Allow special characters in the url

Author: Yavor16

multiapps-controller-api/src/main/java/org/cloudfoundry/multiapps/controller/api/model/FileUrl.java

@@ -3,6 +3,7 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import org.cloudfoundry.multiapps.common.Nullable;
 import org.immutables.value.Value;
 
 @Value.Immutable
@@ -14,5 +15,9 @@ public interface FileUrl {
     @JsonProperty("file_url")
     String getFileUrl();
 
+    @Nullable
+    @Value.Parameter
+    @JsonProperty("credentials")
+    UserCredentials getUserCredentials();
     //this could potentially contain a TLS certificate as well, if the remote endpoint is a custom registry/repository
 }

multiapps-controller-api/src/main/java/org/cloudfoundry/multiapps/controller/api/model/UserCredentials.java

@@ -0,0 +1,25 @@
+package org.cloudfoundry.multiapps.controller.api.model;
+
+import org.cloudfoundry.multiapps.common.Nullable;
+import org.immutables.value.Value;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+
+@Value.Immutable
+@JsonSerialize(as = ImmutableUserCredentials.class)
+@JsonDeserialize(as = ImmutableUserCredentials.class)
+public interface UserCredentials {
+
+    @Nullable
+    @Value.Parameter
+    @JsonProperty("username")
+    String getUsername();
+
+    @Nullable
+    @Value.Parameter
+    @JsonProperty("password")
+    String getPassword();
+    //this could potentially contain a TLS certificate as well, if the remote endpoint is a custom registry/repository
+}

multiapps-controller-web/src/main/java/org/cloudfoundry/multiapps/controller/web/api/impl/FilesApiServiceImpl.java

@@ -24,9 +24,6 @@
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.stream.Collectors;
 
-import jakarta.inject.Inject;
-import jakarta.inject.Named;
-
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.io.input.ProxyInputStream;
 import org.cloudfoundry.multiapps.common.SLException;
@@ -36,6 +33,7 @@
 import org.cloudfoundry.multiapps.controller.api.model.FileUrl;
 import org.cloudfoundry.multiapps.controller.api.model.ImmutableAsyncUploadResult;
 import org.cloudfoundry.multiapps.controller.api.model.ImmutableFileMetadata;
+import org.cloudfoundry.multiapps.controller.api.model.UserCredentials;
 import org.cloudfoundry.multiapps.controller.client.util.CheckedSupplier;
 import org.cloudfoundry.multiapps.controller.client.util.ResilientOperationExecutor;
 import org.cloudfoundry.multiapps.controller.core.auditlogging.FilesApiServiceAuditLog;
@@ -69,6 +67,9 @@
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.multipart.MultipartHttpServletRequest;
 
+import jakarta.inject.Inject;
+import jakarta.inject.Named;
+
 @Named
 public class FilesApiServiceImpl implements FilesApiService {
 
@@ -77,6 +78,11 @@ public class FilesApiServiceImpl implements FilesApiService {
     private static final int INPUT_STREAM_BUFFER_SIZE = 16 * 1024;
     private static final Duration HTTP_CONNECT_TIMEOUT = Duration.ofMinutes(10);
     private static final String RETRY_AFTER_SECONDS = "30";
+    private static final String USERNAME_PASSWORD_URL_FORAMT = "{0}:{1}";
+    static {
+        System.setProperty(Constants.RETRY_LIMIT_PROPERTY, "0");
+    }
+
     private final CachedMap<String, AtomicLong> jobCounters = new CachedMap<>(Duration.ofHours(1));
     private final CachedMap<String, Future<?>> runningTasks = new CachedMap<>(Duration.ofHours(1));
     private final ResilientOperationExecutor resilientOperationExecutor = getResilientOperationExecutor();
@@ -97,10 +103,6 @@ public class FilesApiServiceImpl implements FilesApiService {
     @Inject
     private ExecutorService fileStorageThreadPool;
 
-    static {
-        System.setProperty(Constants.RETRY_LIMIT_PROPERTY, "0");
-    }
-
     @Override
     public ResponseEntity<List<FileMetadata>> getFiles(String spaceGuid, String namespace) {
         try {
@@ -156,7 +158,7 @@ public ResponseEntity<Void> startUploadFromUrl(String spaceGuid, String namespac
                 deleteAsyncJobEntry(existingJob);
             }
         }
-        return triggerUploadFromUrl(spaceGuid, namespace, urlWithoutUserInfo, decodedUrl);
+        return triggerUploadFromUrl(spaceGuid, namespace, urlWithoutUserInfo, decodedUrl, fileUrl.getUserCredentials());
     }
 
     private String getLocationHeader(String spaceGuid, String jobId) {
@@ -289,12 +291,14 @@ private void deleteAsyncJobEntry(AsyncUploadJobEntry entry) {
         }
     }
 
-    private ResponseEntity<Void> triggerUploadFromUrl(String spaceGuid, String namespace, String urlWithoutUserInfo, String decodedUrl) {
+    private ResponseEntity<Void> triggerUploadFromUrl(String spaceGuid, String namespace, String urlWithoutUserInfo, String decodedUrl,
+                                                      UserCredentials userCredentials) {
         var entry = createJobEntry(spaceGuid, namespace, urlWithoutUserInfo);
         LOGGER.debug(Messages.CREATING_ASYNC_UPLOAD_JOB, urlWithoutUserInfo, entry.getId());
         uploadJobService.add(entry);
         try {
-            Future<?> runningTask = deployFromUrlExecutor.submit(() -> uploadFileFromUrl(entry, spaceGuid, namespace, decodedUrl));
+            Future<?> runningTask = deployFromUrlExecutor.submit(() -> uploadFileFromUrl(entry, spaceGuid, namespace, decodedUrl,
+                                                                                         userCredentials));
             runningTasks.put(entry.getId(), runningTask);
         } catch (RejectedExecutionException ignored) {
             LOGGER.debug(Messages.ASYNC_UPLOAD_JOB_REJECTED, entry.getId());
@@ -345,7 +349,8 @@ private AsyncUploadResult createErrorResult(String error, AsyncUploadResult.Clie
                                          .build();
     }
 
-    private void uploadFileFromUrl(AsyncUploadJobEntry jobEntry, String spaceGuid, String namespace, String fileUrl) {
+    private void uploadFileFromUrl(AsyncUploadJobEntry jobEntry, String spaceGuid, String namespace, String fileUrl,
+                                   UserCredentials userCredentials) {
         var counter = new AtomicLong(0);
         jobCounters.put(jobEntry.getId(), counter);
         LOGGER.info(Messages.STARTING_DOWNLOAD_OF_MTAR, jobEntry.getUrl());
@@ -358,7 +363,8 @@ private void uploadFileFromUrl(AsyncUploadJobEntry jobEntry, String spaceGuid, S
             FileEntry fileEntry = resilientOperationExecutor.execute((CheckedSupplier<FileEntry>) () -> doUploadFileFromUrl(spaceGuid,
                                                                                                                             namespace,
                                                                                                                             fileUrl,
-                                                                                                                            counter));
+                                                                                                                            counter,
+                                                                                                                            userCredentials));
             LOGGER.trace(Messages.UPLOADED_MTAR_FROM_REMOTE_ENDPOINT_AND_JOB_ID, jobEntry.getUrl(), jobEntry.getId(),
                          ChronoUnit.MILLIS.between(startTime, LocalDateTime.now()));
             var descriptor = fileService.processFileContent(spaceGuid, fileEntry.getId(), this::extractDeploymentDescriptor);
@@ -376,14 +382,16 @@ private void uploadFileFromUrl(AsyncUploadJobEntry jobEntry, String spaceGuid, S
         }
     }
 
-    private FileEntry doUploadFileFromUrl(String spaceGuid, String namespace, String fileUrl, AtomicLong counter) throws Exception {
+    private FileEntry doUploadFileFromUrl(String spaceGuid, String namespace, String fileUrl, AtomicLong counter,
+                                          UserCredentials userCredentials)
+        throws Exception {
         if (!UriUtil.isUrlSecure(fileUrl)) {
             throw new SLException(Messages.MTAR_ENDPOINT_NOT_SECURE);
         }
         UriUtil.validateUrl(fileUrl);
         HttpClient client = buildHttpClient(fileUrl);
 
-        HttpResponse<InputStream> response = callRemoteEndpointWithRetry(client, fileUrl);
+        HttpResponse<InputStream> response = callRemoteEndpointWithRetry(client, fileUrl, userCredentials);
         long fileSize = response.headers()
                                 .firstValueAsLong(Constants.CONTENT_LENGTH)
                                 .orElseThrow(() -> new SLException(Messages.FILE_URL_RESPONSE_DID_NOT_RETURN_CONTENT_LENGTH));
@@ -411,10 +419,11 @@ private FileEntry doUploadFileFromUrl(String spaceGuid, String namespace, String
         }
     }
 
-    private HttpResponse<InputStream> callRemoteEndpointWithRetry(HttpClient client, String decodedUrl) throws Exception {
+    private HttpResponse<InputStream> callRemoteEndpointWithRetry(HttpClient client, String decodedUrl, UserCredentials userCredentials)
+        throws Exception {
         return resilientOperationExecutor.execute((CheckedSupplier<HttpResponse<InputStream>>) () -> {
-            var request = buildFetchFileRequest(decodedUrl);
-            LOGGER.debug(Messages.CALLING_REMOTE_MTAR_ENDPOINT, request.uri());
+            var request = buildFetchFileRequest(decodedUrl, userCredentials);
+            LOGGER.debug(Messages.CALLING_REMOTE_MTAR_ENDPOINT, getUriFromAtSign(request.uri()));
             var response = client.send(request, BodyHandlers.ofInputStream());
             if (response.statusCode() / 100 != 2) {
                 String error = readErrorBodyFromResponse(response);
@@ -424,13 +433,22 @@ private HttpResponse<InputStream> callRemoteEndpointWithRetry(HttpClient client,
                                                                UriUtil.stripUserInfo(decodedUrl));
                     throw new SLException(errorMessage);
                 }
-                throw new SLException(MessageFormat.format(Messages.ERROR_FROM_REMOTE_MTAR_ENDPOINT, request.uri(), response.statusCode(),
-                                                           error));
+                throw new SLException(MessageFormat.format(Messages.ERROR_FROM_REMOTE_MTAR_ENDPOINT, getUriFromAtSign(request.uri()),
+                                                           response.statusCode(), error));
             }
             return response;
         });
     }
 
+    private String getUriFromAtSign(URI uri) {
+        String uriString = uri.toString();
+        if (uriString.contains("@")) {
+            return uriString.substring(uriString.lastIndexOf("@"));
+        } else {
+            return uriString;
+        }
+    }
+
     private void resetCounterOnRetry(AtomicLong counter) {
         counter.set(0);
     }
@@ -443,14 +461,21 @@ protected HttpClient buildHttpClient(String decodedUrl) {
                          .build();
     }
 
-    private HttpRequest buildFetchFileRequest(String decodedUrl) {
+    private HttpRequest buildFetchFileRequest(String decodedUrl, UserCredentials userCredentials) {
         var builder = HttpRequest.newBuilder()
                                  .GET()
                                  .timeout(Duration.ofMinutes(15));
         var uri = URI.create(decodedUrl);
         var userInfo = uri.getUserInfo();
-        if (userInfo != null) {
-            builder.uri(URI.create(decodedUrl.replace(userInfo + "@", "")));
+        if (userCredentials != null) {
+            builder.uri(uri);
+            String userCredentialsUrlFormat = MessageFormat.format(USERNAME_PASSWORD_URL_FORAMT, userCredentials.getUsername(),
+                                                                   userCredentials.getPassword());
+            String encodedAuth = Base64.getEncoder()
+                                       .encodeToString(userCredentialsUrlFormat.getBytes());
+            builder.header(HttpHeaders.AUTHORIZATION, "Basic " + encodedAuth);
+        } else if (userInfo != null) {
+            builder.uri(URI.create(decodedUrl.replace(uri.getRawUserInfo() + "@", "")));
             String encodedAuth = Base64.getEncoder()
                                        .encodeToString(userInfo.getBytes());
             builder.header(HttpHeaders.AUTHORIZATION, "Basic " + encodedAuth);

multiapps-controller-web/src/test/java/org/cloudfoundry/multiapps/controller/web/api/impl/FilesApiServiceImplTest.java

@@ -231,7 +231,7 @@ void testUploadFileFromUrl() throws Exception {
         when(future.isDone()).thenReturn(true);
         prepareAsyncExecutor(future);
 
-        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL));
+        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL, null));
 
         assertEquals(startUploadResponse.getStatusCode(), HttpStatus.ACCEPTED);
 
@@ -322,7 +322,7 @@ void testFileUrlDoesntReturnContentLength() throws Exception {
         when(future.isDone()).thenReturn(true);
         prepareAsyncExecutor(future);
 
-        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL));
+        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL, null));
 
         assertEquals(startUploadResponse.getStatusCode(), HttpStatus.ACCEPTED);
 
@@ -348,12 +348,12 @@ void testUploadFromUrlWhenThereIsValidExistingJob() {
         Future<?> runningTask = mock(Future.class);
         prepareAsyncExecutor(runningTask);
         when(uploadJobService.update(any(), any())).thenReturn(jobEntry);
-        ResponseEntity<Void> firstUpload = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL));
+        ResponseEntity<Void> firstUpload = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL, null));
         String locationHeader = firstUpload.getHeaders()
                                            .getFirst(org.springframework.http.HttpHeaders.LOCATION);
         String createdJobId = locationHeader.substring(locationHeader.lastIndexOf("/") + 1);
         when(jobEntry.getId()).thenReturn(createdJobId);
-        ResponseEntity<Void> secondUpload = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL));
+        ResponseEntity<Void> secondUpload = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL, null));
         assertEquals(HttpStatus.SEE_OTHER, secondUpload.getStatusCode());
     }
 
@@ -385,7 +385,7 @@ void testFileUrlReturnsContentLengthAboveMaxUploadSize() throws Exception {
         when(future.isDone()).thenReturn(true);
         prepareAsyncExecutor(future);
 
-        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL));
+        ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE, ImmutableFileUrl.of(FILE_URL, null));
 
         assertEquals(startUploadResponse.getStatusCode(), HttpStatus.ACCEPTED);
 
@@ -432,7 +432,7 @@ void testUploadFileWithInvalidUrl(String url) throws Exception {
                                       .encodeToString(url.getBytes(StandardCharsets.UTF_8));
 
         ResponseEntity<Void> startUploadResponse = testedClass.startUploadFromUrl(SPACE_GUID, NAMESPACE,
-                                                                                  ImmutableFileUrl.of(invalidFileUrl));
+                                                                                  ImmutableFileUrl.of(invalidFileUrl, null));
 
         assertEquals(startUploadResponse.getStatusCode(), HttpStatus.ACCEPTED);