/** * For all sensitive arguments (e.g. key names containing words like password, secret, * key, token) replace the value with '*****' string */ public List<String> sanitizeArguments(List<String> arguments) { if (!CollectionUtils.isEmpty(arguments)) { final List<String> sanitizedArguments = new ArrayList<>(arguments.size()); for (String argument : arguments) { sanitizedArguments.add(this.sanitize(argument)); } return sanitizedArguments; } return arguments; }
private Map<String, Object> getAudited(TaskDefinition taskDefinition, Map<String, String> taskDeploymentProperties, List<String> commandLineArgs) { final Map<String, Object> auditedData = new HashMap<>(3); auditedData.put(TASK_DEFINITION_DSL_TEXT, this.argumentSanitizer.sanitizeTaskDsl(taskDefinition)); auditedData.put(TASK_DEPLOYMENT_PROPERTIES, this.argumentSanitizer.sanitizeProperties(taskDeploymentProperties)); auditedData.put(COMMAND_LINE_ARGS, this.argumentSanitizer.sanitizeArguments(commandLineArgs)); return auditedData; }
public Map<String, Object> convertStreamDefinitionToAuditData( StreamDefinition streamDefinition, Map<String, String> deploymentProperties) { final Map<String, Object> auditedData = new HashMap<>(2); auditedData.put(STREAM_DEFINITION_DSL_TEXT, this.argumentSanitizer.sanitizeStream(streamDefinition)); auditedData.put(DEPLOYMENT_PROPERTIES, this.argumentSanitizer.sanitizeProperties(deploymentProperties)); return auditedData; }
public Map<String, Object> convertScheduleRequestToAuditData(ScheduleRequest scheduleRequest) { Assert.notNull(scheduleRequest, "scheduleRequest must not be null"); Assert.hasText(scheduleRequest.getScheduleName(), "The scheduleName of the scheduleRequest must not be null or empty"); Assert.notNull(scheduleRequest.getDefinition(), "The task definition of the scheduleRequest must not be null"); final Map<String, Object> auditedData = new HashMap<>(3); auditedData.put(TASK_DEFINITION_NAME, scheduleRequest.getDefinition().getName()); if (scheduleRequest.getDefinition().getProperties() != null) { auditedData.put(TASK_DEFINITION_PROPERTIES, argumentSanitizer.sanitizeProperties(scheduleRequest.getDefinition().getProperties())); } if (scheduleRequest.getDeploymentProperties() != null) { auditedData.put(DEPLOYMENT_PROPERTIES, argumentSanitizer.sanitizeProperties(scheduleRequest.getDeploymentProperties())); } if (scheduleRequest.getCommandlineArguments() != null) { auditedData.put(COMMANDLINE_ARGUMENTS, argumentSanitizer.sanitizeArguments(scheduleRequest.getCommandlineArguments())); } return auditedData; } }
public Map<String, String> sanitizeProperties(Map<String, String> properties) { return this.argumentSanitizer.sanitizeProperties(properties); }
@Override public StreamDefinitionResource instantiateResource(StreamDefinition stream) { final StreamDefinitionResource resource = new StreamDefinitionResource(stream.getName(), new ArgumentSanitizer().sanitizeStream(stream)); DeploymentState deploymentState = streamDeploymentStates.get(stream); if (deploymentState != null) { final DeploymentStateResource deploymentStateResource = ControllerUtils .mapState(deploymentState); resource.setStatus(deploymentStateResource.getKey()); resource.setStatusDescription(deploymentStateResource.getDescription()); } return resource; }
modelBuilder.addRow().addValue(updatedKey).addValue(new ArgumentSanitizer().sanitize(key, String.valueOf(jobParameterEntry.getValue())));
public String convertStreamDefinitionToAuditData(StreamDefinition streamDefinition) { return this.argumentSanitizer.sanitizeStream(streamDefinition); }
@Override public void deleteTaskDefinition(String name) { TaskDefinition taskDefinition = this.taskDefinitionRepository.findById(name) .orElseThrow(() -> new NoSuchTaskDefinitionException(name)); deleteTaskDefinition(taskDefinition); auditRecordService.populateAndSaveAuditRecord( AuditOperationType.TASK, AuditActionType.DELETE, taskDefinition.getTaskName(), this.argumentSanitizer.sanitizeTaskDsl(taskDefinition)); }
this.jobParameters =converter.getProperties(jobExecution.getJobParameters()); this.jobParametersString = fromJobParameters( this.argumentSanitizer.sanitizeJobParameters(jobExecution.getJobParameters())); this.defined = taskJobExecution.isTaskDefined(); JobInstance jobInstance = jobExecution.getJobInstance();
public ArgumentSanitizer() { this.keysToSanitize = new Pattern[KEYS_TO_SANITIZE.length]; for (int i = 0; i < keysToSanitize.length; i++) { this.keysToSanitize[i] = getPattern(KEYS_TO_SANITIZE[i]); } }
private Pattern getPattern(String value) { if (isRegex(value)) { return Pattern.compile(value, Pattern.CASE_INSENSITIVE); } return Pattern.compile(".*" + value + "$", Pattern.CASE_INSENSITIVE); }
public Map<String, Object> convertScheduleRequestToAuditData(ScheduleRequest scheduleRequest) { Assert.notNull(scheduleRequest, "scheduleRequest must not be null"); Assert.hasText(scheduleRequest.getScheduleName(), "The scheduleName of the scheduleRequest must not be null or empty"); Assert.notNull(scheduleRequest.getDefinition(), "The task definition of the scheduleRequest must not be null"); final Map<String, Object> auditedData = new HashMap<>(3); auditedData.put(TASK_DEFINITION_NAME, scheduleRequest.getDefinition().getName()); if (scheduleRequest.getDefinition().getProperties() != null) { auditedData.put(TASK_DEFINITION_PROPERTIES, argumentSanitizer.sanitizeProperties(scheduleRequest.getDefinition().getProperties())); } if (scheduleRequest.getDeploymentProperties() != null) { auditedData.put(DEPLOYMENT_PROPERTIES, argumentSanitizer.sanitizeProperties(scheduleRequest.getDeploymentProperties())); } if (scheduleRequest.getCommandlineArguments() != null) { auditedData.put(COMMANDLINE_ARGUMENTS, argumentSanitizer.sanitizeArguments(scheduleRequest.getCommandlineArguments())); } return auditedData; } }
public Map<String, String> sanitizeProperties(Map<String, String> properties) { return this.argumentSanitizer.sanitizeProperties(properties); }
@Override public StreamDeploymentResource instantiateResource(StreamDeployment streamDeployment) { String deploymentProperties = ""; if (StringUtils.hasText(streamDeployment.getDeploymentProperties()) && canDisplayDeploymentProperties()) { deploymentProperties = streamDeployment.getDeploymentProperties(); } return new StreamDeploymentResource(streamDeployment.getStreamName(), new ArgumentSanitizer().sanitizeStream( new StreamDefinition(streamDeployment.getStreamName(), this.dslText)), deploymentProperties, this.status); }
public String convertStreamDefinitionToAuditData(StreamDefinition streamDefinition) { return this.argumentSanitizer.sanitizeStream(streamDefinition); }
@Override public void deleteAll() { Iterable<TaskDefinition> allTaskDefinition = this.taskDefinitionRepository.findAll(); for (TaskDefinition taskDefinition : allTaskDefinition) { deleteTaskDefinition(taskDefinition); auditRecordService.populateAndSaveAuditRecord( AuditOperationType.TASK, AuditActionType.DELETE, taskDefinition.getTaskName(), this.argumentSanitizer.sanitizeTaskDsl(taskDefinition)); } }
this.jobParameters =converter.getProperties(jobExecution.getJobParameters()); this.jobParametersString = fromJobParameters( this.argumentSanitizer.sanitizeJobParameters(jobExecution.getJobParameters())); this.defined = taskJobExecution.isTaskDefined(); JobInstance jobInstance = jobExecution.getJobInstance();
public Map<String, Object> convertStreamDefinitionToAuditData( StreamDefinition streamDefinition, Map<String, String> deploymentProperties) { final Map<String, Object> auditedData = new HashMap<>(2); auditedData.put(STREAM_DEFINITION_DSL_TEXT, this.argumentSanitizer.sanitizeStream(streamDefinition)); auditedData.put(DEPLOYMENT_PROPERTIES, this.argumentSanitizer.sanitizeProperties(deploymentProperties)); return auditedData; }
/** * Replaces a potential secure value with "******". * * @param argument the argument to cleanse. * @return the argument with a potentially sanitized value */ public String sanitize(String argument) { int indexOfFirstEqual = argument.indexOf("="); if (indexOfFirstEqual == -1) { return argument; } String key = argument.substring(0, indexOfFirstEqual); String value = argument.substring(indexOfFirstEqual + 1); value = sanitize(key, value); return String.format("%s=%s", key, value); }