public static String obfuscateCredentials(String originalUrl) { HttpUrl parsedUrl = HttpUrl.parse(originalUrl); if (parsedUrl != null) { return obfuscateCredentials(originalUrl, parsedUrl); } return originalUrl; }
@CheckForNull private static String replaceOrDie(String original, String username, @Nullable String password) { return replaceOrDieImpl(original, authentStringOf(username, password), obfuscatedAuthentStringOf(username, password)); }
private static String obfuscatedAuthentStringOf(String userName, @Nullable String password) { return authentStringOf(repeat("*", userName.length()), password == null ? null : repeat("*", password.length())); }
String encodedPassword = parsedUrl.encodedPassword(); return Stream.<Supplier<String>>of( () -> replaceOrDie(originalUrl, username, password), () -> replaceOrDie(originalUrl, encodedUsername, encodedPassword), () -> replaceOrDie(originalUrl, encodedUsername, password), () -> replaceOrDie(originalUrl, username, encodedPassword)) .map(Supplier::get) .filter(Objects::nonNull) () -> replaceOrDie(originalUrl, username, null), () -> replaceOrDie(originalUrl, parsedUrl.encodedUsername(), null)) .map(Supplier::get) .filter(Objects::nonNull)
@Test @UseDataProvider("obfuscateCredentialsUseCases") public void verify_obfuscateCredentials(String originalUrl, String expectedUrl) { assertThat(obfuscateCredentials(originalUrl, HttpUrl.parse(originalUrl))) .isEqualTo(obfuscateCredentials(originalUrl)) .isEqualTo(expectedUrl); }
private static void writeResponse(Request request, Response response, List<WebhookDto> webhookDtos, Map<String, WebhookDeliveryLiteDto> lastDeliveries) { ListResponse.Builder responseBuilder = ListResponse.newBuilder(); webhookDtos .forEach(webhook -> { ListResponseElement.Builder responseElementBuilder = responseBuilder.addWebhooksBuilder(); responseElementBuilder .setKey(webhook.getUuid()) .setName(webhook.getName()) .setUrl(obfuscateCredentials(webhook.getUrl())); addLastDelivery(responseElementBuilder, webhook, lastDeliveries); }); writeProtobuf(responseBuilder.build(), request, response); }
@Override public WebhookDelivery call(Webhook webhook, WebhookPayload payload) { WebhookDelivery.Builder builder = new WebhookDelivery.Builder(); long startedAt = system.now(); builder .setAt(startedAt) .setPayload(payload) .setWebhook(webhook); try { HttpUrl url = HttpUrl.parse(webhook.getUrl()); if (url == null) { throw new IllegalArgumentException("Webhook URL is not valid: " + webhook.getUrl()); } builder.setEffectiveUrl(HttpUrlHelper.obfuscateCredentials(webhook.getUrl(), url)); Request request = buildHttpRequest(url, payload); try (Response response = execute(request)) { builder.setHttpStatus(response.code()); } } catch (Exception e) { builder.setError(e); } return builder .setDurationInMs((int) (system.now() - startedAt)) .build(); }