Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Feature] [JDBC-Engine] Optimize JDBC parameter acquisition logic. (#…
- Loading branch information
Showing
3 changed files
with
209 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
119 changes: 119 additions & 0 deletions
119
.../jdbc/src/main/java/org/apache/linkis/manager/engineplugin/jdbc/utils/JdbcParamUtils.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
/* | ||
* Licensed to the Apache Software Foundation (ASF) under one or more | ||
* contributor license agreements. See the NOTICE file distributed with | ||
* this work for additional information regarding copyright ownership. | ||
* The ASF licenses this file to You under the Apache License, Version 2.0 | ||
* (the "License"); you may not use this file except in compliance with | ||
* the License. You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.apache.linkis.manager.engineplugin.jdbc.utils; | ||
|
||
import org.apache.linkis.manager.engineplugin.jdbc.JDBCPropertiesParser; | ||
import org.apache.linkis.manager.engineplugin.jdbc.constant.JDBCEngineConnConstant; | ||
import org.apache.linkis.manager.engineplugin.jdbc.exception.JDBCParamsIllegalException; | ||
|
||
import org.apache.commons.lang3.StringUtils; | ||
|
||
import java.util.Map; | ||
|
||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
public class JdbcParamUtils { | ||
private static final Logger LOG = LoggerFactory.getLogger(JdbcParamUtils.class); | ||
private static final String JDBC_MATCH_REGEX = "jdbc:\\w+://\\S+:[0-9]{2,6}(/\\S*)?"; | ||
private static final String JDBC_H2_PROTOCOL = "jdbc:h2"; | ||
|
||
private static final String JDBC_MYSQL_PROTOCOL = "jdbc:mysql"; | ||
|
||
private static final String SENSITIVE_PARAM = "autoDeserialize=true"; | ||
private static final String AUTO_DESERIALIZE = "autoDeserialize"; | ||
|
||
private static final String APPEND_PARAMS = | ||
"allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false"; | ||
|
||
private static final char AND_SYMBOL = '&'; | ||
|
||
private static final String QUOTATION_MARKS = "\""; | ||
|
||
private static final char QUESTION_MARK = '?'; | ||
|
||
public static String clearJdbcUrl(String url) { | ||
if (url.startsWith(QUOTATION_MARKS) && url.endsWith(QUOTATION_MARKS)) { | ||
url = url.trim(); | ||
return url.substring(1, url.length() - 1); | ||
} | ||
return url; | ||
} | ||
|
||
public static void validateJdbcUrl(String url) { | ||
if (!url.matches(JDBC_MATCH_REGEX) && !url.startsWith(JDBC_H2_PROTOCOL)) { | ||
throw new IllegalArgumentException("JDBC url format error!" + url); | ||
} | ||
} | ||
|
||
public static String filterJdbcUrl(String url) { | ||
// temporarily filter only mysql jdbc url. | ||
if (!url.startsWith(JDBC_MYSQL_PROTOCOL)) { | ||
return url; | ||
} | ||
if (url.contains(SENSITIVE_PARAM)) { | ||
int index = url.indexOf(SENSITIVE_PARAM); | ||
String tmp = SENSITIVE_PARAM; | ||
if (url.charAt(index - 1) == AND_SYMBOL) { | ||
tmp = AND_SYMBOL + tmp; | ||
} else if (url.charAt(index + 1) == AND_SYMBOL) { | ||
tmp = tmp + AND_SYMBOL; | ||
} | ||
LOG.warn("Sensitive param: {} in jdbc url is filtered.", tmp); | ||
url = url.replace(tmp, ""); | ||
} | ||
if (url.endsWith(String.valueOf(QUESTION_MARK))) { | ||
url = url + APPEND_PARAMS; | ||
} else if (url.lastIndexOf(QUESTION_MARK) < 0) { | ||
url = url + QUESTION_MARK + APPEND_PARAMS; | ||
} else { | ||
url = url + AND_SYMBOL + APPEND_PARAMS; | ||
} | ||
LOG.info("The filtered jdbc url is: {}", url); | ||
return url; | ||
} | ||
|
||
public static String getJdbcUsername(Map<String, String> properties) | ||
throws JDBCParamsIllegalException { | ||
String username = | ||
JDBCPropertiesParser.getString(properties, JDBCEngineConnConstant.JDBC_USERNAME, ""); | ||
if (StringUtils.isBlank(username)) { | ||
throw new JDBCParamsIllegalException("The jdbc username is not empty."); | ||
} | ||
if (username.contains(AUTO_DESERIALIZE)) { | ||
LOG.warn("Sensitive param : {} in username field is filtered.", AUTO_DESERIALIZE); | ||
username = username.replace(AUTO_DESERIALIZE, ""); | ||
} | ||
LOG.info("The jdbc username is: {}", username); | ||
return username; | ||
} | ||
|
||
public static String getJdbcPassword(Map<String, String> properties) | ||
throws JDBCParamsIllegalException { | ||
String password = | ||
JDBCPropertiesParser.getString(properties, JDBCEngineConnConstant.JDBC_PASSWORD, ""); | ||
if (StringUtils.isBlank(password)) { | ||
throw new JDBCParamsIllegalException("The jdbc password is not empty."); | ||
} | ||
if (password.contains(AUTO_DESERIALIZE)) { | ||
LOG.warn("Sensitive param : {} in password field is filtered", AUTO_DESERIALIZE); | ||
password = password.replace(AUTO_DESERIALIZE, ""); | ||
} | ||
return password; | ||
} | ||
} |
82 changes: 82 additions & 0 deletions
82
...c/src/test/java/org/apache/linkis/manager/engineplugin/jdbc/utils/JdbcParamUtilsTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
/* | ||
* Licensed to the Apache Software Foundation (ASF) under one or more | ||
* contributor license agreements. See the NOTICE file distributed with | ||
* this work for additional information regarding copyright ownership. | ||
* The ASF licenses this file to You under the Apache License, Version 2.0 | ||
* (the "License"); you may not use this file except in compliance with | ||
* the License. You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.apache.linkis.manager.engineplugin.jdbc.utils; | ||
|
||
import org.apache.linkis.manager.engineplugin.jdbc.constant.JDBCEngineConnConstant; | ||
import org.apache.linkis.manager.engineplugin.jdbc.exception.JDBCParamsIllegalException; | ||
|
||
import java.util.HashMap; | ||
import java.util.Map; | ||
|
||
import org.junit.jupiter.api.Assertions; | ||
import org.junit.jupiter.api.DisplayName; | ||
import org.junit.jupiter.api.Test; | ||
|
||
public class JdbcParamUtilsTest { | ||
@Test | ||
@DisplayName("testFilterJdbcUrl") | ||
public void testFilterJdbcUrl() { | ||
String url = "jdbc:mysql://localhost:3306/db_name"; | ||
url = JdbcParamUtils.filterJdbcUrl(url); | ||
Assertions.assertEquals( | ||
"jdbc:mysql://localhost:3306/db_name?allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false", | ||
url); | ||
|
||
url = "jdbc:mysql://localhost:3306/db_name?p1=v1"; | ||
url = JdbcParamUtils.filterJdbcUrl(url); | ||
Assertions.assertEquals( | ||
"jdbc:mysql://localhost:3306/db_name?p1=v1&allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false", | ||
url); | ||
|
||
url = "jdbc:mysql://localhost:3306/db_name?autoDeserialize=true"; | ||
url = JdbcParamUtils.filterJdbcUrl(url); | ||
Assertions.assertEquals( | ||
"jdbc:mysql://localhost:3306/db_name?allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false", | ||
url); | ||
|
||
url = "jdbc:mysql://localhost:3306/db_name?p1=v1&autoDeserialize=true"; | ||
url = JdbcParamUtils.filterJdbcUrl(url); | ||
Assertions.assertEquals( | ||
"jdbc:mysql://localhost:3306/db_name?p1=v1&allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false", | ||
url); | ||
|
||
url = "jdbc:mysql://localhost:3306/db_name?p1=v1&autoDeserialize=true&p2=v2"; | ||
url = JdbcParamUtils.filterJdbcUrl(url); | ||
Assertions.assertEquals( | ||
"jdbc:mysql://localhost:3306/db_name?p1=v1&p2=v2&allowLoadLocalInfile=false&autoDeserialize=false&allowLocalInfile=false&allowUrlInLocalInfile=false", | ||
url); | ||
} | ||
|
||
@Test | ||
@DisplayName("testGetJdbcUsername") | ||
public void testGetJdbcUsername() throws JDBCParamsIllegalException { | ||
Map<String, String> properties = new HashMap<>(); | ||
properties.put(JDBCEngineConnConstant.JDBC_USERNAME, "test123?autoDeserialize=true"); | ||
String username = JdbcParamUtils.getJdbcUsername(properties); | ||
Assertions.assertEquals("test123?=true", username); | ||
} | ||
|
||
@Test | ||
@DisplayName("testGetJdbcPassword") | ||
public void testGetJdbcPassword() throws JDBCParamsIllegalException { | ||
Map<String, String> properties = new HashMap<>(); | ||
properties.put(JDBCEngineConnConstant.JDBC_USERNAME, "test_pwd?autoDeserialize=true"); | ||
String password = JdbcParamUtils.getJdbcUsername(properties); | ||
Assertions.assertEquals("test_pwd?=true", password); | ||
} | ||
} |