Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add configurations for allowed protocols for HTTP and HDFS inputSources/firehoses #10830

Merged
merged 16 commits into from
Mar 6, 2021
Merged

Add configurations for allowed protocols for HTTP and HDFS inputSources/firehoses #10830

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
25d8de0
Allow only HTTP and HTTPS protocols for the HTTP inputSource
jihoonson Feb 2, 2021
87a586a
rename
jihoonson Feb 2, 2021
e4e0ced
Update core/src/main/java/org/apache/druid/data/input/impl/HttpInputS…
jihoonson Feb 2, 2021
6039aff
fix http firehose and update doc
jihoonson Feb 2, 2021
9b39737
HDFS inputSource
jihoonson Feb 3, 2021
b6783f6
Merge branch 'http-schemes' of github.com:jihoonson/druid into http-s…
jihoonson Feb 3, 2021
661e6f7
add configs for allowed protocols
jihoonson Feb 5, 2021
f3d0485
fix checkstyle and doc
jihoonson Feb 6, 2021
a79f431
more checkstyle
jihoonson Feb 6, 2021
ced2129
Merge branch 'master' of github.com:apache/druid into http-schemes
jihoonson Feb 12, 2021
d4b6cbd
remove stale doc
jihoonson Feb 12, 2021
f70f1ca
remove more doc
jihoonson Feb 12, 2021
11ca3de
Apply doc suggestions from code review
jihoonson Feb 12, 2021
fc59ee2
Merge branch 'http-schemes' of github.com:jihoonson/druid into http-s…
jihoonson Feb 12, 2021
fe1b474
update hdfs address in docs
jihoonson Mar 3, 2021
c270ed6
fix test
jihoonson Mar 4, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions core/src/main/java/org/apache/druid/data/input/impl/HttpInputSource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ public HttpInputSource(
)
{
Preconditions.checkArgument(uris != null && !uris.isEmpty(), "Empty URIs");
throwIfInvalidProtocols(uris);
uris.forEach(uri -> Preconditions.checkArgument(
config.isURIAllowed(uri),
StringUtils.format("Access to [%s] DENIED!", uri)
Expand All @@ -69,6 +70,13 @@ public HttpInputSource(
this.config = config;
}

private static void throwIfInvalidProtocols(List<URI> uris)
{
if (uris.stream().anyMatch(uri -> !"http".equalsIgnoreCase(uri.getScheme()) && !"https".equalsIgnoreCase(uri.getScheme()))) {
throw new IllegalArgumentException("Only HTTP or HTTPS are allowed");
}
}

@JsonProperty
public List<URI> getUris()
{
Expand Down
32 changes: 32 additions & 0 deletions core/src/test/java/org/apache/druid/data/input/impl/HttpInputSourceTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,19 @@
import org.apache.druid.data.input.InputSource;
import org.apache.druid.metadata.DefaultPasswordProvider;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

import java.io.IOException;
import java.net.URI;
import java.util.Collections;

public class HttpInputSourceTest
{
@Rule
public ExpectedException expectedException = ExpectedException.none();

@Test
public void testSerde() throws IOException
{
Expand Down Expand Up @@ -78,6 +83,33 @@ public void testDenyListDomainNoMatch()
);
}

@Test
public void testConstructorAllowsOnlyHttpAndHttpsProtocols()
{
new HttpInputSource(
ImmutableList.of(URI.create("http:///")),
"myName",
new DefaultPasswordProvider("myPassword"),
new HttpInputSourceConfig(null, null)
);

new HttpInputSource(
ImmutableList.of(URI.create("https:///")),
"myName",
new DefaultPasswordProvider("myPassword"),
new HttpInputSourceConfig(null, null)
);

expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Only HTTP or HTTPS are allowed");
new HttpInputSource(
ImmutableList.of(URI.create("my-protocol:///")),
"myName",
new DefaultPasswordProvider("myPassword"),
new HttpInputSourceConfig(null, null)
);
}

@Test(expected = IllegalArgumentException.class)
public void testAllowListDomainThrowsException()
{
Expand Down