This is an automated email from the ASF dual-hosted git repository. mpapirkovskyy pushed a commit to branch branch-2.7 in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push: new c878c67 AMBARI-25434. No Validation error on UI for an 'Unauthorized' repo url. (#3143) c878c67 is described below commit c878c67129e7868ce8eb0d08e0393d72769a50c3 Author: Myroslav Papirkovskyi <mpapirkovs...@apache.org> AuthorDate: Fri Nov 29 16:37:14 2019 +0200 AMBARI-25434. No Validation error on UI for an 'Unauthorized' repo url. (#3143) * AMBARI-25434. No Validation error on UI for an 'Unauthorized' repo url. (mpapirkovskyy) * AMBARI-25434. No Validation error on UI for an 'Unauthorized' repo url. (mpapirkovskyy) --- .../controller/AmbariManagementControllerImpl.java | 23 ++++-- .../controller/internal/URLRedirectProvider.java | 94 ++++++++++++++++++++++ .../VersionDefinitionResourceProvider.java | 21 ++--- 3 files changed, 122 insertions(+), 16 deletions(-) diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java index 504a642..fc8c965 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java @@ -126,7 +126,7 @@ import org.apache.ambari.server.controller.internal.DeleteStatusMetaData; import org.apache.ambari.server.controller.internal.RequestOperationLevel; import org.apache.ambari.server.controller.internal.RequestResourceFilter; import org.apache.ambari.server.controller.internal.RequestStageContainer; -import org.apache.ambari.server.controller.internal.URLStreamProvider; +import org.apache.ambari.server.controller.internal.URLRedirectProvider; import org.apache.ambari.server.controller.internal.WidgetLayoutResourceProvider; import org.apache.ambari.server.controller.internal.WidgetResourceProvider; import org.apache.ambari.server.controller.logging.LoggingSearchPropertyProvider; @@ -241,10 +241,10 @@ import org.apache.ambari.server.utils.StageUtils; import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.MapUtils; -import org.apache.commons.io.IOUtils; import org.apache.commons.lang.BooleanUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.math.NumberUtils; +import org.apache.http.HttpStatus; import org.apache.http.client.utils.URIBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -4464,8 +4464,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle * @throws AmbariException if verification fails */ private void verifyRepository(RepositoryRequest request) throws AmbariException { - URLStreamProvider usp = new URLStreamProvider(REPO_URL_CONNECT_TIMEOUT, REPO_URL_READ_TIMEOUT, null, null, null); - usp.setSetupTruststoreForHttps(false); + URLRedirectProvider usp = new URLRedirectProvider(REPO_URL_CONNECT_TIMEOUT, REPO_URL_READ_TIMEOUT); String repoName = request.getRepoName(); if (StringUtils.isEmpty(repoName)) { @@ -4504,7 +4503,13 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle }else{ try { - IOUtils.readLines(usp.readFrom(spec)); + URLRedirectProvider.RequestResult result = usp.executeGet(spec); + if (result.getCode() != HttpStatus.SC_OK) { + errorMessage = String.format("Could not access base url '%s', code: '%d', response: '%s'", + URLCredentialsHider.hideCredentials(request.getBaseUrl()), + result.getCode(), + result.getContent()); + } } catch (IOException ioe) { e = ioe; errorMessage = String.format("Could not access base url '%s'", @@ -4519,9 +4524,13 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle } } - if (e != null) { + if (errorMessage != null) { LOG.error(errorMessage); - throw new IllegalArgumentException(errorMessage, e); + if (e == null) { + throw new IllegalArgumentException(errorMessage); + } else { + throw new IllegalArgumentException(errorMessage, e); + } } } diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLRedirectProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLRedirectProvider.java new file mode 100644 index 0000000..aed89fc --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLRedirectProvider.java @@ -0,0 +1,94 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.controller.internal; + +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.StandardCharsets; + +import org.apache.ambari.server.utils.URLCredentialsHider; +import org.apache.commons.io.IOUtils; +import org.apache.http.HttpEntity; +import org.apache.http.HttpStatus; +import org.apache.http.client.config.RequestConfig; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Class that provides support to work with URLs behind redirects. + */ +public class URLRedirectProvider { + private static final Logger LOG = LoggerFactory.getLogger(URLRedirectProvider.class); + + private final int connTimeout; + private final int readTimeout; + + public URLRedirectProvider(int connectionTimeout, int readTimeout) { + this.connTimeout = connectionTimeout; + this.readTimeout = readTimeout; + } + + public RequestResult executeGet(String spec) throws IOException { + try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) { + HttpGet httpGet = new HttpGet(spec); + + RequestConfig requestConfig = RequestConfig.custom() + .setConnectionRequestTimeout(connTimeout) + .setSocketTimeout(readTimeout).build(); + httpGet.setConfig(requestConfig); + + try (CloseableHttpResponse response = httpClient.execute(httpGet);) { + final HttpEntity entity = response.getEntity(); + final InputStream is = entity.getContent(); + + final int statusCode = response.getStatusLine().getStatusCode(); + final RequestResult result = new RequestResult(IOUtils.toString(is, StandardCharsets.UTF_8), statusCode); + + if (statusCode == HttpStatus.SC_UNAUTHORIZED || statusCode == HttpStatus.SC_NOT_FOUND + || statusCode == HttpStatus.SC_FORBIDDEN) { + LOG.error(String.format("Received HTTP '%s' response from URL: '%s'", statusCode, + URLCredentialsHider.hideCredentials(spec))); + } + return result; + } + } + } + + public static class RequestResult { + private final String content; + private final int code; + + public RequestResult(String content, int code) { + this.content = content; + this.code = code; + } + + public String getContent() { + return content; + } + + public int getCode() { + return code; + } + } +} diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/VersionDefinitionResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/VersionDefinitionResourceProvider.java index a91acf6..2eda49e 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/VersionDefinitionResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/VersionDefinitionResourceProvider.java @@ -38,7 +38,6 @@ import org.apache.ambari.server.StaticallyInject; import org.apache.ambari.server.api.resources.OperatingSystemResourceDefinition; import org.apache.ambari.server.api.resources.RepositoryResourceDefinition; import org.apache.ambari.server.api.services.AmbariMetaInfo; -import org.apache.ambari.server.configuration.ComponentSSLConfiguration; import org.apache.ambari.server.configuration.Configuration; import org.apache.ambari.server.controller.spi.NoSuchParentResourceException; import org.apache.ambari.server.controller.spi.NoSuchResourceException; @@ -72,6 +71,7 @@ import org.apache.commons.lang.BooleanUtils; import org.apache.commons.lang.ObjectUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.math.NumberUtils; +import org.apache.http.HttpStatus; import org.codehaus.jackson.node.ArrayNode; import org.codehaus.jackson.node.JsonNodeFactory; import org.codehaus.jackson.node.ObjectNode; @@ -571,19 +571,22 @@ public class VersionDefinitionResourceProvider extends AbstractAuthorizedResourc try { URI uri = new URI(definitionUrl); - InputStream stream = null; if (uri.getScheme().equalsIgnoreCase("file")) { - stream = uri.toURL().openStream(); + InputStream stream = uri.toURL().openStream(); + holder.xmlString = IOUtils.toString(stream, "UTF-8"); } else { - URLStreamProvider provider = new URLStreamProvider(connectTimeout, readTimeout, - ComponentSSLConfiguration.instance()); - provider.setSetupTruststoreForHttps(false); + URLRedirectProvider provider = new URLRedirectProvider(connectTimeout, readTimeout); + URLRedirectProvider.RequestResult requestResult = provider.executeGet(definitionUrl); - stream = provider.readFrom(definitionUrl); - } + if (requestResult.getCode() != HttpStatus.SC_OK) { + String err = String.format("Could not load url from '%s' with code '%d'. %s", + definitionUrl, requestResult.getCode(), requestResult.getContent()); + throw new AmbariException(err); + } - holder.xmlString = IOUtils.toString(stream, "UTF-8"); + holder.xmlString = requestResult.getContent(); + } holder.xml = VersionDefinitionXml.load(holder.xmlString); } catch (Exception e) { String err = String.format("Could not load url from %s. %s",