GitHub-Spring
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish `SanitizingFunction` 

See gh-39243
pull/44240/head
Phillip Webb 1 year ago
parent
3eee1f1ad0
commit
28495d7d13
2 changed files with 30 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 22
      spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/SanitizingFunction.java
  2. 17
      spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizingFunctionTests.java

22
spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/SanitizingFunction.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2012-2021 the original author or authors.
* Copyright 2012-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -80,7 +80,7 @@ public interface SanitizingFunction { @@ -80,7 +80,7 @@ public interface SanitizingFunction {
* @see #sanitizeValue()
*/
default SanitizingFunction ifLikelySenstive() {
return ifLikelyCredential().ifLikelyUri().ifLikelySenstiveEnvironmentVariable().ifVcapServices();
return ifLikelyCredential().ifLikelyUri().ifLikelySenstiveProperty().ifVcapServices();
}
/**
@ -113,7 +113,7 @@ public interface SanitizingFunction { @@ -113,7 +113,7 @@ public interface SanitizingFunction {
/**
* Return a new function with a filter that <em>also</em> applies if the data is
* likely to sensitive environment variable value. This method can help construct a
* likely to contain a sensitive property value. This method can help construct a
* useful sanitizing function, but may not catch all sensitive data so care should be
* taken to test the results for your specific environment.
* @return a new sanitizing function with an updated {@link #filter()}
@ -121,7 +121,7 @@ public interface SanitizingFunction { @@ -121,7 +121,7 @@ public interface SanitizingFunction {
* @see #filter()
* @see #sanitizeValue()
*/
default SanitizingFunction ifLikelySenstiveEnvironmentVariable() {
default SanitizingFunction ifLikelySenstiveProperty() {
return ifKeyMatches("sun.java.command", "^spring[._]application[._]json$");
}
@ -431,4 +431,18 @@ public interface SanitizingFunction { @@ -431,4 +431,18 @@ public interface SanitizingFunction {
return SanitizableData::withSanitizedValue;
}
/**
* Helper method that can be used working with a sanitizingFunction as a lambda. For
* example: <pre class="code">
* SanitizingFunction.of((data) -> data.withValue("----")).ifKeyContains("password");
* </pre>
* @param sanitizingFunction the sanitizing function lambda
* @return a {@link SanitizingFunction} for further method calls
* @since 3.5.0
*/
static SanitizingFunction of(SanitizingFunction sanitizingFunction) {
Assert.notNull(sanitizingFunction, "'sanitizingFunction' must not be null");
return sanitizingFunction;
}
}

17
spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizingFunctionTests.java
Unescape View File

@ -60,7 +60,7 @@ class SanitizingFunctionTests { @@ -60,7 +60,7 @@ class SanitizingFunctionTests {
void ifLikelySenstiveFiltersExpected() {
SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstive();
assertThat(function).satisfies(this::likelyCredentialChecks, this::likelyUriChecks,
this::likelySenstiveEnvironmentVariableChecks, this::vcapServicesChecks);
this::likelySenstivePropertyChecks, this::vcapServicesChecks);
}
@Test
@ -101,12 +101,12 @@ class SanitizingFunctionTests { @@ -101,12 +101,12 @@ class SanitizingFunctionTests {
}
@Test
void ifLikelySenstiveEnvironmentVariableFiltersExpected() {
SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstiveEnvironmentVariable();
assertThat(function).satisfies(this::likelySenstiveEnvironmentVariableChecks);
void ifLikelySenstivePropertyFiltersExpected() {
SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstiveProperty();
assertThat(function).satisfies(this::likelySenstivePropertyChecks);
}
private void likelySenstiveEnvironmentVariableChecks(SanitizingFunction function) {
private void likelySenstivePropertyChecks(SanitizingFunction function) {
assertThatApplyingToKey(function, "sun.java.command").has(sanitizedValue());
assertThatApplyingToKey(function, "spring.application.json").has(sanitizedValue());
assertThatApplyingToKey(function, "SPRING_APPLICATION_JSON").has(sanitizedValue());
@ -305,6 +305,13 @@ class SanitizingFunctionTests { @@ -305,6 +305,13 @@ class SanitizingFunctionTests {
assertThatApplying(function, data("spring", null)).is(unsanitizedValue());
}
@Test
void ofAllowsChainingFromLambda() {
SanitizingFunction function = SanitizingFunction.of((data) -> data.withValue("----")).ifKeyContains("password");
assertThat(function.applyUnlessFiltered(data("username", "spring")).getValue()).isEqualTo("spring");
assertThat(function.applyUnlessFiltered(data("password", "boot")).getValue()).isEqualTo("----");
}
private ObjectAssert<SanitizableData> assertThatApplyingToKey(SanitizingFunction function, String key) {
return assertThatApplying(function, data(key));
}

Write Preview
Loading…
Cancel
Save