Fix silent resource leaks in SAML validator and IndexResource #27091

[aniruddhaadak80]

Fixes #27091 by wrapping FileInputStream, InputStream, BufferedReader, and HttpURLConnection inside try-with-resources / finally blocks so that they successfully close. Resolves the silent file descriptor and TCP socket leaks within SamlSettingsHolder, SamlValidator, and IndexResource.

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[Copilot]

Pull request overview

This PR aims to fix silent resource leaks in the backend (SAML settings/validator and IndexResource) by ensuring streams and HTTP connections are properly closed, but it also includes several unrelated changes (JDBI DAO signature changes, tag merge behavior changes, UI styling tweaks, and an MCP “create_domain” tool addition).

Changes:

• Close keystore FileInputStream in SamlSettingsHolder and refactor IndexResource to use try-with-resources for index.html.
• Refactor SamlValidator to disconnect HttpURLConnection and close response streams (currently introduces compilation-breaking brace/method corruption).
• Additional unrelated updates: JDBI DAO method signatures/bindings, DataModel tag merge behavior, and a new MCP create_domain tool (currently introduces invalid Java source markers).

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
openmetadata-ui/src/main/resources/ui/src/components/Entity/EntityLineage/CanvasButtonPopover.component.tsx	Adds inline styles for the popover button wrapper and minor formatting changes.
openmetadata-service/src/main/java/org/openmetadata/service/security/saml/SamlSettingsHolder.java	Wraps keystore FileInputStream in try-with-resources to prevent FD leaks.
openmetadata-service/src/main/java/org/openmetadata/service/security/auth/validator/SamlValidator.java	Attempts to ensure HttpURLConnection is disconnected and streams are closed, but the current diff breaks method structure/braces.
openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java	Uses try-with-resources for reading /assets/index.html, but lacks null handling and safe fallback behavior.
openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/TestCaseRepository.java	Refactors deletion logic, but the current diff introduces missing braces / invalid Java structure.
openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/TableRepository.java	Changes tag-merge behavior for Data Models by removing certain automated tags not present in incoming tags.
openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java	Adds @BindMap params to user listing queries, passing filter.getQueryParams() through.
openmetadata-mcp/src/main/resources/json/data/mcp/tools.json	Formats schema entries and adds the create_domain tool definition.
openmetadata-mcp/src/main/java/org/openmetadata/mcp/tools/DefaultToolContext.java	Adds dispatch for the new create_domain MCP tool.
openmetadata-mcp/src/main/java/org/openmetadata/mcp/tools/CreateDomainTool.java	Introduces the new MCP tool implementation, but contains invalid Java source markers and mismatched domainType messaging vs schema.

Comments suppressed due to low confidence (1)

openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java:31

• This try-with-resources can still throw and leave indexHtml null: getResourceAsStream(...) may return null, which will cause an NPE in new InputStreamReader(inputStream). The catch block only logs, so indexHtml remains null and initialize() will then throw on this.indexHtml.replace(...). Please add an explicit null check for the resource and fail fast (or set a safe fallback value for indexHtml) so the server doesn’t start in a broken state.

  public IndexResource() {
    try (InputStream inputStream = getClass().getResourceAsStream("/assets/index.html");
         BufferedReader br = new BufferedReader(new InputStreamReader(inputStream))) {
      indexHtml = br.lines().collect(Collectors.joining("\n"));
    } catch (Exception e) {
      LOG.error("Failed to load index.html", e);
    }
  }

  public void initialize(OpenMetadataApplicationConfig config) {
    this.indexHtml = this.indexHtml.replace("${basePath}", config.getBasePath());
  }

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[gitar-bot]

⚠️ Quality: Test swallows NPE, making assertDoesNotThrow meaningless

The testIndexResourceInitialization test wraps the call in assertDoesNotThrow but then catches NullPointerException internally. This means the test can never fail — the assertDoesNotThrow lambda never throws because the NPE is silently swallowed. The test gives false confidence that initialization works correctly.

If the intent is to verify that initialize doesn't throw exceptions other than NPE due to a missing resource, the NPE catch defeats the purpose of assertDoesNotThrow. If NPE is the expected outcome when the resource is missing, consider asserting that explicitly.

Suggested fix:

@Test
void testIndexResourceInitialization() {
  IndexResource resource = new IndexResource();
  OpenMetadataApplicationConfig config = new OpenMetadataApplicationConfig();
  config.setBasePath("/test-base-path");

  // NPE is expected when index.html resource is absent
  assertThrows(NullPointerException.class,
      () -> resource.initialize(config));
}

_{Was this helpful? React with 👍 / 👎 | Reply gitar fix to apply this suggestion}

[gitar-bot]

💡 Quality: testGetIndexFile asserts no behavior beyond not throwing

testGetIndexFile only checks that getIndexFile doesn't throw. It doesn't verify the returned value (e.g., that it's null when the resource is missing, or contains expected content when present). A test that asserts no observable behavior has limited value.

Suggested fix:

@Test
void testGetIndexFile() {
  String result = IndexResource.getIndexFile("/static-base");
  // Resource not on classpath in unit test context
  assertNull(result);
}

_{Was this helpful? React with 👍 / 👎 | Reply gitar fix to apply this suggestion}

[gitar-bot]

Code Review ⚠️ Changes requested 3 resolved / 5 findings

Fixes resource leaks in SAML validator and IndexResource, including NPE handling and error stream cleanup, but the test suite has gaps: testIndexResourceInitialization swallows NPE with assertDoesNotThrow, and testGetIndexFile only verifies non-throwing behavior without validating actual functionality.

⚠️ Quality: Test swallows NPE, making assertDoesNotThrow meaningless

📄 openmetadata-service/src/test/java/org/openmetadata/service/resources/system/IndexResourceTest.java:10-23

The testIndexResourceInitialization test wraps the call in assertDoesNotThrow but then catches NullPointerException internally. This means the test can never fail — the assertDoesNotThrow lambda never throws because the NPE is silently swallowed. The test gives false confidence that initialization works correctly.

If the intent is to verify that initialize doesn't throw exceptions other than NPE due to a missing resource, the NPE catch defeats the purpose of assertDoesNotThrow. If NPE is the expected outcome when the resource is missing, consider asserting that explicitly.

Suggested fix

@Test
void testIndexResourceInitialization() {
  IndexResource resource = new IndexResource();
  OpenMetadataApplicationConfig config = new OpenMetadataApplicationConfig();
  config.setBasePath("/test-base-path");

  // NPE is expected when index.html resource is absent
  assertThrows(NullPointerException.class,
      () -> resource.initialize(config));
}

💡 Quality: testGetIndexFile asserts no behavior beyond not throwing

📄 openmetadata-service/src/test/java/org/openmetadata/service/resources/system/IndexResourceTest.java:25-30

testGetIndexFile only checks that getIndexFile doesn't throw. It doesn't verify the returned value (e.g., that it's null when the resource is missing, or contains expected content when present). A test that asserts no observable behavior has limited value.

Suggested fix

@Test
void testGetIndexFile() {
  String result = IndexResource.getIndexFile("/static-base");
  // Resource not on classpath in unit test context
  assertNull(result);
}

✅ 3 resolved

✅ Bug: CreateDomainTool.java has stray @" and "@ delimiters

📄 openmetadata-mcp/src/main/java/org/openmetadata/mcp/tools/CreateDomainTool.java:1 📄 openmetadata-mcp/src/main/java/org/openmetadata/mcp/tools/CreateDomainTool.java:128
The file starts with @" on line 1 and ends with "@ on line 128. These are PowerShell here-string delimiters and are not valid Java syntax. The file will fail to compile. It appears the file was generated or committed via a PowerShell script that accidentally included the here-string markers.

✅ Bug: IndexResource: NPE when getResourceAsStream returns null

📄 openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java:21-22 📄 openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java:30 📄 openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java:37-38
Both the constructor (line 21-22) and getIndexFile (line 37-38) pass the result of getResourceAsStream() directly to new InputStreamReader(inputStream) in the try-with-resources declaration. If the resource is not found, getResourceAsStream returns null, and new InputStreamReader(null) throws a NullPointerException. In the constructor, this leaves indexHtml as null, causing a subsequent NPE at line 30 (this.indexHtml.replace(...)) during initialize().

✅ Bug: readResponseSnippet: errorStream leak when non-null and used

📄 openmetadata-service/src/main/java/org/openmetadata/service/security/auth/validator/SamlValidator.java:392-393
In readResponseSnippet (line 392-393), when errorStream is non-null, inputStream is set to errorStream (the ternary picks errorStream). The conn.getInputStream() is never called, so inputStream holds the error stream reference. However, the try-with-resources will close both errorStream and inputStream — since they reference the same object, the stream is closed twice (harmless but wasteful). The real issue is the opposite case: when errorStream is null, the ternary calls conn.getInputStream() and assigns it to inputStream, which is correct. But errorStream (null) is also "closed" by try-with-resources, which is fine. So actually this pattern works but is confusing. More critically, if conn.getErrorStream() returns a valid stream, the conn.getInputStream() call in the ternary is not evaluated (short-circuit), which is correct. This is actually OK upon closer inspection — downgrading this concern.

🤖 Prompt for agents

Code Review: Fixes resource leaks in SAML validator and IndexResource, including NPE handling and error stream cleanup, but the test suite has gaps: `testIndexResourceInitialization` swallows NPE with `assertDoesNotThrow`, and `testGetIndexFile` only verifies non-throwing behavior without validating actual functionality.

1. ⚠️ Quality: Test swallows NPE, making assertDoesNotThrow meaningless
   Files: openmetadata-service/src/test/java/org/openmetadata/service/resources/system/IndexResourceTest.java:10-23

   The `testIndexResourceInitialization` test wraps the call in `assertDoesNotThrow` but then catches `NullPointerException` internally. This means the test can never fail — the `assertDoesNotThrow` lambda never throws because the NPE is silently swallowed. The test gives false confidence that initialization works correctly.
   
   If the intent is to verify that `initialize` doesn't throw exceptions *other than* NPE due to a missing resource, the NPE catch defeats the purpose of `assertDoesNotThrow`. If NPE is the expected outcome when the resource is missing, consider asserting that explicitly.

   Suggested fix:
   @Test
   void testIndexResourceInitialization() {
     IndexResource resource = new IndexResource();
     OpenMetadataApplicationConfig config = new OpenMetadataApplicationConfig();
     config.setBasePath("/test-base-path");
   
     // NPE is expected when index.html resource is absent
     assertThrows(NullPointerException.class,
         () -> resource.initialize(config));
   }

2. 💡 Quality: testGetIndexFile asserts no behavior beyond not throwing
   Files: openmetadata-service/src/test/java/org/openmetadata/service/resources/system/IndexResourceTest.java:25-30

   `testGetIndexFile` only checks that `getIndexFile` doesn't throw. It doesn't verify the returned value (e.g., that it's null when the resource is missing, or contains expected content when present). A test that asserts no observable behavior has limited value.

   Suggested fix:
   @Test
   void testGetIndexFile() {
     String result = IndexResource.getIndexFile("/static-base");
     // Resource not on classpath in unit test context
     assertNull(result);
   }

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[Copilot]

Pull request overview

This PR targets silent resource leaks in the backend service by ensuring streams and network connections are properly closed in SAML-related code and when serving index.html.

Changes:

• Wrap keystore FileInputStream usage in SamlSettingsHolder with try-with-resources.
• Add connection cleanup and stream closing logic in SamlValidator’s IdP connectivity validation path.
• Close index.html classpath streams in IndexResource and add a basic unit test file for initialization/static loading.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 7 comments.

File	Description
openmetadata-service/src/main/java/org/openmetadata/service/security/saml/SamlSettingsHolder.java	Ensures keystore file stream is closed via try-with-resources.
openmetadata-service/src/main/java/org/openmetadata/service/security/auth/validator/SamlValidator.java	Attempts to disconnect HttpURLConnection and close response streams to prevent socket leaks.
openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java	Uses try-with-resources for index.html reads; adds missing-resource logging and alters getIndexFile behavior.
openmetadata-service/src/test/java/org/openmetadata/service/resources/system/IndexResourceTest.java	Adds basic tests around IndexResource initialization and getIndexFile invocation.

Comments suppressed due to low confidence (1)

openmetadata-service/src/main/java/org/openmetadata/service/resources/system/IndexResource.java:36

• The constructor can return with indexHtml left null (e.g., missing resource), but initialize() unconditionally calls this.indexHtml.replace(...), which will throw NPE. Ensure indexHtml is always initialized to a non-null value (e.g., empty string) or fail fast with a clear exception, and make initialize()/getIndex() handle the missing-resource case consistently.

    try (InputStream inputStream = getClass().getResourceAsStream("/assets/index.html")) {
      if (inputStream == null) {
        LOG.error("index.html not found");
        return;
      }
      try (BufferedReader br = new BufferedReader(new InputStreamReader(inputStream))) {
        indexHtml = br.lines().collect(Collectors.joining("\n"));
      }
    } catch (Exception e) {
      LOG.error("Failed to load index.html", e);
    }
  }

  public void initialize(OpenMetadataApplicationConfig config) {
    this.indexHtml = this.indexHtml.replace("${basePath}", config.getBasePath());
  }