This is an automated email from the ASF dual-hosted git repository. sergeyb pushed a commit to branch 3.1.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/3.1.x-fixes by this push: new 91b525e [CXF-7584] Restricting the proxies (by default) from accidentally supplying empty path template values, an updated patch from Alexey Markevich applied, This closes #354 91b525e is described below commit 91b525e2657015e6de6079577c5b393bd89188b7 Author: Sergey Beryozkin <sberyoz...@gmail.com> AuthorDate: Mon Dec 11 10:23:59 2017 +0000 [CXF-7584] Restricting the proxies (by default) from accidentally supplying empty path template values, an updated patch from Alexey Markevich applied, This closes #354 --- .../apache/cxf/jaxrs/client/AbstractClient.java | 16 +++++++++- .../jaxrs/client/JAXRSClientFactoryBeanTest.java | 36 +++++++++++++++++++++- 2 files changed, 50 insertions(+), 2 deletions(-) diff --git a/rt/rs/client/src/main/java/org/apache/cxf/jaxrs/client/AbstractClient.java b/rt/rs/client/src/main/java/org/apache/cxf/jaxrs/client/AbstractClient.java index d3360af..53666d0 100644 --- a/rt/rs/client/src/main/java/org/apache/cxf/jaxrs/client/AbstractClient.java +++ b/rt/rs/client/src/main/java/org/apache/cxf/jaxrs/client/AbstractClient.java @@ -43,6 +43,7 @@ import java.util.Set; import java.util.concurrent.atomic.AtomicBoolean; import java.util.logging.Logger; +import javax.ws.rs.PathParam; import javax.ws.rs.ProcessingException; import javax.ws.rs.WebApplicationException; import javax.ws.rs.client.InvocationCallback; @@ -62,6 +63,7 @@ import javax.xml.stream.XMLStreamWriter; import org.apache.cxf.Bus; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.common.util.PropertyUtils; +import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.endpoint.ClientLifeCycleManager; import org.apache.cxf.endpoint.ConduitSelector; import org.apache.cxf.endpoint.Endpoint; @@ -80,6 +82,7 @@ import org.apache.cxf.jaxrs.impl.UriBuilderImpl; import org.apache.cxf.jaxrs.model.ParameterType; import org.apache.cxf.jaxrs.model.URITemplate; import org.apache.cxf.jaxrs.provider.ProviderFactory; +import org.apache.cxf.jaxrs.utils.AnnotationUtils; import org.apache.cxf.jaxrs.utils.ExceptionUtils; import org.apache.cxf.jaxrs.utils.HttpUtils; import org.apache.cxf.jaxrs.utils.InjectionUtils; @@ -109,6 +112,7 @@ public abstract class AbstractClient implements Client { protected static final String KEEP_CONDUIT_ALIVE = "KeepConduitAlive"; protected static final String HTTP_SCHEME = "http"; + private static final String ALLOW_EMPTY_PATH_VALUES = "allow.empty.path.template.value"; private static final String PROXY_PROPERTY = "jaxrs.proxy"; private static final String HEADER_SPLIT_PROPERTY = "org.apache.cxf.http.header.split"; private static final String SERVICE_NOT_AVAIL_PROPERTY = "org.apache.cxf.transport.service_not_available"; @@ -805,7 +809,17 @@ public abstract class AbstractClient implements Client { } } } - return pValue == null ? null : pValue.toString(); + final String v = pValue == null ? null : pValue.toString(); + if (anns != null && StringUtils.isEmpty(v)) { + final PathParam pp = AnnotationUtils.getAnnotation(anns, PathParam.class); + if (null != pp) { + Object allowEmptyProp = getConfiguration().getBus().getProperty(ALLOW_EMPTY_PATH_VALUES); + if (!PropertyUtils.isTrue(allowEmptyProp)) { + throw new IllegalArgumentException("Value for " + pp.value() + " is not specified"); + } + } + } + return v; } protected static void reportMessageHandlerProblem(String name, Class<?> cls, MediaType ct, Throwable ex) { diff --git a/rt/rs/client/src/test/java/org/apache/cxf/jaxrs/client/JAXRSClientFactoryBeanTest.java b/rt/rs/client/src/test/java/org/apache/cxf/jaxrs/client/JAXRSClientFactoryBeanTest.java index a8a266d..6f186f2 100644 --- a/rt/rs/client/src/test/java/org/apache/cxf/jaxrs/client/JAXRSClientFactoryBeanTest.java +++ b/rt/rs/client/src/test/java/org/apache/cxf/jaxrs/client/JAXRSClientFactoryBeanTest.java @@ -27,6 +27,7 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import org.apache.cxf.Bus; +import org.apache.cxf.BusFactory; import org.apache.cxf.common.util.ProxyClassLoader; import org.apache.cxf.feature.AbstractFeature; import org.apache.cxf.feature.Feature; @@ -35,6 +36,7 @@ import org.apache.cxf.interceptor.InterceptorProvider; import org.apache.cxf.jaxrs.model.UserOperation; import org.apache.cxf.jaxrs.model.UserResource; import org.apache.cxf.jaxrs.resources.Book; +import org.apache.cxf.jaxrs.resources.BookInterface; import org.apache.cxf.jaxrs.resources.BookStore; import org.apache.cxf.jaxrs.resources.BookStoreSubresourcesOnly; import org.apache.cxf.message.Message; @@ -42,6 +44,7 @@ import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import org.apache.cxf.transport.Conduit; import org.apache.cxf.transport.http.HTTPConduit; + import org.junit.Assert; import org.junit.Test; @@ -194,6 +197,37 @@ public class JAXRSClientFactoryBeanTest extends Assert { assertNotNull(productResourceElement); } + @Test(expected = IllegalArgumentException.class) + public void testInvokePathNull() throws Exception { + JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); + bean.setAddress("http://bar"); + bean.setResourceClass(BookInterface.class); + BookInterface store = bean.create(BookInterface.class); + store.getBook(null); + } + + @Test(expected = IllegalArgumentException.class) + public void testInvokePathEmpty() throws Exception { + JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); + bean.setAddress("http://bar"); + bean.setResourceClass(BookInterface.class); + BookInterface store = bean.create(BookInterface.class); + store.getBook(""); + } + + @Test + public void testInvokePathEmptyAllowed() throws Exception { + Bus bus = BusFactory.newInstance().createBus(); + bus.setProperty("allow.empty.path.template.value", true); + JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); + bean.setBus(bus); + bean.setAddress("http://bar"); + bean.setResourceClass(BookInterface.class); + BookInterface store = bean.create(BookInterface.class); + assertNotNull(store.getBook("")); + } + + private class TestFeature extends AbstractFeature { private TestInterceptor testInterceptor; @@ -242,4 +276,4 @@ public class JAXRSClientFactoryBeanTest extends Assert { String get(); } -} \ No newline at end of file +} -- To stop receiving notification emails like this one, please contact ['"commits@cxf.apache.org" <commits@cxf.apache.org>'].