#36 Use constants to get proxy auth config

Weltraumschaf · ManuelNeuer · commit a5b41a689bb5 · 2023-07-04T10:02:06.000+02:00
Remove duplication of constant names by introducing an enum with
the properties names. Also adds some basic docs how it works and
a basic validation of the properties w/ error handling.

Signed-off-by: Sven Strittmatter &lt;sven.strittmatter@iteratec.com&gt;
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java b/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java
@@ -21,6 +21,7 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.MediaType;
+import org.springframework.http.client.ClientHttpRequestFactory;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.http.converter.FormHttpMessageConverter;
 import org.springframework.http.converter.ResourceHttpMessageConverter;
@@ -34,6 +35,7 @@
 import java.util.List;
 
 final class DefaultImportScanService implements ImportScanService {
+    private final SystemPropertyFinder properties = new SystemPropertyFinder();
     private final String defectDojoUrl;
     private final String defectDojoApiKey;
 
@@ -88,9 +90,9 @@ private ImportScanResponse createFindings(ScanFile scanFile, String endpoint, lo
         final var headers = createDefectDojoAuthorizationHeaders();
         headers.setContentType(MediaType.MULTIPART_FORM_DATA);
         restTemplate.setMessageConverters(List.of(
-                new FormHttpMessageConverter(),
-                new ResourceHttpMessageConverter(),
-                new MappingJackson2HttpMessageConverter())
+            new FormHttpMessageConverter(),
+            new ResourceHttpMessageConverter(),
+            new MappingJackson2HttpMessageConverter())
         );
 
         // FIXME: Why do we use a multi value map here? Do we need multiple values for any given key?
@@ -154,22 +156,67 @@ private RestTemplate createRestTemplate() {
         return template;
     }
 
-    private static boolean shouldConfigureProxySettings() {
-        return System.getProperty("http.proxyUser") != null && System.getProperty("http.proxyPassword") != null;
+    boolean shouldConfigureProxySettings() {
+        return properties.hasProperty(ProxyConfigNames.HTTP_PROXY_USER)
+            && properties.hasProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD);
     }
 
-    private static HttpComponentsClientHttpRequestFactory createRequestFactoryWithProxyAuthConfig() {
-        // Configuring Proxy Authentication explicitly as it isn't done by default for spring rest templates :(
+    /**
+     * Configuring proxy authentication explicitly
+     *
+     * <p>
+     * This isn't done by default for spring rest templates.This method expects these four system properties (Java flag
+     * {@literal -DpropertyName}) to be set:
+     * </p>
+     * <ul>
+     *     <li>http.proxyUser</li>
+     *     <li>http.proxyPassword</li>
+     *     <li>http.proxyHost</li>
+     *     <li>http.proxyPort</li>
+     * </ul>
+     *
+     * @return never {@code null}
+     */
+    ClientHttpRequestFactory createRequestFactoryWithProxyAuthConfig() {
+        if (properties.notHasProperty(ProxyConfigNames.HTTP_PROXY_USER)) {
+            throw new MissingProxyAuthenticationConfig(ProxyConfigNames.HTTP_PROXY_USER);
+        }
+
+        if (properties.notHasProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD)) {
+            throw new MissingProxyAuthenticationConfig(ProxyConfigNames.HTTP_PROXY_PASSWORD);
+        }
+
+        if (properties.notHasProperty(ProxyConfigNames.HTTP_PROXY_HOST)) {
+            throw new MissingProxyAuthenticationConfig(ProxyConfigNames.HTTP_PROXY_HOST);
+        }
+
+        if (properties.notHasProperty(ProxyConfigNames.HTTP_PROXY_PORT)) {
+            throw new MissingProxyAuthenticationConfig(ProxyConfigNames.HTTP_PROXY_PORT);
+        }
+
+        final var proxyHost = properties.getProperty(ProxyConfigNames.HTTP_PROXY_HOST);
+        final int proxyPort;
+        try {
+            proxyPort = Integer.parseInt(properties.getProperty(ProxyConfigNames.HTTP_PROXY_PORT));
+        } catch (final NumberFormatException e) {
+            throw new IllegalArgumentException(
+                String.format("Given port for proxy authentication configuration (property '%s') is not a valid number! Given value wa '%s'.",
+                    ProxyConfigNames.HTTP_PROXY_PORT.getLiterat(),
+                    System.getProperty("http.proxyPort")),
+                e);
+        }
+
         final var credentials = new BasicCredentialsProvider();
         credentials.setCredentials(
-                new AuthScope(System.getProperty("http.proxyHost"), Integer.parseInt(System.getProperty("http.proxyPort"))),
-                new UsernamePasswordCredentials(System.getProperty("http.proxyUser"), System.getProperty("http.proxyPassword"))
+            new AuthScope(proxyHost, proxyPort),
+            new UsernamePasswordCredentials(
+                properties.getProperty(ProxyConfigNames.HTTP_PROXY_USER),
+                properties.getProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD))
         );
 
         final var clientBuilder = HttpClientBuilder.create();
-
         clientBuilder.useSystemProperties();
-        clientBuilder.setProxy(new HttpHost(System.getProperty("http.proxyHost"), Integer.parseInt(System.getProperty("http.proxyPort"))));
+        clientBuilder.setProxy(new HttpHost(proxyHost, proxyPort));
         clientBuilder.setDefaultCredentialsProvider(credentials);
         clientBuilder.setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy());
 
@@ -178,5 +225,23 @@ private static HttpComponentsClientHttpRequestFactory createRequestFactoryWithPr
         return factory;
     }
 
+    private static class SystemPropertyFinder {
+        private boolean hasProperty(@NonNull final ProxyConfigNames name) {
+            return System.getProperty(name.getLiterat()) != null;
+        }
+
+        private boolean notHasProperty(@NonNull final ProxyConfigNames name) {
+            return !hasProperty(name);
+        }
+
+        private String getProperty(@NonNull final ProxyConfigNames name) {
+            return System.getProperty(name.getLiterat());
+        }
+    }
 
+    final static class MissingProxyAuthenticationConfig extends RuntimeException {
+        MissingProxyAuthenticationConfig(ProxyConfigNames name) {
+            super(String.format("Expected System property '%s' not set!", name.getLiterat()));
+        }
+    }
 }
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/service/ImportScanService.java b/src/main/java/io/securecodebox/persistence/defectdojo/service/ImportScanService.java
@@ -10,6 +10,7 @@
 import io.securecodebox.persistence.defectdojo.config.DefectDojoConfig;
 import io.securecodebox.persistence.defectdojo.models.ScanFile;
 import lombok.Data;
+import lombok.Getter;
 import lombok.NonNull;
 import org.springframework.util.MultiValueMap;
 
@@ -46,4 +47,28 @@ class ImportScanResponse {
         @JsonProperty("test")
         protected long testId;
     }
+
+    /**
+     * These properties can be configured by passing them to the running Java process w/ flag {@literal -D}
+     * <p>
+     * Example: {@literal java -Dhttp.proxyHost=... -D... -jar ...}
+     * </p>
+     * <p>
+     * <strong>Important</strong>: All four parameters are mandatory. You must set them all
+     * or none of them!
+     * </p>
+     */
+    enum ProxyConfigNames {
+        HTTP_PROXY_HOST("http.proxyHost"),
+        HTTP_PROXY_PORT("http.proxyPort"),
+        HTTP_PROXY_USER("http.proxyUser"),
+        HTTP_PROXY_PASSWORD("http.proxyPassword");
+
+        @Getter
+        private final String literat;
+
+        ProxyConfigNames(String literat) {
+            this.literat = literat;
+        }
+    }
 }
diff --git a/src/test/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanServiceTest.java b/src/test/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanServiceTest.java
@@ -1,9 +1,16 @@
 package io.securecodebox.persistence.defectdojo.service;
 
 import io.securecodebox.persistence.defectdojo.config.DefectDojoConfig;
+import io.securecodebox.persistence.defectdojo.service.DefaultImportScanService.MissingProxyAuthenticationConfig;
+import io.securecodebox.persistence.defectdojo.service.ImportScanService.ProxyConfigNames;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.springframework.http.HttpHeaders;
 
+import java.util.HashMap;
+import java.util.Map;
+
 import static org.junit.jupiter.api.Assertions.*;
 import static org.hamcrest.MatcherAssert.assertThat;
 
@@ -12,13 +19,39 @@
  */
 class DefaultImportScanServiceTest {
     private final DefectDojoConfig config = new DefectDojoConfig(
-            "url",
-            "apiKey",
-            "username",
-            23,
-            42L
+        "url",
+        "apiKey",
+        "username",
+        23,
+        42L
     );
     private final DefaultImportScanService sut = new DefaultImportScanService(config);
+    /**
+     * Since System.getProperty() is an side effect we need to back up and restore it to isolate test cases.
+     */
+    private final Map<ProxyConfigNames, String> backup = new HashMap<>();
+
+    @BeforeEach
+    void backupSystemProperties() {
+        backup.clear();
+        backup.put(ProxyConfigNames.HTTP_PROXY_HOST, System.getProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat()));
+        backup.put(ProxyConfigNames.HTTP_PROXY_PORT, System.getProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat()));
+        backup.put(ProxyConfigNames.HTTP_PROXY_USER, System.getProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat()));
+        backup.put(ProxyConfigNames.HTTP_PROXY_PASSWORD, System.getProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat()));
+    }
+
+    @AfterEach
+    void restoreSystemProperties() {
+        for (final var entry : backup.entrySet()) {
+            final var name = entry.getKey().getLiterat();
+
+            if (null == entry.getValue()) {
+                System.clearProperty(name);
+            } else {
+                System.setProperty(name, entry.getValue());
+            }
+        }
+    }
 
     @Test
     void constructorShouldThrowExceptionOnNullConfig() {
@@ -31,8 +64,112 @@ void constructorShouldThrowExceptionOnNullConfig() {
     void createDefectDojoAuthorizationHeaders_apiKeyFromConfigShouldBePresentAsAuthHEader() {
         final var authorizationHeaders = sut.createDefectDojoAuthorizationHeaders();
         assertAll(
-                () -> assertEquals(1, authorizationHeaders.size(), "Expected is exactly one authorization header!"),
-                () -> assertEquals("Token apiKey", authorizationHeaders.get(HttpHeaders.AUTHORIZATION).get(0))
+            () -> assertEquals(1, authorizationHeaders.size(), "Expected is exactly one authorization header!"),
+            () -> assertEquals("Token apiKey", authorizationHeaders.get(HttpHeaders.AUTHORIZATION).get(0))
         );
     }
+
+    @Test
+    void shouldConfigureProxySettings_falseIfNeitherUserNorPasswordIsSet() {
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat());
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat());
+
+        assertFalse(sut.shouldConfigureProxySettings());
+    }
+
+    @Test
+    void shouldConfigureProxySettings_falseIfUserSetButPasswordNot() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat());
+
+        assertFalse(sut.shouldConfigureProxySettings());
+    }
+
+    @Test
+    void shouldConfigureProxySettings_falseIfPasswordSetButUserNot() {
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat());
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+
+        assertFalse(sut.shouldConfigureProxySettings());
+    }
+
+    @Test
+    void shouldConfigureProxySettings_trueIfUserAndPasswordSet() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+
+        assertTrue(sut.shouldConfigureProxySettings());
+    }
+
+    @Test
+    void createRequestFactoryWithProxyAuthConfig_throesExceptionIfUserNotSet() {
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat());
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat(), "host");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat(), "4242");
+
+        final var thrown = assertThrows(
+            MissingProxyAuthenticationConfig.class,
+            sut::createRequestFactoryWithProxyAuthConfig);
+
+        assertEquals("Expected System property 'http.proxyUser' not set!", thrown.getMessage());
+    }
+
+    @Test
+    void createRequestFactoryWithProxyAuthConfig_throesExceptionIfPasswordNotSet() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat());
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat(), "host");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat(), "4242");
+
+        final var thrown = assertThrows(
+            MissingProxyAuthenticationConfig.class,
+            sut::createRequestFactoryWithProxyAuthConfig);
+
+        assertEquals("Expected System property 'http.proxyPassword' not set!", thrown.getMessage());
+    }
+
+    @Test
+    void createRequestFactoryWithProxyAuthConfig_throesExceptionIfHostNotSet() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat());
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat(), "4242");
+
+        final var thrown = assertThrows(
+            MissingProxyAuthenticationConfig.class,
+            sut::createRequestFactoryWithProxyAuthConfig);
+
+        assertEquals("Expected System property 'http.proxyHost' not set!", thrown.getMessage());
+    }
+
+    @Test
+    void createRequestFactoryWithProxyAuthConfig_throesExceptionIfPortNotSet() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat(), "host");
+        System.clearProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat());
+
+        final var thrown = assertThrows(
+            MissingProxyAuthenticationConfig.class,
+            sut::createRequestFactoryWithProxyAuthConfig);
+
+        assertEquals("Expected System property 'http.proxyPort' not set!", thrown.getMessage());
+    }
+
+    @Test
+    void createRequestFactoryWithProxyAuthConfig_throesExceptionIfPortIsNotInteger() {
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_USER.getLiterat(), "user");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PASSWORD.getLiterat(), "password");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_HOST.getLiterat(), "host");
+        System.setProperty(ProxyConfigNames.HTTP_PROXY_PORT.getLiterat(), "FUBAR");
+
+        final var thrown = assertThrows(
+            IllegalArgumentException.class,
+            sut::createRequestFactoryWithProxyAuthConfig);
+
+        assertEquals(
+            "Given port for proxy authentication configuration (property 'http.proxyPort') is not a valid number! Given value wa 'FUBAR'.",
+            thrown.getMessage());
+    }
 }
