new FilterRegistrationBean<>(); + registration.setFilter(configParamCheckFilter()); + registration.addUrlPatterns("/v1/cs/*"); + registration.addUrlPatterns("/v2/cs/*"); + registration.setName("configparamcheckfilter"); + registration.setOrder(8); + return registration; + } + + @Bean + public ConfigParamCheckFilter configParamCheckFilter() { + return new ConfigParamCheckFilter(); + } } diff --git a/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java b/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java new file mode 100644 index 00000000000..08422525367 --- /dev/null +++ b/config/src/main/java/com/alibaba/nacos/config/server/filter/ConfigParamCheckFilter.java @@ -0,0 +1,66 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.config.server.filter; + +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.sys.env.EnvUtil; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * Config param check filter. + * + * @author zhuoguang + */ +public class ConfigParamCheckFilter implements Filter { + + private static final String MODULE = "config"; + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + boolean ifParamCheck = EnvUtil.getProperty("nacos.paramcheck", Boolean.class, true); + if (!ifParamCheck) { + chain.doFilter(request, response); + return; + } + HttpServletRequest req = (HttpServletRequest) request; + HttpServletResponse resp = (HttpServletResponse) response; + try { + String uri = req.getRequestURI(); + String method = req.getMethod(); + HttpParamExtractorManager extractorManager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor paramExtractor = extractorManager.getExtractor(uri, method, MODULE); + paramExtractor.extractParamAndCheck(req); + chain.doFilter(req, resp); + } catch (Exception e) { + resp.setStatus(400); + PrintWriter writer = resp.getWriter(); + writer.print(e.getMessage()); + writer.flush(); + } + } +} diff --git a/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractor.java b/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractor.java new file mode 100644 index 00000000000..e85762aecc5 --- /dev/null +++ b/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractor.java @@ -0,0 +1,73 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.config.server.paramcheck; + +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; + +import javax.servlet.http.HttpServletRequest; + +/** + * Config default http param extractor. + * + * @author zhuoguang + */ +public class ConfigDefaultHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addDefaultTargetRequest("config"); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) { + ParamInfo paramInfo = new ParamInfo(); + paramInfo.setNamespaceId(getAliasNamespaceId(request)); + paramInfo.setDataId(getAliasDataId(request)); + paramInfo.setGroup(getAliasGroup(request)); + paramInfo.setIp(getAliasIp(request)); + ParamCheckUtils.checkParamInfoFormat(paramInfo); + } + + private String getAliasNamespaceId(HttpServletRequest request) { + String namespaceid = request.getParameter("namespaceId"); + if (StringUtils.isBlank(namespaceid)) { + namespaceid = request.getParameter("tenant"); + } + if (StringUtils.isBlank(namespaceid)) { + namespaceid = request.getParameter("namespace"); + } + return namespaceid; + } + + private String getAliasDataId(HttpServletRequest request) { + String dataid = request.getParameter("dataId"); + return dataid; + } + + private String getAliasGroup(HttpServletRequest request) { + String group = request.getParameter("group"); + return group; + } + + private String getAliasIp(HttpServletRequest request) { + String ip = request.getParameter("ip"); + return ip; + } +} diff --git a/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractor.java b/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractor.java new file mode 100644 index 00000000000..2c6a9b60e8d --- /dev/null +++ b/config/src/main/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractor.java @@ -0,0 +1,70 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.config.server.paramcheck; + +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.config.server.constant.Constants; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; + +import javax.servlet.http.HttpServletRequest; +import java.net.URLDecoder; + +/** + * ConfigListener http param extractor. + * + * @author zhuoguang + */ +public class ConfigListenerHttpParamExtractor extends AbstractHttpParamExtractor { + + static final char WORD_SEPARATOR_CHAR = (char) 2; + + static final char LINE_SEPARATOR_CHAR = (char) 1; + + @Override + public void init() { + addTargetRequest(Constants.CONFIG_CONTROLLER_PATH + "/listener", HttpMethod.POST); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws Exception { + String listenConfigs = request.getParameter("Listening-Configs"); + if (StringUtils.isBlank(listenConfigs)) { + return; + } + listenConfigs = URLDecoder.decode(listenConfigs, Constants.ENCODE); + if (StringUtils.isBlank(listenConfigs)) { + return; + } + String[] lines = listenConfigs.split(Character.toString(LINE_SEPARATOR_CHAR)); + for (String line : lines) { + ParamInfo paramInfo = new ParamInfo(); + String[] words = line.split(Character.toString(WORD_SEPARATOR_CHAR)); + if (words.length < 3 || words.length > 4) { + throw new IllegalArgumentException("invalid probeModify"); + } + paramInfo.setDataId(words[0]); + paramInfo.setGroup(words[1]); + if (words.length == 4) { + paramInfo.setNamespaceId(words[3]); + } + ParamCheckUtils.checkParamInfoFormat(paramInfo); + } + } +} diff --git a/config/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor b/config/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor new file mode 100644 index 00000000000..0e04de6d2b8 --- /dev/null +++ b/config/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor @@ -0,0 +1,18 @@ +# +# Copyright 1999-2023 Alibaba Group Holding Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +com.alibaba.nacos.config.server.paramcheck.ConfigDefaultHttpParamExtractor +com.alibaba.nacos.config.server.paramcheck.ConfigListenerHttpParamExtractor \ No newline at end of file diff --git a/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractorTest.java b/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractorTest.java new file mode 100644 index 00000000000..bf234f9b18d --- /dev/null +++ b/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigDefaultHttpParamExtractorTest.java @@ -0,0 +1,46 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.config.server.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Config default http param extractor test. + * + * @author zhuoguang + */ +public class ConfigDefaultHttpParamExtractorTest { + + /** + * Extract param and check. + */ + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos/v1/cs/testst"); + request.setMethod(HttpMethod.PUT); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "config"); + assertEquals(ConfigDefaultHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractorTest.java b/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractorTest.java new file mode 100644 index 00000000000..6cc32bbc41a --- /dev/null +++ b/config/src/test/java/com/alibaba/nacos/config/server/paramcheck/ConfigListenerHttpParamExtractorTest.java @@ -0,0 +1,44 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.config.server.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.config.server.constant.Constants; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Config listener http param extractor test. + * + * @author zhuoguang + */ +public class ConfigListenerHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos" + Constants.CONFIG_CONTROLLER_PATH + "/listener"); + request.setMethod(HttpMethod.POST); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "config"); + assertEquals(ConfigListenerHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/console/src/main/java/com/alibaba/nacos/console/config/ConsoleFilterConfig.java b/console/src/main/java/com/alibaba/nacos/console/config/ConsoleFilterConfig.java new file mode 100644 index 00000000000..0d2942d40d1 --- /dev/null +++ b/console/src/main/java/com/alibaba/nacos/console/config/ConsoleFilterConfig.java @@ -0,0 +1,47 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.console.config; + +import com.alibaba.nacos.console.filter.ConsoleParamCheckFilter; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +/** + * Console filter config. + * + * @author zhuoguang + */ +@Configuration +public class ConsoleFilterConfig { + + @Bean + public FilterRegistrationBean consoleParamCheckFilterRegistration() { + FilterRegistrationBean registration = new FilterRegistrationBean<>(); + registration.setFilter(consoleParamCheckFilter()); + registration.addUrlPatterns("/v1/console/*"); + registration.addUrlPatterns("/v2/console/*"); + registration.setName("consoleparamcheckfilter"); + registration.setOrder(8); + return registration; + } + + @Bean + public ConsoleParamCheckFilter consoleParamCheckFilter() { + return new ConsoleParamCheckFilter(); + } +} diff --git a/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java b/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java new file mode 100644 index 00000000000..78e74cb8a82 --- /dev/null +++ b/console/src/main/java/com/alibaba/nacos/console/filter/ConsoleParamCheckFilter.java @@ -0,0 +1,66 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.console.filter; + +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.sys.env.EnvUtil; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * console param check filter. + * + * @author zhuoguang + */ +public class ConsoleParamCheckFilter implements Filter { + + private static final String MODULE = "console"; + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + boolean ifParamCheck = EnvUtil.getProperty("nacos.paramcheck", Boolean.class, true); + if (!ifParamCheck) { + chain.doFilter(request, response); + return; + } + HttpServletRequest req = (HttpServletRequest) request; + HttpServletResponse resp = (HttpServletResponse) response; + try { + String uri = req.getRequestURI(); + String method = req.getMethod(); + HttpParamExtractorManager extractorManager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor paramExtractor = extractorManager.getExtractor(uri, method, MODULE); + paramExtractor.extractParamAndCheck(req); + chain.doFilter(request, resp); + } catch (Exception e) { + resp.setStatus(400); + PrintWriter writer = resp.getWriter(); + writer.print(e.getMessage()); + writer.flush(); + } + } +} diff --git a/console/src/main/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractor.java b/console/src/main/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractor.java new file mode 100644 index 00000000000..f495cf4c045 --- /dev/null +++ b/console/src/main/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractor.java @@ -0,0 +1,58 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.console.paramcheck; + +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; + +import javax.servlet.http.HttpServletRequest; + +/** + * Console default http param extractor. + * + * @author zhuoguang + */ +public class ConsoleDefaultHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addDefaultTargetRequest("console"); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws Exception { + ParamInfo paramInfo = new ParamInfo(); + paramInfo.setNamespaceId(getAliasNamespaceId(request)); + paramInfo.setNamespaceShowName(getAliasNamespaceShowName(request)); + ParamCheckUtils.checkParamInfoFormat(paramInfo); + } + + private String getAliasNamespaceId(HttpServletRequest request) { + String namespaceId = request.getParameter("namespaceId"); + if (StringUtils.isBlank(namespaceId)) { + namespaceId = request.getParameter("customNamespaceId"); + } + return namespaceId; + } + + private String getAliasNamespaceShowName(HttpServletRequest request) { + String namespaceShowName = request.getParameter("namespaceName"); + return namespaceShowName; + } +} diff --git a/console/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor b/console/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor new file mode 100644 index 00000000000..d0f95df4807 --- /dev/null +++ b/console/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor @@ -0,0 +1,17 @@ +# +# Copyright 1999-2023 Alibaba Group Holding Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +com.alibaba.nacos.console.paramcheck.ConsoleDefaultHttpParamExtractor \ No newline at end of file diff --git a/console/src/test/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractorTest.java b/console/src/test/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractorTest.java new file mode 100644 index 00000000000..f6e4dffca43 --- /dev/null +++ b/console/src/test/java/com/alibaba/nacos/console/paramcheck/ConsoleDefaultHttpParamExtractorTest.java @@ -0,0 +1,43 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.console.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Console default http param extractor test. + * + * @author zhuoguang + */ +public class ConsoleDefaultHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setMethod(HttpMethod.POST); + request.setRequestURI("/nacos/v2/console/namespace"); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "console"); + assertEquals(ConsoleDefaultHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractor.java b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractor.java new file mode 100644 index 00000000000..2357416b532 --- /dev/null +++ b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractor.java @@ -0,0 +1,103 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.api.common.Constants; +import com.alibaba.nacos.api.exception.NacosException; +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; + +import javax.servlet.http.HttpServletRequest; + +/** + * Naming default http param extractor. + * + * @author zhuoguang + */ +public class NamingDefaultHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addDefaultTargetRequest("naming"); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws NacosException { + ParamInfo paramInfo = new ParamInfo(); + paramInfo.setIp(getAliasIp(request)); + paramInfo.setPort(getAliasPort(request)); + paramInfo.setNamespaceId(getAliasNamespaceId(request)); + paramInfo.setCluster(getAliasClusterName(request)); + String serviceName = getAliasServiceName(request); + String groupName = getAliasGroupName(request); + String groupServiceName = serviceName; + if (StringUtils.isNotBlank(groupServiceName) && groupServiceName.contains(Constants.SERVICE_INFO_SPLITER)) { + String[] splits = groupServiceName.split(Constants.SERVICE_INFO_SPLITER, 2); + groupName = splits[0]; + serviceName = splits[1]; + } + paramInfo.setServiceName(serviceName); + paramInfo.setGroup(groupName); + paramInfo.setMetadata(UtilsAndCommons.parseMetadata(request.getParameter("metadata"))); + ParamCheckUtils.checkParamInfoFormat(paramInfo); + } + + private String getAliasNamespaceId(HttpServletRequest request) { + String namespaceid = request.getParameter("namespaceId"); + return namespaceid; + } + + private String getAliasIp(HttpServletRequest request) { + String ip = request.getParameter("ip"); + return ip; + } + + private String getAliasPort(HttpServletRequest request) { + String port = request.getParameter("port"); + if (StringUtils.isBlank(port)) { + port = request.getParameter("checkPort"); + } + return port; + } + + private String getAliasServiceName(HttpServletRequest request) { + String serviceName = request.getParameter("serviceName"); + if (StringUtils.isBlank(serviceName)) { + serviceName = request.getParameter("serviceNameParam"); + } + return serviceName; + } + + private String getAliasGroupName(HttpServletRequest request) { + String groupName = request.getParameter("groupName"); + if (StringUtils.isBlank(groupName)) { + groupName = request.getParameter("groupNameParam"); + } + return groupName; + } + + private String getAliasClusterName(HttpServletRequest request) { + String clusterName = request.getParameter("clusterName"); + if (StringUtils.isBlank(clusterName)) { + clusterName = request.getParameter("cluster"); + } + return clusterName; + } +} diff --git a/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractor.java b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractor.java new file mode 100644 index 00000000000..17b0cb9f2dc --- /dev/null +++ b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractor.java @@ -0,0 +1,73 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.api.common.Constants; +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.common.utils.JacksonUtils; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.naming.healthcheck.RsInfo; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; + +import javax.servlet.http.HttpServletRequest; + +/** + * Naming instance beat http param extractor. + * + * @author zhuoguang + */ +public class NamingInstanceBeatHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addTargetRequest(UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/beat", + HttpMethod.PUT); + addTargetRequest(UtilsAndCommons.DEFAULT_NACOS_NAMING_CONTEXT_V2 + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + + "/beat", HttpMethod.PUT); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws Exception { + ParamInfo paramInfo = new ParamInfo(); + String serviceName = request.getParameter("serviceName"); + String groupName = request.getParameter("groupName"); + String groupServiceName = serviceName; + if (StringUtils.isNotBlank(groupServiceName) && groupServiceName.contains(Constants.SERVICE_INFO_SPLITER)) { + String[] splits = groupServiceName.split(Constants.SERVICE_INFO_SPLITER, 2); + groupName = splits[0]; + serviceName = splits[1]; + } + paramInfo.setServiceName(serviceName); + paramInfo.setGroup(groupName); + paramInfo.setIp(request.getParameter("ip")); + paramInfo.setPort(request.getParameter("port")); + paramInfo.setNamespaceId(request.getParameter("namespaceId")); + ParamCheckUtils.checkParamInfoFormat(paramInfo); + String beatString = request.getParameter("beat"); + if (StringUtils.isNotBlank(beatString)) { + RsInfo clientBeat = JacksonUtils.toObj(beatString, RsInfo.class); + ParamInfo beatParamInfo = new ParamInfo(); + beatParamInfo.setIp(clientBeat.getIp()); + beatParamInfo.setPort(String.valueOf(clientBeat.getPort())); + beatParamInfo.setCluster(clientBeat.getCluster()); + ParamCheckUtils.checkParamInfoFormat(beatParamInfo); + } + } +} diff --git a/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractor.java b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractor.java new file mode 100644 index 00000000000..f5eafa38daa --- /dev/null +++ b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractor.java @@ -0,0 +1,65 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.api.common.Constants; +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; + +import javax.servlet.http.HttpServletRequest; + +/** + * Naming instance list http param extractor. + * + * @author zhuoguang + */ +public class NamingInstanceListHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addTargetRequest(UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/list", + HttpMethod.GET); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws Exception { + ParamInfo paramInfo = new ParamInfo(); + String serviceName = request.getParameter("serviceName"); + String groupName = request.getParameter("groupName"); + String groupServiceName = serviceName; + if (StringUtils.isNotBlank(groupServiceName) && groupServiceName.contains(Constants.SERVICE_INFO_SPLITER)) { + String[] splits = groupServiceName.split(Constants.SERVICE_INFO_SPLITER, 2); + groupName = splits[0]; + serviceName = splits[1]; + } + paramInfo.setServiceName(serviceName); + paramInfo.setGroup(groupName); + paramInfo.setNamespaceId(request.getParameter("namespaceId")); + String clusters = request.getParameter(request.getParameter("clusters")); + if (StringUtils.isNotBlank(clusters)) { + String[] cluster = clusters.split(","); + for (String clusterName : cluster) { + ParamCheckUtils.checkClusterFormat(clusterName); + } + } + ParamCheckUtils.checkParamInfoFormat(paramInfo); + } +} diff --git a/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractor.java b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractor.java new file mode 100644 index 00000000000..3575d7f8dca --- /dev/null +++ b/naming/src/main/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractor.java @@ -0,0 +1,82 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.api.common.Constants; +import com.alibaba.nacos.api.naming.pojo.Instance; +import com.alibaba.nacos.common.paramcheck.ParamCheckUtils; +import com.alibaba.nacos.common.paramcheck.ParamInfo; +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.common.utils.JacksonUtils; +import com.alibaba.nacos.common.utils.StringUtils; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; +import com.fasterxml.jackson.core.type.TypeReference; + +import javax.servlet.http.HttpServletRequest; +import java.util.List; + +/** + * Naming instance metadata batch http param extractor. + * + * @author zhuoguang + */ +public class NamingInstanceMetadataBatchHttpParamExtractor extends AbstractHttpParamExtractor { + + @Override + public void init() { + addTargetRequest(UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/metadata/batch", + HttpMethod.PUT); + addTargetRequest(UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/metadata/batch", + HttpMethod.DELETE); + addTargetRequest(UtilsAndCommons.DEFAULT_NACOS_NAMING_CONTEXT_V2 + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/metadata/batch", + HttpMethod.PUT); + addTargetRequest(UtilsAndCommons.DEFAULT_NACOS_NAMING_CONTEXT_V2 + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/metadata/batch", + HttpMethod.DELETE); + } + + @Override + public void extractParamAndCheck(HttpServletRequest request) throws Exception { + ParamInfo paramInfo = new ParamInfo(); + String serviceName = request.getParameter("serviceName"); + String groupName = request.getParameter("groupName"); + String groupServiceName = serviceName; + if (StringUtils.isNotBlank(groupServiceName) && groupServiceName.contains(Constants.SERVICE_INFO_SPLITER)) { + String[] splits = groupServiceName.split(Constants.SERVICE_INFO_SPLITER, 2); + groupName = splits[0]; + serviceName = splits[1]; + } + paramInfo.setServiceName(serviceName); + paramInfo.setGroup(groupName); + paramInfo.setNamespaceId(request.getParameter("namespaceId")); + paramInfo.setMetadata(UtilsAndCommons.parseMetadata(request.getParameter("metadata"))); + ParamCheckUtils.checkParamInfoFormat(paramInfo); + + String instances = request.getParameter("instances"); + if (StringUtils.isNotBlank(instances)) { + List targetInstances = JacksonUtils.toObj(instances, new TypeReference>() { + }); + for (Instance instance : targetInstances) { + ParamInfo instanceParamInfo = new ParamInfo(); + instanceParamInfo.setIp(instance.getIp()); + instanceParamInfo.setPort(String.valueOf(instance.getPort())); + instanceParamInfo.setCluster(instance.getClusterName()); + ParamCheckUtils.checkParamInfoFormat(instanceParamInfo); + } + } + } +} diff --git a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingConfig.java b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingConfig.java index 9e172bd6842..32ab276b5db 100644 --- a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingConfig.java +++ b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingConfig.java @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 Alibaba Group Holding Ltd. + * Copyright 1999-2023 Alibaba Group Holding Ltd. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -30,6 +30,8 @@ public class NamingConfig { private static final String UTL_PATTERNS = "/v1/ns/*"; + private static final String UTL_PATTERNS_V2 = "/v2/ns/*"; + private static final String DISTRO_FILTER = "distroFilter"; private static final String SERVICE_NAME_FILTER = "serviceNameFilter"; @@ -38,6 +40,8 @@ public class NamingConfig { private static final String CLIENT_ATTRIBUTES_FILTER = "clientAttributes_filter"; + private static final String NAMING_PARAM_CHECK_FILTER = "namingparamCheckFilter"; + @Bean public FilterRegistrationBean distroFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean<>(); @@ -78,6 +82,17 @@ public FilterRegistrationBean clientAttributesFilterRegi return registration; } + @Bean + public FilterRegistrationBean paramCheckFilterRegistration() { + FilterRegistrationBean registration = new FilterRegistrationBean<>(); + registration.setFilter(namingParamCheckFilter()); + registration.addUrlPatterns(UTL_PATTERNS); + registration.addUrlPatterns(UTL_PATTERNS_V2); + registration.setName(NAMING_PARAM_CHECK_FILTER); + registration.setOrder(10); + return registration; + } + @Bean public DistroFilter distroFilter() { return new DistroFilter(); @@ -97,4 +112,9 @@ public ServiceNameFilter serviceNameFilter() { public ClientAttributesFilter clientAttributesFilter() { return new ClientAttributesFilter(); } + + @Bean + public NamingParamCheckFilter namingParamCheckFilter() { + return new NamingParamCheckFilter(); + } } diff --git a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java new file mode 100644 index 00000000000..37c81ca55bb --- /dev/null +++ b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingParamCheckFilter.java @@ -0,0 +1,67 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.web; + +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.sys.env.EnvUtil; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * Naming param check filter. + * + * @author zhuoguang + */ +public class NamingParamCheckFilter implements Filter { + + private static final String MODULE = "naming"; + + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) + throws IOException, ServletException { + boolean ifParamCheck = EnvUtil.getProperty("nacos.paramcheck", Boolean.class, true); + if (!ifParamCheck) { + filterChain.doFilter(servletRequest, servletResponse); + return; + } + HttpServletRequest request = (HttpServletRequest) servletRequest; + HttpServletResponse resp = (HttpServletResponse) servletResponse; + try { + String uri = request.getRequestURI(); + String method = request.getMethod(); + HttpParamExtractorManager extractorManager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor paramExtractor = extractorManager.getExtractor(uri, method, MODULE); + paramExtractor.extractParamAndCheck(request); + filterChain.doFilter(request, resp); + } catch (Exception e) { + resp.setStatus(400); + PrintWriter writer = resp.getWriter(); + writer.print(e.getMessage()); + writer.flush(); + } + + } +} diff --git a/naming/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor b/naming/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor new file mode 100644 index 00000000000..08f0a470428 --- /dev/null +++ b/naming/src/main/resources/META-INF/services/com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor @@ -0,0 +1,20 @@ +# +# Copyright 1999-2023 Alibaba Group Holding Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +com.alibaba.nacos.naming.paramcheck.NamingDefaultHttpParamExtractor +com.alibaba.nacos.naming.paramcheck.NamingInstanceBeatHttpParamExtractor +com.alibaba.nacos.naming.paramcheck.NamingInstanceListHttpParamExtractor +com.alibaba.nacos.naming.paramcheck.NamingInstanceMetadataBatchHttpParamExtractor \ No newline at end of file diff --git a/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractorTest.java b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractorTest.java new file mode 100644 index 00000000000..23f07c7b8c6 --- /dev/null +++ b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingDefaultHttpParamExtractorTest.java @@ -0,0 +1,43 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Naming default http param extractor test. + * + * @author zhuoguang + */ +public class NamingDefaultHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos/v1/ns/instance/lalala"); + request.setMethod(HttpMethod.DELETE); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "naming"); + assertEquals(NamingDefaultHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractorTest.java b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractorTest.java new file mode 100644 index 00000000000..247a50b4206 --- /dev/null +++ b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceBeatHttpParamExtractorTest.java @@ -0,0 +1,45 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Naming instance beat http param extractor test. + * + * @author zhuoguang + */ +public class NamingInstanceBeatHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos" + UtilsAndCommons.DEFAULT_NACOS_NAMING_CONTEXT_V2 + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + + "/beat"); + request.setMethod(HttpMethod.PUT); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "naming"); + assertEquals(NamingInstanceBeatHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractorTest.java b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractorTest.java new file mode 100644 index 00000000000..5befac1e893 --- /dev/null +++ b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceListHttpParamExtractorTest.java @@ -0,0 +1,44 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Naming instance list http param extractor test. + * + * @author zhuoguang + */ +public class NamingInstanceListHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos" + UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/list"); + request.setMethod(HttpMethod.GET); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "naming"); + assertEquals(NamingInstanceListHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractorTest.java b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractorTest.java new file mode 100644 index 00000000000..308806a45bd --- /dev/null +++ b/naming/src/test/java/com/alibaba/nacos/naming/paramcheck/NamingInstanceMetadataBatchHttpParamExtractorTest.java @@ -0,0 +1,44 @@ +/* + * Copyright 1999-2023 Alibaba Group Holding Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.alibaba.nacos.naming.paramcheck; + +import com.alibaba.nacos.common.utils.HttpMethod; +import com.alibaba.nacos.core.paramcheck.AbstractHttpParamExtractor; +import com.alibaba.nacos.core.paramcheck.HttpParamExtractorManager; +import com.alibaba.nacos.naming.misc.UtilsAndCommons; +import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; + +import static org.junit.Assert.assertEquals; + +/** + * The type Naming instance metadata batch http param extractor test. + * + * @author zhuoguang + */ +public class NamingInstanceMetadataBatchHttpParamExtractorTest { + + @Test + public void extractParamAndCheck() { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRequestURI("/nacos" + UtilsAndCommons.NACOS_NAMING_CONTEXT + UtilsAndCommons.NACOS_NAMING_INSTANCE_CONTEXT + "/metadata/batch"); + request.setMethod(HttpMethod.PUT); + HttpParamExtractorManager manager = HttpParamExtractorManager.getInstance(); + AbstractHttpParamExtractor extractor = manager.getExtractor(request.getRequestURI(), request.getMethod(), "naming"); + assertEquals(NamingInstanceMetadataBatchHttpParamExtractor.class.getSimpleName(), extractor.getClass().getSimpleName()); + } +} \ No newline at end of file diff --git a/test/naming-test/src/test/java/com/alibaba/nacos/test/naming/AbstractInstanceOperate_ITCase.java b/test/naming-test/src/test/java/com/alibaba/nacos/test/naming/AbstractInstanceOperate_ITCase.java index 1a539c68116..bf5f848120e 100644 --- a/test/naming-test/src/test/java/com/alibaba/nacos/test/naming/AbstractInstanceOperate_ITCase.java +++ b/test/naming-test/src/test/java/com/alibaba/nacos/test/naming/AbstractInstanceOperate_ITCase.java @@ -376,7 +376,7 @@ public void registerEphemeralInstanceWithInvalidClusterName() throws Exception { public void registerPersistentInstanceWithInvalidClusterName() throws Exception { expectedException.expect(NacosException.class); expectedException.expectMessage( - "Instance 'clusterName' should be characters with only 0-9a-zA-Z-. (current: cluster1,cluster2)"); + "Param 'cluster' is illegal, Chinese characters and ',' should not appear in the param"); String serviceName = NamingBase.randomDomainName(); Instance instance = new Instance();