diff --git a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/common/http/Scheme.java b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/common/http/Scheme.java index 04557271c26ce..15afb8885b572 100644 --- a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/common/http/Scheme.java +++ b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/common/http/Scheme.java @@ -6,6 +6,7 @@ package org.elasticsearch.xpack.watcher.common.http; import java.util.Locale; +import java.util.Objects; public enum Scheme { @@ -29,6 +30,7 @@ public int defaultPort() { } public static Scheme parse(String value) { + Objects.requireNonNull(value, "Scheme should not be Null"); value = value.toLowerCase(Locale.ROOT); switch (value) { case "http": diff --git a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccount.java b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccount.java index b539d007eeef8..d59f7e6f645f0 100644 --- a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccount.java +++ b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccount.java @@ -61,6 +61,9 @@ public JiraAccount(String name, Settings settings, HttpClient httpClient) { String url = getSetting(name, settings, SECURE_URL_SETTING); try { URI uri = new URI(url); + if (uri.getScheme() == null) { + throw new URISyntaxException("null", "No scheme defined in url"); + } Scheme protocol = Scheme.parse(uri.getScheme()); if ((protocol == Scheme.HTTP) && (Booleans.isTrue(settings.get(ALLOW_HTTP_SETTING)) == false)) { throw new SettingsException("invalid jira [" + name + "] account settings. unsecure scheme [" + protocol + "]"); @@ -68,7 +71,7 @@ public JiraAccount(String name, Settings settings, HttpClient httpClient) { this.url = uri; } catch (URISyntaxException | IllegalArgumentException e) { throw new SettingsException( - "invalid jira [" + name + "] account settings. invalid [" + SECURE_URL_SETTING.getKey() + "] setting", e); + "invalid jira [" + name + "] account settings. invalid [" + SECURE_URL_SETTING.getKey() + "] setting", e); } this.user = getSetting(name, settings, SECURE_USER_SETTING); this.password = getSetting(name, settings, SECURE_PASSWORD_SETTING); diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccountTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccountTests.java index 997a6aa6a8dc3..1b911172dc108 100644 --- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccountTests.java +++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/jira/JiraAccountTests.java @@ -80,6 +80,16 @@ public void testJiraAccountSettings() { assertThat(e.getMessage(), containsString("invalid jira [test] account settings. missing required [secure_password] setting")); } + public void testInvalidSchemeUrl() throws Exception{ + MockSecureSettings secureSettings = new MockSecureSettings(); + secureSettings.setString(JiraAccount.SECURE_URL_SETTING.getKey(),"test"); //Setting test as invalid scheme url + secureSettings.setString(JiraAccount.SECURE_USER_SETTING.getKey(), "foo"); + secureSettings.setString(JiraAccount.SECURE_PASSWORD_SETTING.getKey(), "password"); + Settings settings = Settings.builder().setSecureSettings(secureSettings).build(); + SettingsException e = expectThrows(SettingsException.class, () -> new JiraAccount("test", settings, null)); + assertThat(e.getMessage(), containsString("invalid jira [test] account settings. invalid [secure_url] setting")); + } + public void testUnsecureAccountUrl() throws Exception { final MockSecureSettings secureSettings = new MockSecureSettings(); secureSettings.setString(JiraAccount.SECURE_USER_SETTING.getKey(), "foo");