This is an automated email from the ASF dual-hosted git repository. mpapirkovskyy pushed a commit to branch branch-2.7 in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push: new 116fa4c AMBARI-25409. Support basic auth for repositories. (#3118) 116fa4c is described below commit 116fa4c8653be425a10fa7c31d217577fed7055a Author: Myroslav Papirkovskyi <mpapirkovs...@apache.org> AuthorDate: Tue Nov 5 18:18:42 2019 +0200 AMBARI-25409. Support basic auth for repositories. (#3118) * AMBARI-25409. Support basic auth for repositories. (mpapirkovskyy) * AMBARI-25409. Support basic auth for repositories. (mpapirkovskyy) --- .../ambari/server/agent/CommandRepository.java | 3 +- .../controller/AmbariManagementControllerImpl.java | 4 +- .../server/controller/RepositoryRequest.java | 4 +- .../internal/RepositoryResourceProvider.java | 5 +- .../RepositoryVersionResourceProvider.java | 4 +- .../controller/internal/URLStreamProvider.java | 34 +++++++++---- .../apache/ambari/server/state/RepositoryInfo.java | 3 +- .../stack/upgrade/RepositoryVersionHelper.java | 51 -------------------- .../ambari/server/utils/URLCredentialsHider.java | 55 ++++++++++++++++++++++ .../controller/internal/URLStreamProviderTest.java | 13 +++-- .../server/utils/URLCredentialsHiderTest.java | 41 ++++++++++++++++ 11 files changed, 144 insertions(+), 73 deletions(-) diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/CommandRepository.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/CommandRepository.java index 2671241..c4b988b 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/agent/CommandRepository.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/CommandRepository.java @@ -27,6 +27,7 @@ import org.apache.ambari.annotations.ExperimentalFeature; import org.apache.ambari.server.orm.entities.RepoDefinitionEntity; import org.apache.ambari.server.state.RepositoryInfo; import org.apache.ambari.server.state.stack.RepoTag; +import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.builder.ToStringBuilder; @@ -349,7 +350,7 @@ public class CommandRepository { .append("distribution", m_distribution) .append("components", m_components) .append("id", m_repoId) - .append("baseUrl", m_baseUrl) + .append("baseUrl", URLCredentialsHider.hideCredentials(m_baseUrl)) .append("applicableServices", (m_applicableServices != null? StringUtils.join(m_applicableServices, ",") : "")) .toString(); } diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java index bdfdac5..504a642 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java @@ -238,6 +238,7 @@ import org.apache.ambari.server.topology.STOMPComponentsDeleteHandler; import org.apache.ambari.server.topology.Setting; import org.apache.ambari.server.utils.SecretReference; import org.apache.ambari.server.utils.StageUtils; +import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.MapUtils; import org.apache.commons.io.IOUtils; @@ -4506,7 +4507,8 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle IOUtils.readLines(usp.readFrom(spec)); } catch (IOException ioe) { e = ioe; - errorMessage = "Could not access base url . " + request.getBaseUrl() + " . "; + errorMessage = String.format("Could not access base url '%s'", + URLCredentialsHider.hideCredentials(request.getBaseUrl())); if (LOG.isDebugEnabled()) { errorMessage += ioe; } else { diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/RepositoryRequest.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/RepositoryRequest.java index 1f6ab5b..5aed41e 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/RepositoryRequest.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/RepositoryRequest.java @@ -18,6 +18,8 @@ package org.apache.ambari.server.controller; +import org.apache.ambari.server.utils.URLCredentialsHider; + public class RepositoryRequest extends OperatingSystemRequest { private String repoId; @@ -103,7 +105,7 @@ public class RepositoryRequest extends OperatingSystemRequest { @Override public String toString() { - return "RepositoryRequest [repoId=" + repoId + ", baseUrl=" + baseUrl + return "RepositoryRequest [repoId=" + repoId + ", baseUrl=" + URLCredentialsHider.hideCredentials(baseUrl) + ", verify=" + verify + ", getOsType()=" + getOsType() + ", getRepositoryVersionId()=" + getRepositoryVersionId() + ", getStackVersion()=" + getStackVersion() + ", getStackName()=" diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java index 82f7903..b844495 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java @@ -44,6 +44,7 @@ import org.apache.ambari.server.controller.spi.ResourceAlreadyExistsException; import org.apache.ambari.server.controller.spi.SystemException; import org.apache.ambari.server.controller.spi.UnsupportedPropertyException; import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.lang.BooleanUtils; public class RepositoryResourceProvider extends AbstractControllerResourceProvider { @@ -178,11 +179,11 @@ public class RepositoryResourceProvider extends AbstractControllerResourceProvid setResourceProperty(resource, REPOSITORY_REPO_NAME_PROPERTY_ID, response.getRepoName(), requestedIds); setResourceProperty(resource, REPOSITORY_DISTRIBUTION_PROPERTY_ID, response.getDistribution(), requestedIds); setResourceProperty(resource, REPOSITORY_COMPONENTS_PROPERTY_ID, response.getComponents(), requestedIds); - setResourceProperty(resource, REPOSITORY_BASE_URL_PROPERTY_ID, response.getBaseUrl(), requestedIds); + setResourceProperty(resource, REPOSITORY_BASE_URL_PROPERTY_ID, URLCredentialsHider.hideCredentials(response.getBaseUrl()), requestedIds); setResourceProperty(resource, REPOSITORY_OS_TYPE_PROPERTY_ID, response.getOsType(), requestedIds); setResourceProperty(resource, REPOSITORY_REPO_ID_PROPERTY_ID, response.getRepoId(), requestedIds); setResourceProperty(resource, REPOSITORY_MIRRORS_LIST_PROPERTY_ID, response.getMirrorsList(), requestedIds); - setResourceProperty(resource, REPOSITORY_DEFAULT_BASE_URL_PROPERTY_ID, response.getDefaultBaseUrl(), requestedIds); + setResourceProperty(resource, REPOSITORY_DEFAULT_BASE_URL_PROPERTY_ID, URLCredentialsHider.hideCredentials(response.getDefaultBaseUrl()), requestedIds); setResourceProperty(resource, REPOSITORY_UNIQUE_PROPERTY_ID, response.isUnique(), requestedIds); setResourceProperty(resource, REPOSITORY_TAGS_PROPERTY_ID, response.getTags(), requestedIds); setResourceProperty(resource, REPOSITORY_APPLICABLE_SERVICES_PROPERTY_ID, response.getApplicableServices(), requestedIds); diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java index 8704cb7..ae0f368 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java @@ -64,6 +64,7 @@ import org.apache.ambari.server.state.StackInfo; import org.apache.ambari.server.state.repository.ManifestServiceInfo; import org.apache.ambari.server.state.repository.VersionDefinitionXml; import org.apache.ambari.server.state.stack.upgrade.RepositoryVersionHelper; +import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.ObjectUtils; import org.apache.commons.lang.StringUtils; @@ -478,7 +479,8 @@ public class RepositoryVersionResourceProvider extends AbstractAuthorizedResourc for (RepoDefinitionEntity repositoryEntity : os.getRepoDefinitionEntities()) { String baseUrl = repositoryEntity.getBaseUrl(); if (!skipUrlCheck && os.isAmbariManaged() && existingRepoUrls.contains(baseUrl)) { - throw new AmbariException("Base url " + baseUrl + " is already defined for another repository version. " + + throw new AmbariException("Base url " + URLCredentialsHider.hideCredentials(baseUrl) + + " is already defined for another repository version. " + "Setting up base urls that contain the same versions of components will cause stack upgrade to fail."); } } diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLStreamProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLStreamProvider.java index d1e9349..2e7feb0 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLStreamProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLStreamProvider.java @@ -37,6 +37,8 @@ import javax.net.ssl.TrustManagerFactory; import org.apache.ambari.server.configuration.ComponentSSLConfiguration; import org.apache.ambari.server.controller.utilities.StreamProvider; +import org.apache.ambari.server.utils.URLCredentialsHider; +import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.IOUtils; import org.apache.http.HttpStatus; import org.slf4j.Logger; @@ -50,6 +52,8 @@ public class URLStreamProvider implements StreamProvider { public static final String COOKIE = "Cookie"; private static final String WWW_AUTHENTICATE = "WWW-Authenticate"; private static final String NEGOTIATE = "Negotiate"; + private static final String AUTHORIZATION = "Authorization"; + private static final String BASIC_AUTH = "Basic %s"; private static final Logger LOG = LoggerFactory.getLogger(URLStreamProvider.class); private boolean setupTruststoreForHttps; @@ -175,17 +179,18 @@ public class URLStreamProvider implements StreamProvider { public HttpURLConnection processURL(String spec, String requestMethod, byte[] body, Map<String, List<String>> headers) throws IOException { if (LOG.isDebugEnabled()) { - LOG.debug("readFrom spec:{}", spec); + LOG.debug("readFrom spec:{}", URLCredentialsHider.hideCredentials(spec)); } + URL url = new URL(spec); HttpURLConnection connection = (spec.startsWith("https") && this.setupTruststoreForHttps) ? - getSSLConnection(spec) : getConnection(spec); + getSSLConnection(spec) : getConnection(url); AppCookieManager appCookieManager = getAppCookieManager(); String appCookie = appCookieManager.getCachedAppCookie(spec); if (appCookie != null) { - LOG.debug("Using cached app cookie for URL:{}", spec); + LOG.debug("Using cached app cookie for URL:{}", URLCredentialsHider.hideCredentials(spec)); // allow for additional passed in cookies if (headers == null || headers.isEmpty()) { @@ -215,16 +220,22 @@ public class URLStreamProvider implements StreamProvider { connection.getOutputStream().write(body); } + if (url.getUserInfo() != null) { + String basicAuth = String.format(BASIC_AUTH, new String(new Base64().encode(url.getUserInfo().getBytes()))); + connection.setRequestProperty(AUTHORIZATION, basicAuth); + } + int statusCode = connection.getResponseCode(); if (statusCode == HttpStatus.SC_UNAUTHORIZED ) { String wwwAuthHeader = connection.getHeaderField(WWW_AUTHENTICATE); if (LOG.isInfoEnabled()) { - LOG.info("Received WWW-Authentication header:" + wwwAuthHeader + ", for URL:" + spec); + LOG.info("Received WWW-Authentication header:" + wwwAuthHeader + ", for URL:" + + URLCredentialsHider.hideCredentials(spec)); } if (wwwAuthHeader != null && wwwAuthHeader.trim().startsWith(NEGOTIATE)) { connection = spec.startsWith("https") ? - getSSLConnection(spec) : getConnection(spec); + getSSLConnection(spec) : getConnection(url); appCookie = appCookieManager.getAppCookie(spec, true); connection.setRequestProperty(COOKIE, appCookie); connection.setConnectTimeout(connTimeout); @@ -235,14 +246,16 @@ public class URLStreamProvider implements StreamProvider { } else { // no supported authentication type found // we would let the original response propagate - LOG.error("Unsupported WWW-Authentication header:" + wwwAuthHeader+ ", for URL:" + spec); + LOG.error("Unsupported WWW-Authentication header:" + wwwAuthHeader+ ", for URL:" + + URLCredentialsHider.hideCredentials(spec)); return connection; } } else { // not a 401 Unauthorized status code // we would let the original response propagate if (statusCode == HttpStatus.SC_NOT_FOUND || statusCode == HttpStatus.SC_FORBIDDEN){ - LOG.error(String.format("Received HTTP %s response from URL: %s", statusCode, spec)); + LOG.error(String.format("Received HTTP %s response from URL: %s", statusCode, + URLCredentialsHider.hideCredentials(spec))); } return connection; } @@ -279,8 +292,8 @@ public class URLStreamProvider implements StreamProvider { // ----- helper methods ---------------------------------------------------- // Get a connection - protected HttpURLConnection getConnection(String spec) throws IOException { - return (HttpURLConnection) new URL(spec).openConnection(); + protected HttpURLConnection getConnection(URL url) throws IOException { + return (HttpURLConnection) url.openConnection(); } // Get an ssl connection @@ -292,7 +305,8 @@ public class URLStreamProvider implements StreamProvider { if (trustStorePath == null || trustStorePassword == null) { String msg = - String.format("Can't get secure connection to %s. Truststore path or password is not set.", spec); + String.format("Can't get secure connection to %s. Truststore path or password is not set.", + URLCredentialsHider.hideCredentials(spec)); LOG.error(msg); throw new IllegalStateException(msg); diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/RepositoryInfo.java b/ambari-server/src/main/java/org/apache/ambari/server/state/RepositoryInfo.java index ba07105..98d42ca 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/RepositoryInfo.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/RepositoryInfo.java @@ -27,6 +27,7 @@ import org.apache.ambari.annotations.Experimental; import org.apache.ambari.annotations.ExperimentalFeature; import org.apache.ambari.server.controller.RepositoryResponse; import org.apache.ambari.server.state.stack.RepoTag; +import org.apache.ambari.server.utils.URLCredentialsHider; import org.apache.commons.lang.StringUtils; import com.google.common.base.Function; @@ -196,7 +197,7 @@ public class RepositoryInfo { return "[ repoInfo: " + ", osType=" + osType + ", repoId=" + repoId - + ", baseUrl=" + baseUrl + + ", baseUrl=" + URLCredentialsHider.hideCredentials(baseUrl) + ", repoName=" + repoName + ", distribution=" + distribution + ", components=" + components diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/stack/upgrade/RepositoryVersionHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/state/stack/upgrade/RepositoryVersionHelper.java index d3f442e..24ef7ac 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/stack/upgrade/RepositoryVersionHelper.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/stack/upgrade/RepositoryVersionHelper.java @@ -467,57 +467,6 @@ public class RepositoryVersionHelper { } } - - /** - * Get repository info given a cluster and host. - * - * @param cluster the cluster - * @param host the host - * - * @return the repo info - * - * @deprecated use {@link #getCommandRepository(Cluster, ServiceComponent, Host)} instead. - * @throws SystemException if the repository information can not be obtained - */ - @Deprecated - public String getRepoInfo(Cluster cluster, ServiceComponent component, Host host) throws SystemException { - final JsonArray jsonList = getBaseUrls(cluster, component, host); - final RepositoryVersionEntity rve = getRepositoryVersionEntity(cluster, component); - - if (null == rve || null == jsonList) { - return ""; - } - - final JsonArray result = new JsonArray(); - - for (JsonElement e : jsonList) { - JsonObject obj = e.getAsJsonObject(); - - String repoId = obj.has("repoId") ? obj.get("repoId").getAsString() : null; - String repoName = obj.has("repoName") ? obj.get("repoName").getAsString() : null; - String baseUrl = obj.has("baseUrl") ? obj.get("baseUrl").getAsString() : null; - String osType = obj.has("osType") ? obj.get("osType").getAsString() : null; - - if (null == repoId || null == baseUrl || null == osType || null == repoName) { - continue; - } - - for (RepoOsEntity ose : rve.getRepoOsEntities()) { - if (ose.getFamily().equals(osType) && ose.isAmbariManaged()) { - for (RepoDefinitionEntity re : ose.getRepoDefinitionEntities()) { - if (re.getRepoName().equals(repoName) && - !re.getBaseUrl().equals(baseUrl)) { - obj.addProperty("baseUrl", re.getBaseUrl()); - } - } - result.add(e); - } - } - } - return result.toString(); - } - - /** * Executed by two different representations of repos. When we are comfortable with the new * implementation, this may be removed and called inline in {@link #getCommandRepository(Cluster, ServiceComponent, Host)} diff --git a/ambari-server/src/main/java/org/apache/ambari/server/utils/URLCredentialsHider.java b/ambari-server/src/main/java/org/apache/ambari/server/utils/URLCredentialsHider.java new file mode 100644 index 0000000..bb3a79a --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/utils/URLCredentialsHider.java @@ -0,0 +1,55 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.utils; + +import java.net.MalformedURLException; +import java.net.URL; + +import org.apache.commons.lang3.StringUtils; + +/** + * Provides functionality for hiding credentials in URLs. + */ +public class URLCredentialsHider { + public static final String INVALID_URL = "invalid_url"; + public static final String HIDDEN_USER = "****"; + public static final String HIDDEN_CREDENTIALS = HIDDEN_USER + ":" + HIDDEN_USER; + + public static String hideCredentials(String urlString) { + if (StringUtils.isEmpty(urlString)) { + return urlString; + } + URL url; + try { + url = new URL(urlString); + } catch (MalformedURLException e) { + // it is better to miss url instead of spreading it out + return INVALID_URL; + } + String userInfo = url.getUserInfo(); + if (StringUtils.isNotEmpty(userInfo)) { + if (userInfo.contains(":")) { + return urlString.replaceFirst(userInfo, HIDDEN_CREDENTIALS); + } else { + return urlString.replaceFirst(userInfo, HIDDEN_USER); + } + } + return urlString; + } +} diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/URLStreamProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/URLStreamProviderTest.java index 6013993..c3d306a 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/URLStreamProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/URLStreamProviderTest.java @@ -25,6 +25,7 @@ import static org.easymock.EasyMock.replay; import static org.easymock.EasyMock.verify; import java.net.HttpURLConnection; +import java.net.URL; import java.util.Collections; import java.util.HashMap; import java.util.List; @@ -47,17 +48,20 @@ public class URLStreamProviderTest { withConstructor(Integer.TYPE, Integer.TYPE, String.class, String.class, String.class). withArgs(1000, 1000, "path", "password", "type"). addMockedMethod("getAppCookieManager"). - addMockedMethod("getConnection", String.class). + addMockedMethod("getConnection", URL.class). createMock(); + String fakeURL = "http://fakehost"; + URL url = new URL(fakeURL); + expect(urlStreamProvider.getAppCookieManager()).andReturn(appCookieManager).anyTimes(); - expect(urlStreamProvider.getConnection("spec")).andReturn(connection); + expect(urlStreamProvider.getConnection(url)).andReturn(connection); Map<String, List<String>> headerMap = new HashMap<>(); headerMap.put("Header1", Collections.singletonList("value")); headerMap.put("Cookie", Collections.singletonList("FOO=bar")); - expect(appCookieManager.getCachedAppCookie("spec")).andReturn("APPCOOKIE=abcdef"); + expect(appCookieManager.getCachedAppCookie(fakeURL)).andReturn("APPCOOKIE=abcdef"); connection.setConnectTimeout(1000); connection.setReadTimeout(1000); @@ -68,7 +72,7 @@ public class URLStreamProviderTest { replay(urlStreamProvider, connection, appCookieManager); - Assert.assertEquals(connection, urlStreamProvider.processURL("spec", "GET", (String) null, headerMap)); + Assert.assertEquals(connection, urlStreamProvider.processURL(fakeURL, "GET", (String) null, headerMap)); verify(urlStreamProvider, connection, appCookieManager); } @@ -80,7 +84,6 @@ public class URLStreamProviderTest { withConstructor(Integer.TYPE, Integer.TYPE, String.class, String.class, String.class). withArgs(1000, 1000, null, null, null). addMockedMethod("getAppCookieManager"). - addMockedMethod("getConnection", String.class). createMock(); Map<String, List<String>> headerMap = new HashMap<>(); diff --git a/ambari-server/src/test/java/org/apache/ambari/server/utils/URLCredentialsHiderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/utils/URLCredentialsHiderTest.java new file mode 100644 index 0000000..241a437 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/utils/URLCredentialsHiderTest.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.utils; + +import org.junit.Assert; +import org.junit.Test; + +public class URLCredentialsHiderTest { + + @Test + public void testHideUserInfo() { + + String testURL1 = "http://user01:pass@host:8443/api/v1"; + Assert.assertEquals(String.format("http://%s@host:8443/api/v1", URLCredentialsHider.HIDDEN_CREDENTIALS), + URLCredentialsHider.hideCredentials(testURL1)); + + String testURL2 = "http://user01@host:8443/api/v1"; + Assert.assertEquals(String.format("http://%s@host:8443/api/v1", + URLCredentialsHider.HIDDEN_USER), + URLCredentialsHider.hideCredentials(testURL2)); + + String invalidURL = "htt://user01:pass@host:8443/api/v1"; + Assert.assertEquals(URLCredentialsHider.INVALID_URL, URLCredentialsHider.hideCredentials(invalidURL)); + } +}