From 9735311b064dab206e2e87e0d119d96fa9cbc236 Mon Sep 17 00:00:00 2001 From: Ginny Guan <55377716+jinlinGuan@users.noreply.github.com> Date: Thu, 26 May 2022 01:18:02 +0800 Subject: [PATCH] refactor(data): Use deepCopy of messageBusInfo to avoid external adds (#4038) close #4021 Signed-off-by: Ginny Guan --- internal/core/data/messaging/messaging.go | 28 ++++++++++++++++--- .../core/data/messaging/messaging_test.go | 9 +++--- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/internal/core/data/messaging/messaging.go b/internal/core/data/messaging/messaging.go index 5d5026453b..bdf07500d1 100644 --- a/internal/core/data/messaging/messaging.go +++ b/internal/core/data/messaging/messaging.go @@ -25,6 +25,7 @@ import ( bootstrapContainer "github.com/edgexfoundry/go-mod-bootstrap/v2/bootstrap/container" bootstrapMessaging "github.com/edgexfoundry/go-mod-bootstrap/v2/bootstrap/messaging" "github.com/edgexfoundry/go-mod-bootstrap/v2/bootstrap/startup" + bootstrapConfig "github.com/edgexfoundry/go-mod-bootstrap/v2/config" "github.com/edgexfoundry/go-mod-bootstrap/v2/di" "github.com/edgexfoundry/edgex-go/internal/core/data/container" @@ -34,7 +35,9 @@ import ( // and adds it to the DIC func BootstrapHandler(ctx context.Context, wg *sync.WaitGroup, startupTimer startup.Timer, dic *di.Container) bool { lc := bootstrapContainer.LoggingClientFrom(dic.Get) - messageBusInfo := container.ConfigurationFrom(dic.Get).MessageQueue + + // Make sure the MessageBus password is not leaked into the Service Config that can be retrieved via the /config endpoint + messageBusInfo := deepCopy(container.ConfigurationFrom(dic.Get).MessageQueue) messageBusInfo.AuthMode = strings.ToLower(strings.TrimSpace(messageBusInfo.AuthMode)) if len(messageBusInfo.AuthMode) > 0 && messageBusInfo.AuthMode != bootstrapMessaging.AuthModeNone { @@ -102,9 +105,6 @@ func BootstrapHandler(ctx context.Context, wg *sync.WaitGroup, startupTimer star messageBusInfo.PublishTopicPrefix, messageBusInfo.AuthMode) - // Make sure the MessageBus password is not leaked into the Service Config that can be retrieved via the /config endpoint - delete(messageBusInfo.Optional, bootstrapMessaging.OptionsPasswordKey) - return true } } @@ -112,3 +112,23 @@ func BootstrapHandler(ctx context.Context, wg *sync.WaitGroup, startupTimer star lc.Error("Connecting to MessageBus time out") return false } + +func deepCopy(target bootstrapConfig.MessageBusInfo) bootstrapConfig.MessageBusInfo { + result := bootstrapConfig.MessageBusInfo{ + Type: target.Type, + Protocol: target.Protocol, + Host: target.Host, + Port: target.Port, + PublishTopicPrefix: target.PublishTopicPrefix, + SubscribeTopic: target.SubscribeTopic, + AuthMode: target.AuthMode, + SecretName: target.SecretName, + SubscribeEnabled: target.SubscribeEnabled, + } + result.Optional = make(map[string]string) + for key, value := range target.Optional { + result.Optional[key] = value + } + + return result +} diff --git a/internal/core/data/messaging/messaging_test.go b/internal/core/data/messaging/messaging_test.go index 2e5e584642..557adcb099 100644 --- a/internal/core/data/messaging/messaging_test.go +++ b/internal/core/data/messaging/messaging_test.go @@ -42,10 +42,10 @@ func TestMain(m *testing.M) { func TestBootstrapHandler(t *testing.T) { validCreateClient := config.ConfigurationStruct{ MessageQueue: bootstrapConfig.MessageBusInfo{ - Type: messaging.ZeroMQ, // Use ZMQ so no issue connecting. - Protocol: "http", - Host: "*", - Port: 8765, + Type: messaging.Redis, + Protocol: "redis", + Host: "localhost", + Port: 6379, PublishTopicPrefix: "edgex/events/#", AuthMode: messaging2.AuthModeUsernamePassword, SecretName: "redisdb", @@ -99,6 +99,7 @@ func TestBootstrapHandler(t *testing.T) { actual := BootstrapHandler(context.Background(), &sync.WaitGroup{}, startup.NewTimer(1, 1), dic) assert.Equal(t, test.ExpectedResult, actual) + assert.Empty(t, test.Config.MessageQueue.Optional) if test.ExpectClient { assert.NotNil(t, bootstrapContainer.MessagingClientFrom(dic.Get)) } else {