mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36371 Commits
59 Branches
Tree: ce849ff5f2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ce849ff5f2'
${ noResults }
sonarqube/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/DefaultScannerWsClient.java

DefaultScannerWsClient.java 8.8KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.scanner.http;

  21. 

  22. import com.google.gson.JsonArray;

  23. import com.google.gson.JsonElement;

  24. import com.google.gson.JsonObject;

  25. import com.google.gson.JsonParser;

  26. import java.time.ZoneOffset;

  27. import java.time.ZonedDateTime;

  28. import java.time.format.DateTimeFormatter;

  29. import java.util.ArrayList;

  30. import java.util.HashSet;

  31. import java.util.List;

  32. import java.util.Map;

  33. import java.util.Set;

  34. import javax.annotation.CheckForNull;

  35. import org.apache.commons.lang3.StringUtils;

  36. import org.sonar.api.CoreProperties;

  37. import org.sonar.api.notifications.AnalysisWarnings;

  38. import org.sonar.api.utils.MessageException;

  39. import org.sonar.api.utils.log.Logger;

  40. import org.sonar.api.utils.log.Loggers;

  41. import org.sonar.api.utils.log.Profiler;

  42. import org.sonar.scanner.bootstrap.GlobalAnalysisMode;

  43. import org.sonarqube.ws.client.HttpException;

  44. import org.sonarqube.ws.client.WsClient;

  45. import org.sonarqube.ws.client.WsConnector;

  46. import org.sonarqube.ws.client.WsRequest;

  47. import org.sonarqube.ws.client.WsResponse;

  48. 

  49. import static java.lang.String.format;

  50. import static java.net.HttpURLConnection.HTTP_BAD_REQUEST;

  51. import static java.net.HttpURLConnection.HTTP_FORBIDDEN;

  52. import static java.net.HttpURLConnection.HTTP_OK;

  53. import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;

  54. import static org.sonar.api.utils.DateUtils.DATETIME_FORMAT;

  55. import static org.sonar.api.utils.Preconditions.checkState;

  56. 

  57. public class DefaultScannerWsClient implements ScannerWsClient {

  58.   private static final int MAX_ERROR_MSG_LEN = 128;

  59.   private static final String SQ_TOKEN_EXPIRATION_HEADER = "SonarQube-Authentication-Token-Expiration";

  60.   private static final DateTimeFormatter USER_FRIENDLY_DATETIME_FORMAT = DateTimeFormatter.ofPattern("MMMM dd, yyyy");

  61.   private static final Logger LOG = Loggers.get(DefaultScannerWsClient.class);

  62. 

  63.   private final Set<String> warningMessages = new HashSet<>();

  64. 

  65.   private final WsClient target;

  66.   private final boolean hasCredentials;

  67.   private final GlobalAnalysisMode globalMode;

  68.   private final AnalysisWarnings analysisWarnings;

  69. 

  70.   public DefaultScannerWsClient(WsClient target, boolean hasCredentials, GlobalAnalysisMode globalMode, AnalysisWarnings analysisWarnings) {

  71.     this.target = target;

  72.     this.hasCredentials = hasCredentials;

  73.     this.globalMode = globalMode;

  74.     this.analysisWarnings = analysisWarnings;

  75.   }

  76. 

  77.   /**

  78.    * If an exception is not thrown, the response needs to be closed by either calling close() directly, or closing the

  79.    * body content's stream/reader.

  80.    *

  81.    * @throws IllegalStateException if the request could not be executed due to a connectivity problem or timeout. Because networks can

  82.    *                               fail during an exchange, it is possible that the remote server accepted the request before the failure

  83.    * @throws MessageException      if there was a problem with authentication or if a error message was parsed from the response.

  84.    * @throws HttpException         if the response code is not in range [200..300). Consider using {@link #createErrorMessage(HttpException)} to create more relevant messages for the users.

  85.    */

  86.   public WsResponse call(WsRequest request) {

  87.     checkState(!globalMode.isMediumTest(), "No WS call should be made in medium test mode");

  88.     Profiler profiler = Profiler.createIfDebug(LOG).start();

  89.     WsResponse response = target.wsConnector().call(request);

  90.     profiler.stopDebug(format("%s %d %s", request.getMethod(), response.code(), response.requestUrl()));

  91.     failIfUnauthorized(response);

  92.     checkAuthenticationWarnings(response);

  93.     return response;

  94.   }

  95. 

  96.   public String baseUrl() {

  97.     return target.wsConnector().baseUrl();

  98.   }

  99. 

  100.   WsConnector wsConnector() {

  101.     return target.wsConnector();

  102.   }

  103. 

  104.   private void failIfUnauthorized(WsResponse response) {

  105.     int code = response.code();

  106. 

  107.     if (code == HTTP_UNAUTHORIZED) {

  108.       logResponseDetailsIfDebug(response);

  109.       response.close();

  110.       if (hasCredentials) {

  111.         // credentials are not valid

  112.         throw MessageException.of(format("Not authorized. Please check the user token in the property '%s' or the credentials in the properties '%s' and '%s'.",

  113.           ScannerWsClientProvider.TOKEN_PROPERTY, CoreProperties.LOGIN, CoreProperties.PASSWORD));

  114.       }

  115.       // not authenticated - see https://jira.sonarsource.com/browse/SONAR-4048

  116.       throw MessageException.of(format("Not authorized. Analyzing this project requires authentication. " +

  117.         "Please check the user token in the property '%s' or the credentials in the properties '%s' and '%s'.",

  118.         ScannerWsClientProvider.TOKEN_PROPERTY, CoreProperties.LOGIN, CoreProperties.PASSWORD));

  119.     }

  120.     if (code == HTTP_FORBIDDEN) {

  121.       logResponseDetailsIfDebug(response);

  122.       throw MessageException.of("You're not authorized to analyze this project or the project doesn't exist on SonarQube" +

  123.         " and you're not authorized to create it. Please contact an administrator.");

  124.     }

  125.     if (code == HTTP_BAD_REQUEST) {

  126.       String jsonMsg = tryParseAsJsonError(response.content());

  127.       if (jsonMsg != null) {

  128.         throw MessageException.of(jsonMsg);

  129.       }

  130.     }

  131.     // if failed, throws an HttpException

  132.     response.failIfNotSuccessful();

  133.   }

  134. 

  135.   private static void logResponseDetailsIfDebug(WsResponse response) {

  136.     if (!LOG.isDebugEnabled()) {

  137.       return;

  138.     }

  139.     String content = response.hasContent() ? response.content() : "<no content>";

  140.     Map<String, List<String>> headers = response.headers();

  141.     LOG.debug("Error response content: {}, headers: {}", content, headers);

  142.   }

  143. 

  144.   private void checkAuthenticationWarnings(WsResponse response) {

  145.     if (response.code() == HTTP_OK) {

  146.       response.header(SQ_TOKEN_EXPIRATION_HEADER).ifPresent(expirationDate -> {

  147.         var datetimeInUTC = ZonedDateTime.from(DateTimeFormatter.ofPattern(DATETIME_FORMAT)

  148.           .parse(expirationDate)).withZoneSameInstant(ZoneOffset.UTC);

  149.         if (isTokenExpiringInOneWeek(datetimeInUTC)) {

  150.           addAnalysisWarning(datetimeInUTC);

  151.         }

  152.       });

  153.     }

  154.   }

  155. 

  156.   private static boolean isTokenExpiringInOneWeek(ZonedDateTime expirationDate) {

  157.     ZonedDateTime localDateTime = ZonedDateTime.now(ZoneOffset.UTC);

  158.     ZonedDateTime headerDateTime = expirationDate.minusDays(7);

  159.     return localDateTime.isAfter(headerDateTime);

  160.   }

  161. 

  162.   private void addAnalysisWarning(ZonedDateTime tokenExpirationDate) {

  163.     String warningMessage = "The token used for this analysis will expire on: " + tokenExpirationDate.format(USER_FRIENDLY_DATETIME_FORMAT);

  164.     if (!warningMessages.contains(warningMessage)) {

  165.       warningMessages.add(warningMessage);

  166.       LOG.warn(warningMessage);

  167.       LOG.warn("Analysis executed with this token will fail after the expiration date.");

  168.     }

  169.     analysisWarnings.addUnique(warningMessage + "\nAfter this date, the token can no longer be used to execute the analysis. "

  170.       + "Please consider generating a new token and updating it in the locations where it is in use.");

  171.   }

  172. 

  173.   /**

  174.    * Tries to form a short and relevant error message from the exception, to be displayed in the console.

  175.    */

  176.   public static String createErrorMessage(HttpException exception) {

  177.     String json = tryParseAsJsonError(exception.content());

  178.     if (json != null) {

  179.       return json;

  180.     }

  181. 

  182.     String msg = "HTTP code " + exception.code();

  183.     if (isHtml(exception.content())) {

  184.       return msg;

  185.     }

  186. 

  187.     return msg + ": " + StringUtils.left(exception.content(), MAX_ERROR_MSG_LEN);

  188.   }

  189. 

  190.   @CheckForNull

  191.   private static String tryParseAsJsonError(String responseContent) {

  192.     try {

  193.       JsonObject obj = JsonParser.parseString(responseContent).getAsJsonObject();

  194.       JsonArray errors = obj.getAsJsonArray("errors");

  195.       List<String> errorMessages = new ArrayList<>();

  196.       for (JsonElement e : errors) {

  197.         errorMessages.add(e.getAsJsonObject().get("msg").getAsString());

  198.       }

  199.       return String.join(", ", errorMessages);

  200.     } catch (Exception e) {

  201.       return null;

  202.     }

  203.   }

  204. 

  205.   private static boolean isHtml(String responseContent) {

  206.     return StringUtils.stripToEmpty(responseContent).startsWith("<!DOCTYPE html>");

  207.   }

  208. }