diff options
| author | Antoine Vigneau <antoine.vigneau@sonarsource.com> | 2024-06-11 17:44:45 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2024-06-17 20:02:35 +0000 |
| commit | 078306d53ad53ba38d5d4b06e6e8958a0c2c6595 (patch) | |
| tree | cd0ac74f560aac0e2a3720b096239d7519f856c0 /server/sonar-alm-client | |
| parent | 0bdfddeed0bf06255f61c6b59dcfc6d132598e14 (diff) | |
| download | sonarqube-078306d53ad53ba38d5d4b06e6e8958a0c2c6595.tar.gz sonarqube-078306d53ad53ba38d5d4b06e6e8958a0c2c6595.zip | |
SONAR-22365 Fix SSF-571
Diffstat (limited to 'server/sonar-alm-client')
| -rw-r--r-- | server/sonar-alm-client/src/main/java/org/sonar/alm/client/github/GithubGlobalSettingsValidator.java | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/server/sonar-alm-client/src/main/java/org/sonar/alm/client/github/GithubGlobalSettingsValidator.java b/server/sonar-alm-client/src/main/java/org/sonar/alm/client/github/GithubGlobalSettingsValidator.java index f6758823fb9..780c184612d 100644 --- a/server/sonar-alm-client/src/main/java/org/sonar/alm/client/github/GithubGlobalSettingsValidator.java +++ b/server/sonar-alm-client/src/main/java/org/sonar/alm/client/github/GithubGlobalSettingsValidator.java @@ -20,6 +20,8 @@ package org.sonar.alm.client.github; import java.util.Optional; +import javax.annotation.Nullable; +import org.apache.commons.lang3.StringUtils; import org.sonar.api.config.internal.Encryption; import org.sonar.api.config.internal.Settings; import org.sonar.api.server.ServerSide; @@ -40,25 +42,35 @@ public class GithubGlobalSettingsValidator { this.githubApplicationClient = githubApplicationClient; } - public GithubAppConfiguration validate(AlmSettingDto settings) { + public GithubAppConfiguration validate(AlmSettingDto almSettingDto) { + return validate(almSettingDto.getAppId(), almSettingDto.getClientId(), almSettingDto.getClientSecret(), almSettingDto.getPrivateKey(), almSettingDto.getUrl()); + } + + public GithubAppConfiguration validate(@Nullable String applicationId, @Nullable String clientId, String clientSecret, String privateKey, @Nullable String url) { long appId; try { - appId = Long.parseLong(Optional.ofNullable(settings.getAppId()).orElseThrow(() -> new IllegalArgumentException("Missing appId"))); + appId = Long.parseLong(Optional.ofNullable(applicationId).orElseThrow(() -> new IllegalArgumentException("Missing appId"))); } catch (NumberFormatException e) { throw new IllegalArgumentException("Invalid appId; " + e.getMessage()); } - if (isBlank(settings.getClientId())) { + if (isBlank(clientId)) { throw new IllegalArgumentException("Missing Client Id"); } - if (isBlank(settings.getDecryptedClientSecret(encryption))) { + if (isBlank(getDecryptedSettingValue(clientSecret))) { throw new IllegalArgumentException("Missing Client Secret"); } - GithubAppConfiguration configuration = new GithubAppConfiguration(appId, settings.getDecryptedPrivateKey(encryption), - settings.getUrl()); + GithubAppConfiguration configuration = new GithubAppConfiguration(appId, getDecryptedSettingValue(privateKey), url); githubApplicationClient.checkApiEndpoint(configuration); githubApplicationClient.checkAppPermissions(configuration); return configuration; } + + private String getDecryptedSettingValue(String setting) { + if (StringUtils.isNotEmpty(setting) && encryption.isEncrypted(setting)) { + return encryption.decrypt(setting); + } + return setting; + } } |