This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new 9aef184426b sanitize Splunk HEC token in thrown exception (#13026)
9aef184426b is described below
commit 9aef184426b9bd4276ce2c8f2d6fd5f4e47ee521
Author: Jeffrey D <[email protected]>
AuthorDate: Wed Feb 7 01:06:15 2024 -0500
sanitize Splunk HEC token in thrown exception (#13026)
---
.../component/splunkhec/SplunkHECEndpointUriFactory.java | 4 +++-
.../org/apache/camel/component/splunkhec/splunk-hec.json | 2 +-
.../camel/component/splunkhec/SplunkHECEndpoint.java | 5 +++--
.../camel/component/splunkhec/SplunkHECEndpointTest.java | 14 ++++++++++++++
4 files changed, 21 insertions(+), 4 deletions(-)
diff --git
a/components/camel-splunk-hec/src/generated/java/org/apache/camel/component/splunkhec/SplunkHECEndpointUriFactory.java
b/components/camel-splunk-hec/src/generated/java/org/apache/camel/component/splunkhec/SplunkHECEndpointUriFactory.java
index 071689b1ac5..168d6b2ac84 100644
---
a/components/camel-splunk-hec/src/generated/java/org/apache/camel/component/splunkhec/SplunkHECEndpointUriFactory.java
+++
b/components/camel-splunk-hec/src/generated/java/org/apache/camel/component/splunkhec/SplunkHECEndpointUriFactory.java
@@ -36,7 +36,9 @@ public class SplunkHECEndpointUriFactory extends
org.apache.camel.support.compon
props.add("time");
props.add("token");
PROPERTY_NAMES = Collections.unmodifiableSet(props);
- SECRET_PROPERTY_NAMES = Collections.emptySet();
+ Set<String> secretProps = new HashSet<>(1);
+ secretProps.add("token");
+ SECRET_PROPERTY_NAMES = Collections.unmodifiableSet(secretProps);
MULTI_VALUE_PREFIXES = Collections.emptySet();
}
diff --git
a/components/camel-splunk-hec/src/generated/resources/org/apache/camel/component/splunkhec/splunk-hec.json
b/components/camel-splunk-hec/src/generated/resources/org/apache/camel/component/splunkhec/splunk-hec.json
index f7c7c4ac7f1..5683789b886 100644
---
a/components/camel-splunk-hec/src/generated/resources/org/apache/camel/component/splunkhec/splunk-hec.json
+++
b/components/camel-splunk-hec/src/generated/resources/org/apache/camel/component/splunkhec/splunk-hec.json
@@ -31,7 +31,7 @@
},
"properties": {
"splunkURL": { "index": 0, "kind": "path", "displayName": "Splunk URL",
"group": "producer", "label": "", "required": true, "type": "string",
"javaType": "java.lang.String", "deprecated": false, "deprecationNote": "",
"autowired": false, "secret": false, "description": "Splunk Host and Port
(example: my_splunk_server:8089)" },
- "token": { "index": 1, "kind": "path", "displayName": "Token", "group":
"security", "label": "security", "required": true, "type": "string",
"javaType": "java.lang.String", "deprecated": false, "deprecationNote": "",
"autowired": false, "secret": false, "description": "Splunk HEC token (this is
the token created for HEC and not the user's token)" },
+ "token": { "index": 1, "kind": "path", "displayName": "Token", "group":
"security", "label": "security", "required": true, "type": "string",
"javaType": "java.lang.String", "deprecated": false, "deprecationNote": "",
"autowired": false, "secret": true, "description": "Splunk HEC token (this is
the token created for HEC and not the user's token)" },
"bodyOnly": { "index": 2, "kind": "parameter", "displayName": "Body Only",
"group": "producer", "label": "", "required": false, "type": "boolean",
"javaType": "boolean", "deprecated": false, "autowired": false, "secret":
false, "defaultValue": false, "configurationClass":
"org.apache.camel.component.splunkhec.SplunkHECConfiguration",
"configurationField": "configuration", "description": "Send only the message
body" },
"headersOnly": { "index": 3, "kind": "parameter", "displayName": "Headers
Only", "group": "producer", "label": "", "required": false, "type": "boolean",
"javaType": "boolean", "deprecated": false, "autowired": false, "secret":
false, "defaultValue": false, "configurationClass":
"org.apache.camel.component.splunkhec.SplunkHECConfiguration",
"configurationField": "configuration", "description": "Send only message
headers" },
"host": { "index": 4, "kind": "parameter", "displayName": "Host", "group":
"producer", "label": "", "required": false, "type": "string", "javaType":
"java.lang.String", "deprecated": false, "autowired": false, "secret": false,
"configurationClass":
"org.apache.camel.component.splunkhec.SplunkHECConfiguration",
"configurationField": "configuration", "description": "Splunk host field of the
event message. This is not the Splunk host to connect to." },
diff --git
a/components/camel-splunk-hec/src/main/java/org/apache/camel/component/splunkhec/SplunkHECEndpoint.java
b/components/camel-splunk-hec/src/main/java/org/apache/camel/component/splunkhec/SplunkHECEndpoint.java
index 9948fc7f5e3..d60531e9c41 100644
---
a/components/camel-splunk-hec/src/main/java/org/apache/camel/component/splunkhec/SplunkHECEndpoint.java
+++
b/components/camel-splunk-hec/src/main/java/org/apache/camel/component/splunkhec/SplunkHECEndpoint.java
@@ -28,6 +28,7 @@ import org.apache.camel.spi.UriEndpoint;
import org.apache.camel.spi.UriParam;
import org.apache.camel.spi.UriPath;
import org.apache.camel.support.DefaultEndpoint;
+import org.apache.camel.util.URISupport;
import org.apache.commons.validator.routines.DomainValidator;
import org.apache.commons.validator.routines.InetAddressValidator;
@@ -45,7 +46,7 @@ public class SplunkHECEndpoint extends DefaultEndpoint {
@UriPath
@Metadata(required = true)
private String splunkURL;
- @UriPath(label = "security")
+ @UriPath(label = "security", secret = true)
@Metadata(required = true)
private String token;
@UriParam
@@ -59,7 +60,7 @@ public class SplunkHECEndpoint extends DefaultEndpoint {
this.configuration = configuration;
Matcher match = URI_PARSER.matcher(uri);
if (!match.matches()) {
- throw new IllegalArgumentException("Invalid URI: " + uri);
+ throw new IllegalArgumentException("Invalid URI: " +
URISupport.sanitizeUri(uri));
}
String hostname = match.group(1);
int port = Integer.parseInt(match.group(2));
diff --git
a/components/camel-splunk-hec/src/test/java/org/apache/camel/component/splunkhec/SplunkHECEndpointTest.java
b/components/camel-splunk-hec/src/test/java/org/apache/camel/component/splunkhec/SplunkHECEndpointTest.java
index c354c87d5f1..89d9cc8166a 100644
---
a/components/camel-splunk-hec/src/test/java/org/apache/camel/component/splunkhec/SplunkHECEndpointTest.java
+++
b/components/camel-splunk-hec/src/test/java/org/apache/camel/component/splunkhec/SplunkHECEndpointTest.java
@@ -19,7 +19,9 @@ package org.apache.camel.component.splunkhec;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
public class SplunkHECEndpointTest {
@Test
@@ -85,4 +87,16 @@ public class SplunkHECEndpointTest {
"splunk-hec:yolo:188508/11111111-1111-1111-1111-111111111111",
component, configuration));
assertEquals("Invalid port: 188508", e.getMessage());
}
+
+ @Test
+ public void testSanitizedException() {
+ SplunkHECConfiguration configuration = new SplunkHECConfiguration();
+ SplunkHECComponent component = new SplunkHECComponent();
+ String tokenValue = "token-value";
+ Exception e = assertThrows(IllegalArgumentException.class, () -> new
SplunkHECEndpoint(
+
"splunk-hec:localhost/11111111-1111-1111-1111-111111111111?token=" +
tokenValue, component,
+ configuration));
+ assertTrue(e.getMessage().contains("token=xxxxxx"));
+ assertFalse(e.getMessage().contains(tokenValue));
+ }
}
