Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 2.x] Removed Domain Validation #2136

Merged
merged 1 commit into from
Sep 22, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
import java.util.Map;
import java.util.Set;
import lombok.experimental.UtilityClass;
import org.apache.commons.validator.routines.DomainValidator;
import org.opensearch.sql.common.utils.URIValidationUtils;

/** Common Validation methods for all datasource connectors. */
Expand All @@ -19,7 +18,6 @@ public class DatasourceValidationUtils {

public static void validateHost(String uriString, List<String> denyHostList)
throws URISyntaxException, UnknownHostException {
validateDomain(uriString);
if (!URIValidationUtils.validateURIHost(new URI(uriString).getHost(), denyHostList)) {
throw new IllegalArgumentException(
"Disallowed hostname in the uri. "
Expand Down Expand Up @@ -54,15 +52,4 @@ public static void validateLengthAndRequiredFields(
throw new IllegalArgumentException(errorStringBuilder.toString());
}
}

private static void validateDomain(String uriString) throws URISyntaxException {
URI uri = new URI(uriString);
String host = uri.getHost();
if (host == null
|| (!(DomainValidator.getInstance().isValid(host)
|| DomainValidator.getInstance().isValidLocalTld(host)))) {
throw new IllegalArgumentException(
String.format("Invalid hostname in the uri: %s", uriString));
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -37,20 +37,6 @@ public void testValidateHostWithSuccess() {
"http://localhost:9090", Collections.singletonList("192.168.0.0/8")));
}

@SneakyThrows
@Test
public void testValidateHostWithInvalidDomain() {
IllegalArgumentException illegalArgumentException =
Assertions.assertThrows(
IllegalArgumentException.class,
() ->
DatasourceValidationUtils.validateHost(
"http:://prometheus:9090", Collections.singletonList("127.0.0.0/8")));
Assertions.assertEquals(
"Invalid hostname in the uri: http:://prometheus:9090",
illegalArgumentException.getMessage());
}

@Test
public void testValidateLengthAndRequiredFieldsWithAbsentField() {
HashMap<String, String> config = new HashMap<>();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -112,26 +112,6 @@ public void updateDataSourceAPITest() {
// Datasource is not immediately updated. so introducing a sleep of 2s.
Thread.sleep(2000);

// update datasource with invalid URI
updateDSM =
new DataSourceMetadata(
"update_prometheus",
DataSourceType.PROMETHEUS,
ImmutableList.of(),
ImmutableMap.of("prometheus.uri", "https://randomtest:9090"));
final Request illFormedUpdateRequest = getUpdateDataSourceRequest(updateDSM);
ResponseException updateResponseException =
Assert.assertThrows(
ResponseException.class, () -> client().performRequest(illFormedUpdateRequest));
Assert.assertEquals(400, updateResponseException.getResponse().getStatusLine().getStatusCode());
updateResponseString = getResponseBody(updateResponseException.getResponse());
JsonObject errorMessage = new Gson().fromJson(updateResponseString, JsonObject.class);
Assert.assertEquals(
"Invalid hostname in the uri: https://randomtest:9090",
errorMessage.get("error").getAsJsonObject().get("details").getAsString());

Thread.sleep(2000);

// get datasource to validate the modification.
// get datasource
Request getRequest = getFetchDataSourceRequest("update_prometheus");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -209,50 +209,6 @@ void createDataSourceSuccessWithLocalhost() {
Assertions.assertTrue(dataSource.getStorageEngine() instanceof PrometheusStorageEngine);
}

@Test
void createDataSourceWithInvalidHostname() {
HashMap<String, String> properties = new HashMap<>();
properties.put("prometheus.uri", "http://dummyprometheus:9090");
properties.put("prometheus.auth.type", "basicauth");
properties.put("prometheus.auth.username", "admin");
properties.put("prometheus.auth.password", "admin");

DataSourceMetadata metadata = new DataSourceMetadata();
metadata.setName("prometheus");
metadata.setConnector(DataSourceType.PROMETHEUS);
metadata.setProperties(properties);

PrometheusStorageFactory prometheusStorageFactory = new PrometheusStorageFactory(settings);
RuntimeException exception =
Assertions.assertThrows(
RuntimeException.class, () -> prometheusStorageFactory.createDataSource(metadata));
Assertions.assertTrue(
exception
.getMessage()
.contains("Invalid hostname in the uri: http://dummyprometheus:9090"));
}

@Test
void createDataSourceWithInvalidIp() {
HashMap<String, String> properties = new HashMap<>();
properties.put("prometheus.uri", "http://231.54.11.987:9090");
properties.put("prometheus.auth.type", "basicauth");
properties.put("prometheus.auth.username", "admin");
properties.put("prometheus.auth.password", "admin");

DataSourceMetadata metadata = new DataSourceMetadata();
metadata.setName("prometheus");
metadata.setConnector(DataSourceType.PROMETHEUS);
metadata.setProperties(properties);

PrometheusStorageFactory prometheusStorageFactory = new PrometheusStorageFactory(settings);
RuntimeException exception =
Assertions.assertThrows(
RuntimeException.class, () -> prometheusStorageFactory.createDataSource(metadata));
Assertions.assertTrue(
exception.getMessage().contains("Invalid hostname in the uri: http://231.54.11.987:9090"));
}

@Test
void createDataSourceWithHostnameNotMatchingWithAllowHostsConfig() {
when(settings.getSettingValue(Settings.Key.DATASOURCES_URI_HOSTS_DENY_LIST))
Expand Down