github-advanced-security[bot] commented on code in PR #16413:
URL:
https://github.com/apache/dolphinscheduler/pull/16413#discussion_r1701145476
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-http/src/main/java/org/apache/dolphinscheduler/plugin/task/http/HttpTask.java:
##########
@@ -92,250 +70,161 @@
@Override
public void handle(TaskCallBack taskCallBack) throws TaskException {
- long startTime = System.currentTimeMillis();
- String formatTimeStamp = DateUtils.formatTimeStamp(startTime);
- String statusCode = null;
- String body = null;
-
- try (
- CloseableHttpClient client = createHttpClient();
- CloseableHttpResponse response = sendRequest(client)) {
- statusCode = String.valueOf(getStatusCode(response));
- body = getResponseBody(response);
- exitStatusCode = validResponse(body, statusCode);
- addDefaultOutput(body);
- long costTime = System.currentTimeMillis() - startTime;
- log.info(
- "startTime: {}, httpUrl: {}, httpMethod: {}, costTime : {}
milliseconds, statusCode : {}, body : {}, log : {}",
- formatTimeStamp, httpParameters.getUrl(),
- httpParameters.getHttpMethod(), costTime, statusCode,
body, output);
- } catch (Exception e) {
- appendMessage(e.toString());
- exitStatusCode = -1;
- log.error("httpUrl[" + httpParameters.getUrl() + "] connection
failed:" + output, e);
- throw new TaskException("Execute http task failed", e);
- }
+ OkHttpResponse httpResponse = sendRequest();
+
+ validateResponse(httpResponse.getBody(), httpResponse.getStatusCode());
}
@Override
public void cancel() throws TaskException {
-
- }
-
- /**
- * send request
- *
- * @param client client
- * @return CloseableHttpResponse
- * @throws IOException io exception
- */
- protected CloseableHttpResponse sendRequest(CloseableHttpClient client)
throws IOException {
- RequestBuilder builder = createRequestBuilder();
-
- // replace placeholder,and combine local and global parameters
- Map<String, Property> paramsMap =
taskExecutionContext.getPrepareParamsMap();
-
- List<HttpProperty> httpPropertyList = new ArrayList<>();
- if (CollectionUtils.isNotEmpty(httpParameters.getHttpParams())) {
- for (HttpProperty httpProperty : httpParameters.getHttpParams()) {
- String jsonObject = JSONUtils.toJsonString(httpProperty);
- String params =
-
ParameterUtils.convertParameterPlaceholders(jsonObject,
ParameterUtils.convert(paramsMap));
- log.info("http request params:{}", params);
- httpPropertyList.add(JSONUtils.parseObject(params,
HttpProperty.class));
- }
- }
- String httpBody =
ParameterUtils.convertParameterPlaceholders(httpParameters.getHttpBody(),
- ParameterUtils.convert(paramsMap));
- addRequestParams(builder, httpPropertyList, httpBody);
- String requestUrl =
-
ParameterUtils.convertParameterPlaceholders(httpParameters.getUrl(),
ParameterUtils.convert(paramsMap));
- HttpUriRequest request = builder.setUri(requestUrl).build();
- setHeaders(request, httpPropertyList);
- return client.execute(request);
}
- /**
- * get response body
- *
- * @param httpResponse http response
- * @return response body
- * @throws ParseException parse exception
- * @throws IOException io exception
- */
- protected String getResponseBody(CloseableHttpResponse httpResponse)
throws ParseException, IOException {
- if (httpResponse == null) {
- return null;
- }
- HttpEntity entity = httpResponse.getEntity();
- if (entity == null) {
- return null;
- }
- return EntityUtils.toString(entity, StandardCharsets.UTF_8.name());
- }
-
- /**
- * get status code
- *
- * @param httpResponse http response
- * @return status code
- */
- protected int getStatusCode(CloseableHttpResponse httpResponse) {
- return httpResponse.getStatusLine().getStatusCode();
- }
-
- /**
- * valid response
- *
- * @param body body
- * @param statusCode status code
- * @return exit status code
- */
- protected int validResponse(String body, String statusCode) {
- int exitStatusCode = 0;
+ private void validateResponse(String body, int statusCode) {
switch (httpParameters.getHttpCheckCondition()) {
case BODY_CONTAINS:
if (StringUtils.isEmpty(body) ||
!body.contains(httpParameters.getCondition())) {
- appendMessage(httpParameters.getUrl() + " doesn contain "
- + httpParameters.getCondition());
- exitStatusCode = -1;
+ log.error("http request failed, url: {}, statusCode: {},
checkCondition: {}, body: {}",
+ httpParameters.getUrl(), statusCode,
HttpCheckCondition.BODY_CONTAINS.name(), body);
+ exitStatusCode = Constants.EXIT_CODE_FAILURE;
+ return;
}
break;
case BODY_NOT_CONTAINS:
if (StringUtils.isEmpty(body) ||
body.contains(httpParameters.getCondition())) {
- appendMessage(httpParameters.getUrl() + " contains "
- + httpParameters.getCondition());
- exitStatusCode = -1;
+ log.error("http request failed, url: {}, statusCode: {},
checkCondition: {}, body: {}",
+ httpParameters.getUrl(), statusCode,
HttpCheckCondition.BODY_NOT_CONTAINS.name(), body);
+ exitStatusCode = Constants.EXIT_CODE_FAILURE;
+ return;
}
break;
case STATUS_CODE_CUSTOM:
- if (!statusCode.equals(httpParameters.getCondition())) {
- appendMessage(httpParameters.getUrl() + " statuscode: " +
statusCode + ", Must be: "
- + httpParameters.getCondition());
- exitStatusCode = -1;
+ if (statusCode !=
Integer.parseInt(httpParameters.getCondition())) {
Review Comment:
## Missing catch of NumberFormatException
Potential uncaught 'java.lang.NumberFormatException'.
[Show more
details](https://github.com/apache/dolphinscheduler/security/code-scanning/4369)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
