Skip to content

Commit

Permalink
fix: use URI builder for proxy, test for @ in username (#1482)
Browse files Browse the repository at this point in the history
  • Loading branch information
MikeDombo committed Jun 1, 2023
1 parent ed731c5 commit ef8d01c
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 12 deletions.
25 changes: 18 additions & 7 deletions src/main/java/com/aws/greengrass/util/ProxyUtils.java
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,10 @@

import com.aws.greengrass.config.Topics;
import com.aws.greengrass.deployment.DeviceConfiguration;
import com.aws.greengrass.logging.api.Logger;
import com.aws.greengrass.logging.impl.LogManager;
import lombok.NonNull;
import org.apache.http.client.utils.URIBuilder;
import software.amazon.awssdk.crt.http.HttpProxyOptions;
import software.amazon.awssdk.crt.io.ClientTlsContext;
import software.amazon.awssdk.http.SdkHttpClient;
Expand All @@ -16,6 +19,8 @@

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
Expand All @@ -38,6 +43,7 @@

public final class ProxyUtils {

private static final Logger logger = LogManager.getLogger(ProxyUtils.class);
private static final AtomicReference<DeviceConfiguration> deviceConfiguration = new AtomicReference<>();

private ProxyUtils() {
Expand Down Expand Up @@ -342,15 +348,20 @@ private static String removeAuthFromProxyUrl(String proxyUrl) {

private static String addAuthToProxyUrl(String proxyUrl, String username, String password) {
URI uri = URI.create(proxyUrl);
StringBuilder sb = new StringBuilder();
sb.append(uri.getScheme()).append("://").append(username).append(':').append(password).append('@')
.append(uri.getHost());

if (uri.getPort() != -1) {
sb.append(':').append(uri.getPort());
URIBuilder uriBuilder = new URIBuilder(uri, StandardCharsets.UTF_8);
if (password == null) {
uriBuilder.setUserInfo(username);
} else {
uriBuilder.setUserInfo(username, password);
}

return sb.toString();
try {
return uriBuilder.build().toString();
} catch (URISyntaxException e) {
// This shouldn't ever be possible, URI builder will create a valid URI.
logger.error("Unable to create proxy URL environment variable", e);
return uri.toString();
}
}

/**
Expand Down
16 changes: 11 additions & 5 deletions src/test/java/com/aws/greengrass/util/ProxyUtilsTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ void testGetPortFromProxyUrl() {

@Test
void testGetProxyUsername() {
assertEquals("user", ProxyUtils.getProxyUsername("https://user:password@localhost:8080", "test-user"));
assertEquals("user@aws", ProxyUtils.getProxyUsername("https://user%40aws:password@localhost:8080", "test-user"));
assertEquals("usernameOnly", ProxyUtils.getProxyUsername("https://usernameOnly@localhost:8080", "test-user"));
assertEquals("test-user", ProxyUtils.getProxyUsername("https://myproxy:8080", "test-user"));
assertNull(ProxyUtils.getProxyUsername("https://myproxy:8080", ""));
Expand Down Expand Up @@ -93,8 +93,9 @@ void testGetHttpProxyOptions() {

@Test
void testGetProxyEnvVarValue_passthroughWithAuth() {
when(deviceConfiguration.getProxyUrl()).thenReturn("https://test-user:itsasecret@myproxy:8080");
assertEquals("https://test-user:itsasecret@myproxy:8080", ProxyUtils.getProxyEnvVarValue(deviceConfiguration));
when(deviceConfiguration.getProxyUrl()).thenReturn("https://test-user%40aws:itsasecret@myproxy:8080");
assertEquals("https://test-user%40aws:itsasecret@myproxy:8080",
ProxyUtils.getProxyEnvVarValue(deviceConfiguration));
}

@Test
Expand All @@ -106,9 +107,14 @@ void testGetProxyEnvVarValue_passthroughWithoutAuth() {
@Test
void testGetProxyEnvVarValue_authInfoAddedToUrl() {
when(deviceConfiguration.getProxyUrl()).thenReturn("https://myproxy:8080");
when(deviceConfiguration.getProxyUsername()).thenReturn("test-user");
when(deviceConfiguration.getProxyUsername()).thenReturn("test-user@aws");
when(deviceConfiguration.getProxyPassword()).thenReturn("itsasecret");
assertEquals("https://test-user:itsasecret@myproxy:8080", ProxyUtils.getProxyEnvVarValue(deviceConfiguration));
assertEquals("https://test-user%40aws:itsasecret@myproxy:8080",
ProxyUtils.getProxyEnvVarValue(deviceConfiguration));

when(deviceConfiguration.getProxyPassword()).thenReturn(null);
assertEquals("https://test-user%40aws@myproxy:8080",
ProxyUtils.getProxyEnvVarValue(deviceConfiguration));
}

@Test
Expand Down

0 comments on commit ef8d01c

Please sign in to comment.