github-advanced-security[bot] commented on code in PR #9959:
URL: https://github.com/apache/nifi/pull/9959#discussion_r2135501526
##########
nifi-extension-bundles/nifi-atlassian-bundle/nifi-atlassian-extensions/src/main/java/org/apache/nifi/atlassian/bitbucket/BitbucketRepositoryClient.java:
##########
@@ -348,39 +348,55 @@
// retrieve source data
//
https://api.bitbucket.org/2.0/repositories/{workspace}/{repoName}/src/{commit}/{path}
final URI uri =
getUriBuilder().addPathSegment("src").addPathSegment(lastCommit.get()).addPathSegment(resolvedPath).build();
- final HttpResponseEntity response =
this.webClient.getWebClientService().get().uri(uri).header(AUTHORIZATION_HEADER,
authToken.getAuthzHeaderValue()).retrieve();
+ final String errorMessage = String.format("Error while listing content
for repository [%s] on branch %s at path %s", repoName, branch, resolvedPath);
- if (response.statusCode() != HttpURLConnection.HTTP_OK) {
- throw new FlowRegistryException(
- String.format("Error while listing content for repository
[%s] on branch %s at path %s: %s", repoName, branch, resolvedPath,
getErrorMessage(response)));
- }
-
- final JsonNode jsonResponse;
- try {
- jsonResponse = this.objectMapper.readTree(response.body());
- } catch (IOException e) {
- throw new FlowRegistryException("Could not parse response from
Bitbucket API", e);
- }
- return jsonResponse.get("values").elements();
+ return getPagedResponseValues(uri, errorMessage);
}
private Iterator<JsonNode> getListCommits(final String branch, final
String path) throws FlowRegistryException {
// retrieve latest commit for that branch
//
https://api.bitbucket.org/2.0/repositories/{workspace}/{repoName}/commits/{branch}
final URI uri =
getUriBuilder().addPathSegment("commits").addPathSegment(branch).addQueryParameter("path",
path).build();
- final HttpResponseEntity response =
this.webClient.getWebClientService().get().uri(uri).header(AUTHORIZATION_HEADER,
authToken.getAuthzHeaderValue()).retrieve();
+ final String errorMessage = String.format("Error while listing commits
for repository [%s] on branch %s", repoName, branch);
- if (response.statusCode() != HttpURLConnection.HTTP_OK) {
- throw new FlowRegistryException(String.format("Error while listing
commits for repository [%s] on branch %s: %s", repoName, branch,
getErrorMessage(response)));
- }
+ return getPagedResponseValues(uri, errorMessage);
+ }
- final JsonNode jsonResponse;
- try {
- jsonResponse = this.objectMapper.readTree(response.body());
- } catch (IOException e) {
- throw new FlowRegistryException("Could not parse response from
Bitbucket API", e);
+ private Iterator<JsonNode> getPagedResponseValues(final URI uri, final
String errorMessage) throws FlowRegistryException {
+ final List<JsonNode> allValues = new ArrayList<>();
+ URI nextUri = uri;
+ while (nextUri != null) {
+ final HttpResponseEntity response = webClient.getWebClientService()
+ .get()
+ .uri(nextUri)
+ .header(AUTHORIZATION_HEADER,
authToken.getAuthzHeaderValue())
+ .retrieve();
+
+ if (response.statusCode() != HttpURLConnection.HTTP_OK) {
+ final String responseErrorMessage = getErrorMessage(response);
+ final String errorMessageFormat = errorMessage + ": %s";
+ throw new
FlowRegistryException(errorMessageFormat.formatted(responseErrorMessage));
Review Comment:
## Use of externally-controlled format string
Format string depends on a [user-provided value](1).
[Show more details](https://github.com/apache/nifi/security/code-scanning/81)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
