From b87d2eedb6fde7f3fbca396446db6e489c38ffab Mon Sep 17 00:00:00 2001 From: lostsnow Date: Wed, 28 Jun 2023 14:28:46 +0800 Subject: [PATCH 01/24] add parameter types to dubbo request uri --- .../core/bytecode/enhance/asm/AsmMethods.java | 1 + .../DubboProxyHandlerInvokeAdviceAdapter.java | 3 +++ .../handler/hookpoint/SpyDispatcherImpl.java | 4 ++-- .../hookpoint/controller/impl/DubboImpl.java | 19 ++++++++++++++++++- .../main/java/java/lang/dongtai/NopSpy.java | 2 +- .../java/java/lang/dongtai/SpyDispatcher.java | 2 +- 6 files changed, 26 insertions(+), 5 deletions(-) diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java index 3d5e3ca92..c63f4988e 100755 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java @@ -167,6 +167,7 @@ static Method getAsmMethod(final Class clazz, Object.class, String.class, Object[].class, + Class[].class, Map.class, String.class, String.class, diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/framework/dubbo/DubboProxyHandlerInvokeAdviceAdapter.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/framework/dubbo/DubboProxyHandlerInvokeAdviceAdapter.java index dee54fc08..bbe97d363 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/framework/dubbo/DubboProxyHandlerInvokeAdviceAdapter.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/framework/dubbo/DubboProxyHandlerInvokeAdviceAdapter.java @@ -9,6 +9,7 @@ public class DubboProxyHandlerInvokeAdviceAdapter extends AbstractAdviceAdapter { private static final Method GET_ARGUMENTS_METHOD = Method.getMethod("java.lang.Object[] getArguments()"); private static final Method GET_METHOD_NAME_METHOD = Method.getMethod("java.lang.String getMethodName()"); + private static final Method GET_PARAMETER_TYPES_METHOD = Method.getMethod("java.lang.Class[] getParameterTypes()"); private final String packageName; private final Type invocationType; @@ -60,6 +61,8 @@ private void collectDubboRequestSource() { loadArg(0); invokeInterface(this.invocationType, GET_ARGUMENTS_METHOD); loadArg(0); + invokeInterface(this.invocationType, GET_PARAMETER_TYPES_METHOD); + loadArg(0); invokeInterface(this.invocationType, this.getAttachmentsMethod); push(this.classContext.getClassName()); push(this.name); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java index 8462f4c3b..832a4fd69 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java @@ -337,7 +337,7 @@ public void collectDubboRequest(Object handler, Object channel, Object request, @Override public void collectDubboRequestSource(Object handler, Object invocation, String methodName, - Object[] arguments, Map headers, + Object[] arguments, Class[] argumentTypes, Map headers, String hookClass, String hookMethod, String hookSign) { try { ScopeManager.SCOPE_TRACKER.getPolicyScope().enterAgent(); @@ -346,7 +346,7 @@ public void collectDubboRequestSource(Object handler, Object invocation, String return; } - DubboImpl.collectDubboRequestSource(handler, invocation, methodName, arguments, headers, + DubboImpl.collectDubboRequestSource(handler, invocation, methodName, arguments, argumentTypes, headers, hookClass, hookMethod, hookSign, INVOKE_ID_SEQUENCER); } catch (Throwable e) { DongTaiLog.warn(ErrorCode.get("SPY_COLLECT_DUBBO_FAILED"), "request source", e); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java index 3e1fbfc40..d83c0c0ed 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java @@ -44,7 +44,7 @@ public static void solveDubboRequest(Object handler, Object channel, Object requ public static void collectDubboRequestSource(Object handler, Object invocation, String methodName, - Object[] arguments, Map headers, + Object[] arguments, Class[] argumentTypes, Map headers, String hookClass, String hookMethod, String hookSign, AtomicInteger invokeIdSequencer) { if (arguments == null || arguments.length == 0) { @@ -57,6 +57,23 @@ public static void collectDubboRequestSource(Object handler, Object invocation, String url = (String) requestMeta.get("requestURL") + "/" + methodName; String uri = (String) requestMeta.get("requestURI") + "/" + methodName; + + StringBuilder argSign = new StringBuilder("("); + if (argumentTypes != null && argumentTypes.length > 0) { + int i = 0; + for (Class argumentType : argumentTypes) { + if (i != 0) { + argSign.append(","); + } + argSign.append(argumentType.getCanonicalName()); + i++; + } + } + argSign.append(")"); + String argSignStr = argSign.toString(); + url += argSignStr; + uri += argSignStr; + requestMeta.put("requestURL", url); requestMeta.put("requestURI", uri); diff --git a/dongtai-spy/src/main/java/java/lang/dongtai/NopSpy.java b/dongtai-spy/src/main/java/java/lang/dongtai/NopSpy.java index cfe3b8b37..91743b3b1 100644 --- a/dongtai-spy/src/main/java/java/lang/dongtai/NopSpy.java +++ b/dongtai-spy/src/main/java/java/lang/dongtai/NopSpy.java @@ -97,7 +97,7 @@ public void collectDubboRequest(Object handler, Object channel, Object request, @Override public void collectDubboRequestSource(Object handler, Object invocation, String methodName, - Object[] arguments, Map headers, + Object[] arguments, Class[] argumentTypes, Map headers, String hookClass, String hookMethod, String hookSign) { } diff --git a/dongtai-spy/src/main/java/java/lang/dongtai/SpyDispatcher.java b/dongtai-spy/src/main/java/java/lang/dongtai/SpyDispatcher.java index 73c6c8f63..b51000318 100644 --- a/dongtai-spy/src/main/java/java/lang/dongtai/SpyDispatcher.java +++ b/dongtai-spy/src/main/java/java/lang/dongtai/SpyDispatcher.java @@ -60,7 +60,7 @@ void collectDubboRequest(Object handler, Object channel, Object request, boolean isTwoWay, boolean isEvent, boolean isBroken, boolean isHeartbeat); void collectDubboRequestSource(Object handler, Object invocation, String methodName, - Object[] arguments, Map headers, + Object[] arguments, Class[] argumentTypes, Map headers, String hookClass, String hookMethod, String hookSign); void collectDubboResponse(Object result, byte status); From d6b04d957db5c615ae16d0767fc35d53b05fd42b Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 14:48:03 +0800 Subject: [PATCH 02/24] feat: remake api gather --- .../dongtai-api-gather-dubbo-api/pom.xml | 49 ++++ .../iast/dubbo/convertor/MethodConvertor.java | 95 ++++++ .../dubbo/convertor/ParameterConvertor.java | 46 +++ .../dubbo/convertor/ServiceConvertor.java | 90 ++++++ .../gather/AbstractDubboServiceGather.java | 141 +++++++++ .../gather/AlibabaDubboServiceGather.java | 63 ++++ .../gather/ApacheDubboServiceGather.java | 83 ++++++ .../dongtai-api-gather-openapi/pom.xml | 41 +++ .../ArrayOpenApiSchemaConvertor.java | 50 ++++ .../convertor/BaseOpenApiSchemaConvertor.java | 34 +++ .../ClassOpenApiSchemaConvertor.java | 31 ++ .../CollectionOpenApiSchemaConvertor.java | 63 ++++ .../openapi/convertor/ComponentDatabase.java | 147 ++++++++++ .../convertor/EnumOpenApiSchemaConvertor.java | 56 ++++ .../FieldOpenApiSchemaConvertor.java | 35 +++ .../JavaBeanOpenApiSchemaConvertor.java | 167 +++++++++++ .../convertor/ListOpenApiSchemaConvertor.java | 66 +++++ .../convertor/MapOpenApiSchemaConvertor.java | 33 +++ .../OpenApiSchemaConvertorManager.java | 128 ++++++++ .../convertor/PrimitiveTypeConvertor.java | 93 ++++++ .../convertor/SetOpenApiSchemaConvertor.java | 43 +++ .../dongtai/iast/openapi/domain/DataType.java | 147 ++++++++++ .../dongtai/iast/openapi/domain/Header.java | 10 + .../io/dongtai/iast/openapi/domain/Info.java | 28 ++ .../iast/openapi/domain/MediaType.java | 23 ++ .../dongtai/iast/openapi/domain/OpenApi.java | 78 +++++ .../iast/openapi/domain/Operation.java | 122 ++++++++ .../iast/openapi/domain/Parameter.java | 77 +++++ .../iast/openapi/domain/ParameterIn.java | 45 +++ .../io/dongtai/iast/openapi/domain/Path.java | 153 ++++++++++ .../iast/openapi/domain/Reference.java | 37 +++ .../iast/openapi/domain/RequestBody.java | 38 +++ .../dongtai/iast/openapi/domain/Response.java | 52 ++++ .../dongtai/iast/openapi/domain/Schema.java | 175 +++++++++++ .../ArrayOpenApiSchemaConvertorTest.java | 93 ++++++ .../dongtai/iast/openapi/convertor/Bar.java | 4 + .../EnumOpenApiSchemaConvertorTest.java | 36 +++ .../iast/openapi/convertor/Enumnumnum.java | 9 + .../dongtai/iast/openapi/convertor/Foo.java | 274 ++++++++++++++++++ .../JavaBeanOpenApiSchemaConvertorTest.java | 43 +++ .../ListOpenApiSchemaConvertorTest.java | 37 +++ .../convertor/PrimitiveTypeConvertorTest.java | 79 +++++ .../io/dongtai/iast/openapi/convertor/R1.java | 14 + .../io/dongtai/iast/openapi/convertor/R2.java | 15 + .../iast/openapi/convertor/Response.java | 14 + .../SetOpenApiSchemaConvertorTest.java | 43 +++ .../dongtai-api-gather-spring-api/README.md | 39 +++ .../dongtai-api-gather-spring-api}/pom.xml | 23 +- .../convertor/HandlerMethodConvertor.java | 96 ++++++ .../convertor/MethodParameterConvertor.java | 185 ++++++++++++ ...RequestMappingHandlerMappingConvertor.java | 81 ++++++ .../RequestMappingInfoConvertor.java | 260 +++++++++++++++++ .../spring/gather/SpringMVCApiGather.java | 66 +++++ dongtai-api-gather/pom.xml | 27 ++ dongtai-api/pom.xml | 14 +- .../iast/common/constants/ReportType.java | 1 + .../plugin/spring/DispatchApiCollector.java | 2 +- .../plugin/spring/SpringApplicationImpl.java | 63 +--- .../handler/hookpoint/SpyDispatcherImpl.java | 24 +- .../api/AbstractApiGatherThread.java | 45 +++ .../core/handler/hookpoint/api/ApiReport.java | 33 --- .../hookpoint/api/DubboApiGatherThread.java | 112 +++++++ .../handler/hookpoint/api/GetApiThread.java | 35 --- .../hookpoint/api/SpringGatherApiThread.java | 50 ++++ .../hookpoint/controller/impl/DubboImpl.java | 46 ++- .../cn/huoxian/iast/spring/ApiDataModel.java | 114 -------- .../iast/spring/SpringApplicationContext.java | 180 ------------ pom.xml | 2 +- 68 files changed, 4269 insertions(+), 429 deletions(-) create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java create mode 100644 dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/pom.xml create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/README.md rename {dongtai-spring-api => dongtai-api-gather/dongtai-api-gather-spring-api}/pom.xml (68%) create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java create mode 100644 dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java create mode 100644 dongtai-api-gather/pom.xml create mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java delete mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/ApiReport.java create mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java delete mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/GetApiThread.java create mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java delete mode 100644 dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/ApiDataModel.java delete mode 100644 dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/SpringApplicationContext.java diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml new file mode 100644 index 000000000..029bf60ef --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml @@ -0,0 +1,49 @@ + + + + dongtai-api-gather + io.dongtai.iast + ${revision} + + 4.0.0 + + dongtai-api-gather-dubbo-api + + + 8 + 8 + UTF-8 + + + + + org.apache.dubbo + dubbo + + 2.7.13 + provided + + + com.alibaba + dubbo + 2.6.12 + provided + + + + io.dongtai.iast + dongtai-api-gather-openapi + ${project.version} + provided + + + io.dongtai.iast + dongtai-log + ${project.version} + provided + + + + \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java new file mode 100644 index 000000000..e6f15e36d --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java @@ -0,0 +1,95 @@ +package io.dongtai.iast.dubbo.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.MediaType; +import io.dongtai.iast.openapi.domain.Operation; +import io.dongtai.iast.openapi.domain.Parameter; +import io.dongtai.iast.openapi.domain.Response; + +import java.lang.reflect.Method; +import java.util.*; + +/** + * 用于把Dubbo的Service的方法转为Open API的Operation结构 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class MethodConvertor { + + private OpenApiSchemaConvertorManager manager; + private Method reflectionMethod; + + /** + * @param manager + * @param reflectionMethod 要转换的Method,一个Method对应着一个Operation + */ + public MethodConvertor(OpenApiSchemaConvertorManager manager, Method reflectionMethod) { + this.manager = manager; + this.reflectionMethod = reflectionMethod; + } + + public Operation convert() { + Operation o = new Operation(); + + o.mergeParameters(this.parseParameters()); + o.setResponses(this.parseResponse()); + + // TODO 2023-6-26 11:24:05 设置这两个字段 +// o.setOperationId(); +// o.setTags(); + + return o; + } + + /** + * 把Dubbo的Service的方法返回值转换为Open API的Response + * + * @return + */ + private Map parseResponse() { + + Class returnType = this.reflectionMethod.getReturnType(); + // 这里需要注意,可能会有返回值为空的情况,这种情况就认为是没有响应值 + // TODO 2023-6-26 11:25:24 需要确认open api的协议是否支持响应为空 + if (Void.TYPE == returnType) { + return null; + } + + // 把函数的返回值对应到HTTP的响应体上 + Response r = new Response(); + Map contentMap = new HashMap<>(); + MediaType mediaType = new MediaType(); + mediaType.setSchema(this.manager.convertClass(returnType)); + contentMap.put(MediaType.APPLICATION_JSON, mediaType); + r.setContent(contentMap); + + // 这里只处理正常返回的情况,认为是200的情况,至于throws抛出异常500的情况就不再处理了 + Map responseMap = new HashMap<>(); + r.setDescription(Response.MSG_OK); + responseMap.put(Response.CODE_OK, r); + + return responseMap; + } + + /** + * 解析Method上的参数为OpenAPI的Parameter + * + * @return + */ + private List parseParameters() { + java.lang.reflect.Parameter[] reflectionParameterArray = this.reflectionMethod.getParameters(); + if (reflectionParameterArray == null || reflectionParameterArray.length == 0) { + return Collections.emptyList(); + } + List parameterList = new ArrayList<>(); + for (java.lang.reflect.Parameter reflectionParameter : reflectionParameterArray) { + Parameter convert = new ParameterConvertor(this.manager, reflectionParameter).convert(); + if (convert != null) { + parameterList.add(convert); + } + } + return parameterList; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java new file mode 100644 index 000000000..cac91157e --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java @@ -0,0 +1,46 @@ +package io.dongtai.iast.dubbo.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.Parameter; +import io.dongtai.iast.openapi.domain.ParameterIn; +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 方法参数级别的转换,把Dubbo的Service上的Method的Parameter转为Open API的Parameter的格式 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ParameterConvertor { + + private final OpenApiSchemaConvertorManager manager; + private final java.lang.reflect.Parameter reflectionParameter; + + /** + * @param manager + * @param reflectionParameter 要转换的方法参数 + */ + public ParameterConvertor(OpenApiSchemaConvertorManager manager, java.lang.reflect.Parameter reflectionParameter) { + this.manager = manager; + this.reflectionParameter = reflectionParameter; + } + + public Parameter convert() { + + Parameter openApiParameter = new Parameter(); + + // 2023-6-25 18:23:17 以后得空的时候也许可以把这里优化一下,用asm拿到真正的参数名字,这样前端页面上用户看着心情会好一些 + openApiParameter.setName(reflectionParameter.getName()); + + // 洞态开发人员内部约定:dubbo的参数固定认为是放在query上的,同时是必传的 + openApiParameter.setIn(ParameterIn.Query); + openApiParameter.setRequired(true); + + // 参数的类型转为Open API的类型,如果有涉及到复合类型的话存储到Open API的组件库中 + Schema schema = this.manager.convertClass(this.reflectionParameter.getType()); + openApiParameter.setSchema(schema); + + return openApiParameter; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java new file mode 100644 index 000000000..95c11b7a9 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java @@ -0,0 +1,90 @@ +package io.dongtai.iast.dubbo.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.Operation; +import io.dongtai.iast.openapi.domain.Path; + +import java.lang.reflect.Method; +import java.lang.reflect.Parameter; +import java.util.*; + +/** + * 类级别的转换,将dubbo的Service接口转换为open api的格式 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ServiceConvertor { + + private OpenApiSchemaConvertorManager manager; + private Class interfaceClass; + + public ServiceConvertor(OpenApiSchemaConvertorManager manager, Class interfaceClass) { + this.manager = manager; + this.interfaceClass = interfaceClass; + } + + public Map convert() { + Map pathMap = new HashMap<>(); + for (Method parseServiceMethod : this.parseServiceMethods()) { + Operation convert = new MethodConvertor(this.manager, parseServiceMethod).convert(); + Path path = new Path(); + path.setDubbo(convert); + pathMap.put(this.buildSign(parseServiceMethod), path); + } + return pathMap; + } + + /** + * 解析Service上提供的接口 + * + * @return + */ + private List parseServiceMethods() { + List methodList = new ArrayList<>(); + Set distinctSet = new HashSet<>(); + Queue needProcessClassQueue = new LinkedList<>(); + needProcessClassQueue.add(this.interfaceClass); + while (!needProcessClassQueue.isEmpty()) { + Class poll = needProcessClassQueue.poll(); + + // 收集当前类上的方法 + Method[] declaredMethods = poll.getDeclaredMethods(); + for (Method declaredMethod : declaredMethods) { + String s = this.buildSign(declaredMethod); + if (distinctSet.contains(s)) { + continue; + } + distinctSet.add(s); + methodList.add(declaredMethod); + } + + // 收集父接口,以便等下处理父接口上的方法 + needProcessClassQueue.addAll(Arrays.asList(poll.getInterfaces())); + } + + return methodList; + } + + /** + * 方法的签名需要统一,签名的格式与dubbo流量采集那里保持一致,在server端要靠这个作为path把它们关联到一起 + * + * @param method + * @return Example: /app.iast.common.dubbo.vul.VulService/runtimeExec(java.lang.String,java.lang.StringBuilder,byte[]) + */ + private String buildSign(Method method) { + StringBuilder sign = new StringBuilder(); + sign.append("/").append(method.getDeclaringClass().getName()).append("/").append(method.getName()).append("("); + Parameter[] parameters = method.getParameters(); + if (parameters != null && parameters.length != 0) { + for (int i = 0; i < parameters.length; i++) { + sign.append(parameters[i].getType().getCanonicalName()); + if (i + 1 < parameters.length) { + sign.append(","); + } + } + } + return sign.append(")").toString(); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java new file mode 100644 index 000000000..f00f65cf1 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java @@ -0,0 +1,141 @@ +package io.dongtai.iast.dubbo.gather; + +import io.dongtai.iast.dubbo.convertor.ServiceConvertor; +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.iast.openapi.domain.Path; + +import java.lang.reflect.Field; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.function.Consumer; + +/** + * 两个dubbo分支Service收集共同的逻辑抽象到这里 + *

+ * 需要兼容两个版本,如果2.6.x及以下版本,可以使用:com.alibaba.dubbo,2.7.0开始,直接使用org.apache.dubbo + *

+ * TODO 协议、配置方式 + * + * @author CC11001100 + * @since v1.12.0 + */ +public abstract class AbstractDubboServiceGather { + + // 每个Gather共享同一个Manager + private OpenApiSchemaConvertorManager manager; + + public AbstractDubboServiceGather() { + this.manager = new OpenApiSchemaConvertorManager(); + } + + public OpenApi gather() { + // TODO 2023-6-26 15:32:15 解析其它协议 + Object protocolObject = this.getProtocol("dubbo"); + if (protocolObject == null) { + return null; + } + Object exporterMap = this.getExporterMap(protocolObject); + if (exporterMap == null) { + return null; + } + List exportedServiceList = this.parseExportedServiceClassList(exporterMap); + + // 解析服务列表 + OpenApi openApi = new OpenApi(); + + // 解析对外暴露的服务 + openApi.setPaths(this.parsePaths(exportedServiceList)); + + // 涉及到的组件库 + openApi.setComponentsBySchemaMap(this.manager.getDatabase().toComponentSchemasMap()); + + return openApi; + } + + /** + * 解析导出的类 + * + * @param exportedServiceList + * @return + */ + private Map parsePaths(List exportedServiceList) { + Map pathMap = new HashMap<>(); + exportedServiceList.forEach(new Consumer() { + @Override + public void accept(Class aClass) { + Map convert = new ServiceConvertor(manager, aClass).convert(); + // 暂不考虑key覆盖的问题 + pathMap.putAll(convert); + } + }); + return pathMap; + } + + /** + * 根据协议名获取协议对象 + * + * @param protocolName example: dubbo + * @return + */ + private Object getProtocol(String protocolName) { + Object protocolObj = this.getProtocolObject(protocolName); + for (int i = 0; i < 10; i++) { + try { + Field protocolField = protocolObj.getClass().getDeclaredField("protocol"); + protocolField.setAccessible(true); + protocolObj = protocolField.get(protocolObj); + if (protocolObj.getClass() == this.exceptedProtocolClass()) { + break; + } + } catch (Throwable e) { + // TODO log + e.printStackTrace(); + } + } + return protocolObj; + } + + /** + * 获取协议的对象 + * + * @param protocolName + * @return + */ + protected abstract Object getProtocolObject(String protocolName); + + /** + * 期望的协议类 + * + * @return + */ + protected abstract Class exceptedProtocolClass(); + + /** + * 从SPI的协议对象上获取导出的Map + * + * @param protocolObject + * @return + */ + private Object getExporterMap(Object protocolObject) { + try { + Field exporterMapField = protocolObject.getClass().getSuperclass().getDeclaredField("exporterMap"); + exporterMapField.setAccessible(true); + return exporterMapField.get(protocolObject); + } catch (Throwable e) { + // TODO 2023-6-25 12:17:59 log + e.printStackTrace(); + } + return null; + } + + /** + * 从导出的服务表中解析出Service的class列表 + * + * @param exporterMap Dubbo导出服务的map + * @return + */ + protected abstract List parseExportedServiceClassList(Object exporterMap); + +} diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java new file mode 100644 index 000000000..580477c3a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java @@ -0,0 +1,63 @@ +package io.dongtai.iast.dubbo.gather; + +import com.alibaba.dubbo.common.extension.ExtensionLoader; +import com.alibaba.dubbo.rpc.Exporter; +import com.alibaba.dubbo.rpc.Protocol; +import com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol; +import io.dongtai.iast.openapi.domain.OpenApi; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.function.BiConsumer; + +/** + * 用于收集alibaba包的dubbo的接口 + * + * Alibaba Dubbo Version List + * + * @author CC11001100 + * @since v1.12.0 + */ +public class AlibabaDubboServiceGather extends AbstractDubboServiceGather { + + /** + * 静态方法供反射调用 + * + * @return + */ + public static OpenApi run() { + return new AlibabaDubboServiceGather().gather(); + } + + @Override + protected Object getProtocolObject(String protocolName) { + return ExtensionLoader.getExtensionLoader(Protocol.class).getExtension(protocolName); + } + + @Override + protected Class exceptedProtocolClass() { + return DubboProtocol.class; + } + + @Override + protected List parseExportedServiceClassList(Object exporterMap) { + List serviceClassList = new ArrayList<>(); + try { + // 除 2.4.11 之外的版本,即 [2.0.10, 2.4.11) 和 (2.4.11, 2.6.12] 两个版本范围 + // 2.4.11 版本无法解析 + // 2023-6-26 18:49:15 发现2.4.11是一个无效的发布包,已经跟阿里开源反馈,希望他们能处理一下.... + ((Map) exporterMap).forEach(new BiConsumer() { + @Override + public void accept(String s, Exporter exporter) { + Class serviceClass = exporter.getInvoker().getInterface(); + serviceClassList.add(serviceClass); + } + }); + } catch (Throwable e) { + // TODO log + } + return serviceClassList; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java new file mode 100644 index 000000000..ce0db9b08 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java @@ -0,0 +1,83 @@ +package io.dongtai.iast.dubbo.gather; + +import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.log.DongTaiLog; +import org.apache.dubbo.common.extension.ExtensionLoader; +import org.apache.dubbo.rpc.Exporter; +import org.apache.dubbo.rpc.Protocol; +import org.apache.dubbo.rpc.protocol.DelegateExporterMap; +import org.apache.dubbo.rpc.protocol.dubbo.DubboProtocol; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.function.BiConsumer; + +/** + * 用于解析apache包的dubbo + *

+ * Apache Dubbo Version List + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ApacheDubboServiceGather extends AbstractDubboServiceGather { + + /** + * 静态方法供反射调用 + * + * @return + */ + public static OpenApi run() { + return new ApacheDubboServiceGather().gather(); + } + + @Override + protected Object getProtocolObject(String protocolName) { + return ExtensionLoader.getExtensionLoader(Protocol.class).getExtension(protocolName); + } + + @Override + protected Class exceptedProtocolClass() { + return DubboProtocol.class; + } + + @Override + protected List parseExportedServiceClassList(Object exporterMap) { + List serviceClassList = new ArrayList<>(); + + // [2.7.13, 3.0.0) 之间的11个版本有个狗比把这个字段的类型修改为DelegateExporterMap了,后来又改回来了 + try { + if (exporterMap instanceof DelegateExporterMap) { + ((DelegateExporterMap) exporterMap).getExporterMap().forEach(new BiConsumer>() { + @Override + public void accept(String s, Exporter exporter) { + serviceClassList.add(exporter.getInvoker().getInterface()); + } + }); + return serviceClassList; + } + } catch (Throwable e) { + // TODO 2023-6-26 15:24:50 log + } + + // [2.7.9, 2.7.13) 和 (3.0.0, 3.2.0-beta.6] 之间都是 Map> 类型 + try { + if (exporterMap instanceof Map) { + ((Map) exporterMap).forEach(new BiConsumer() { + @Override + public void accept(String s, Exporter exporter) { + serviceClassList.add(exporter.getInvoker().getInterface()); + } + }); + return serviceClassList; + } + } catch (Throwable e) { + // TODO 2023-6-26 15:25:47 log + DongTaiLog.error(""); + } + + return serviceClassList; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml b/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml new file mode 100644 index 000000000..5ea2bddf0 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml @@ -0,0 +1,41 @@ + + + + io.dongtai.iast + dongtai-api-gather + ${revision} + + 4.0.0 + + dongtai-api-gather-openapi + + + 8 + 8 + UTF-8 + + + + + io.dongtai.iast + dongtai-log + ${project.version} + provided + + + com.alibaba.fastjson2 + fastjson2 + ${fastjson2.version} + provided + + + junit + junit + ${junit.version} + test + + + + \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java new file mode 100644 index 000000000..a0c3bb623 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java @@ -0,0 +1,50 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 用于转换Java的数组结构到OpenApi的array组件类型 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ArrayOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public ArrayOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "array-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return clazz != null && clazz.isArray(); + } + + @Override + public Schema convert(Class clazz) { + + Class componentType = clazz.getComponentType(); + if (componentType == null) { + return null; + } + + // 如果是多层数组,则直接返回array,swagger spring也是这么处理的 + if (componentType.isArray()) { + return new Schema(DataType.ObjectArray()); + } + + // 尝试解析数组的items的组件类型 + Schema itemsComponent = manager.convertClass(componentType); + if (itemsComponent == null) { + return new Schema(DataType.ObjectArray()); + } else { + return new Schema(DataType.Array(itemsComponent)); + } + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java new file mode 100644 index 000000000..b7bb0ced2 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java @@ -0,0 +1,34 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +import java.lang.reflect.Field; + +/** + * 用于对Convertor的共性做约束,比如所有的Convertor都需要manager,创建的时候必须注入 + * + * @author CC11001100 + * @since v1.12.0 + */ +public abstract class BaseOpenApiSchemaConvertor implements ClassOpenApiSchemaConvertor, FieldOpenApiSchemaConvertor { + + protected OpenApiSchemaConvertorManager manager; + + public BaseOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + this.manager = manager; + } + + @Override + public boolean canConvert(Class clazz, Field field) { + return field != null && canConvert(field.getType()); + } + + @Override + public Schema convert(Class clazz, Field field) { + if (field == null) { + return null; + } + return convert(field.getType()); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java new file mode 100644 index 000000000..657acc5a2 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java @@ -0,0 +1,31 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 用于表示一个类型转换器,用来根据Java中的Class转换为Open API的Schema + * + * @author CC11001100 + * @since v1.12.0 + */ +public interface ClassOpenApiSchemaConvertor { + + String getConvertorName(); + + /** + * 判断是否能够转换 + * + * @param clazz + * @return + */ + boolean canConvert(Class clazz); + + /** + * 实际进行转换 + * + * @param clazz + * @return 如果转换失败的话返回null + */ + Schema convert(Class clazz); + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java new file mode 100644 index 000000000..d1d5db9b1 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java @@ -0,0 +1,63 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 用于Java内置的集合类型的转换,比如List、Set、Map + * + * @author CC11001100 + * @since v1.12.0 + */ +public class CollectionOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + private final ListOpenApiSchemaConvertor listOpenApiSchemaConvertor; + private final SetOpenApiSchemaConvertor setOpenApiSchemaConvertor; + private final MapOpenApiSchemaConvertor mapOpenApiSchemaConvertor; + + public CollectionOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + this.listOpenApiSchemaConvertor = new ListOpenApiSchemaConvertor(manager); + this.setOpenApiSchemaConvertor = new SetOpenApiSchemaConvertor(manager); + this.mapOpenApiSchemaConvertor = new MapOpenApiSchemaConvertor(manager); + } + + @Override + public String getConvertorName() { + return "collection-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return clazz != null && ( + listOpenApiSchemaConvertor.canConvert(clazz) || + setOpenApiSchemaConvertor.canConvert(clazz) || + mapOpenApiSchemaConvertor.canConvert(clazz) + ); + } + + @Override + public Schema convert(Class clazz) { + if (listOpenApiSchemaConvertor.canConvert(clazz)) { + return listOpenApiSchemaConvertor.convert(clazz); + } else if (setOpenApiSchemaConvertor.canConvert(clazz)) { + return setOpenApiSchemaConvertor.convert(clazz); + } else if (mapOpenApiSchemaConvertor.canConvert(clazz)) { + return mapOpenApiSchemaConvertor.convert(clazz); + } else { + return null; + } + } + + public ListOpenApiSchemaConvertor getListOpenApiSchemaConvertor() { + return listOpenApiSchemaConvertor; + } + + public SetOpenApiSchemaConvertor getSetOpenApiSchemaConvertor() { + return setOpenApiSchemaConvertor; + } + + public MapOpenApiSchemaConvertor getMapOpenApiSchemaConvertor() { + return mapOpenApiSchemaConvertor; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java new file mode 100644 index 000000000..5f9279e6d --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java @@ -0,0 +1,147 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +import java.util.*; +import java.util.function.Consumer; + +/** + * 用于集中存储管理Schema的数据库 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ComponentDatabase { + + // 类到Schema的映射 + private Map classToSchemaMap; + + // 已经发现了的类,用于避免重复处理 + private Set existsClassSet = new HashSet<>(); + + // 符合类型的schema生成完毕的时候的回调方法,用于处理环形依赖 + private Map>> classSchemaDoneCallbackMap; + + private OpenApiSchemaConvertorManager manager; + + public ComponentDatabase(OpenApiSchemaConvertorManager manager) { + this.manager = manager; + this.classToSchemaMap = new HashMap<>(); + this.classSchemaDoneCallbackMap = new HashMap<>(); + this.existsClassSet = new HashSet<>(); + } + + /** + * 是否已经发现过此类型 + * + * @param clazz + * @return + */ + public boolean exists(Class clazz) { + return existsClassSet.contains(clazz); + } + + /** + * 把类标记为已发现 + * + * @param clazz + */ + public void addExists(Class clazz) { + existsClassSet.add(clazz); + } + + /** + * 为类型注册一个转换完成的回调方法 + * + * @param clazz + * @param consumer + */ + public void addSchemaConvertDoneCallback(Class clazz, Consumer consumer) { + List> consumers = classSchemaDoneCallbackMap.computeIfAbsent(clazz, k -> new ArrayList<>()); + consumers.add(consumer); + } + + /** + * 触发类的回调方法 + * + * @param clazz 被触发的类 + * @param c 类处理后的组件 + */ + public void triggerSchemaCallback(Class clazz, Schema c) { + List> consumers = classSchemaDoneCallbackMap.get(clazz); + if (consumers == null) { + return; + } + consumers.forEach(new Consumer>() { + @Override + public void accept(Consumer componentConsumer) { + componentConsumer.accept(c); + } + }); + } + + /** + * 往数据库中存储组件,不是调用了就一定会存储的,只会存储非数组、非原生、非集合类型 + * + * @param clazz + * @param c + * @return + */ + public boolean store(Class clazz, Schema c) { + if (canStore(clazz)) { + classToSchemaMap.put(clazz, c); + return true; + } else { + return false; + } + } + + /** + * 判断此类型是否能够存储 + * + * @param clazz + * @return + */ + public boolean canStore(Class clazz) { + if (clazz == null) { + return false; + } + return this.manager.javaBeanOpenApiSchemaConvertor.canConvert(clazz); + } + + /** + * 根据类型查询组件,不存在的话返回null + * + * @param clazz + * @return + */ + public Schema find(Class clazz) { + return this.classToSchemaMap.get(clazz); + } + + /** + * 把当前存储的所有的schema转换为map形式,为了后续拼接完整的open api格式方便 + * + * @return + */ + public Map toComponentSchemasMap() { + Map m = new HashMap<>(); + classToSchemaMap.forEach((aClass, component) -> m.put(component.getName(), component)); + return m; + } + + /** + * 把给定的类注册到组件库中 + * + * @param clazz + * @return + */ + public Schema register(Class clazz) { + Schema c = new Schema(); + c.setType("object"); + c.setName(clazz.getName()); + classToSchemaMap.put(clazz, c); + return c.direct(); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java new file mode 100644 index 000000000..f1bf39982 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java @@ -0,0 +1,56 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 转换枚举值 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class EnumOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public EnumOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "enum-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return clazz != null && clazz.isEnum(); + } + + @Override + public Schema convert(Class clazz) { + + if (clazz == null) { + return null; + } + + // TODO 枚举类型是被看做一个有限取值的string,所以此处有必要查询缓存吗? + Schema schema = manager.database.find(clazz); + if (schema != null) { + return schema; + } + + // 处理枚举值 + Object[] enumConstants = clazz.getEnumConstants(); + String[] enums = new String[enumConstants.length]; + for (int i = 0; i < enumConstants.length; i++) { + enums[i] = enumConstants[i].toString(); + } + + Schema s = new Schema(DataType.String()); + s.setEnums(enums); + + // 枚举不会有dfs,所以不需要触发转换完成的回调 + + return s; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java new file mode 100644 index 000000000..2038c50f2 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java @@ -0,0 +1,35 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +import java.lang.reflect.Field; + +/** + * 可以根据Java中的Field转换为Open API的Schema + * + * @author CC11001100 + * @since v1.12.0 + */ +public interface FieldOpenApiSchemaConvertor { + + String getConvertorName(); + + /** + * 判断是否能够转换Field + * + * @param clazz + * @param field + * @return + */ + boolean canConvert(Class clazz, Field field); + + /** + * 实际进行转换,把Field转换为一个组件 + * + * @param clazz + * @param field + * @return 如果转换失败的话返回null + */ + Schema convert(Class clazz, Field field); + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java new file mode 100644 index 000000000..7686005bf --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java @@ -0,0 +1,167 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; + +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.function.Consumer; + +/** + * 用于转换JavaBean到OpenApi的组件 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class JavaBeanOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public JavaBeanOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "bean-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return !manager.primitiveTypeConvertor.canConvert(clazz) && + !manager.arrayOpenApiSchemaConvertor.canConvert(clazz) && + !manager.collectionOpenApiSchemaConvertor.canConvert(clazz) && + !manager.enumOpenApiSchemaConvertor.canConvert(clazz); + } + + /** + * 把一个符合JavaBean规范的类转换为Open API的schema格式 + * + * @param clazz + * @return + */ + @Override + public Schema convert(Class clazz) { + + // 先查下组件库,如果有的话就直接返回即可 + Schema schema = manager.database.find(clazz); + if (schema != null) { + return schema.direct(); + } + + // TODO 2023-6-16 16:18:56 想一个更合适更容易理解的处理方式 + // 如果在已经发现的类型列表中,则表示正在处理中,则注册一个回调方法 + if (manager.database.exists(clazz)) { + Schema c = new Schema(); + manager.database.addSchemaConvertDoneCallback(clazz, new Consumer() { + @Override + public void accept(Schema schema) { + c.set$ref(schema.generateRef()); + } + }); + return c; + } + + // 这个类没有被发现过,这是第一次处理它,将类标记为已发现,防止DFS的时候陷入环形依赖 + manager.database.addExists(clazz); + + // 然后开始处理它 + Schema c = new Schema(); + // 与类的短名字保持一致,这里会发生名称冲突吗? + c.setName(clazz.getSimpleName()); + c.setType("object"); + + // TODO 2023-6-15 16:24:06 向上递归处理所有字段,并检查是否符合Bean规范 + // 处理类上的字段 + parseFieldList(clazz).forEach(new Consumer() { + @Override + public void accept(Field field) { + Schema schema = convert(clazz, field); + c.addProperty(field.getName(), schema); + } + }); + + // 把转换完的组件存储一下 + manager.database.store(clazz, c); + + // 在类处理完的时候触发一下回调 + manager.database.triggerSchemaCallback(clazz, c); + + return c; + } + + // TODO 2023-6-16 16:22:48 此处暂不考虑继承泛型的问题,下个版本再处理它 + private List parseFieldList(Class clazz) { + List fieldList = new ArrayList<>(); + Set fieldNameSet = new HashSet<>(); + Class currentClass = clazz; + while (currentClass != null) { + Field[] declaredFields = currentClass.getDeclaredFields(); + for (Field f : declaredFields) { + // TODO 判断是否符合Bean的属性的规范 + fieldList.add(f); + } + currentClass = currentClass.getSuperclass(); + } + return fieldList; + } + + @Override + public Schema convert(Class clazz, Field field) { + Class fieldClass = field.getType(); + // 因为类型可能是各种类型,所以这里要调用manager上的来路由 + return manager.convertClass(fieldClass); +// // 如果字段是原生类型,则直接转换即可 +// if (isPrimitiveType(fieldClass)) { +// return convertPrimitiveType(fieldClass); +// } else if (fieldClass.isArray()) { +// // 如果是数组的话,则走数组的转换逻辑 +// return convertArray(fieldClass); +// } else if () { +// +// } else { +// +// // TODO 2023-6-15 18:11:53 处理泛型 +// +// // 如果不是基本类型,则看一下是否已经处理完毕了,如果已经处理完毕了就直接拿来用 +// if (classToComponentMap.containsKey(fieldClass)) { +// Component refComponent = classToComponentMap.get(fieldClass); +// if (refComponent.canRef()) { +// // 创建一个新的组件,这个新的组件引用已经存在的这个组件 +// return new Component(refComponent.generateRef()); +// } +// } +// +// // 如果是已经存在但是没有处理完毕的,则注册一个回调 +// if (existsClassSet.contains(fieldClass)) { +// Component c = new Component(); +// if (!componentDoneCallbackMap.containsKey(fieldClass)) { +// componentDoneCallbackMap.put(fieldClass, new ArrayList<>()); +// } +// componentDoneCallbackMap.get(fieldClass).add(new Consumer() { +// @Override +// public void accept(Component component) { +// // 在处理完毕的时候把当前字段的引用指向这个转换完毕的组件 +// c.set$ref(component.generateRef()); +// } +// }); +// return c; +// } +// +// // 如果是一个新的类,则递归处理它 +// // 标记为已经发现过 +// existsClassSet.add(fieldClass); +// // 递归处理 +// Component c = generate(fieldClass); +// // 缓存结果 +// cache(fieldClass, c); +// // 只返回一个引用,并不真的进行嵌套 +// if (c.canRef()) { +// return new Component(c.generateRef()); +// } else { +// return c; +// } +// } + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java new file mode 100644 index 000000000..635cbf104 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java @@ -0,0 +1,66 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +import java.lang.reflect.Field; +import java.util.List; + +/** + * 处理List结构 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class ListOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public ListOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "list-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return clazz != null && List.class.isAssignableFrom(clazz); + } + + @Override + public Schema convert(Class clazz) { + return new Schema(DataType.ObjectArray()); + } + + @Override + public Schema convert(Class clazz, Field field) { + Schema itemsComponent = convertField(clazz, field); + if (itemsComponent == null) { + return new Schema(DataType.ObjectArray()); + } + return new Schema(DataType.Array(itemsComponent)); + } + + + private Schema convertField(Class clazz, Field field) { +// if (field == null || clazz == null) { +// return null; +// } +// Type genericType = field.getGenericType(); +// if (genericType == null || !(genericType instanceof ParameterizedType)) { +// return null; +// } +// ParameterizedType pt = (ParameterizedType) genericType; +// Type[] actualTypeArguments = pt.getActualTypeArguments(); +// if (actualTypeArguments == null || actualTypeArguments.length == 0) { +// return null; +// } +// Class actualTypeArgument = ((ParameterizedTypeImpl) actualTypeArguments[0]).getRawType(); +// return manager.convertClass(actualTypeArgument); + + // 2023-6-19 11:13:45 当前版本暂不处理泛型,直接认为是object + return new Schema(DataType.Object()); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java new file mode 100644 index 000000000..ecb654415 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java @@ -0,0 +1,33 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +/** + * 用于把Map类型转为Open API的类型 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class MapOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public MapOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "map-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return false; + } + + @Override + public Schema convert(Class clazz) { + return new Schema(DataType.Object()); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java new file mode 100644 index 000000000..ebc678b5f --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java @@ -0,0 +1,128 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.log.DongTaiLog; + +/** + * 转换器的入口类 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class OpenApiSchemaConvertorManager { + + // 内部用来存储组件的数据 + ComponentDatabase database; + + // 一堆类型转换器 + PrimitiveTypeConvertor primitiveTypeConvertor; + EnumOpenApiSchemaConvertor enumOpenApiSchemaConvertor; + ArrayOpenApiSchemaConvertor arrayOpenApiSchemaConvertor; + JavaBeanOpenApiSchemaConvertor javaBeanOpenApiSchemaConvertor; + CollectionOpenApiSchemaConvertor collectionOpenApiSchemaConvertor; + + // 转换器使用的顺序 + private ClassOpenApiSchemaConvertor[] convertors; + + public OpenApiSchemaConvertorManager() { + + this.database = new ComponentDatabase(this); + + primitiveTypeConvertor = new PrimitiveTypeConvertor(this); + enumOpenApiSchemaConvertor = new EnumOpenApiSchemaConvertor(this); + arrayOpenApiSchemaConvertor = new ArrayOpenApiSchemaConvertor(this); + javaBeanOpenApiSchemaConvertor = new JavaBeanOpenApiSchemaConvertor(this); + collectionOpenApiSchemaConvertor = new CollectionOpenApiSchemaConvertor(this); + + convertors = new ClassOpenApiSchemaConvertor[]{ + primitiveTypeConvertor, + javaBeanOpenApiSchemaConvertor, + arrayOpenApiSchemaConvertor, + collectionOpenApiSchemaConvertor, + enumOpenApiSchemaConvertor + }; + } + + + /** + * 为给定的类型生成类型 + * + * @param clazz + * @return + */ + public Schema convertClass(Class clazz) { + + if (clazz == null) { + return null; + } + + // 依此使用转换器尝试转换 + for (ClassOpenApiSchemaConvertor convertor : convertors) { + if (convertor.canConvert(clazz)) { + try { + Schema c = convertor.convert(clazz); + if (c != null) { + return c.direct(); + } + } catch (Throwable e) { + DongTaiLog.error("OpenApiSchemaConvertorManager.convertClass error, convert {}, class {}", convertor.getConvertorName(), clazz.getName(), e); + } + } + } + + // 转换不了就算球 + return null; +// +// // 数组 +// if (clazz.isArray()) { +// return arrayOpenApiSchemaConvertor.convert(clazz); +// } +// +// // 基本类型直接转换 +// if (manager.primitiveTypeConvertor.canConvert(componentType)) { +// Component items = manager.primitiveTypeConvertor.convert(componentType); +// return new Component(DataType.Array(items)); +// } +// +// // 集合类型调用其处理 +// if (manager.collectionOpenApiSchemaConvertor.canConvert(componentType)) { +// Component items = manager.collectionOpenApiSchemaConvertor.convert(componentType); +// return new Component(DataType.Array(items)); +// } +// +// // bean类型处理 +// if (manager.javaBeanOpenApiSchemaConvertor.canConvert(clazz)) { +// Component items = manager.javaBeanOpenApiSchemaConvertor.convert(componentType); +// return new Component(DataType.Array(items)); +// } + +// // 尝试进行基本类型的转换,如果能够转换成功的话说明是基本类型,则直接返回即可 +// Component c = convertPrimitiveType(clazz); +// if (c != null) { +// return c; +// } +// +// // 查询是否已经处理过,如果已经处理过的话则直接返回之前的结果 +// if (classToComponentMap.containsKey(clazz)) { +// return classToComponentMap.get(clazz); +// } +// +// // 数组的处理 +// if (clazz.isArray()) { +// c = convertArray(clazz); +// cache(clazz, c); +// return c; +// } +// +// // 尝试进行复杂类型转换 +// c = convertBean(clazz); +// // 放入到缓存中 +// cache(clazz, c); +// +// return c; + } + + public ComponentDatabase getDatabase() { + return database; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java new file mode 100644 index 000000000..e1be14413 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java @@ -0,0 +1,93 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +import java.util.HashSet; +import java.util.Set; + +/** + * 用于原生类型转换 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class PrimitiveTypeConvertor extends BaseOpenApiSchemaConvertor { + + // 原生类型,原生类型不需要存储到组件列表中 + public static Set primitiveTypeSet = new HashSet<>(); + + static { + primitiveTypeSet.add(String.class); + + primitiveTypeSet.add(Character.class); + primitiveTypeSet.add(char.class); + + primitiveTypeSet.add(Byte.class); + primitiveTypeSet.add(byte.class); + + primitiveTypeSet.add(Short.class); + primitiveTypeSet.add(short.class); + + primitiveTypeSet.add(Integer.class); + primitiveTypeSet.add(int.class); + + primitiveTypeSet.add(Long.class); + primitiveTypeSet.add(long.class); + + primitiveTypeSet.add(Float.class); + primitiveTypeSet.add(float.class); + + primitiveTypeSet.add(Double.class); + primitiveTypeSet.add(double.class); + + primitiveTypeSet.add(Boolean.class); + primitiveTypeSet.add(boolean.class); + } + + public PrimitiveTypeConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "primitive-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return primitiveTypeSet.contains(clazz); + } + + /** + * 基本类型转为OpenApi的基本类型 + * + * @param simpleClass + * @return + */ + public Schema convert(Class simpleClass) { + + // 原生类型不需要存储组件 + + // 字符串类型和字符类型都修改为字符串类型,注意这里产生了一个类型丢失 + if (simpleClass == String.class || simpleClass == Character.class || simpleClass == char.class) { + return new Schema(DataType.String()); + } else if (simpleClass == Byte.class || simpleClass == byte.class || + simpleClass == Short.class || simpleClass == short.class || + simpleClass == Integer.class || simpleClass == int.class) { + // Byte、Short类型转为了int32类型,注意这里也产生了一个类型丢失 + return new Schema(DataType.Int32()); + } else if (simpleClass == Long.class || simpleClass == long.class) { + return new Schema(DataType.Int64()); + } else if (simpleClass == Float.class || simpleClass == float.class) { + return new Schema(DataType.Float()); + } else if (simpleClass == Double.class || simpleClass == double.class) { + return new Schema(DataType.Double()); + } else if (simpleClass == Boolean.class || simpleClass == boolean.class) { + return new Schema(DataType.Boolean()); + } else { + return null; + } + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java new file mode 100644 index 000000000..85c00d253 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java @@ -0,0 +1,43 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; + +import java.lang.reflect.Field; +import java.util.Set; + +/** + * 处理Set类型 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class SetOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { + + public SetOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { + super(manager); + } + + @Override + public String getConvertorName() { + return "set-convertor"; + } + + @Override + public boolean canConvert(Class clazz) { + return clazz != null && Set.class.isAssignableFrom(clazz); + } + + @Override + public Schema convert(Class clazz) { + // 2023-6-19 11:25:46 暂不处理泛型参数 + Schema c = new Schema(DataType.ObjectArray()); + c.setUniqueItems(true); + return c; + } + + @Override + public Schema convert(Class clazz, Field field) { + return this.convert(field.getClass()); + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java new file mode 100644 index 000000000..7685f7c90 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java @@ -0,0 +1,147 @@ +package io.dongtai.iast.openapi.domain; + +import java.util.Objects; + +/** + * 用于表示Open API中的数据类型 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class DataType { + + // 类型的名称,比如integer + private String type; + + // 类型的格式,比如int32 + private String format; + + // 如果是数组类型的话,则数组中的元素都是啥类型的,数组中的元素可以是复合类型(引用)也可以是基本类型 + private DataType items; + + // 如果是数组的话,是否是唯一的,其实就是用来标识是不是set类型的,因为是很多语言中都是有set类型的 + private Boolean uniqueItems; + + public DataType() { + } + + private DataType(String type, String format, DataType items) { + this.type = type; + this.format = format; + this.items = items; + } + + public static DataType Null() { + return new DataType("null", null, null); + } + + public static DataType Int32() { + return new DataType("integer", "int32", null); + } + + public static DataType Int32Array() { + return Array(Int32()); + } + + public static DataType Int64() { + return new DataType("integer", "int64", null); + } + + public static DataType Int64Array() { + return Array(Int64()); + } + + public static DataType Float() { + return new DataType("number", "float", null); + } + + public static DataType FloatArray() { + return Array(Float()); + } + + public static DataType Double() { + return new DataType("number", "double", null); + } + + public static DataType DoubleArray() { + return Array(Double()); + } + + public static DataType String() { + return new DataType("string", null, null); + } + + public static DataType StringArray() { + return Array(String()); + } + + public static DataType Password() { + return new DataType("string", "password", null); + } + + public static DataType Boolean() { + return new DataType("boolean", null, null); + } + + public static DataType BooleanArray() { + return Array(Boolean()); + } + + public static DataType Array(DataType itemType) { + return new DataType("array", null, itemType); + } + + public static DataType Object() { + return new DataType("object", null, null); + } + + public static DataType ObjectArray() { + return new DataType("array", null, Object()); + } + + public String getType() { + return type; + } + + public void setType(String type) { + this.type = type; + } + + public String getFormat() { + return format; + } + + public void setFormat(String format) { + this.format = format; + } + + public DataType getItems() { + return items; + } + + public void setItems(DataType items) { + this.items = items; + } + + public Boolean getUniqueItems() { + return uniqueItems; + } + + public void setUniqueItems(Boolean uniqueItems) { + this.uniqueItems = uniqueItems; + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + DataType dataType = (DataType) o; + return Objects.equals(type, dataType.type) && Objects.equals(format, dataType.format) && Objects.equals(items, dataType.items) && Objects.equals(uniqueItems, dataType.uniqueItems); + } + + @Override + public int hashCode() { + return Objects.hash(type, format, items, uniqueItems); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java new file mode 100644 index 000000000..51a258c41 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java @@ -0,0 +1,10 @@ +package io.dongtai.iast.openapi.domain; + +/** + * Header基本复用了Parameter + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Header extends Parameter { +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java new file mode 100644 index 000000000..17a90de3a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java @@ -0,0 +1,28 @@ +package io.dongtai.iast.openapi.domain; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class Info { + + private String title; + private String version; + + public String getTitle() { + return title; + } + + public void setTitle(String title) { + this.title = title; + } + + public String getVersion() { + return version; + } + + public void setVersion(String version) { + this.version = version; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java new file mode 100644 index 000000000..f8241e6cb --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java @@ -0,0 +1,23 @@ +package io.dongtai.iast.openapi.domain; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class MediaType { + + public static final String ALL = "*/*"; + public static final String APPLICATION_JSON = "application/json"; + + // 只要一个类型,其他字段暂时不设置 + private Schema schema; + + public Schema getSchema() { + return schema; + } + + public void setSchema(Schema schema) { + this.schema = schema; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java new file mode 100644 index 000000000..1736b0a67 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java @@ -0,0 +1,78 @@ +package io.dongtai.iast.openapi.domain; + +import com.alibaba.fastjson2.JSON; + +import java.util.HashMap; +import java.util.Map; + +/** + * 表示一个Open Api文档 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class OpenApi { + + // 当前(2023-6-19)默认使用3.0.1版本 + public static final String DEFAULT_OPENAPI_VERSION = "3.0.1"; + + private String openapi; + + private Info info; + + private Map paths; + + private Map> components; + + public OpenApi() { + openapi = DEFAULT_OPENAPI_VERSION; + } + + /** + * 转为JSON字符串 + * + * @return + */ + public String toJsonString() { + return JSON.toJSONString(this); + } + + public void setComponentsBySchemaMap(Map schemas) { + Map> components = new HashMap<>(); + components.put("schemas", schemas); + this.setComponents(components); + } + + public Info getInfo() { + return info; + } + + public void setInfo(Info info) { + this.info = info; + } + + public Map> getComponents() { + return components; + } + + public void setComponents(Map> components) { + this.components = components; + } + + public String getOpenapi() { + return openapi; + } + + public void setOpenapi(String openapi) { + this.openapi = openapi; + } + + public Map getPaths() { + return paths; + } + + public void setPaths(Map paths) { + this.paths = paths; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java new file mode 100644 index 000000000..86c1b59cc --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java @@ -0,0 +1,122 @@ +package io.dongtai.iast.openapi.domain; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +/** + * 表示一个路径方法的映射处理操作 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Operation { + + private List tags; + private String operationId; + private String summary; + private String description; + + // 此映射接受的参数 + private List parameters; + + // 请求体 + private RequestBody requestBody; + + // 响应 + private Map responses; + + /** + * 参数合并 + * + * @param parameters + */ + public void mergeParameters(List parameters) { + + // 为空的话就不合并了 + if (parameters == null || parameters.isEmpty()) { + return; + } + + if (this.parameters == null) { + this.parameters = new ArrayList<>(); + this.parameters.addAll(parameters); + return; + } + + // 要保持参数的顺序 + Map indexMap = new HashMap<>(); + for (int i = 0; i < this.parameters.size(); i++) { + Parameter parameter = this.parameters.get(i); + indexMap.put(parameter.getName(), i); + } + List leftParameters = new ArrayList<>(); + for (Parameter p : parameters) { + if (indexMap.containsKey(p.getName())) { + // 替换 + this.parameters.set(indexMap.get(p.getName()), p); + } else { + // 追加 + leftParameters.add(p); + } + } + this.parameters.addAll(leftParameters); + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } + + public String getOperationId() { + return operationId; + } + + public void setOperationId(String operationId) { + this.operationId = operationId; + } + + public String getSummary() { + return summary; + } + + public void setSummary(String summary) { + this.summary = summary; + } + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public List getParameters() { + return parameters; + } + + public void setParameters(List parameters) { + this.parameters = parameters; + } + + public RequestBody getRequestBody() { + return requestBody; + } + + public void setRequestBody(RequestBody requestBody) { + this.requestBody = requestBody; + } + + public Map getResponses() { + return responses; + } + + public void setResponses(Map responses) { + this.responses = responses; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java new file mode 100644 index 000000000..416dbe050 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java @@ -0,0 +1,77 @@ +package io.dongtai.iast.openapi.domain; + +/** + * 用于表示接口的一个参数 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Parameter { + + // 参数的名称 + private String name; + + // 参数出现的位置 + private ParameterIn in; + + // 参数是否强制 + private boolean required; + + // 参数的描述信息 + private String description; + + // 参数的类型 + private Schema schema; + + // 参数是否被标记为不推荐 + private Boolean deprecated; + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public boolean isRequired() { + return required; + } + + public void setRequired(boolean required) { + this.required = required; + } + + public ParameterIn getIn() { + return in; + } + + public void setIn(ParameterIn in) { + this.in = in; + } + + public Schema getSchema() { + return schema; + } + + public void setSchema(Schema schema) { + this.schema = schema; + } + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public Boolean getDeprecated() { + return deprecated; + } + + public void setDeprecated(Boolean deprecated) { + this.deprecated = deprecated; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java new file mode 100644 index 000000000..760f28781 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java @@ -0,0 +1,45 @@ +package io.dongtai.iast.openapi.domain; + +import com.alibaba.fastjson2.annotation.JSONField; + +/** + * 参数值所在的位置 + * + * @author CC11001100 + * @since v1.12.0 + */ +public enum ParameterIn { + + // 参数值在query string中 + Query("query"), + + // 参数值在path中 + Path("path"), + + // 参数值在cookie中 + Cookie("cookie"), + + // 参数值在请求头上 + Header("header"); + + private String value; + + ParameterIn() { + } + + ParameterIn(String value) { + this.value = value; + } + + // 使用value的值作为JSON序列化的值 + // https://github.com/alibaba/fastjson/wiki/enum_custom_serialization + @JSONField + public String getValue() { + return value; + } + + @Override + public String toString() { + return this.value; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java new file mode 100644 index 000000000..32a4f3f5e --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java @@ -0,0 +1,153 @@ +package io.dongtai.iast.openapi.domain; + +import java.util.List; + +/** + * 表示Open Api中的一个路径对象 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Path extends Reference { + + // 路径对应的各种方法 + private Operation get; + private Operation put; + private Operation post; + private Operation delete; + private Operation options; + private Operation head; + private Operation patch; + private Operation trace; + + // 洞态对OpenAPI规范的扩展的自定义的字段,这一部分是不属于open api规范中的 + private Operation dubbo; + + // 所有方法的公共参数 + private List parameters; + + /** + * 把另一个映射合并到当前的映射中,这个合并只会进行方法级别的合并 + */ + public void merge(Path other) { + + if (other == null) { + return; + } + + if (other.get != null && this.get == null) { + this.get = other.get; + } + + if (other.put != null && this.put == null) { + this.put = other.put; + } + + if (other.post != null && this.post == null) { + this.post = other.post; + } + + if (other.delete != null && this.delete == null) { + this.delete = other.delete; + } + + if (other.options != null && this.options == null) { + this.options = other.options; + } + + if (other.head != null && this.head == null) { + this.head = other.head; + } + + if (other.patch != null && this.patch == null) { + this.patch = other.patch; + } + + if (other.trace != null && this.trace == null) { + this.trace = other.trace; + } + + // TODO 2023-6-19 14:20:14 是否需要合并参数呢?如果要合并的需要考虑去重 + + } + + public Operation getGet() { + return get; + } + + public void setGet(Operation get) { + this.get = get; + } + + public Operation getPut() { + return put; + } + + public void setPut(Operation put) { + this.put = put; + } + + public Operation getPost() { + return post; + } + + public void setPost(Operation post) { + this.post = post; + } + + public Operation getDelete() { + return delete; + } + + public void setDelete(Operation delete) { + this.delete = delete; + } + + public Operation getOptions() { + return options; + } + + public void setOptions(Operation options) { + this.options = options; + } + + public Operation getHead() { + return head; + } + + public void setHead(Operation head) { + this.head = head; + } + + public Operation getPatch() { + return patch; + } + + public void setPatch(Operation patch) { + this.patch = patch; + } + + public Operation getTrace() { + return trace; + } + + public void setTrace(Operation trace) { + this.trace = trace; + } + + public List getParameters() { + return parameters; + } + + public void setParameters(List parameters) { + this.parameters = parameters; + } + + public Operation getDubbo() { + return dubbo; + } + + public void setDubbo(Operation dubbo) { + this.dubbo = dubbo; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java new file mode 100644 index 000000000..b25188b75 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java @@ -0,0 +1,37 @@ +package io.dongtai.iast.openapi.domain; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class Reference { + + private String $ref; + private String summary; + private String description; + + public String get$ref() { + return $ref; + } + + public void set$ref(String $ref) { + this.$ref = $ref; + } + + public String getSummary() { + return summary; + } + + public void setSummary(String summary) { + this.summary = summary; + } + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java new file mode 100644 index 000000000..bcce5715d --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java @@ -0,0 +1,38 @@ +package io.dongtai.iast.openapi.domain; + +import java.util.Map; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class RequestBody { + + private String description; + private Map content; + private Boolean required; + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public Map getContent() { + return content; + } + + public void setContent(Map content) { + this.content = content; + } + + public Boolean getRequired() { + return required; + } + + public void setRequired(Boolean required) { + this.required = required; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java new file mode 100644 index 000000000..fb5b2781c --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java @@ -0,0 +1,52 @@ +package io.dongtai.iast.openapi.domain; + +import java.util.Map; + +/** + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Response { + + public static final String CODE_OK = "200"; + public static final String MSG_OK = "ok"; + + // TODO 不同的响应内容 + + // 响应的描述信息 + private String description; + + // 响应头 + private Map headers; + + // 响应内容 + private Map content; + + // 此字段不要 +// private Map links; + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public Map getHeaders() { + return headers; + } + + public void setHeaders(Map headers) { + this.headers = headers; + } + + public Map getContent() { + return content; + } + + public void setContent(Map content) { + this.content = content; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java new file mode 100644 index 000000000..8bd81ee17 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java @@ -0,0 +1,175 @@ +package io.dongtai.iast.openapi.domain; + +import com.alibaba.fastjson2.JSON; +import com.alibaba.fastjson2.annotation.JSONField; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** + * Open API中定义的一个Schema,Schema可能是一个复合类型,也可能是一个简单类型 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class Schema extends DataType { + + // 类型的名称,反序列化的时候忽略此字段 + @JSONField(serialize = false) + private String name; + + // 如果是引用了Schema的话则是个uri + private String $ref; + + @JSONField(name = "default") + private String defaultValue; + + @JSONField(name = "enum") + private String[] enums; + + // Schema的字段,如果是复合类型的话,复合类型的属性既可以是简单类型,也可以是复合类型,所以使用Schema来引用 + private Map properties; + + public Schema() { + } + + /** + * 从类型创建schema,一般用来包装基本类型和基本类型数组 + * + * @param dataType + */ + public Schema(DataType dataType) { + this.setType(dataType.getType()); + this.setFormat(dataType.getFormat()); + this.setItems(dataType.getItems()); + } + + /** + * 此Schema只是用来引用其它组件的,只用来表示一个指针 + * + * @param $ref + */ + public Schema(String $ref) { + this.set$ref($ref); + } + + /** + * 此组件是否可以被其他组件引用,只有有名字的组件才可以被引用 + * + * @return + */ + public boolean canRef() { + return this.name != null && !"".equals(this.name); + } + + /** + * 生成给$ref用的引用路径,这样其它组件就可以用用自己 + * + * @return + */ + public String generateRef() { + return "#/components/schemas/" + name; + } + + /** + * 如果是可以引用的类型,则返回一个引用,否则返回本身 + * + * @return + */ + public Schema direct() { + if (this.canRef()) { + // 返回引用指针,而不是直接返回它自身 + return new Schema(this.generateRef()); + } else { + // 非引用类型直接返回自身 + return this; + } + } + + /** + * 为组件增加一个属性 + * + * @param key + * @param value + */ + public void addProperty(String key, Schema value) { + if (properties == null) { + properties = new HashMap<>(); + } + properties.put(key, value); + } + + public String get$ref() { + return $ref; + } + + public void set$ref(String $ref) { + this.$ref = $ref; + } + + public String getDefaultValue() { + return defaultValue; + } + + public void setDefaultValue(String defaultValue) { + this.defaultValue = defaultValue; + } + + public String[] getEnums() { + return enums; + } + + public void setEnums(String[] enums) { + this.enums = enums; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public Map getProperties() { + return properties; + } + + // 不给直接访问,通过merge +// public void setProperties(Map properties) { +// this.properties = properties; +// } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (!(o instanceof Schema)) return false; + if (!super.equals(o)) return false; + Schema schema = (Schema) o; + return Objects.equals(name, schema.name) && Objects.equals($ref, schema.$ref) && Objects.equals(defaultValue, schema.defaultValue) && Arrays.equals(enums, schema.enums) && Objects.equals(properties, schema.properties); + } + + @Override + public int hashCode() { + int result = Objects.hash(super.hashCode(), name, $ref, defaultValue, properties); + result = 31 * result + Arrays.hashCode(enums); + return result; + } + + /** + * 比较JSON是否相等 + * + * @param c + * @return + */ + public boolean jsonEquals(Schema c) { + return JSON.toJSONString(this).equals(JSON.toJSONString(c)); + } + + public String toJson() { + return JSON.toJSONString(this); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java new file mode 100644 index 000000000..7b70bcb3a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java @@ -0,0 +1,93 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.openapi.domain.Schema; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import java.util.ArrayList; +import java.util.List; + +public class ArrayOpenApiSchemaConvertorTest { + + private ArrayOpenApiSchemaConvertor convertor; + + @Before + public void setUp() throws Exception { + OpenApiSchemaConvertorManager manager = new OpenApiSchemaConvertorManager(); + convertor = manager.arrayOpenApiSchemaConvertor; + } + + @Test + public void canConvert() { + Assert.assertTrue(convertor.canConvert(boolean[].class)); + Assert.assertTrue(convertor.canConvert(Boolean[].class)); + + Assert.assertTrue(convertor.canConvert(String[].class)); + + Assert.assertTrue(convertor.canConvert(Character[].class)); + Assert.assertTrue(convertor.canConvert(char[].class)); + + Assert.assertTrue(convertor.canConvert(Float[].class)); + Assert.assertTrue(convertor.canConvert(float[].class)); + + Assert.assertTrue(convertor.canConvert(byte[].class)); + Assert.assertTrue(convertor.canConvert(Byte[].class)); + + Assert.assertTrue(convertor.canConvert(Short[].class)); + Assert.assertTrue(convertor.canConvert(short[].class)); + + Assert.assertTrue(convertor.canConvert(Integer[].class)); + Assert.assertTrue(convertor.canConvert(int[].class)); + + Assert.assertTrue(convertor.canConvert(Long[].class)); + Assert.assertTrue(convertor.canConvert(long[].class)); + + Assert.assertTrue(convertor.canConvert(List[].class)); + Assert.assertTrue(convertor.canConvert(Foo[].class)); + Assert.assertTrue(convertor.canConvert(Bar[].class)); + } + + @Test + public void convert() { + + // 基本类型数组 + Assert.assertTrue(new Schema(DataType.BooleanArray()).jsonEquals(convertor.convert(boolean[].class))); + Assert.assertTrue(new Schema(DataType.BooleanArray()).jsonEquals(convertor.convert(Boolean[].class))); + + Assert.assertTrue(new Schema(DataType.StringArray()).jsonEquals(convertor.convert(String[].class))); + + Assert.assertTrue(new Schema(DataType.StringArray()).jsonEquals(convertor.convert(Character[].class))); + Assert.assertTrue(new Schema(DataType.StringArray()).jsonEquals(convertor.convert(char[].class))); + + Assert.assertTrue(new Schema(DataType.FloatArray()).jsonEquals(convertor.convert(Float[].class))); + Assert.assertTrue(new Schema(DataType.FloatArray()).jsonEquals(convertor.convert(float[].class))); + + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(byte[].class))); + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(Byte[].class))); + + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(Short[].class))); + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(short[].class))); + + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(Integer[].class))); + Assert.assertTrue(new Schema(DataType.Int32Array()).jsonEquals(convertor.convert(int[].class))); + + Assert.assertTrue(new Schema(DataType.Int64Array()).jsonEquals(convertor.convert(Long[].class))); + Assert.assertTrue(new Schema(DataType.Int64Array()).jsonEquals(convertor.convert(long[].class))); + + // 枚举类型数组 + Assert.assertEquals("{\"items\":{\"enums\":[\"A\",\"B\",\"C\"],\"type\":\"string\"},\"type\":\"array\"}", convertor.convert(Enumnumnum[].class).toJson()); + + // 多维数组 + Assert.assertEquals("{\"items\":{\"type\":\"object\"},\"type\":\"array\"}", convertor.convert(String[][].class).toJson()); + + // 集合类型数组 + Assert.assertEquals("{\"items\":{\"items\":{\"type\":\"object\"},\"type\":\"array\"},\"type\":\"array\"}", convertor.convert(ArrayList[].class).toJson()); + + // TODO Bean类型数组 + + } + +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java new file mode 100644 index 000000000..b6acd6a7b --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java @@ -0,0 +1,4 @@ +package io.dongtai.iast.openapi.convertor; + +public class Bar extends Foo { +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java new file mode 100644 index 000000000..4667b4ba8 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java @@ -0,0 +1,36 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +public class EnumOpenApiSchemaConvertorTest { + + private EnumOpenApiSchemaConvertor convertor; + + @Before + public void setUp() throws Exception { + OpenApiSchemaConvertorManager manager = new OpenApiSchemaConvertorManager(); + convertor = manager.enumOpenApiSchemaConvertor; + } + + @Test + public void canConvert() { + Assert.assertFalse(convertor.canConvert(Foo.class)); + Assert.assertFalse(convertor.canConvert(Bar.class)); + Assert.assertFalse(convertor.canConvert(R1.class)); + Assert.assertFalse(convertor.canConvert(R2.class)); + Assert.assertFalse(convertor.canConvert(Response.class)); + Assert.assertTrue(convertor.canConvert(Enumnumnum.class)); + } + + @Test + public void convert() { + Schema c = convertor.convert(Enumnumnum.class); + Assert.assertNotNull(c); + Assert.assertEquals("string", c.getType()); + Assert.assertArrayEquals(c.getEnums(), new String[]{"A", "B", "C"}); + } + +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java new file mode 100644 index 000000000..c654d7a59 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java @@ -0,0 +1,9 @@ +package io.dongtai.iast.openapi.convertor; + +public enum Enumnumnum { + + A, + B, + C + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java new file mode 100644 index 000000000..f526103e8 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java @@ -0,0 +1,274 @@ +package io.dongtai.iast.openapi.convertor; + +import java.util.List; +import java.util.Map; +import java.util.Set; + +public class Foo { + + private String[] k2; + private String[][] k3; + private Character[] c2; + + private Short[] s2; + private Integer[] i2; + private Long[] l2; + + private Float[] f2; + private Double[] d2; + + private Boolean[] b2; + + private Foo[] foo2; + private Bar[] bar2; + + private String k1; + private Character c1; + + private Short s1; + private Integer i1; + private Long l1; + + private Float f1; + private Double d1; + + private Boolean b1; + + private Foo foo; + private Bar bar; + + private Map m1; + private Set ss1; + private List list1; + + private List list2; + private List> list3; + private List>> list4; + + private Enumnumnum enumnumnum; + + public Enumnumnum getEnumnumnum() { + return enumnumnum; + } + + public void setEnumnumnum(Enumnumnum enumnumnum) { + this.enumnumnum = enumnumnum; + } + + public List> getList3() { + return list3; + } + + public void setList3(List> list3) { + this.list3 = list3; + } + + public List>> getList4() { + return list4; + } + + public void setList4(List>> list4) { + this.list4 = list4; + } + + public List getList2() { + return list2; + } + + public void setList2(List list2) { + this.list2 = list2; + } + + public String getK1() { + return k1; + } + + public void setK1(String k1) { + this.k1 = k1; + } + + public Character getC1() { + return c1; + } + + public void setC1(Character c1) { + this.c1 = c1; + } + + public Short getS1() { + return s1; + } + + public void setS1(Short s1) { + this.s1 = s1; + } + + public Integer getI1() { + return i1; + } + + public void setI1(Integer i1) { + this.i1 = i1; + } + + public Long getL1() { + return l1; + } + + public void setL1(Long l1) { + this.l1 = l1; + } + + public Float getF1() { + return f1; + } + + public void setF1(Float f1) { + this.f1 = f1; + } + + public Double getD1() { + return d1; + } + + public void setD1(Double d1) { + this.d1 = d1; + } + + public Boolean getB1() { + return b1; + } + + public void setB1(Boolean b1) { + this.b1 = b1; + } + + public Foo getFoo() { + return foo; + } + + public void setFoo(Foo foo) { + this.foo = foo; + } + + public Bar getBar() { + return bar; + } + + public void setBar(Bar bar) { + this.bar = bar; + } + + public Character[] getC2() { + return c2; + } + + public void setC2(Character[] c2) { + this.c2 = c2; + } + + public Short[] getS2() { + return s2; + } + + public void setS2(Short[] s2) { + this.s2 = s2; + } + + public Integer[] getI2() { + return i2; + } + + public void setI2(Integer[] i2) { + this.i2 = i2; + } + + public Long[] getL2() { + return l2; + } + + public void setL2(Long[] l2) { + this.l2 = l2; + } + + public Float[] getF2() { + return f2; + } + + public void setF2(Float[] f2) { + this.f2 = f2; + } + + public Double[] getD2() { + return d2; + } + + public void setD2(Double[] d2) { + this.d2 = d2; + } + + public Boolean[] getB2() { + return b2; + } + + public void setB2(Boolean[] b2) { + this.b2 = b2; + } + + public Foo[] getFoo2() { + return foo2; + } + + public void setFoo2(Foo[] foo2) { + this.foo2 = foo2; + } + + public Bar[] getBar2() { + return bar2; + } + + public void setBar2(Bar[] bar2) { + this.bar2 = bar2; + } + + public String[] getK2() { + return k2; + } + + public void setK2(String[] k2) { + this.k2 = k2; + } + + public String[][] getK3() { + return k3; + } + + public void setK3(String[][] k3) { + this.k3 = k3; + } + + public Map getM1() { + return m1; + } + + public void setM1(Map m1) { + this.m1 = m1; + } + + public Set getSs1() { + return ss1; + } + + public void setSs1(Set ss1) { + this.ss1 = ss1; + } + + public List getList1() { + return list1; + } + + public void setList1(List list1) { + this.list1 = list1; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java new file mode 100644 index 000000000..d54f6d4fb --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java @@ -0,0 +1,43 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import com.alibaba.fastjson2.JSON; +import io.dongtai.iast.openapi.domain.Schema; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import java.util.ArrayList; +import java.util.HashSet; + +public class JavaBeanOpenApiSchemaConvertorTest { + + private OpenApiSchemaConvertorManager manager; + private JavaBeanOpenApiSchemaConvertor convertor; + + @Before + public void setUp() throws Exception { + manager = new OpenApiSchemaConvertorManager(); + this.convertor = manager.javaBeanOpenApiSchemaConvertor; + } + + @Test + public void canConvert() { + Assert.assertTrue(convertor.canConvert(Foo.class)); + Assert.assertTrue(convertor.canConvert(Bar.class)); + + Assert.assertFalse(convertor.canConvert(ArrayList.class)); + Assert.assertFalse(convertor.canConvert(HashSet.class)); +// Assert.assertFalse(convertor.canConvert(HashMap.class)); + } + + @Test + public void convert() { + Schema c = convertor.convert(Foo.class); + System.out.println(JSON.toJSONString(manager.database.toComponentSchemasMap())); + } + + @Test + public void testConvert() { + } +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java new file mode 100644 index 000000000..dc0cdcc1a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java @@ -0,0 +1,37 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import org.junit.Before; +import org.junit.Test; + +public class ListOpenApiSchemaConvertorTest { + + private ListOpenApiSchemaConvertor convertor; + + @Before + public void setUp() throws Exception { + OpenApiSchemaConvertorManager manager = new OpenApiSchemaConvertorManager(); + convertor = manager.collectionOpenApiSchemaConvertor.getListOpenApiSchemaConvertor(); + } + + @Test + public void canConvert() { + } + + @Test + public void convert() throws NoSuchFieldException { + +// List l = new ArrayList<>(); +// Schema c = convertor.convert(l.getClass()); +// System.out.println(c); + + Foo foo = new Foo(); + Schema c = convertor.convert(foo.getClass(), foo.getClass().getDeclaredField("list4")); + System.out.println(c); + + } + + @Test + public void testConvert() { + } +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java new file mode 100644 index 000000000..f8e568684 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java @@ -0,0 +1,79 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.openapi.domain.DataType; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import java.util.List; + +public class PrimitiveTypeConvertorTest { + + private PrimitiveTypeConvertor convertor; + + @Before + public void setUp() throws Exception { + OpenApiSchemaConvertorManager manager = new OpenApiSchemaConvertorManager(); + convertor = manager.primitiveTypeConvertor; + } + + @Test + public void canConvert() { + + Assert.assertTrue(convertor.canConvert(boolean.class)); + Assert.assertTrue(convertor.canConvert(Boolean.class)); + + Assert.assertTrue(convertor.canConvert(String.class)); + + Assert.assertTrue(convertor.canConvert(Character.class)); + Assert.assertTrue(convertor.canConvert(char.class)); + + Assert.assertTrue(convertor.canConvert(Float.class)); + Assert.assertTrue(convertor.canConvert(float.class)); + + Assert.assertTrue(convertor.canConvert(byte.class)); + Assert.assertTrue(convertor.canConvert(Byte.class)); + + Assert.assertTrue(convertor.canConvert(Short.class)); + Assert.assertTrue(convertor.canConvert(short.class)); + + Assert.assertTrue(convertor.canConvert(Integer.class)); + Assert.assertTrue(convertor.canConvert(int.class)); + + Assert.assertTrue(convertor.canConvert(Long.class)); + Assert.assertTrue(convertor.canConvert(long.class)); + + Assert.assertFalse(convertor.canConvert(List.class)); + Assert.assertFalse(convertor.canConvert(Foo.class)); + Assert.assertFalse(convertor.canConvert(Bar.class)); + } + + @Test + public void convert() { + + Assert.assertEquals(new Schema(DataType.Boolean()), convertor.convert(boolean.class)); + Assert.assertEquals(new Schema(DataType.Boolean()), convertor.convert(Boolean.class)); + + Assert.assertEquals(new Schema(DataType.String()), convertor.convert(String.class)); + + Assert.assertEquals(new Schema(DataType.String()), convertor.convert(Character.class)); + Assert.assertEquals(new Schema(DataType.String()), convertor.convert(char.class)); + + Assert.assertEquals(new Schema(DataType.Float()), convertor.convert(Float.class)); + Assert.assertEquals(new Schema(DataType.Float()), convertor.convert(float.class)); + + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(byte.class)); + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(Byte.class)); + + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(Short.class)); + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(short.class)); + + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(Integer.class)); + Assert.assertEquals(new Schema(DataType.Int32()), convertor.convert(int.class)); + + Assert.assertEquals(new Schema(DataType.Int64()), convertor.convert(Long.class)); + Assert.assertEquals(new Schema(DataType.Int64()), convertor.convert(long.class)); + + } +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java new file mode 100644 index 000000000..e44911f74 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java @@ -0,0 +1,14 @@ +package io.dongtai.iast.openapi.convertor; + +public class R1 { + + private String r1; + + public String getR1() { + return r1; + } + + public void setR1(String r1) { + this.r1 = r1; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java new file mode 100644 index 000000000..52cf6cf44 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java @@ -0,0 +1,15 @@ +package io.dongtai.iast.openapi.convertor; + +public class R2 { + + private String r2; + + public String getR2() { + return r2; + } + + public void setR2(String r2) { + this.r2 = r2; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java new file mode 100644 index 000000000..a614943f9 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java @@ -0,0 +1,14 @@ +package io.dongtai.iast.openapi.convertor; + +public class Response { + + private R r; + + public R getR() { + return r; + } + + public void setR(R r) { + this.r = r; + } +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java new file mode 100644 index 000000000..73ebf99f4 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java @@ -0,0 +1,43 @@ +package io.dongtai.iast.openapi.convertor; + +import io.dongtai.iast.openapi.domain.Schema; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import java.util.ArrayList; +import java.util.HashSet; +import java.util.LinkedHashSet; + +public class SetOpenApiSchemaConvertorTest { + + private SetOpenApiSchemaConvertor convertor; + + @Before + public void setUp() throws Exception { + OpenApiSchemaConvertorManager manager = new OpenApiSchemaConvertorManager(); + this.convertor = manager.collectionOpenApiSchemaConvertor.getSetOpenApiSchemaConvertor(); + } + + @Test + public void canConvert() { + Assert.assertTrue(this.convertor.canConvert(HashSet.class)); + Assert.assertTrue(this.convertor.canConvert(LinkedHashSet.class)); + + Assert.assertFalse(this.convertor.canConvert(ArrayList.class)); + } + + @Test + public void convert() { + + String setArray = "{\"items\":{\"type\":\"object\"},\"type\":\"array\",\"uniqueItems\":true}"; + + Schema c = this.convertor.convert(HashSet.class); + Assert.assertEquals(setArray, c.toJson()); + + c = this.convertor.convert(LinkedHashSet.class); + Assert.assertEquals(setArray, c.toJson()); + + } + +} \ No newline at end of file diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/README.md b/dongtai-api-gather/dongtai-api-gather-spring-api/README.md new file mode 100644 index 000000000..71c0a387a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/README.md @@ -0,0 +1,39 @@ +兼容范围: +Spring MVC + +```text +[3.1.0.RELEASE, 5.3.28] +``` + +需要测试的版本: + +```text +f01e11bfc066a01ea4b0de3981cee1c6 3.1.0.RELEASE +4cdc60518a508c26c7f373a641d71b16 3.2.0.RELEASE +c29abdc7666994da35a4f0bffe45e255 3.2.8.RELEASE +c8f8f43b525d15774ed4d6f34e695e39 3.2.18.RELEASE +8ca7fdf0c8baa1ffe19aab4b1c1c7cfe 4.0.0.RELEASE +07268020de2a565823b771a5c9bed58d 4.0.2.RELEASE +f7dcb7cf2e4458936e1983617edf5fcc 4.1.0.RELEASE +d0482c7a1504e7eddc616756cdf5eaaf 4.1.7.RELEASE +b42ce268dd4789f81936c0a4ccfbf891 4.1.8.RELEASE +233e016c9d6360bccd27f6a24cf3f724 4.2.0.RELEASE +2b6ff34dfa5cee87fe44c825cd171783 4.2.8.RELEASE +03a47141ddb1d30940995816269a05b2 4.3.0.RELEASE +ac77012105806ef194892f3b4eec184b 4.3.1.RELEASE +2366c3d61c14f41990a696253c3e5836 4.3.3.RELEASE +93fae052aa9904a2d501a18541df5b1f 4.3.12.RELEASE +1043f7630aeea67532f6f2035700ca6a 5.0.0.RELEASE +bd9308b453f7e66f78be0dad5b9997ac 5.0.1.RELEASE +31d87f5d3d92f43055cdfac8599acf89 5.1.3.RELEASE +c431fdb28b1bf9c617d54c9e8bcd479f 5.1.6.RELEASE +524bc86ff59f67a1e86e43b3aa3a9bc4 5.1.10.RELEASE +d45e1eeaa45f0027347825d97c477f3c 5.2.0.RELEASE +c0404c7cef7fb340a1d8f5f21e80b7af 5.2.4.RELEASE +eff2ccc481a5d4eb084d9c3b48b7a7ca 5.2.7.RELEASE +0fd834715a8720a146ea5f89abbfcef8 5.3.0 +4ac04074559f20620dab6a28590993e0 5.3.4 +fbd5d64e18be147138983525645208a0 5.3.9 +a55b67faef62211b820fb5243551aa48 5.3.10 +``` + diff --git a/dongtai-spring-api/pom.xml b/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml similarity index 68% rename from dongtai-spring-api/pom.xml rename to dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml index 2584bdc60..c4ef4a562 100644 --- a/dongtai-spring-api/pom.xml +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml @@ -1,22 +1,21 @@ + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - iast io.dongtai.iast + dongtai-api-gather ${revision} 4.0.0 - cn.huoxian.iast - dongtai-spring-api + dongtai-api-gather-spring-api org.springframework spring-webmvc - 5.3.19 + 5.3.10 provided @@ -25,6 +24,18 @@ ${project.version} provided + + io.dongtai.iast + dongtai-api-gather-openapi + ${project.version} + provided + + + junit + junit + ${junit.version} + test + diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java new file mode 100644 index 000000000..9bda068c5 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java @@ -0,0 +1,96 @@ +package io.dongtai.iast.spring.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.*; +import io.dongtai.log.DongTaiLog; +import org.springframework.core.MethodParameter; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.method.HandlerMethod; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +/** + * 解析负责接收处理请求的Handler方法 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class HandlerMethodConvertor { + + private final OpenApiSchemaConvertorManager manager; + private final WebApplicationContext webApplicationContext; + private final Operation operation; + private final HandlerMethod handlerMethod; + + public HandlerMethodConvertor(OpenApiSchemaConvertorManager manager, WebApplicationContext webApplicationContext, Operation operation, HandlerMethod handlerMethod) { + this.manager = manager; + this.webApplicationContext = webApplicationContext; + this.operation = operation; + this.handlerMethod = handlerMethod; + } + + public void parse() { + + // 请求参数 + List parameterList = parseParameters(); + this.operation.mergeParameters(parameterList); + + // 响应 + Map responseMap = parseResponse(); + this.operation.setResponses(responseMap); + } + + /** + * 解析接口的参数 + * + * @return + */ + private List parseParameters() { + Map parameterMap = new HashMap<>(); + MethodParameter[] methodParameters = this.handlerMethod.getMethodParameters(); + for (MethodParameter methodParameter : methodParameters) { + try { + Parameter p = new MethodParameterConvertor(this.manager, this.webApplicationContext, this.operation, methodParameter).parse(); + if (p != null) { + parameterMap.put(p.getName(), p); + } + } catch (Throwable e) { + DongTaiLog.error("Spring API HandlerMethodConvertor.parseParameters error", e); + } + } + return new ArrayList<>(parameterMap.values()); + } + + /** + * 解析接口的响应类型 + * + * @return + */ + private Map parseResponse() { + Response r = new Response(); + + MediaType mediaType = new MediaType(); + Schema schema = this.manager.convertClass(this.handlerMethod.getReturnType().getParameterType()); + mediaType.setSchema(schema); + + // 如果响应类型是引用类型的,则认为它返回的是json,否则就认为是*/* + Map contentMap = new HashMap<>(); + if (schema != null && schema.canRef()) { + contentMap.put(MediaType.APPLICATION_JSON, mediaType); + } else { + contentMap.put(MediaType.ALL, mediaType); + } + + r.setContent(contentMap); + r.setDescription(Response.MSG_OK); + + Map responseMap = new HashMap<>(); + responseMap.put(Response.CODE_OK, r); + + return responseMap; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java new file mode 100644 index 000000000..b5a5cf271 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java @@ -0,0 +1,185 @@ +package io.dongtai.iast.spring.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.*; +import io.dongtai.log.DongTaiLog; +import org.springframework.core.LocalVariableTableParameterNameDiscoverer; +import org.springframework.core.MethodParameter; +import org.springframework.web.context.WebApplicationContext; + +import java.lang.annotation.Annotation; +import java.lang.reflect.InvocationTargetException; +import java.util.HashMap; +import java.util.Map; + +/** + * 解析Handler方法的上的形参 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class MethodParameterConvertor { + + private final OpenApiSchemaConvertorManager manager; + private final WebApplicationContext webApplicationContext; + private final Operation operation; + private final MethodParameter methodParameter; + + public MethodParameterConvertor(OpenApiSchemaConvertorManager manager, WebApplicationContext webApplicationContext, Operation operation, MethodParameter methodParameter) { + this.manager = manager; + this.webApplicationContext = webApplicationContext; + this.operation = operation; + this.methodParameter = methodParameter; + } + + /** + * 解析单个的形参,将其解析为一个参数 + * + * @return + */ + public Parameter parse() { + + // Spring的内部类不做转换,只是简单的传递一下名字 + if (isWebFrameworkClass()) { +// Component c = this.manager.getDatabase().register(this.methodParameter.getParameterType()); +// Parameter p = new Parameter(); +// p.setName(this.methodParameter.getParameterType().getSimpleName()); +// p.setSchema(c); +// return p; + // 2023-6-20 18:34:20 如果是spring内部类的话,则直接忽略不再上报 + return null; + } + + // 先按照形参来解析 + Parameter parameter = parseMethodParameter(); + // 只按照形参解析得到的值不一定准确,接下来使用注解来修正参数 + return overrideParameterByAnnotation(parameter); + } + + /** + * 解析方法的形参,从形参中得到HTTP参数 + * + * @return + */ + private Parameter parseMethodParameter() { + Parameter p = new Parameter(); + + // 默认是在 query 中 + p.setIn(ParameterIn.Query); + + // 并且是必传的 + p.setRequired(true); + + // http参数的名称和形参的名称保持一致,如果有在注解中指定的话后面会去修正,这里只需要设置与形参名称一致即可 + try { + LocalVariableTableParameterNameDiscoverer localVariableTableParameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer(); + String[] parameterNames = localVariableTableParameterNameDiscoverer.getParameterNames(this.methodParameter.getMethod()); + String parameterName = parameterNames[this.methodParameter.getParameterIndex()]; + p.setName(parameterName); + } catch (Throwable e) { + DongTaiLog.error("parse method parameter error: {}", e.getMessage()); + } + + // 参数的类型需要存储一下 + Schema c = this.manager.convertClass(this.methodParameter.getParameterType()); + p.setSchema(c); + + return p; + } + + /** + * 判断参数值的类型是否是Spring框架的类,如果是的话则不能当做组件来处理 + * + * @return + */ + private boolean isWebFrameworkClass() { + String parameterClassName = this.methodParameter.getParameterType().getName(); + return parameterClassName.startsWith(" org.springframework".substring(1)) || + parameterClassName.startsWith(" javax.servlet".substring(1)); + } + + /** + * 根据形参上的注解重写参数 + * + * @param p + */ + private Parameter overrideParameterByAnnotation(Parameter p) { + for (Annotation parameterAnnotation : this.methodParameter.getParameterAnnotations()) { + Class aClass = parameterAnnotation.annotationType(); + switch (aClass.getName()) { + case "org.springframework.web.bind.annotation.PathVariable": + p.setIn(ParameterIn.Path); + break; + case "org.springframework.web.bind.annotation.RequestBody": + // 这个参数是放在请求体部分的,不是参数部分,所以取消参数,并创建请求体 + this.operation.setRequestBody(this.parseRequestBody()); + return null; + case "org.springframework.web.bind.annotation.RequestHeader": + p.setIn(ParameterIn.Header); + break; + case "org.springframework.web.bind.annotation.CookieValue": + p.setIn(ParameterIn.Cookie); + break; + case "org.springframework.web.bind.annotation.RequestParam": + p.setIn(ParameterIn.Query); + break; + case "org.springframework.validation.annotation.Validated": + p.setIn(ParameterIn.Query); + break; + } + + // 解析参数名称 + try { + String name = (String) aClass.getMethod("name").invoke(parameterAnnotation); + if (!"".equals(name)) { + p.setName(name); + } + } catch (IllegalAccessException | InvocationTargetException | NoSuchMethodException e) { + // ignored + } + + // 参数是否是必传的 + try { + Boolean required = (Boolean) aClass.getMethod("required").invoke(parameterAnnotation); + if (required != null) { + p.setRequired(required); + } + } catch (IllegalAccessException | InvocationTargetException | NoSuchMethodException e) { + // ignored + } + + // 2023-6-14 17:53:05 暂时不处理默认值 +// // 获取默认值 +// try { +// Boolean defaultValue = (Boolean) aClass.getMethod("defaultValue").invoke(a); +// p.defa(defaultValue); +// } catch (IllegalAccessException | InvocationTargetException | NoSuchMethodException e) { +// throw new RuntimeException(e); +// } + + } + + return p; + } + + /** + * 当前参数是@RequestBody参数注解的,说明它是一个请求的请求体参数 + * + * @return + */ + private RequestBody parseRequestBody() { + RequestBody r = new RequestBody(); + r.setRequired(true); + + MediaType mediaType = new MediaType(); + mediaType.setSchema(this.manager.convertClass(this.methodParameter.getParameterType())); + + Map contentMap = new HashMap<>(); + contentMap.put(MediaType.APPLICATION_JSON, mediaType); + + r.setContent(contentMap); + + return r; + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java new file mode 100644 index 000000000..2fb77155a --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java @@ -0,0 +1,81 @@ +package io.dongtai.iast.spring.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.Info; +import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.iast.openapi.domain.Path; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.mvc.method.RequestMappingInfo; +import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; + +import java.util.HashMap; +import java.util.Map; +import java.util.function.BiConsumer; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class RequestMappingHandlerMappingConvertor { + + private final WebApplicationContext webApplicationContext; + private final RequestMappingHandlerMapping requestMappingHandlerMapping; + + private final OpenApiSchemaConvertorManager manager; + private final OpenApi openApi; + + public RequestMappingHandlerMappingConvertor(WebApplicationContext webApplicationContext, RequestMappingHandlerMapping requestMappingHandlerMapping) { + this.webApplicationContext = webApplicationContext; + this.requestMappingHandlerMapping = requestMappingHandlerMapping; + + this.manager = new OpenApiSchemaConvertorManager(); + this.openApi = new OpenApi(); + } + + /** + * 解析整个映射 + * + * @return + */ + public OpenApi parse() { + Map pathMap = new HashMap<>(); + requestMappingHandlerMapping.getHandlerMethods().forEach(new BiConsumer() { + @Override + public void accept(RequestMappingInfo requestMappingInfo, HandlerMethod handlerMethod) { + Map requestMappingPatMap = new RequestMappingInfoConvertor(manager, webApplicationContext, requestMappingInfo, handlerMethod).parse(); + // 合并路径映射,需要考虑到路径映射重复的情况将其合并 + merge(pathMap, requestMappingPatMap); + } + }); + this.openApi.setPaths(pathMap); + + // 设置组件数据库 + this.openApi.setComponentsBySchemaMap(this.manager.getDatabase().toComponentSchemasMap()); + + // info信息是必须携带的 + Info info = new Info(); + info.setTitle("OpenAPI definition"); + this.openApi.setInfo(info); + + return this.openApi; + } + + /** + * 合并解析出的两个映射,比如可能会出现同一个路径上不同的HTTP方法映射到不同的HandlerMethod的情况,这种情况下就需要合并为一个 + */ + private void merge(Map m1, Map m2) { + m2.forEach(new BiConsumer() { + @Override + public void accept(String s, Path path) { + Path existsPath = m1.get(s); + if (existsPath == null) { + m1.put(s, path); + return; + } + existsPath.merge(path); + } + }); + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java new file mode 100644 index 000000000..0e5912a39 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java @@ -0,0 +1,260 @@ +package io.dongtai.iast.spring.convertor; + +import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.openapi.domain.*; +import io.dongtai.log.DongTaiLog; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.mvc.condition.*; +import org.springframework.web.servlet.mvc.method.RequestMappingInfo; + +import java.util.*; +import java.util.function.Consumer; + +/** + * 用于把单个的映射信息解析为OpenApi的接口格式 + * + * @author CC11001100 + * @since v1.12.0 + */ +public class RequestMappingInfoConvertor { + + private final OpenApiSchemaConvertorManager manager; + private final WebApplicationContext webApplicationContext; + private final RequestMappingInfo requestMappingInfo; + private final HandlerMethod handlerMethod; + + // 从方法中解析出的映射 + private Map pathMap; + + public RequestMappingInfoConvertor(OpenApiSchemaConvertorManager manager, WebApplicationContext webApplicationContext, RequestMappingInfo requestMappingInfo, HandlerMethod handlerMethod) { + this.manager = manager; + this.webApplicationContext = webApplicationContext; + this.requestMappingInfo = requestMappingInfo; + this.handlerMethod = handlerMethod; + + this.pathMap = new HashMap<>(); + } + + public Map parse() { + // 从路径映射作为入口 + parsePathPatternsRequestCondition(); + return this.pathMap; + } + + /** + * 解析路径映射 + */ + private void parsePathPatternsRequestCondition() { + try { + // 5.3.0 版本引入 + PathPatternsRequestCondition c = requestMappingInfo.getPathPatternsCondition(); + if (c != null) { + // 此方法映射到的所有路径 + c.getPatternValues().forEach(s -> { + Path path = new Path(); + // 方法是第二级 + parseRequestMethodsRequestCondition(path); + pathMap.put(s, path); + }); + } + } catch (Throwable e) { + DongTaiLog.error("spring api path.getPathPatternsCondition router error", e); + } + + try { + // 3.1.0.RELEASE 引入 + PatternsRequestCondition c = requestMappingInfo.getPatternsCondition(); + if (c != null) { + c.getPatterns().forEach(new Consumer() { + @Override + public void accept(String s) { + Path path = new Path(); + // 方法是第二级 + parseRequestMethodsRequestCondition(path); + pathMap.put(s, path); + } + }); + } + } catch (Throwable e) { + DongTaiLog.error("spring api path.getPatternsCondition router error", e); + } + } + + /** + * 根据请求方法扩展为多个 + */ + private void parseRequestMethodsRequestCondition(Path path) { + try { + RequestMethodsRequestCondition c = this.requestMappingInfo.getMethodsCondition(); + Set methods = c.getMethods(); + // 如果此处默认为空的话,则将其扩展为所有的情况 + if (methods.isEmpty()) { + methods = new HashSet<>(Arrays.asList(RequestMethod.values())); + } + methods.forEach(new Consumer() { + @Override + public void accept(RequestMethod requestMethod) { + Operation operation = parseOperation(); + switch (requestMethod) { + case GET: + path.setGet(operation); + break; + case HEAD: + path.setHead(operation); + break; + case POST: + path.setPost(operation); + break; + case PUT: + path.setPut(operation); + break; + case PATCH: + path.setPatch(operation); + break; + case DELETE: + path.setDelete(operation); + break; + case OPTIONS: + path.setOptions(operation); + break; + case TRACE: + path.setTrace(operation); + break; + } + } + }); + } catch (Throwable e) { + DongTaiLog.error("spring api method router error", e); + } + } + + /** + * 解析映射操作 + * + * @return + */ + private Operation parseOperation() { + Operation operation = new Operation(); + + // 请求参数路由 + try { + List parameterList = parseParamsRequestCondition(); + operation.mergeParameters(parameterList); + } catch (Throwable e) { + DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation parseParamsRequestCondition error", e); + } + + // 请求头参数 + try { + List parameterList = parseHeadersRequestCondition(operation); + operation.mergeParameters(parameterList); + } catch (Throwable e) { + DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation parseHeadersRequestCondition error", e); + } + + // 使用随机的id + operation.setOperationId(UUID.randomUUID().toString()); + + // 全路径类名放在tags中 + operation.setTags(Arrays.asList(this.handlerMethod.getBeanType().getName())); + + try { + // 解析HandlerMethod + new HandlerMethodConvertor(this.manager, this.webApplicationContext, operation, this.handlerMethod).parse(); + } catch (Throwable e) { + DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation HandlerMethodConvertor error", e); + } + + return operation; + } + + /** + * 解析参数路由的情况,将其作为普通的query上的参数,会加个注释,其它部分都当做普通参数处理 + */ + private List parseParamsRequestCondition() { + try { + ParamsRequestCondition paramsCondition = this.requestMappingInfo.getParamsCondition(); + List parameterList = new ArrayList<>(); + paramsCondition.getExpressions().forEach(new Consumer>() { + @Override + public void accept(NameValueExpression stringNameValueExpression) { + // 当做是一个普通的参数传递 + Parameter p = new Parameter(); + p.setName(stringNameValueExpression.getName()); + p.setIn(ParameterIn.Query); + p.setRequired(true); + // 参数路由的参数统一认为是string类型 + p.setSchema(new Schema(DataType.String())); + parameterList.add(p); + } + }); + return parameterList; + } catch (Throwable e) { + DongTaiLog.error("spring api parameters router error: {}", e.getMessage()); + } + return Collections.emptyList(); + } + + // @Nullable + // private final PatternsRequestCondition patternsCondition; + // + // private final RequestConditionHolder customConditionHolder; + + /** + * 解析请求头路由,认为请求头路由就是一个普通的header参数 + */ + private List parseHeadersRequestCondition(Operation operation) { + try { + HeadersRequestCondition c = this.requestMappingInfo.getHeadersCondition(); + List headerParameterList = new ArrayList<>(); + c.getExpressions().forEach(new Consumer>() { + @Override + public void accept(NameValueExpression stringNameValueExpression) { + stringNameValueExpression.getName(); + Parameter p = new Parameter(); + p.setName(stringNameValueExpression.getName()); + p.setRequired(true); + p.setIn(ParameterIn.Header); + // 在请求头上的参数都认为是string类型的 + p.setSchema(new Schema(DataType.String())); + headerParameterList.add(p); + } + }); + return headerParameterList; + } catch (Throwable e) { + DongTaiLog.error("spring api headers router error: {}", e.getMessage()); + } + return Collections.emptyList(); + } + + /** + * consumer路由,下个版本再支持 + */ + private void parseConsumesRequestCondition(Operation operation) { + // TODO 2023-6-19 16:20:23 暂不解析 +// ConsumesRequestCondition c = this.requestMappingInfo.getConsumesCondition(); +// if (c == null) { +// return; +// } +// c.getExpressions().forEach(new Consumer() { +// @Override +// public void accept(MediaTypeExpression mediaTypeExpression) { +// mediaTypeExpression.getMediaType() +// } +// }); + } + + /** + * producer路由,下个版本再支持 + */ + private void parseProducesRequestCondition() { + // TODO 2023-6-19 16:20:40 暂不解析 +// ProducesRequestCondition c = this.requestMappingInfo.getProducesCondition(); +// if (c == null) { +// return; +// } + } + +} diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java new file mode 100644 index 000000000..691a6a4da --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java @@ -0,0 +1,66 @@ +package io.dongtai.iast.spring.gather; + +import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.iast.spring.convertor.RequestMappingHandlerMappingConvertor; +import io.dongtai.log.DongTaiLog; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; + +import java.lang.reflect.Method; +import java.util.Map; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class SpringMVCApiGather { + + /** + * 从传递的webApplicationContext中收集api地址 + * + * @param applicationContext + * @return + */ + public static OpenApi gather(Object applicationContext) { + WebApplicationContext webApplicationContext = (WebApplicationContext) applicationContext; + SpringMVCApiGather springApplicationContext = new SpringMVCApiGather(); + RequestMappingHandlerMapping requestMappingHandlerMapping = springApplicationContext.findRequestMappingHandlerMapping(webApplicationContext); + return new RequestMappingHandlerMappingConvertor(webApplicationContext, requestMappingHandlerMapping).parse(); + } + + /** + * 从WebApplicationContext找到RequestMappingHandlerMapping + * + * @param applicationContext + * @return + */ + private RequestMappingHandlerMapping findRequestMappingHandlerMapping(WebApplicationContext applicationContext) { + + if (applicationContext == null) { + return null; + } + + // 如果在当前类中能够找到这个util,则使用这个util + try { + // 以下反射代码相当于: + // Map requestMappings = BeanFactoryUtils.beansOfTypeIncludingAncestors(applicationContext, RequestMappingHandlerMapping.class, true, false); + // RequestMappingHandlerMapping handlerMapping = requestMappings.get("requestMappingHandlerMapping"); + Class clazz = Class.forName("org.springframework.beans.factory.BeanFactoryUtils"); + Method beansOfTypeIncludingAncestors = clazz.getDeclaredMethod("beansOfTypeIncludingAncestors"); + Object invoke = beansOfTypeIncludingAncestors.invoke(clazz); + if (invoke instanceof Map) { + Map m = (Map) invoke; + RequestMappingHandlerMapping requestMappingHandlerMapping = m.get("requestMappingHandlerMapping"); + if (requestMappingHandlerMapping != null) { + return requestMappingHandlerMapping; + } + } + } catch (Throwable e) { + DongTaiLog.debug("try use BeanFactoryUtils find RequestMappingHandlerMapping error: {}", e.getMessage()); + } + + // 没有工具类,就只从自己里面找 + return applicationContext.getBean(RequestMappingHandlerMapping.class); + } + +} diff --git a/dongtai-api-gather/pom.xml b/dongtai-api-gather/pom.xml new file mode 100644 index 000000000..cc78cdce8 --- /dev/null +++ b/dongtai-api-gather/pom.xml @@ -0,0 +1,27 @@ + + + + iast + io.dongtai.iast + ${revision} + + 4.0.0 + + dongtai-api-gather + pom + + + dongtai-api-gather-openapi + dongtai-api-gather-spring-api + dongtai-api-gather-dubbo-api + + + + 8 + 8 + UTF-8 + + + \ No newline at end of file diff --git a/dongtai-api/pom.xml b/dongtai-api/pom.xml index dbfd1afc5..a81a62602 100644 --- a/dongtai-api/pom.xml +++ b/dongtai-api/pom.xml @@ -14,8 +14,18 @@ - cn.huoxian.iast - dongtai-spring-api + io.dongtai.iast + dongtai-api-gather-openapi + ${project.version} + + + io.dongtai.iast + dongtai-api-gather-spring-api + ${project.version} + + + io.dongtai.iast + dongtai-api-gather-dubbo-api ${project.version} diff --git a/dongtai-common/src/main/java/io/dongtai/iast/common/constants/ReportType.java b/dongtai-common/src/main/java/io/dongtai/iast/common/constants/ReportType.java index 9b16dcf50..412a70df0 100644 --- a/dongtai-common/src/main/java/io/dongtai/iast/common/constants/ReportType.java +++ b/dongtai-common/src/main/java/io/dongtai/iast/common/constants/ReportType.java @@ -14,6 +14,7 @@ public class ReportType { public static final int SECOND_FALLBACK = 0x46; public static final int ERROR_LOG = 0x51; public static final int API = 0x61; + public static final int API_V2 = 0x62; public static final int SERVICE = 0x81; public static final int SERVICE_DIR = 0x82; } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/DispatchApiCollector.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/DispatchApiCollector.java index f9ccc1677..c37f4e326 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/DispatchApiCollector.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/DispatchApiCollector.java @@ -20,6 +20,6 @@ public ClassVisitor dispatch(ClassVisitor classVisitor, ClassContext context, Po @Override public String getName() { - return "api"; + return "spring-api"; } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java index 4260bd425..f9247efa7 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java @@ -1,53 +1,14 @@ package io.dongtai.iast.core.bytecode.enhance.plugin.spring; -import io.dongtai.iast.core.handler.hookpoint.IastClassLoader; -import io.dongtai.iast.core.handler.hookpoint.api.GetApiThread; -import io.dongtai.iast.core.handler.hookpoint.controller.impl.HttpImpl; -import io.dongtai.log.DongTaiLog; - -import java.lang.reflect.Method; - -/** - * niuerzhuang@huoxian.cn - */ -public class SpringApplicationImpl { - - private static IastClassLoader iastClassLoader; - public static Method getAPI; - public static boolean isSend; - - public static void getWebApplicationContext(Object applicationContext) { - if (!isSend && getClassLoader() != null) { - loadApplicationContext(); - GetApiThread getApiThread = new GetApiThread(applicationContext); - getApiThread.start(); - } - } - - private static IastClassLoader getClassLoader() { - iastClassLoader = HttpImpl.getClassLoader(); - return iastClassLoader; - } - - private static void loadApplicationContext() { - if (getAPI == null) { - try { - Class proxyClass; - proxyClass = iastClassLoader.loadClass("cn.huoxian.iast.spring.SpringApplicationContext"); - getAPI = proxyClass.getDeclaredMethod("getAPI", Object.class); - } catch (NoSuchMethodException e) { - DongTaiLog.debug("SpringApplicationImpl.loadApplicationContext failed", e); - isSend = true; - } catch (NoClassDefFoundError e) { - // spring mvc has no class org/springframework/beans/factory/ListableBeanFactory - if (!e.getMessage().equals(" org/springframework/beans/factory/ListableBeanFactory".substring(1))) { - DongTaiLog.debug("SpringApplicationImpl.loadApplicationContext failed", e); - } - isSend = true; - } finally { - iastClassLoader = null; - } - } - } - -} +//import io.dongtai.iast.core.handler.hookpoint.api.SpringGatherApiThread; +// +///** +// * niuerzhuang@huoxian.cn +// */ +//public class SpringApplicationImpl { +// +// public static void getWebApplicationContext(Object applicationContext) { +// SpringGatherApiThread.gather(applicationContext); +// } +// +//} diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java index 8462f4c3b..bb2a9db0a 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java @@ -6,7 +6,8 @@ import io.dongtai.iast.common.scope.Scope; import io.dongtai.iast.common.scope.ScopeManager; import io.dongtai.iast.core.EngineManager; -import io.dongtai.iast.core.bytecode.enhance.plugin.spring.SpringApplicationImpl; +import io.dongtai.iast.core.handler.hookpoint.api.DubboApiGatherThread; +import io.dongtai.iast.core.handler.hookpoint.api.SpringGatherApiThread; import io.dongtai.iast.core.handler.hookpoint.controller.HookType; import io.dongtai.iast.core.handler.hookpoint.controller.impl.*; import io.dongtai.iast.core.handler.hookpoint.graphy.GraphBuilder; @@ -20,7 +21,10 @@ import java.lang.dongtai.SpyDispatcher; import java.net.InetSocketAddress; -import java.util.*; +import java.util.Collection; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; import java.util.concurrent.atomic.AtomicInteger; /** @@ -333,6 +337,17 @@ public void collectDubboRequest(Object handler, Object channel, Object request, } finally { ScopeManager.SCOPE_TRACKER.getPolicyScope().leaveAgent(); } + + DubboImpl.createClassLoader(handler); + + // TODO 2023-6-27 19:17:18 测试ClassLoader的GC回收 + // 收集Dubbo的api + try { + DubboApiGatherThread.gather(handler.getClass()); + } catch (Throwable e) { + DongTaiLog.error("SpyDispatcherImpl.collectDubboRequest collection dubbo api error", e); + } + } @Override @@ -592,6 +607,7 @@ public boolean isNotReplayRequest() { /** * mark for enter Source Entry Point + * * @since 1.3.1 */ @Override @@ -605,8 +621,10 @@ public boolean collectMethodPool(Object instance, Object[] argumentArray, Object return false; } + // 收集Spring MVC的API if (HookType.SPRINGAPPLICATION.equals(hookType)) { - SpringApplicationImpl.getWebApplicationContext(retValue); + SpringGatherApiThread.gather(retValue); +// SpringApplicationImpl.getWebApplicationContext(retValue); } } catch (Throwable e) { DongTaiLog.error(ErrorCode.get("SPY_COLLECT_HTTP_FAILED"), "", e); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java new file mode 100644 index 000000000..d097de00b --- /dev/null +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java @@ -0,0 +1,45 @@ +package io.dongtai.iast.core.handler.hookpoint.api; + +import com.alibaba.fastjson2.JSONObject; +import io.dongtai.iast.common.constants.ApiPath; +import io.dongtai.iast.common.constants.ReportKey; +import io.dongtai.iast.common.constants.ReportType; +import io.dongtai.iast.core.EngineManager; +import io.dongtai.iast.core.service.ThreadPools; +import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public abstract class AbstractApiGatherThread extends Thread { + + public AbstractApiGatherThread(String name) { + super(name); + } + + protected void report(Object openApi, String framework) { + try { + String report = createReport(openApi, framework); + ThreadPools.sendReport(ApiPath.REPORT_UPLOAD, report); + } catch (Throwable e) { + DongTaiLog.warn(ErrorCode.get("API_COLLECTOR_GET_API_THREAD_EXECUTE_FAILED"), e); + } + } + + private String createReport(Object openApi, String framework) { + JSONObject report = new JSONObject(); + report.put(ReportKey.TYPE, ReportType.API_V2); + + JSONObject detail = new JSONObject(); + detail.put(ReportKey.AGENT_ID, EngineManager.getAgentId()); + detail.put("framework", framework); + detail.put(ReportKey.API_DATA, openApi); + + report.put(ReportKey.DETAIL, detail); + + return report.toString(); + } + +} diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/ApiReport.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/ApiReport.java deleted file mode 100644 index b0ea682f9..000000000 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/ApiReport.java +++ /dev/null @@ -1,33 +0,0 @@ -package io.dongtai.iast.core.handler.hookpoint.api; - -import com.alibaba.fastjson2.JSONObject; -import io.dongtai.iast.common.constants.*; -import io.dongtai.iast.core.EngineManager; -import io.dongtai.iast.core.service.ThreadPools; - -import java.util.Map; - -/** - * send api sitemap - * - * @author niuerzhuang@huoxian.cn - */ -public class ApiReport { - - public static void sendReport(Map apiList) { - String report = createReport(apiList); - ThreadPools.sendReport(ApiPath.REPORT_UPLOAD, report); - } - - private static String createReport(Map apiList) { - JSONObject report = new JSONObject(); - JSONObject detail = new JSONObject(); - report.put(ReportKey.TYPE, ReportType.API); - report.put(ReportKey.DETAIL, detail); - detail.put(ReportKey.AGENT_ID, EngineManager.getAgentId()); - JSONObject apiListJson = new JSONObject(apiList); - detail.put(ReportKey.API_DATA, apiListJson.get(ReportKey.API_DATA)); - return report.toString(); - } - -} diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java new file mode 100644 index 000000000..6a7c45530 --- /dev/null +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java @@ -0,0 +1,112 @@ +package io.dongtai.iast.core.handler.hookpoint.api; + +import io.dongtai.iast.common.constants.AgentConstant; +import io.dongtai.iast.core.handler.hookpoint.controller.impl.DubboImpl; +import io.dongtai.log.DongTaiLog; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class DubboApiGatherThread extends AbstractApiGatherThread { + + public static final String FRAMEWORK_NAME = "dubbo"; + + // Dubbo的包名是alibaba还是apache的 + public static enum DubboPackage { + ALIBABA, + APACHE; + } + + // avoid lock + private static volatile boolean isStarted = false; + + public static void gather(Class handlerClass) { + // TODO 2023-6-28 10:38:23 for debug +// if (isStarted) { +// return; +// } +// isStarted = true; + + DubboPackage dubboPackage = parseDubboPackage(handlerClass); + if (dubboPackage == null) { + return; + } + new DubboApiGatherThread(dubboPackage).start(); + } + + /** + * 根据类名解析当前是dubbo包还是alibaba的包 + * + * @param clazz + * @return + */ + private static DubboPackage parseDubboPackage(Class clazz) { + + if (clazz == null) { + DongTaiLog.error("DubboApiGatherThread.parseDubboPackage class is null"); + return null; + } + + if (clazz.getName().startsWith(" org.apache.".substring(1))) { + return DubboPackage.APACHE; + } else if (clazz.getName().startsWith(" com.alibaba.".substring(1))) { + return DubboPackage.ALIBABA; + } else { + DongTaiLog.error("DubboApiGatherThread.parseDubboPackage can not parse dubbo package for class {}", clazz.getName()); + return null; + } + } + + private final DubboPackage dubboPackage; + + public DubboApiGatherThread(DubboPackage dubboPackage) { + super(AgentConstant.THREAD_NAME_PREFIX_CORE + "DubboGatherApi-thread"); + this.dubboPackage = dubboPackage; + } + + @Override + public void run() { + switch (this.dubboPackage) { + case ALIBABA: + this.gatherAlibabaDubboService(); + break; + case APACHE: + this.gatherApacheDubboService(); + break; + default: + // fuck + } + } + + /** + * 收集Alibaba Dubbo的Service + */ + private void gatherAlibabaDubboService() { + try { + Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.dubbo.gather.AlibabaDubboServiceGather"); + Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); + report(openApi, FRAMEWORK_NAME); + } catch (NoClassDefFoundError e) { + DongTaiLog.error("DubboApiGatherThread.gatherAlibabaDubbo NoClassDefFoundError", e); + } catch (Throwable e) { + DongTaiLog.error("DubboApiGatherThread.gatherAlibabaDubbo error", e); + } + } + + /** + * 收集Apache Dubbo的Service + */ + private void gatherApacheDubboService() { + try { + Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.dubbo.gather.ApacheDubboServiceGather"); + Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); + report(openApi, FRAMEWORK_NAME); + } catch (NoClassDefFoundError e) { + DongTaiLog.error("DubboApiGatherThread.gatherApacheDubbo NoClassDefFoundError", e); + } catch (Throwable e) { + DongTaiLog.error("DubboApiGatherThread.gatherApacheDubbo error", e); + } + } + +} diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/GetApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/GetApiThread.java deleted file mode 100644 index 7a882936b..000000000 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/GetApiThread.java +++ /dev/null @@ -1,35 +0,0 @@ -package io.dongtai.iast.core.handler.hookpoint.api; - -import io.dongtai.iast.core.bytecode.enhance.plugin.spring.SpringApplicationImpl; -import io.dongtai.log.DongTaiLog; -import io.dongtai.log.ErrorCode; - -import java.util.Map; - -public class GetApiThread extends Thread { - - private final Object applicationContext; - - public GetApiThread(Object applicationContext) { - this.applicationContext = applicationContext; - } - - @Override - public void run() { - try { - if (SpringApplicationImpl.getAPI == null) { - return; - } - Map invoke = null; - - invoke = (Map) SpringApplicationImpl.getAPI.invoke(null, applicationContext); - ApiReport.sendReport(invoke); - } catch (Throwable e) { - DongTaiLog.warn(ErrorCode.get("API_COLLECTOR_GET_API_THREAD_EXECUTE_FAILED"), e); - } finally { - SpringApplicationImpl.isSend = true; - SpringApplicationImpl.getAPI = null; - } - } - -} \ No newline at end of file diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java new file mode 100644 index 000000000..71c2f677d --- /dev/null +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -0,0 +1,50 @@ +package io.dongtai.iast.core.handler.hookpoint.api; + +import io.dongtai.iast.common.constants.AgentConstant; +import io.dongtai.iast.core.handler.hookpoint.controller.impl.HttpImpl; +import io.dongtai.log.DongTaiLog; + +import java.lang.reflect.Method; + +/** + * @author CC11001100 + * @since v1.12.0 + */ +public class SpringGatherApiThread extends AbstractApiGatherThread { + + public static final String FRAMEWORK_NAME = "spring mvc"; + + // avoid lock + private static volatile boolean isStarted = false; + + public static void gather(Object applicationContext) { + if (isStarted) { + return; + } + isStarted = true; + new SpringGatherApiThread(applicationContext).start(); + } + + private final Object applicationContext; + + public SpringGatherApiThread(Object applicationContext) { + // TODO 2023-6-28 11:38:25 + super(AgentConstant.THREAD_NAME_PREFIX_CORE + "SpringMvcGatherApi-thread"); + this.applicationContext = applicationContext; + } + + @Override + public void run() { + try { + Class proxyClass = HttpImpl.getClassLoader().loadClass("io.dongtai.iast.spring.gather.SpringMVCApiGather"); + Method getAPI = proxyClass.getDeclaredMethod("gather", Object.class); + Object openApi = getAPI.invoke(null, applicationContext); + report(openApi, FRAMEWORK_NAME); + } catch (NoClassDefFoundError e) { + DongTaiLog.debug("SpringGatherApiThread NoClassDefFoundError ", e); + } catch (Throwable e) { + DongTaiLog.error("SpringGatherApiThread.reflection failed", e); + } + } + +} \ No newline at end of file diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java index 3e1fbfc40..af4abdf77 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/DubboImpl.java @@ -5,21 +5,61 @@ import io.dongtai.iast.common.config.ConfigKey; import io.dongtai.iast.core.EngineManager; import io.dongtai.iast.core.handler.context.ContextManager; +import io.dongtai.iast.core.handler.hookpoint.IastClassLoader; import io.dongtai.iast.core.handler.hookpoint.models.MethodEvent; import io.dongtai.iast.core.handler.hookpoint.models.policy.SourceNode; import io.dongtai.iast.core.handler.hookpoint.models.policy.TaintPosition; -import io.dongtai.iast.core.handler.hookpoint.models.taint.range.*; +import io.dongtai.iast.core.handler.hookpoint.models.taint.range.TaintRange; +import io.dongtai.iast.core.handler.hookpoint.models.taint.range.TaintRanges; +import io.dongtai.iast.core.handler.hookpoint.models.taint.range.TaintRangesBuilder; +import io.dongtai.iast.core.utils.HttpClientUtils; +import io.dongtai.iast.core.utils.PropertyUtils; import io.dongtai.iast.core.utils.StackUtils; import io.dongtai.iast.core.utils.TaintPoolUtils; import io.dongtai.log.DongTaiLog; import java.io.ByteArrayOutputStream; +import java.io.File; import java.net.URI; import java.net.URISyntaxException; -import java.util.*; +import java.net.URL; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; import java.util.concurrent.atomic.AtomicInteger; public class DubboImpl { + + private static IastClassLoader iastClassLoader; + public static File IAST_REQUEST_JAR_PACKAGE; + + static { + IAST_REQUEST_JAR_PACKAGE = new File(PropertyUtils.getTmpDir() + "dongtai-api.jar"); + if (!IAST_REQUEST_JAR_PACKAGE.exists()) { + HttpClientUtils.downloadRemoteJar("/api/v1/engine/download?engineName=dongtai-api", IAST_REQUEST_JAR_PACKAGE.getAbsolutePath()); + } + } + + public static void createClassLoader(Object req) { + try { + if (iastClassLoader != null) { + return; + } + if (IAST_REQUEST_JAR_PACKAGE.exists()) { + iastClassLoader = new IastClassLoader( + req.getClass().getClassLoader(), + new URL[]{IAST_REQUEST_JAR_PACKAGE.toURI().toURL()} + ); + } + } catch (Throwable e) { + DongTaiLog.warn("DubboImpl createClassLoader failed", e); + } + } + + public static IastClassLoader getClassLoader() { + return iastClassLoader; + } + public static void solveDubboRequest(Object handler, Object channel, Object request, String url, String remoteAddress) { try { URI u = new URI(url); @@ -101,7 +141,7 @@ public static void collectDubboRequestSource(Object handler, Object invocation, // for display taint range (full arguments value) String fv = event.parameterValues.get(0).getValue(); - long hash = TaintPoolUtils.toStringHash(fv.hashCode(),System.identityHashCode(fv)); + long hash = TaintPoolUtils.toStringHash(fv.hashCode(), System.identityHashCode(fv)); int len = TaintRangesBuilder.getLength(fv); TaintRanges tr = new TaintRanges(new TaintRange(0, len)); event.targetRanges.add(0, new MethodEvent.MethodEventTargetRange(hash, tr)); diff --git a/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/ApiDataModel.java b/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/ApiDataModel.java deleted file mode 100644 index e3cc932a7..000000000 --- a/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/ApiDataModel.java +++ /dev/null @@ -1,114 +0,0 @@ -package cn.huoxian.iast.spring; - -import java.util.List; -import java.util.Map; - -/** - * 转换接口数据集为对象 - * - * @author niuerzhuang@huoxian.cn - */ -public class ApiDataModel { - - private String url; - private String[] method; - private String clazz; - List> parameters; - private String returnType; - private String file; - private String controller; - private String description; - - public ApiDataModel() { - } - - public ApiDataModel(String url, String[] method, String clazz, List> parameters, String returnType, String file, String controller, String description) { - this.url = url; - this.method = method; - this.clazz = clazz; - this.parameters = parameters; - this.returnType = returnType; - this.file = file; - this.controller = controller; - this.description = description; - } - - public String getDescription() { - if (description == null) { - description = ""; - } - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public String getClazz() { - if (clazz == null) { - clazz = ""; - } - return clazz; - } - - public void setClazz(String clazz) { - this.clazz = clazz; - } - - public String getUrl() { - return url; - } - - public void setUrl(String url) { - this.url = url; - } - - public String[] getMethod() { - return method; - } - - public void setMethod(String[] method) { - this.method = method; - } - - public List> getParameters() { - return parameters; - } - - public void setParameters(List> parameters) { - this.parameters = parameters; - } - - public String getReturnType() { - if (returnType == null || returnType.equals("")) { - returnType = ""; - } - return returnType; - } - - public void setReturnType(String returnType) { - this.returnType = returnType; - } - - public String getFile() { - if (file == null) { - file = ""; - } - return file; - } - - public void setFile(String file) { - this.file = file; - } - - public String getController() { - if (controller == null) { - controller = ""; - } - return controller; - } - - public void setController(String controller) { - this.controller = controller; - } -} diff --git a/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/SpringApplicationContext.java b/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/SpringApplicationContext.java deleted file mode 100644 index 1b6cc0874..000000000 --- a/dongtai-spring-api/src/main/java/cn/huoxian/iast/spring/SpringApplicationContext.java +++ /dev/null @@ -1,180 +0,0 @@ -package cn.huoxian.iast.spring; - -import io.dongtai.log.DongTaiLog; -import org.springframework.aop.support.AopUtils; -import org.springframework.beans.factory.BeanFactoryUtils; -import org.springframework.core.LocalVariableTableParameterNameDiscoverer; -import org.springframework.web.context.WebApplicationContext; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition; -import org.springframework.web.servlet.mvc.method.RequestMappingInfo; -import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; - -import java.lang.annotation.Annotation; -import java.lang.reflect.Method; -import java.lang.reflect.Parameter; -import java.util.*; - -public class SpringApplicationContext { - - public static Map getAPI(Object applicationContext) { - return createReport(getAPIList((WebApplicationContext) applicationContext)); - } - - public static List getAPIList(WebApplicationContext applicationContext) { - Map requestMappings = BeanFactoryUtils.beansOfTypeIncludingAncestors(applicationContext, RequestMappingHandlerMapping.class, true, false); - LocalVariableTableParameterNameDiscoverer methodParameters = new LocalVariableTableParameterNameDiscoverer(); - List apiList = new ArrayList<>(); - RequestMappingHandlerMapping handlerMapping = requestMappings.get("requestMappingHandlerMapping"); - if (handlerMapping == null) { - return apiList; - } - - Map methodMap = handlerMapping.getHandlerMethods(); - for (RequestMappingInfo info : methodMap.keySet()) { - ApiDataModel apiDataModel = new ApiDataModel(); - HandlerMethod handlerMethod = methodMap.get(info); - String clazz = handlerMethod.getBeanType().toString().substring(6); - apiDataModel.setClazz(clazz); - String method = info.getMethodsCondition().toString().replace("[", "").replace("]", ""); - String[] methods; - if ("".equals(method)) { - methods = new String[]{"GET", "POST"}; - } else if (method.contains(" || ")) { - methods = method.split(" \\|\\| "); - } else { - methods = new String[]{method}; - } - apiDataModel.setMethod(methods); - Method declaredMethod = null; - try { - HandlerMethod handlerMethodData = methodMap.get(info); - String beanType = handlerMethodData.getBeanType().toString().substring(6); - apiDataModel.setController(beanType); - Method methodData = handlerMethodData.getMethod(); - String methodName = methodData.getName(); - Parameter[] parameters = methodData.getParameters(); - List> parameterList = new ArrayList<>(); - for (Parameter parameter : parameters) { - parameterList.add(parameter.getType()); - } - int parameterListSize = parameterList.size(); - Class[] classes = new Class[parameterListSize]; - for (int i = 0; i < parameterListSize; i++) { - classes[i] = parameterList.get(i); - } - declaredMethod = AopUtils.getTargetClass(applicationContext.getBean(handlerMethod.getBean().toString())) - .getDeclaredMethod(methodName, classes); - parameters = declaredMethod.getParameters(); - List> parameterMaps = new ArrayList<>(); - String[] params = methodParameters.getParameterNames(methodData); - int i = 0; - for (Parameter parameter : parameters) { - Map parameterMap = new HashMap<>(); - String classType = parameter.getType().toString(); - if (classType.contains(" ")) { - classType = classType.substring(classType.indexOf(" ") + 1); - } - Annotation[] declaredAnnotations = parameter.getDeclaredAnnotations(); - StringBuilder annos = new StringBuilder(); - for (Annotation annotation : declaredAnnotations) { - String annoType = annotation.annotationType().toString(); - String anno = annoType.substring(annoType.lastIndexOf(".") + 1); - switch (anno) { - case "PathVariable": - anno = "restful访问参数"; - break; - case "RequestHeader": - anno = "Header参数"; - break; - case "CookieValue": - anno = "Cookie参数"; - break; - case "RequestParam": - anno = "GET请求参数"; - break; - case "RequestBody": - anno = "POST请求的body参数"; - break; - case "Validated": - anno = "GET请求参数对象"; - break; - default: - } - annos.append(anno); - } - if (params != null) { - parameterMap.put("name", params[i]); - } else { - parameterMap.put("name", "null"); - } - parameterMap.put("type", classType); - parameterMap.put("annotation", String.valueOf(annos)); - parameterMaps.add(parameterMap); - i = i + 1; - } - apiDataModel.setParameters(parameterMaps); - String returnType = declaredMethod.getReturnType().toString(); - if (returnType.contains("class ")) { - returnType = declaredMethod.getReturnType().toString().substring(6); - } - apiDataModel.setReturnType(returnType); - } catch (Throwable e) { - DongTaiLog.debug("get spring api model failed: {}, {}", - e.getMessage(), e.getCause() != null ? e.getCause().getMessage() : ""); - continue; - } - - PatternsRequestCondition patternsCondition = info.getPatternsCondition(); - if (patternsCondition == null) { - continue; - } - Set patterns = patternsCondition.getPatterns(); - if (patterns.size() > 1) { - for (String s : patterns) { - String uri = applicationContext.getApplicationName() + s.replace("[", "").replace("]", ""); - apiDataModel.setUrl(uri); - apiList.add(apiDataModel); - } - } else { - String uri = applicationContext.getApplicationName() + info.getPatternsCondition().toString().replace("[", "").replace("]", ""); - apiDataModel.setUrl(uri); - apiList.add(apiDataModel); - } - } - return apiList; - } - - private static Map createReport(List apiList) { - Map apiDataReport = new HashMap<>(); - List apiData = new ArrayList<>(); - for (ApiDataModel apiDataModel : apiList) { - Map api = new HashMap<>(); - apiData.add(api); - api.put("uri", apiDataModel.getUrl()); - String[] methods = apiDataModel.getMethod(); - List methodsjson = new ArrayList<>(Arrays.asList(methods)); - api.put("method", methodsjson); - api.put("class", apiDataModel.getClazz()); - List> parameters = apiDataModel.getParameters(); - List parametersJson = new ArrayList<>(); - api.put("parameters", parametersJson); - if (parameters != null) { - for (Map parameter : parameters) { - Map parameterjson = new HashMap<>(); - parametersJson.add(parameterjson); - parameterjson.put("name", parameter.get("name")); - parameterjson.put("type", parameter.get("type")); - parameterjson.put("annotation", parameter.get("annotation")); - } - } - api.put("returnType", apiDataModel.getReturnType()); - api.put("file", apiDataModel.getFile()); - api.put("controller", apiDataModel.getController()); - api.put("description", apiDataModel.getDescription()); - } - apiDataReport.put("apiData", apiData); - return apiDataReport; - } - -} diff --git a/pom.xml b/pom.xml index c53f727b4..52dfed8b2 100644 --- a/pom.xml +++ b/pom.xml @@ -130,9 +130,9 @@ dongtai-spy dongtai-core - dongtai-spring-api dongtai-log dongtai-api + dongtai-api-gather dongtai-common dongtai-plugins dongtai-agent From 735f6d24d516281d87a3dda489f29610d3ffd5d5 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 16:39:23 +0800 Subject: [PATCH 03/24] feat: Improve the dubbo api collection module logs --- .../iast/dubbo/convertor/MethodConvertor.java | 32 +++++++++++++------ .../dubbo/convertor/ServiceConvertor.java | 13 +++++--- .../gather/AbstractDubboServiceGather.java | 25 +++++++++------ .../gather/AlibabaDubboServiceGather.java | 4 ++- .../gather/ApacheDubboServiceGather.java | 7 ++-- 5 files changed, 54 insertions(+), 27 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java index e6f15e36d..2d0cd0ac2 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java @@ -5,6 +5,7 @@ import io.dongtai.iast.openapi.domain.Operation; import io.dongtai.iast.openapi.domain.Parameter; import io.dongtai.iast.openapi.domain.Response; +import io.dongtai.log.DongTaiLog; import java.lang.reflect.Method; import java.util.*; @@ -32,12 +33,22 @@ public MethodConvertor(OpenApiSchemaConvertorManager manager, Method reflectionM public Operation convert() { Operation o = new Operation(); - o.mergeParameters(this.parseParameters()); - o.setResponses(this.parseResponse()); + try { + o.mergeParameters(this.parseParameters()); + } catch (Throwable e) { + DongTaiLog.error("MethodConvertor.convert parseParameters error", e); + } + + try { + o.setResponses(this.parseResponse()); + } catch (Throwable e) { + DongTaiLog.error("MethodConvertor.convert parseResponse error", e); + } - // TODO 2023-6-26 11:24:05 设置这两个字段 -// o.setOperationId(); -// o.setTags(); + // 设置这两个字段 + o.setOperationId(UUID.randomUUID().toString()); + // 把类名设置为标签 + o.setTags(Collections.singletonList(reflectionMethod.getDeclaringClass().getName())); return o; } @@ -51,7 +62,6 @@ private Map parseResponse() { Class returnType = this.reflectionMethod.getReturnType(); // 这里需要注意,可能会有返回值为空的情况,这种情况就认为是没有响应值 - // TODO 2023-6-26 11:25:24 需要确认open api的协议是否支持响应为空 if (Void.TYPE == returnType) { return null; } @@ -84,9 +94,13 @@ private List parseParameters() { } List parameterList = new ArrayList<>(); for (java.lang.reflect.Parameter reflectionParameter : reflectionParameterArray) { - Parameter convert = new ParameterConvertor(this.manager, reflectionParameter).convert(); - if (convert != null) { - parameterList.add(convert); + try { + Parameter convert = new ParameterConvertor(this.manager, reflectionParameter).convert(); + if (convert != null) { + parameterList.add(convert); + } + } catch (Throwable e) { + DongTaiLog.error("MethodConvertor.parseParameters ParameterConvertor error", e); } } return parameterList; diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java index 95c11b7a9..c82451c12 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java @@ -3,6 +3,7 @@ import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; import io.dongtai.iast.openapi.domain.Operation; import io.dongtai.iast.openapi.domain.Path; +import io.dongtai.log.DongTaiLog; import java.lang.reflect.Method; import java.lang.reflect.Parameter; @@ -27,10 +28,14 @@ public ServiceConvertor(OpenApiSchemaConvertorManager manager, Class interfaceCl public Map convert() { Map pathMap = new HashMap<>(); for (Method parseServiceMethod : this.parseServiceMethods()) { - Operation convert = new MethodConvertor(this.manager, parseServiceMethod).convert(); - Path path = new Path(); - path.setDubbo(convert); - pathMap.put(this.buildSign(parseServiceMethod), path); + try { + Operation convert = new MethodConvertor(this.manager, parseServiceMethod).convert(); + Path path = new Path(); + path.setDubbo(convert); + pathMap.put(this.buildSign(parseServiceMethod), path); + } catch (Throwable e) { + DongTaiLog.error("ServiceConvertor.convert error", e); + } } return pathMap; } diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java index f00f65cf1..9a93b4642 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java @@ -4,6 +4,7 @@ import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; import io.dongtai.iast.openapi.domain.OpenApi; import io.dongtai.iast.openapi.domain.Path; +import io.dongtai.log.DongTaiLog; import java.lang.reflect.Field; import java.util.HashMap; @@ -16,7 +17,6 @@ *

* 需要兼容两个版本,如果2.6.x及以下版本,可以使用:com.alibaba.dubbo,2.7.0开始,直接使用org.apache.dubbo *

- * TODO 协议、配置方式 * * @author CC11001100 * @since v1.12.0 @@ -31,16 +31,21 @@ public AbstractDubboServiceGather() { } public OpenApi gather() { - // TODO 2023-6-26 15:32:15 解析其它协议 Object protocolObject = this.getProtocol("dubbo"); if (protocolObject == null) { + DongTaiLog.error("AbstractDubboServiceGather getProtocol null"); return null; } Object exporterMap = this.getExporterMap(protocolObject); if (exporterMap == null) { + DongTaiLog.error("AbstractDubboServiceGather getExporterMap null"); return null; } List exportedServiceList = this.parseExportedServiceClassList(exporterMap); + if (exportedServiceList == null || exportedServiceList.isEmpty()) { + DongTaiLog.error("AbstractDubboServiceGather parseExportedServiceClassList empty"); + return null; + } // 解析服务列表 OpenApi openApi = new OpenApi(); @@ -65,9 +70,13 @@ private Map parsePaths(List exportedServiceList) { exportedServiceList.forEach(new Consumer() { @Override public void accept(Class aClass) { - Map convert = new ServiceConvertor(manager, aClass).convert(); - // 暂不考虑key覆盖的问题 - pathMap.putAll(convert); + try { + Map convert = new ServiceConvertor(manager, aClass).convert(); + // 暂不考虑key覆盖的问题 + pathMap.putAll(convert); + } catch (Throwable e) { + DongTaiLog.error("AbstractDubboServiceGather parsePaths error", e); + } } }); return pathMap; @@ -90,8 +99,7 @@ private Object getProtocol(String protocolName) { break; } } catch (Throwable e) { - // TODO log - e.printStackTrace(); + DongTaiLog.error("AbstractDubboServiceGather getProtocol error", e); } } return protocolObj; @@ -124,8 +132,7 @@ private Object getExporterMap(Object protocolObject) { exporterMapField.setAccessible(true); return exporterMapField.get(protocolObject); } catch (Throwable e) { - // TODO 2023-6-25 12:17:59 log - e.printStackTrace(); + DongTaiLog.error("AbstractDubboServiceGather getExporterMap error", e); } return null; } diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java index 580477c3a..0b5d0717b 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java @@ -5,6 +5,7 @@ import com.alibaba.dubbo.rpc.Protocol; import com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol; import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.log.DongTaiLog; import java.util.ArrayList; import java.util.List; @@ -47,6 +48,7 @@ protected List parseExportedServiceClassList(Object exporterMap) { // 除 2.4.11 之外的版本,即 [2.0.10, 2.4.11) 和 (2.4.11, 2.6.12] 两个版本范围 // 2.4.11 版本无法解析 // 2023-6-26 18:49:15 发现2.4.11是一个无效的发布包,已经跟阿里开源反馈,希望他们能处理一下.... + // 2023-6-28 16:35:45 收到了回复,他们放弃维护,不删除...那到时候有人问再解释吧... ((Map) exporterMap).forEach(new BiConsumer() { @Override public void accept(String s, Exporter exporter) { @@ -55,7 +57,7 @@ public void accept(String s, Exporter exporter) { } }); } catch (Throwable e) { - // TODO log + DongTaiLog.error("AbstractDubboServiceGather parseExportedServiceClassList error", e); } return serviceClassList; } diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java index ce0db9b08..6e66e5869 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java @@ -58,7 +58,7 @@ public void accept(String s, Exporter exporter) { return serviceClassList; } } catch (Throwable e) { - // TODO 2023-6-26 15:24:50 log + DongTaiLog.debug("AbstractDubboServiceGather parseExportedServiceClassList DelegateExporterMap throw exception", e); } // [2.7.9, 2.7.13) 和 (3.0.0, 3.2.0-beta.6] 之间都是 Map> 类型 @@ -73,10 +73,9 @@ public void accept(String s, Exporter exporter) { return serviceClassList; } } catch (Throwable e) { - // TODO 2023-6-26 15:25:47 log - DongTaiLog.error(""); + DongTaiLog.debug("AbstractDubboServiceGather parseExportedServiceClassList Map throw exception", e); } - + return serviceClassList; } From 86545067bd4f7ca2ccd6461096c55b96ddce0968 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 16:52:19 +0800 Subject: [PATCH 04/24] refactor: api gather package rename --- .../gather}/dubbo/convertor/MethodConvertor.java | 12 ++++++------ .../dubbo/convertor/ParameterConvertor.java | 10 +++++----- .../dubbo/convertor/ServiceConvertor.java | 8 ++++---- .../AbstractDubboServiceExtractor.java} | 16 ++++++++-------- .../extractor/AlibabaDubboServiceExtractor.java} | 8 ++++---- .../extractor/ApacheDubboServiceExtractor.java} | 10 +++++----- .../convertor/ArrayOpenApiSchemaConvertor.java | 6 +++--- .../convertor/BaseOpenApiSchemaConvertor.java | 4 ++-- .../convertor/ClassOpenApiSchemaConvertor.java | 4 ++-- .../CollectionOpenApiSchemaConvertor.java | 4 ++-- .../openapi/convertor/ComponentDatabase.java | 4 ++-- .../convertor/EnumOpenApiSchemaConvertor.java | 6 +++--- .../convertor/FieldOpenApiSchemaConvertor.java | 4 ++-- .../JavaBeanOpenApiSchemaConvertor.java | 4 ++-- .../convertor/ListOpenApiSchemaConvertor.java | 6 +++--- .../convertor/MapOpenApiSchemaConvertor.java | 6 +++--- .../convertor/OpenApiSchemaConvertorManager.java | 4 ++-- .../convertor/PrimitiveTypeConvertor.java | 6 +++--- .../convertor/SetOpenApiSchemaConvertor.java | 6 +++--- .../iast/{ => api}/openapi/domain/DataType.java | 2 +- .../iast/{ => api}/openapi/domain/Header.java | 2 +- .../iast/{ => api}/openapi/domain/Info.java | 2 +- .../iast/{ => api}/openapi/domain/MediaType.java | 2 +- .../iast/{ => api}/openapi/domain/OpenApi.java | 2 +- .../iast/{ => api}/openapi/domain/Operation.java | 2 +- .../iast/{ => api}/openapi/domain/Parameter.java | 2 +- .../{ => api}/openapi/domain/ParameterIn.java | 2 +- .../iast/{ => api}/openapi/domain/Path.java | 2 +- .../iast/{ => api}/openapi/domain/Reference.java | 2 +- .../{ => api}/openapi/domain/RequestBody.java | 2 +- .../iast/{ => api}/openapi/domain/Response.java | 2 +- .../iast/{ => api}/openapi/domain/Schema.java | 2 +- .../ArrayOpenApiSchemaConvertorTest.java | 7 +++---- .../dongtai/iast/api/openapi/convertor/Bar.java | 4 ++++ .../EnumOpenApiSchemaConvertorTest.java | 4 ++-- .../{ => api}/openapi/convertor/Enumnumnum.java | 2 +- .../iast/{ => api}/openapi/convertor/Foo.java | 2 +- .../JavaBeanOpenApiSchemaConvertorTest.java | 5 ++--- .../ListOpenApiSchemaConvertorTest.java | 4 ++-- .../convertor/PrimitiveTypeConvertorTest.java | 6 +++--- .../iast/{ => api}/openapi/convertor/R1.java | 2 +- .../iast/{ => api}/openapi/convertor/R2.java | 2 +- .../{ => api}/openapi/convertor/Response.java | 2 +- .../convertor/SetOpenApiSchemaConvertorTest.java | 4 ++-- .../io/dongtai/iast/openapi/convertor/Bar.java | 4 ---- .../spring/convertor/HandlerMethodConvertor.java | 6 +++--- .../convertor/MethodParameterConvertor.java | 6 +++--- .../RequestMappingHandlerMappingConvertor.java | 10 +++++----- .../convertor/RequestMappingInfoConvertor.java | 6 +++--- .../spring/extractor/SpringMVCApiExtractor.java} | 12 ++++++------ .../hookpoint/api/AbstractApiGatherThread.java | 5 ++++- .../hookpoint/api/DubboApiGatherThread.java | 13 ++++++------- .../hookpoint/api/SpringGatherApiThread.java | 5 ++--- 53 files changed, 132 insertions(+), 133 deletions(-) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{ => api/gather}/dubbo/convertor/MethodConvertor.java (90%) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{ => api/gather}/dubbo/convertor/ParameterConvertor.java (83%) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{ => api/gather}/dubbo/convertor/ServiceConvertor.java (93%) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{dubbo/gather/AbstractDubboServiceGather.java => api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java} (91%) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{dubbo/gather/AlibabaDubboServiceGather.java => api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java} (89%) rename dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/{dubbo/gather/ApacheDubboServiceGather.java => api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java} (91%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/ArrayOpenApiSchemaConvertor.java (89%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/BaseOpenApiSchemaConvertor.java (89%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/ClassOpenApiSchemaConvertor.java (83%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/CollectionOpenApiSchemaConvertor.java (95%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/ComponentDatabase.java (97%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/EnumOpenApiSchemaConvertor.java (89%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/FieldOpenApiSchemaConvertor.java (86%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/ListOpenApiSchemaConvertor.java (92%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/MapOpenApiSchemaConvertor.java (79%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/OpenApiSchemaConvertorManager.java (97%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/PrimitiveTypeConvertor.java (95%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/convertor/SetOpenApiSchemaConvertor.java (85%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/DataType.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Header.java (74%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Info.java (90%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/MediaType.java (90%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/OpenApi.java (97%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Operation.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Parameter.java (96%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/ParameterIn.java (94%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Path.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Reference.java (93%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/RequestBody.java (94%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Response.java (95%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/{ => api}/openapi/domain/Schema.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java (95%) create mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Bar.java rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/EnumOpenApiSchemaConvertorTest.java (91%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/Enumnumnum.java (51%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/Foo.java (98%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java (89%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/ListOpenApiSchemaConvertorTest.java (89%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/PrimitiveTypeConvertorTest.java (95%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/R1.java (77%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/R2.java (77%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/Response.java (76%) rename dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/{ => api}/openapi/convertor/SetOpenApiSchemaConvertorTest.java (92%) delete mode 100644 dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java rename dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/{ => api/gather}/spring/convertor/HandlerMethodConvertor.java (94%) rename dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/{ => api/gather}/spring/convertor/MethodParameterConvertor.java (97%) rename dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/{ => api/gather}/spring/convertor/RequestMappingHandlerMappingConvertor.java (91%) rename dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/{ => api/gather}/spring/convertor/RequestMappingInfoConvertor.java (98%) rename dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/{spring/gather/SpringMVCApiGather.java => api/gather/spring/extractor/SpringMVCApiExtractor.java} (87%) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java similarity index 90% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java index 2d0cd0ac2..bb85ebf65 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/MethodConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java @@ -1,10 +1,10 @@ -package io.dongtai.iast.dubbo.convertor; +package io.dongtai.iast.api.gather.dubbo.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.MediaType; -import io.dongtai.iast.openapi.domain.Operation; -import io.dongtai.iast.openapi.domain.Parameter; -import io.dongtai.iast.openapi.domain.Response; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.MediaType; +import io.dongtai.iast.api.openapi.domain.Operation; +import io.dongtai.iast.api.openapi.domain.Parameter; +import io.dongtai.iast.api.openapi.domain.Response; import io.dongtai.log.DongTaiLog; import java.lang.reflect.Method; diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ParameterConvertor.java similarity index 83% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ParameterConvertor.java index cac91157e..fc8767f32 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ParameterConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ParameterConvertor.java @@ -1,9 +1,9 @@ -package io.dongtai.iast.dubbo.convertor; +package io.dongtai.iast.api.gather.dubbo.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.Parameter; -import io.dongtai.iast.openapi.domain.ParameterIn; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.Parameter; +import io.dongtai.iast.api.openapi.domain.ParameterIn; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 方法参数级别的转换,把Dubbo的Service上的Method的Parameter转为Open API的Parameter的格式 diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java similarity index 93% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java index c82451c12..bfc0b6a0b 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/convertor/ServiceConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java @@ -1,8 +1,8 @@ -package io.dongtai.iast.dubbo.convertor; +package io.dongtai.iast.api.gather.dubbo.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.Operation; -import io.dongtai.iast.openapi.domain.Path; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.Operation; +import io.dongtai.iast.api.openapi.domain.Path; import io.dongtai.log.DongTaiLog; import java.lang.reflect.Method; diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java similarity index 91% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java index 9a93b4642..ed1fb8a8a 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AbstractDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java @@ -1,9 +1,9 @@ -package io.dongtai.iast.dubbo.gather; +package io.dongtai.iast.api.gather.dubbo.extractor; -import io.dongtai.iast.dubbo.convertor.ServiceConvertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.OpenApi; -import io.dongtai.iast.openapi.domain.Path; +import io.dongtai.iast.api.gather.dubbo.convertor.ServiceConvertor; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.OpenApi; +import io.dongtai.iast.api.openapi.domain.Path; import io.dongtai.log.DongTaiLog; import java.lang.reflect.Field; @@ -21,16 +21,16 @@ * @author CC11001100 * @since v1.12.0 */ -public abstract class AbstractDubboServiceGather { +public abstract class AbstractDubboServiceExtractor { // 每个Gather共享同一个Manager private OpenApiSchemaConvertorManager manager; - public AbstractDubboServiceGather() { + public AbstractDubboServiceExtractor() { this.manager = new OpenApiSchemaConvertorManager(); } - public OpenApi gather() { + public OpenApi extract() { Object protocolObject = this.getProtocol("dubbo"); if (protocolObject == null) { DongTaiLog.error("AbstractDubboServiceGather getProtocol null"); diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java index 0b5d0717b..a53ba8e9e 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/AlibabaDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java @@ -1,10 +1,10 @@ -package io.dongtai.iast.dubbo.gather; +package io.dongtai.iast.api.gather.dubbo.extractor; import com.alibaba.dubbo.common.extension.ExtensionLoader; import com.alibaba.dubbo.rpc.Exporter; import com.alibaba.dubbo.rpc.Protocol; import com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol; -import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.log.DongTaiLog; import java.util.ArrayList; @@ -20,7 +20,7 @@ * @author CC11001100 * @since v1.12.0 */ -public class AlibabaDubboServiceGather extends AbstractDubboServiceGather { +public class AlibabaDubboServiceExtractor extends AbstractDubboServiceExtractor { /** * 静态方法供反射调用 @@ -28,7 +28,7 @@ public class AlibabaDubboServiceGather extends AbstractDubboServiceGather { * @return */ public static OpenApi run() { - return new AlibabaDubboServiceGather().gather(); + return new AlibabaDubboServiceExtractor().extract(); } @Override diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java similarity index 91% rename from dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java rename to dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java index 6e66e5869..41bb6c8bb 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/dubbo/gather/ApacheDubboServiceGather.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.dubbo.gather; +package io.dongtai.iast.api.gather.dubbo.extractor; -import io.dongtai.iast.openapi.domain.OpenApi; +import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.log.DongTaiLog; import org.apache.dubbo.common.extension.ExtensionLoader; import org.apache.dubbo.rpc.Exporter; @@ -21,7 +21,7 @@ * @author CC11001100 * @since v1.12.0 */ -public class ApacheDubboServiceGather extends AbstractDubboServiceGather { +public class ApacheDubboServiceExtractor extends AbstractDubboServiceExtractor { /** * 静态方法供反射调用 @@ -29,7 +29,7 @@ public class ApacheDubboServiceGather extends AbstractDubboServiceGather { * @return */ public static OpenApi run() { - return new ApacheDubboServiceGather().gather(); + return new ApacheDubboServiceExtractor().extract(); } @Override @@ -75,7 +75,7 @@ public void accept(String s, Exporter exporter) { } catch (Throwable e) { DongTaiLog.debug("AbstractDubboServiceGather parseExportedServiceClassList Map throw exception", e); } - + return serviceClassList; } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java index a0c3bb623..651ae6743 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 用于转换Java的数组结构到OpenApi的array组件类型 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java index b7bb0ced2..e6d121282 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/BaseOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java similarity index 83% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java index 657acc5a2..8e109ed58 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ClassOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 用于表示一个类型转换器,用来根据Java中的Class转换为Open API的Schema diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java similarity index 95% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java index d1d5db9b1..ace66c1c2 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/CollectionOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 用于Java内置的集合类型的转换,比如List、Set、Map diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java similarity index 97% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java index 5f9279e6d..5ed3076eb 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ComponentDatabase.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import java.util.*; import java.util.function.Consumer; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java index f1bf39982..32355cf2a 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 转换枚举值 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java similarity index 86% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java index 2038c50f2..6eb3dc973 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/FieldOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java index 7686005bf..acbeda8cb 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; import java.util.ArrayList; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java similarity index 92% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java index 635cbf104..7cc3a472b 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; import java.util.List; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java similarity index 79% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java index ecb654415..bc750cf11 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/MapOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; /** * 用于把Map类型转为Open API的类型 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java similarity index 97% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java index ebc678b5f..66de78df4 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/OpenApiSchemaConvertorManager.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import io.dongtai.log.DongTaiLog; /** diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java similarity index 95% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java index e1be14413..50a84b488 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; import java.util.HashSet; import java.util.Set; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertor.java similarity index 85% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertor.java index 85c00d253..124e39d19 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; import java.util.Set; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java index 7685f7c90..eba285c17 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/DataType.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import java.util.Objects; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Header.java similarity index 74% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Header.java index 51a258c41..cfda29bd8 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Header.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Header.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; /** * Header基本复用了Parameter diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Info.java similarity index 90% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Info.java index 17a90de3a..aca930ecb 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Info.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Info.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; /** * @author CC11001100 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/MediaType.java similarity index 90% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/MediaType.java index f8241e6cb..e5ea765ac 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/MediaType.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/MediaType.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; /** * @author CC11001100 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/OpenApi.java similarity index 97% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/OpenApi.java index 1736b0a67..dfc661e30 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/OpenApi.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/OpenApi.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import com.alibaba.fastjson2.JSON; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Operation.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Operation.java index 86c1b59cc..c4dc35505 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Operation.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Operation.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import java.util.ArrayList; import java.util.HashMap; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Parameter.java similarity index 96% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Parameter.java index 416dbe050..3bf2a635f 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Parameter.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Parameter.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; /** * 用于表示接口的一个参数 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/ParameterIn.java similarity index 94% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/ParameterIn.java index 760f28781..e1b477e92 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/ParameterIn.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/ParameterIn.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import com.alibaba.fastjson2.annotation.JSONField; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Path.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Path.java index 32a4f3f5e..d5f3363aa 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Path.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Path.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import java.util.List; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Reference.java similarity index 93% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Reference.java index b25188b75..7b008bbea 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Reference.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Reference.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; /** * @author CC11001100 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/RequestBody.java similarity index 94% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/RequestBody.java index bcce5715d..5b4b5c304 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/RequestBody.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/RequestBody.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import java.util.Map; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Response.java similarity index 95% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Response.java index fb5b2781c..c650ccc23 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Response.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Response.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import java.util.Map; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Schema.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Schema.java index 8bd81ee17..c86c448de 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/openapi/domain/Schema.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/Schema.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.domain; +package io.dongtai.iast.api.openapi.domain; import com.alibaba.fastjson2.JSON; import com.alibaba.fastjson2.annotation.JSONField; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java similarity index 95% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java index 7b70bcb3a..08eeaf141 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java @@ -1,8 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; -import io.dongtai.iast.openapi.domain.DataType; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; import org.junit.Assert; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Bar.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Bar.java new file mode 100644 index 000000000..a733d3dc5 --- /dev/null +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Bar.java @@ -0,0 +1,4 @@ +package io.dongtai.iast.api.openapi.convertor; + +public class Bar extends Foo { +} diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertorTest.java similarity index 91% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertorTest.java index 4667b4ba8..6410088e2 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/EnumOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertorTest.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import org.junit.Assert; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Enumnumnum.java similarity index 51% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Enumnumnum.java index c654d7a59..676bfa64a 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Enumnumnum.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Enumnumnum.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; public enum Enumnumnum { diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Foo.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Foo.java index f526103e8..c07f3fea9 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Foo.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Foo.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; import java.util.List; import java.util.Map; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java index d54f6d4fb..9efabba0c 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertorTest.java @@ -1,8 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import com.alibaba.fastjson2.JSON; -import io.dongtai.iast.openapi.domain.Schema; import org.junit.Assert; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertorTest.java similarity index 89% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertorTest.java index dc0cdcc1a..d30c9c8b3 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/ListOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertorTest.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertorTest.java similarity index 95% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertorTest.java index f8e568684..bf64e5d97 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/PrimitiveTypeConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertorTest.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; -import io.dongtai.iast.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.DataType; +import io.dongtai.iast.api.openapi.domain.Schema; import org.junit.Assert; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R1.java similarity index 77% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R1.java index e44911f74..cd78f3f39 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R1.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R1.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; public class R1 { diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R2.java similarity index 77% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R2.java index 52cf6cf44..be505757d 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/R2.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/R2.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; public class R2 { diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Response.java similarity index 76% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Response.java index a614943f9..58779fbbf 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Response.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/Response.java @@ -1,4 +1,4 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; public class Response { diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertorTest.java similarity index 92% rename from dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java rename to dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertorTest.java index 73ebf99f4..eb169e24e 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/SetOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/SetOpenApiSchemaConvertorTest.java @@ -1,6 +1,6 @@ -package io.dongtai.iast.openapi.convertor; +package io.dongtai.iast.api.openapi.convertor; -import io.dongtai.iast.openapi.domain.Schema; +import io.dongtai.iast.api.openapi.domain.Schema; import org.junit.Assert; import org.junit.Before; import org.junit.Test; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java deleted file mode 100644 index b6acd6a7b..000000000 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/openapi/convertor/Bar.java +++ /dev/null @@ -1,4 +0,0 @@ -package io.dongtai.iast.openapi.convertor; - -public class Bar extends Foo { -} diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java similarity index 94% rename from dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java rename to dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java index 9bda068c5..65488d6fa 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/HandlerMethodConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.spring.convertor; +package io.dongtai.iast.api.gather.spring.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.*; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.*; import io.dongtai.log.DongTaiLog; import org.springframework.core.MethodParameter; import org.springframework.web.context.WebApplicationContext; diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java similarity index 97% rename from dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java rename to dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java index b5a5cf271..9f8103314 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/MethodParameterConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.spring.convertor; +package io.dongtai.iast.api.gather.spring.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.*; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.*; import io.dongtai.log.DongTaiLog; import org.springframework.core.LocalVariableTableParameterNameDiscoverer; import org.springframework.core.MethodParameter; diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingHandlerMappingConvertor.java similarity index 91% rename from dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java rename to dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingHandlerMappingConvertor.java index 2fb77155a..7afbd352a 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingHandlerMappingConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingHandlerMappingConvertor.java @@ -1,9 +1,9 @@ -package io.dongtai.iast.spring.convertor; +package io.dongtai.iast.api.gather.spring.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.Info; -import io.dongtai.iast.openapi.domain.OpenApi; -import io.dongtai.iast.openapi.domain.Path; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.Info; +import io.dongtai.iast.api.openapi.domain.OpenApi; +import io.dongtai.iast.api.openapi.domain.Path; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.mvc.method.RequestMappingInfo; diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java similarity index 98% rename from dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java rename to dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java index 0e5912a39..06f6e9d37 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/convertor/RequestMappingInfoConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.spring.convertor; +package io.dongtai.iast.api.gather.spring.convertor; -import io.dongtai.iast.openapi.convertor.OpenApiSchemaConvertorManager; -import io.dongtai.iast.openapi.domain.*; +import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.*; import io.dongtai.log.DongTaiLog; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.context.WebApplicationContext; diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java similarity index 87% rename from dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java rename to dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java index 691a6a4da..c6bb3fe82 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/spring/gather/SpringMVCApiGather.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java @@ -1,7 +1,7 @@ -package io.dongtai.iast.spring.gather; +package io.dongtai.iast.api.gather.spring.extractor; -import io.dongtai.iast.openapi.domain.OpenApi; -import io.dongtai.iast.spring.convertor.RequestMappingHandlerMappingConvertor; +import io.dongtai.iast.api.gather.spring.convertor.RequestMappingHandlerMappingConvertor; +import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.log.DongTaiLog; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; @@ -13,7 +13,7 @@ * @author CC11001100 * @since v1.12.0 */ -public class SpringMVCApiGather { +public class SpringMVCApiExtractor { /** * 从传递的webApplicationContext中收集api地址 @@ -21,9 +21,9 @@ public class SpringMVCApiGather { * @param applicationContext * @return */ - public static OpenApi gather(Object applicationContext) { + public static OpenApi run(Object applicationContext) { WebApplicationContext webApplicationContext = (WebApplicationContext) applicationContext; - SpringMVCApiGather springApplicationContext = new SpringMVCApiGather(); + SpringMVCApiExtractor springApplicationContext = new SpringMVCApiExtractor(); RequestMappingHandlerMapping requestMappingHandlerMapping = springApplicationContext.findRequestMappingHandlerMapping(webApplicationContext); return new RequestMappingHandlerMappingConvertor(webApplicationContext, requestMappingHandlerMapping).parse(); } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java index d097de00b..864c4afc3 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java @@ -18,8 +18,11 @@ public abstract class AbstractApiGatherThread extends Thread { public AbstractApiGatherThread(String name) { super(name); } - + protected void report(Object openApi, String framework) { + if (openApi == null) { + return; + } try { String report = createReport(openApi, framework); ThreadPools.sendReport(ApiPath.REPORT_UPLOAD, report); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java index 6a7c45530..32fcec177 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java @@ -22,11 +22,10 @@ public static enum DubboPackage { private static volatile boolean isStarted = false; public static void gather(Class handlerClass) { - // TODO 2023-6-28 10:38:23 for debug -// if (isStarted) { -// return; -// } -// isStarted = true; + if (isStarted) { + return; + } + isStarted = true; DubboPackage dubboPackage = parseDubboPackage(handlerClass); if (dubboPackage == null) { @@ -84,7 +83,7 @@ public void run() { */ private void gatherAlibabaDubboService() { try { - Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.dubbo.gather.AlibabaDubboServiceGather"); + Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.dubbo.extractor.AlibabaDubboServiceExtractor"); Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); report(openApi, FRAMEWORK_NAME); } catch (NoClassDefFoundError e) { @@ -99,7 +98,7 @@ private void gatherAlibabaDubboService() { */ private void gatherApacheDubboService() { try { - Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.dubbo.gather.ApacheDubboServiceGather"); + Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.dubbo.extractor.ApacheDubboServiceExtractor"); Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); report(openApi, FRAMEWORK_NAME); } catch (NoClassDefFoundError e) { diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java index 71c2f677d..c9b1725f0 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -28,7 +28,6 @@ public static void gather(Object applicationContext) { private final Object applicationContext; public SpringGatherApiThread(Object applicationContext) { - // TODO 2023-6-28 11:38:25 super(AgentConstant.THREAD_NAME_PREFIX_CORE + "SpringMvcGatherApi-thread"); this.applicationContext = applicationContext; } @@ -36,8 +35,8 @@ public SpringGatherApiThread(Object applicationContext) { @Override public void run() { try { - Class proxyClass = HttpImpl.getClassLoader().loadClass("io.dongtai.iast.spring.gather.SpringMVCApiGather"); - Method getAPI = proxyClass.getDeclaredMethod("gather", Object.class); + Class proxyClass = HttpImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.spring.extractor.SpringMVCApiExtractor"); + Method getAPI = proxyClass.getDeclaredMethod("run", Object.class); Object openApi = getAPI.invoke(null, applicationContext); report(openApi, FRAMEWORK_NAME); } catch (NoClassDefFoundError e) { From 9620f9212c48fce90d1347ddc7d2f2265189f08a Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 16:53:41 +0800 Subject: [PATCH 05/24] feat: log prefect --- .../gather/dubbo/extractor/AlibabaDubboServiceExtractor.java | 2 +- .../gather/dubbo/extractor/ApacheDubboServiceExtractor.java | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java index a53ba8e9e..47c371cc1 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java @@ -57,7 +57,7 @@ public void accept(String s, Exporter exporter) { } }); } catch (Throwable e) { - DongTaiLog.error("AbstractDubboServiceGather parseExportedServiceClassList error", e); + DongTaiLog.error("AlibabaDubboServiceExtractor parseExportedServiceClassList error", e); } return serviceClassList; } diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java index 41bb6c8bb..38588c751 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/ApacheDubboServiceExtractor.java @@ -58,7 +58,7 @@ public void accept(String s, Exporter exporter) { return serviceClassList; } } catch (Throwable e) { - DongTaiLog.debug("AbstractDubboServiceGather parseExportedServiceClassList DelegateExporterMap throw exception", e); + DongTaiLog.debug("ApacheDubboServiceExtractor parseExportedServiceClassList DelegateExporterMap throw exception", e); } // [2.7.9, 2.7.13) 和 (3.0.0, 3.2.0-beta.6] 之间都是 Map> 类型 @@ -73,7 +73,7 @@ public void accept(String s, Exporter exporter) { return serviceClassList; } } catch (Throwable e) { - DongTaiLog.debug("AbstractDubboServiceGather parseExportedServiceClassList Map throw exception", e); + DongTaiLog.debug("ApacheDubboServiceExtractor parseExportedServiceClassList Map throw exception", e); } return serviceClassList; From b792ea92aed5402f8a0cd739b1adeb757a69fadb Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 17:33:05 +0800 Subject: [PATCH 06/24] feat: enhance bean field detect --- .../JavaBeanOpenApiSchemaConvertor.java | 78 +++++++++++++++++-- 1 file changed, 71 insertions(+), 7 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java index acbeda8cb..7f21ee077 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java @@ -3,6 +3,8 @@ import io.dongtai.iast.api.openapi.domain.Schema; import java.lang.reflect.Field; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; import java.util.ArrayList; import java.util.HashSet; import java.util.List; @@ -71,8 +73,7 @@ public void accept(Schema schema) { c.setName(clazz.getSimpleName()); c.setType("object"); - // TODO 2023-6-15 16:24:06 向上递归处理所有字段,并检查是否符合Bean规范 - // 处理类上的字段 + // 处理类上的字段,向上递归处理所有字段,并检查是否符合Bean规范 parseFieldList(clazz).forEach(new Consumer() { @Override public void accept(Field field) { @@ -90,20 +91,83 @@ public void accept(Field field) { return c; } - // TODO 2023-6-16 16:22:48 此处暂不考虑继承泛型的问题,下个版本再处理它 + // 此处暂不考虑继承泛型的问题,下个版本再处理它 private List parseFieldList(Class clazz) { - List fieldList = new ArrayList<>(); + List allFieldList = new ArrayList<>(); Set fieldNameSet = new HashSet<>(); + Set getterMethodNameLowercaseSet = new HashSet<>(); Class currentClass = clazz; while (currentClass != null) { + + // 收集类上的字段 Field[] declaredFields = currentClass.getDeclaredFields(); for (Field f : declaredFields) { - // TODO 判断是否符合Bean的属性的规范 - fieldList.add(f); + if (fieldNameSet.contains(f.getName())) { + continue; + } + allFieldList.add(f); + fieldNameSet.add(f.getName()); } + + // 收集类上的方法名字 + getterMethodNameLowercaseSet.addAll(parseGetterMethodNameLowercaseSet(currentClass)); + currentClass = currentClass.getSuperclass(); } - return fieldList; + + // 然后筛选出来符合条件的字段,作为bean的属性 + List beanFieldList = new ArrayList<>(); + allFieldList.forEach(new Consumer() { + @Override + public void accept(Field field) { + if (isBeanField(field, getterMethodNameLowercaseSet)) { + beanFieldList.add(field); + } + } + }); + + return beanFieldList; + } + + /** + * 判断Field是否是bean的field + * + * @param field + * @param getterMethodNameLowercaseSet + * @return + */ + private boolean isBeanField(Field field, Set getterMethodNameLowercaseSet) { + + // 采用白名单的方式,public并且是实例方法则认为是可以的 + if (Modifier.isPublic(field.getModifiers())) { + return !Modifier.isStatic(field.getModifiers()) && !Modifier.isFinal(field.getModifiers()); + } + + // 私有方法并且有对应的getter + String setterMethodName = ""; + if (field.getType() == boolean.class || field.getType() == Boolean.class) { + setterMethodName = "is" + field.getName().toLowerCase(); + } else { + setterMethodName = "get" + field.getName().toLowerCase(); + } + return getterMethodNameLowercaseSet.contains(setterMethodName); + } + + /** + * 解析类上的getter方法,并将其方法名都转为小写返回 + * + * @param clazz + * @return + */ + private Set parseGetterMethodNameLowercaseSet(Class clazz) { + Set getterLowercaseMethodNameSet = new HashSet<>(); + for (Method declaredMethod : clazz.getDeclaredMethods()) { + // 这里采用比较简单的策略,只要是关键字开头的就认为是ok的 + if (declaredMethod.getName().startsWith("get") || declaredMethod.getName().startsWith("is")) { + getterLowercaseMethodNameSet.add(declaredMethod.getName().toLowerCase()); + } + } + return getterLowercaseMethodNameSet; } @Override From 3f9e4fc7fbec16f39e02fda59fb72d7f05f11747 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 17:34:05 +0800 Subject: [PATCH 07/24] feat: dubbo open api set info --- .../dubbo/extractor/AbstractDubboServiceExtractor.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java index ed1fb8a8a..f615c72a1 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java @@ -2,6 +2,7 @@ import io.dongtai.iast.api.gather.dubbo.convertor.ServiceConvertor; import io.dongtai.iast.api.openapi.convertor.OpenApiSchemaConvertorManager; +import io.dongtai.iast.api.openapi.domain.Info; import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.iast.api.openapi.domain.Path; import io.dongtai.log.DongTaiLog; @@ -56,6 +57,10 @@ public OpenApi extract() { // 涉及到的组件库 openApi.setComponentsBySchemaMap(this.manager.getDatabase().toComponentSchemasMap()); + Info info = new Info(); + info.setTitle("open api"); + openApi.setInfo(info); + return openApi; } From 6a3bae7567da462c0186e8fc06f6e99e42bcd2d4 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 18:31:11 +0800 Subject: [PATCH 08/24] feat: remove volatile --- .../iast/core/handler/hookpoint/api/DubboApiGatherThread.java | 2 +- .../iast/core/handler/hookpoint/api/SpringGatherApiThread.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java index 32fcec177..dccfe6cd6 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java @@ -19,7 +19,7 @@ public static enum DubboPackage { } // avoid lock - private static volatile boolean isStarted = false; + private static boolean isStarted = false; public static void gather(Class handlerClass) { if (isStarted) { diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java index c9b1725f0..10bc86105 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -15,7 +15,7 @@ public class SpringGatherApiThread extends AbstractApiGatherThread { public static final String FRAMEWORK_NAME = "spring mvc"; // avoid lock - private static volatile boolean isStarted = false; + private static boolean isStarted = false; public static void gather(Object applicationContext) { if (isStarted) { From bd4e6d3c09d0a50d9884c5b45b105d82bb807509 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 18:51:24 +0800 Subject: [PATCH 09/24] fix: openapi convertor enum unit test --- .../api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java index 08eeaf141..a36d22ee5 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/test/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertorTest.java @@ -77,7 +77,7 @@ public void convert() { Assert.assertTrue(new Schema(DataType.Int64Array()).jsonEquals(convertor.convert(long[].class))); // 枚举类型数组 - Assert.assertEquals("{\"items\":{\"enums\":[\"A\",\"B\",\"C\"],\"type\":\"string\"},\"type\":\"array\"}", convertor.convert(Enumnumnum[].class).toJson()); + Assert.assertEquals("{\"items\":{\"enum\":[\"A\",\"B\",\"C\"],\"type\":\"string\"},\"type\":\"array\"}", convertor.convert(Enumnumnum[].class).toJson()); // 多维数组 Assert.assertEquals("{\"items\":{\"type\":\"object\"},\"type\":\"array\"}", convertor.convert(String[][].class).toJson()); From 394e5e1ba66d63e0d48e1c3da270942b2068a5dd Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 18:53:09 +0800 Subject: [PATCH 10/24] refactor: remove useless file --- .../plugin/spring/SpringApplicationImpl.java | 14 -------------- .../core/handler/hookpoint/SpyDispatcherImpl.java | 1 - 2 files changed, 15 deletions(-) delete mode 100644 dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java deleted file mode 100644 index f9247efa7..000000000 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java +++ /dev/null @@ -1,14 +0,0 @@ -package io.dongtai.iast.core.bytecode.enhance.plugin.spring; - -//import io.dongtai.iast.core.handler.hookpoint.api.SpringGatherApiThread; -// -///** -// * niuerzhuang@huoxian.cn -// */ -//public class SpringApplicationImpl { -// -// public static void getWebApplicationContext(Object applicationContext) { -// SpringGatherApiThread.gather(applicationContext); -// } -// -//} diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java index bb2a9db0a..060d4d608 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java @@ -624,7 +624,6 @@ public boolean collectMethodPool(Object instance, Object[] argumentArray, Object // 收集Spring MVC的API if (HookType.SPRINGAPPLICATION.equals(hookType)) { SpringGatherApiThread.gather(retValue); -// SpringApplicationImpl.getWebApplicationContext(retValue); } } catch (Throwable e) { DongTaiLog.error(ErrorCode.get("SPY_COLLECT_HTTP_FAILED"), "", e); From ca69d2657444cd1ab3f4d8297805667df2a5762d Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 19:01:46 +0800 Subject: [PATCH 11/24] feat: remove api gather module pom.xml useless properties --- dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml | 6 ------ dongtai-api-gather/dongtai-api-gather-openapi/pom.xml | 6 ------ dongtai-api-gather/pom.xml | 6 ------ 3 files changed, 18 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml index 029bf60ef..628a00b6c 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml @@ -11,12 +11,6 @@ dongtai-api-gather-dubbo-api - - 8 - 8 - UTF-8 - - org.apache.dubbo diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml b/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml index 5ea2bddf0..a9fda4948 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml +++ b/dongtai-api-gather/dongtai-api-gather-openapi/pom.xml @@ -11,12 +11,6 @@ dongtai-api-gather-openapi - - 8 - 8 - UTF-8 - - io.dongtai.iast diff --git a/dongtai-api-gather/pom.xml b/dongtai-api-gather/pom.xml index cc78cdce8..0ded98c57 100644 --- a/dongtai-api-gather/pom.xml +++ b/dongtai-api-gather/pom.xml @@ -18,10 +18,4 @@ dongtai-api-gather-dubbo-api - - 8 - 8 - UTF-8 - - \ No newline at end of file From 181791e1535e16b3b84606df334833d467e185d2 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Wed, 28 Jun 2023 19:22:28 +0800 Subject: [PATCH 12/24] feat: spring api gather parameter ignore add jakarta.servlet. --- .../gather/spring/convertor/MethodParameterConvertor.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java index 9f8103314..9ea3ae7c1 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java @@ -88,14 +88,15 @@ private Parameter parseMethodParameter() { } /** - * 判断参数值的类型是否是Spring框架的类,如果是的话则不能当做组件来处理 + * 判断参数值的类型是否是Spring框架的类,如果是的话则不能当做组件来处理,这里主要是为了忽略ModelAndView、HttpServletRequest这些类 * * @return */ private boolean isWebFrameworkClass() { String parameterClassName = this.methodParameter.getParameterType().getName(); - return parameterClassName.startsWith(" org.springframework".substring(1)) || - parameterClassName.startsWith(" javax.servlet".substring(1)); + return parameterClassName.startsWith(" org.springframework.".substring(1)) || + parameterClassName.startsWith(" javax.servlet.".substring(1)) || + parameterClassName.startsWith(" jakarta.servlet.".substring(1)); } /** From 8a8f866180dcf98628ae3ec5c0452992742f6ec1 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Thu, 29 Jun 2023 12:16:13 +0800 Subject: [PATCH 13/24] feat: dubbo api gather plugin support disable --- .../bytecode/enhance/plugin/PluginRegister.java | 15 ++++++++++++++- .../hookpoint/api/DubboApiGatherThread.java | 10 ++++++++++ .../hookpoint/api/SpringGatherApiThread.java | 1 + 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java index ed7b2e786..41410478e 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java @@ -15,7 +15,9 @@ import io.dongtai.iast.core.utils.PropertyUtils; import org.objectweb.asm.ClassVisitor; -import java.util.*; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; /** * @author dongzhiyong@huoxian.cn @@ -63,4 +65,15 @@ public ClassVisitor initial(ClassVisitor classVisitor, ClassContext context, Pol } return classVisitor; } + + /** + * 查询给定的插件是否被禁用 + * + * @return + */ + public static boolean isPluginDisable(String pluginName) { + // 现在插件比较少,O(n)性能损耗能够接受 + return PropertyUtils.getDisabledPlugins().contains(pluginName); + } + } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java index dccfe6cd6..e8064c6fb 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java @@ -1,6 +1,7 @@ package io.dongtai.iast.core.handler.hookpoint.api; import io.dongtai.iast.common.constants.AgentConstant; +import io.dongtai.iast.core.bytecode.enhance.plugin.PluginRegister; import io.dongtai.iast.core.handler.hookpoint.controller.impl.DubboImpl; import io.dongtai.log.DongTaiLog; @@ -12,6 +13,9 @@ public class DubboApiGatherThread extends AbstractApiGatherThread { public static final String FRAMEWORK_NAME = "dubbo"; + // dubbo api采集插件的名字,可以在启动agent的时候通过指定属性禁用它 + public static final String PLUGIN_NAME = "dubbo-api"; + // Dubbo的包名是alibaba还是apache的 public static enum DubboPackage { ALIBABA, @@ -27,6 +31,12 @@ public static void gather(Class handlerClass) { } isStarted = true; + // 判断插件是否开启,仅当开启的情况下才采集 + if (PluginRegister.isPluginDisable(PLUGIN_NAME)) { + DongTaiLog.debug("dubbo api gather plugin disable"); + return; + } + DubboPackage dubboPackage = parseDubboPackage(handlerClass); if (dubboPackage == null) { return; diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java index 10bc86105..a247c342e 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -22,6 +22,7 @@ public static void gather(Object applicationContext) { return; } isStarted = true; + new SpringGatherApiThread(applicationContext).start(); } From bd044271be5a106da76e061e4b4b9a039619da0c Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Fri, 30 Jun 2023 10:09:44 +0800 Subject: [PATCH 14/24] fix: spring api gather is compatible with tomcat env --- .../hookpoint/api/SpringGatherApiThread.java | 38 ++++++++++++++++--- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java index a247c342e..e81ce15b5 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -1,10 +1,13 @@ package io.dongtai.iast.core.handler.hookpoint.api; import io.dongtai.iast.common.constants.AgentConstant; +import io.dongtai.iast.core.handler.hookpoint.IastClassLoader; import io.dongtai.iast.core.handler.hookpoint.controller.impl.HttpImpl; import io.dongtai.log.DongTaiLog; +import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.net.URL; /** * @author CC11001100 @@ -22,7 +25,7 @@ public static void gather(Object applicationContext) { return; } isStarted = true; - + new SpringGatherApiThread(applicationContext).start(); } @@ -36,15 +39,40 @@ public SpringGatherApiThread(Object applicationContext) { @Override public void run() { try { - Class proxyClass = HttpImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.spring.extractor.SpringMVCApiExtractor"); - Method getAPI = proxyClass.getDeclaredMethod("run", Object.class); - Object openApi = getAPI.invoke(null, applicationContext); - report(openApi, FRAMEWORK_NAME); + this.runWithClassLoader(HttpImpl.getClassLoader()); } catch (NoClassDefFoundError e) { DongTaiLog.debug("SpringGatherApiThread NoClassDefFoundError ", e); + + // 让它继承当前线程的上下文,在Tomcat这种破坏双亲委派的场景作为fallback + // 比如在Tomcat下可能Request是一个ClassLoader,可能Context中的Spring类被另一个单独的ParallelWebappClassLoader所加载 + try { + IastClassLoader iastClassLoader = new IastClassLoader( + Thread.currentThread().getContextClassLoader(), + new URL[]{HttpImpl.IAST_REQUEST_JAR_PACKAGE.toURI().toURL()}); + this.runWithClassLoader(iastClassLoader); + } catch (Throwable e2) { + DongTaiLog.debug("SpringGatherApiThread NoClassDefFoundError 002", e2); + } + } catch (Throwable e) { DongTaiLog.error("SpringGatherApiThread.reflection failed", e); } } + /** + * 使用给定的ClassLoader加载收集API + * + * @param classLoader + * @throws NoSuchMethodException + * @throws InvocationTargetException + * @throws IllegalAccessException + * @throws ClassNotFoundException + */ + private void runWithClassLoader(ClassLoader classLoader) throws NoSuchMethodException, InvocationTargetException, IllegalAccessException, ClassNotFoundException { + Class proxyClass = classLoader.loadClass("io.dongtai.iast.api.gather.spring.extractor.SpringMVCApiExtractor"); + Method getAPI = proxyClass.getDeclaredMethod("run", Object.class); + Object openApi = getAPI.invoke(null, applicationContext); + report(openApi, FRAMEWORK_NAME); + } + } \ No newline at end of file From 3dff18ec7429bf424a3385858ee487b9f968b91c Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Fri, 30 Jun 2023 11:49:50 +0800 Subject: [PATCH 15/24] feat: error code combing --- .../dubbo/convertor/MethodConvertor.java | 6 +- .../dubbo/convertor/ServiceConvertor.java | 2 +- .../AbstractDubboServiceExtractor.java | 41 +++--- .../AlibabaDubboServiceExtractor.java | 3 +- .../ArrayOpenApiSchemaConvertor.java | 2 +- .../convertor/BaseOpenApiSchemaConvertor.java | 1 + .../ClassOpenApiSchemaConvertor.java | 5 + .../CollectionOpenApiSchemaConvertor.java | 6 +- .../openapi/convertor/ComponentDatabase.java | 35 +++-- .../convertor/EnumOpenApiSchemaConvertor.java | 2 +- .../FieldOpenApiSchemaConvertor.java | 5 + .../JavaBeanOpenApiSchemaConvertor.java | 122 +++++------------- .../convertor/ListOpenApiSchemaConvertor.java | 3 - .../convertor/MapOpenApiSchemaConvertor.java | 3 +- .../OpenApiSchemaConvertorManager.java | 74 ++--------- .../convertor/PrimitiveTypeConvertor.java | 2 + .../convertor/HandlerMethodConvertor.java | 2 +- .../convertor/MethodParameterConvertor.java | 2 +- .../RequestMappingInfoConvertor.java | 16 +-- .../extractor/SpringMVCApiExtractor.java | 2 +- .../api/AbstractApiGatherThread.java | 2 +- .../hookpoint/api/DubboApiGatherThread.java | 9 +- .../hookpoint/api/SpringGatherApiThread.java | 3 +- .../main/java/io/dongtai/log/DongTaiLog.java | 8 +- .../main/java/io/dongtai/log/ErrorCode.java | 17 +++ 25 files changed, 147 insertions(+), 226 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java index bb85ebf65..6a6b50594 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/MethodConvertor.java @@ -36,13 +36,13 @@ public Operation convert() { try { o.mergeParameters(this.parseParameters()); } catch (Throwable e) { - DongTaiLog.error("MethodConvertor.convert parseParameters error", e); + DongTaiLog.debug("MethodConvertor.convert parseParameters exception", e); } try { o.setResponses(this.parseResponse()); } catch (Throwable e) { - DongTaiLog.error("MethodConvertor.convert parseResponse error", e); + DongTaiLog.debug("MethodConvertor.convert parseResponse exception", e); } // 设置这两个字段 @@ -100,7 +100,7 @@ private List parseParameters() { parameterList.add(convert); } } catch (Throwable e) { - DongTaiLog.error("MethodConvertor.parseParameters ParameterConvertor error", e); + DongTaiLog.debug("MethodConvertor.parseParameters ParameterConvertor exception", e); } } return parameterList; diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java index bfc0b6a0b..feaea6446 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/convertor/ServiceConvertor.java @@ -34,7 +34,7 @@ public Map convert() { path.setDubbo(convert); pathMap.put(this.buildSign(parseServiceMethod), path); } catch (Throwable e) { - DongTaiLog.error("ServiceConvertor.convert error", e); + DongTaiLog.debug("ServiceConvertor.convert exception", e); } } return pathMap; diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java index f615c72a1..59113a879 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AbstractDubboServiceExtractor.java @@ -6,12 +6,12 @@ import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.iast.api.openapi.domain.Path; import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; import java.lang.reflect.Field; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.function.Consumer; /** * 两个dubbo分支Service收集共同的逻辑抽象到这里 @@ -24,6 +24,8 @@ */ public abstract class AbstractDubboServiceExtractor { + private static final String DUBBO_PROTOCOL_NAME = "dubbo"; + // 每个Gather共享同一个Manager private OpenApiSchemaConvertorManager manager; @@ -32,19 +34,19 @@ public AbstractDubboServiceExtractor() { } public OpenApi extract() { - Object protocolObject = this.getProtocol("dubbo"); + Object protocolObject = this.getProtocol(DUBBO_PROTOCOL_NAME); if (protocolObject == null) { - DongTaiLog.error("AbstractDubboServiceGather getProtocol null"); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_PROTOCOL_NULL); return null; } Object exporterMap = this.getExporterMap(protocolObject); if (exporterMap == null) { - DongTaiLog.error("AbstractDubboServiceGather getExporterMap null"); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_EXPORT_MAP_NULL); return null; } List exportedServiceList = this.parseExportedServiceClassList(exporterMap); if (exportedServiceList == null || exportedServiceList.isEmpty()) { - DongTaiLog.error("AbstractDubboServiceGather parseExportedServiceClassList empty"); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_EXPORT_LIST_EMPTY); return null; } @@ -65,23 +67,20 @@ public OpenApi extract() { } /** - * 解析导出的类 + * 解析dubbo协议导出的Service为Open API的Path * * @param exportedServiceList * @return */ private Map parsePaths(List exportedServiceList) { Map pathMap = new HashMap<>(); - exportedServiceList.forEach(new Consumer() { - @Override - public void accept(Class aClass) { - try { - Map convert = new ServiceConvertor(manager, aClass).convert(); - // 暂不考虑key覆盖的问题 - pathMap.putAll(convert); - } catch (Throwable e) { - DongTaiLog.error("AbstractDubboServiceGather parsePaths error", e); - } + exportedServiceList.forEach(aClass -> { + try { + Map convert = new ServiceConvertor(manager, aClass).convert(); + // 暂不考虑key覆盖的问题 + pathMap.putAll(convert); + } catch (Throwable e) { + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_SERVICE_CONVERT_ERROR, e); } }); return pathMap; @@ -95,17 +94,17 @@ public void accept(Class aClass) { */ private Object getProtocol(String protocolName) { Object protocolObj = this.getProtocolObject(protocolName); - for (int i = 0; i < 10; i++) { - try { + try { + for (int i = 0; i < 10; i++) { Field protocolField = protocolObj.getClass().getDeclaredField("protocol"); protocolField.setAccessible(true); protocolObj = protocolField.get(protocolObj); if (protocolObj.getClass() == this.exceptedProtocolClass()) { break; } - } catch (Throwable e) { - DongTaiLog.error("AbstractDubboServiceGather getProtocol error", e); } + } catch (Throwable e) { + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_GET_PROTOCOL_ERROR, e); } return protocolObj; } @@ -137,7 +136,7 @@ private Object getExporterMap(Object protocolObject) { exporterMapField.setAccessible(true); return exporterMapField.get(protocolObject); } catch (Throwable e) { - DongTaiLog.error("AbstractDubboServiceGather getExporterMap error", e); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_GET_EXPORT_MAP_ERROR, e); } return null; } diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java index 47c371cc1..37065cce0 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/src/main/java/io/dongtai/iast/api/gather/dubbo/extractor/AlibabaDubboServiceExtractor.java @@ -6,6 +6,7 @@ import com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol; import io.dongtai.iast.api.openapi.domain.OpenApi; import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; import java.util.ArrayList; import java.util.List; @@ -57,7 +58,7 @@ public void accept(String s, Exporter exporter) { } }); } catch (Throwable e) { - DongTaiLog.error("AlibabaDubboServiceExtractor parseExportedServiceClassList error", e); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_ALIBABA_PARSE_SERVICE_LIST_ERROR, e); } return serviceClassList; } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java index 651ae6743..9404a7789 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ArrayOpenApiSchemaConvertor.java @@ -30,7 +30,7 @@ public Schema convert(Class clazz) { Class componentType = clazz.getComponentType(); if (componentType == null) { - return null; + return new Schema(DataType.ObjectArray()); } // 如果是多层数组,则直接返回array,swagger spring也是这么处理的 diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java index e6d121282..57d6bbe04 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/BaseOpenApiSchemaConvertor.java @@ -20,6 +20,7 @@ public BaseOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { @Override public boolean canConvert(Class clazz, Field field) { + // 在基类上把Field的转换复用一下Class的转换 return field != null && canConvert(field.getType()); } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java index 8e109ed58..18383d775 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ClassOpenApiSchemaConvertor.java @@ -10,6 +10,11 @@ */ public interface ClassOpenApiSchemaConvertor { + /** + * 转换器的名字,方便日志打印啥的 + * + * @return + */ String getConvertorName(); /** diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java index ace66c1c2..285354863 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java @@ -10,9 +10,9 @@ */ public class CollectionOpenApiSchemaConvertor extends BaseOpenApiSchemaConvertor { - private final ListOpenApiSchemaConvertor listOpenApiSchemaConvertor; - private final SetOpenApiSchemaConvertor setOpenApiSchemaConvertor; - private final MapOpenApiSchemaConvertor mapOpenApiSchemaConvertor; + final ListOpenApiSchemaConvertor listOpenApiSchemaConvertor; + final SetOpenApiSchemaConvertor setOpenApiSchemaConvertor; + final MapOpenApiSchemaConvertor mapOpenApiSchemaConvertor; public CollectionOpenApiSchemaConvertor(OpenApiSchemaConvertorManager manager) { super(manager); diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java index 5ed3076eb..13dc3c331 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ComponentDatabase.java @@ -16,7 +16,7 @@ public class ComponentDatabase { // 类到Schema的映射 private Map classToSchemaMap; - // 已经发现了的类,用于避免重复处理 + // 已经发现了的类,用于避免重复处理,也避免碰到循环引用时递归爆栈 private Set existsClassSet = new HashSet<>(); // 符合类型的schema生成完毕的时候的回调方法,用于处理环形依赖 @@ -72,12 +72,7 @@ public void triggerSchemaCallback(Class clazz, Schema c) { if (consumers == null) { return; } - consumers.forEach(new Consumer>() { - @Override - public void accept(Consumer componentConsumer) { - componentConsumer.accept(c); - } - }); + consumers.forEach(x -> x.accept(c)); } /** @@ -130,18 +125,18 @@ public Map toComponentSchemasMap() { return m; } - /** - * 把给定的类注册到组件库中 - * - * @param clazz - * @return - */ - public Schema register(Class clazz) { - Schema c = new Schema(); - c.setType("object"); - c.setName(clazz.getName()); - classToSchemaMap.put(clazz, c); - return c.direct(); - } +// /** +// * 把给定的类注册到组件库中,但是并不解析名称,暂时未用到先注释掉 +// * +// * @param clazz +// * @return +// */ +// public Schema register(Class clazz) { +// Schema c = new Schema(); +// c.setType("object"); +// c.setName(clazz.getName()); +// classToSchemaMap.put(clazz, c); +// return c.direct(); +// } } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java index 32355cf2a..90ec95f31 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/EnumOpenApiSchemaConvertor.java @@ -32,7 +32,7 @@ public Schema convert(Class clazz) { return null; } - // TODO 枚举类型是被看做一个有限取值的string,所以此处有必要查询缓存吗? + // Open API里枚举类型是被看做一个有限取值的string Schema schema = manager.database.find(clazz); if (schema != null) { return schema; diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java index 6eb3dc973..34485e9d0 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/FieldOpenApiSchemaConvertor.java @@ -12,6 +12,11 @@ */ public interface FieldOpenApiSchemaConvertor { + /** + * 转换器的名字,方便日志打印啥的 + * + * @return + */ String getConvertorName(); /** diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java index 7f21ee077..5cc29afaf 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java @@ -9,7 +9,6 @@ import java.util.HashSet; import java.util.List; import java.util.Set; -import java.util.function.Consumer; /** * 用于转换JavaBean到OpenApi的组件 @@ -30,10 +29,15 @@ public String getConvertorName() { @Override public boolean canConvert(Class clazz) { - return !manager.primitiveTypeConvertor.canConvert(clazz) && - !manager.arrayOpenApiSchemaConvertor.canConvert(clazz) && - !manager.collectionOpenApiSchemaConvertor.canConvert(clazz) && - !manager.enumOpenApiSchemaConvertor.canConvert(clazz); + // Bean转换器作为兜底的存在 + for (ClassOpenApiSchemaConvertor convertor : this.manager.convertors) { + if (convertor.getClass() == this.getClass()) { + continue; + } else if (convertor.canConvert(clazz)) { + return false; + } + } + return true; } /** @@ -45,22 +49,16 @@ public boolean canConvert(Class clazz) { @Override public Schema convert(Class clazz) { - // 先查下组件库,如果有的话就直接返回即可 + // 先查下当前转换任务的Open API组件库,如果有的话就直接返回即可 Schema schema = manager.database.find(clazz); if (schema != null) { return schema.direct(); } - // TODO 2023-6-16 16:18:56 想一个更合适更容易理解的处理方式 - // 如果在已经发现的类型列表中,则表示正在处理中,则注册一个回调方法 + // 如果在已经发现的类型列表中但是数据库中又没有,则说明已经发现了正在处理中还没有处理完成,则注册一个回调方法,在处理完成的时候拿一下结果 if (manager.database.exists(clazz)) { Schema c = new Schema(); - manager.database.addSchemaConvertDoneCallback(clazz, new Consumer() { - @Override - public void accept(Schema schema) { - c.set$ref(schema.generateRef()); - } - }); + manager.database.addSchemaConvertDoneCallback(clazz, x -> c.set$ref(x.generateRef())); return c; } @@ -74,13 +72,7 @@ public void accept(Schema schema) { c.setType("object"); // 处理类上的字段,向上递归处理所有字段,并检查是否符合Bean规范 - parseFieldList(clazz).forEach(new Consumer() { - @Override - public void accept(Field field) { - Schema schema = convert(clazz, field); - c.addProperty(field.getName(), schema); - } - }); + parseFieldList(clazz).forEach(field -> c.addProperty(field.getName(), convert(clazz, field))); // 把转换完的组件存储一下 manager.database.store(clazz, c); @@ -93,13 +85,15 @@ public void accept(Field field) { // 此处暂不考虑继承泛型的问题,下个版本再处理它 private List parseFieldList(Class clazz) { + List allFieldList = new ArrayList<>(); Set fieldNameSet = new HashSet<>(); - Set getterMethodNameLowercaseSet = new HashSet<>(); + Set getterNameLowercaseSet = new HashSet<>(); Class currentClass = clazz; - while (currentClass != null) { - // 收集类上的字段 + while (currentClass != null && currentClass != Object.class) { + + // 收集类上的字段,可能会发生字段覆盖的情况,所以先收集再处理,而不是边处理边收集 Field[] declaredFields = currentClass.getDeclaredFields(); for (Field f : declaredFields) { if (fieldNameSet.contains(f.getName())) { @@ -110,19 +104,17 @@ private List parseFieldList(Class clazz) { } // 收集类上的方法名字 - getterMethodNameLowercaseSet.addAll(parseGetterMethodNameLowercaseSet(currentClass)); + getterNameLowercaseSet.addAll(parseGetterNameLowercaseSet(currentClass)); + // 再处理父类,一路向上知道找到根 currentClass = currentClass.getSuperclass(); } // 然后筛选出来符合条件的字段,作为bean的属性 List beanFieldList = new ArrayList<>(); - allFieldList.forEach(new Consumer() { - @Override - public void accept(Field field) { - if (isBeanField(field, getterMethodNameLowercaseSet)) { - beanFieldList.add(field); - } + allFieldList.forEach(field -> { + if (isBeanField(field, getterNameLowercaseSet)) { + beanFieldList.add(field); } }); @@ -133,10 +125,10 @@ public void accept(Field field) { * 判断Field是否是bean的field * * @param field - * @param getterMethodNameLowercaseSet + * @param getterNameLowercaseSet * @return */ - private boolean isBeanField(Field field, Set getterMethodNameLowercaseSet) { + private boolean isBeanField(Field field, Set getterNameLowercaseSet) { // 采用白名单的方式,public并且是实例方法则认为是可以的 if (Modifier.isPublic(field.getModifiers())) { @@ -150,7 +142,7 @@ private boolean isBeanField(Field field, Set getterMethodNameLowercaseSe } else { setterMethodName = "get" + field.getName().toLowerCase(); } - return getterMethodNameLowercaseSet.contains(setterMethodName); + return getterNameLowercaseSet.contains(setterMethodName); } /** @@ -159,73 +151,21 @@ private boolean isBeanField(Field field, Set getterMethodNameLowercaseSe * @param clazz * @return */ - private Set parseGetterMethodNameLowercaseSet(Class clazz) { - Set getterLowercaseMethodNameSet = new HashSet<>(); + private Set parseGetterNameLowercaseSet(Class clazz) { + Set getterNameLowercaseSet = new HashSet<>(); for (Method declaredMethod : clazz.getDeclaredMethods()) { // 这里采用比较简单的策略,只要是关键字开头的就认为是ok的 if (declaredMethod.getName().startsWith("get") || declaredMethod.getName().startsWith("is")) { - getterLowercaseMethodNameSet.add(declaredMethod.getName().toLowerCase()); + getterNameLowercaseSet.add(declaredMethod.getName().toLowerCase()); } } - return getterLowercaseMethodNameSet; + return getterNameLowercaseSet; } @Override public Schema convert(Class clazz, Field field) { - Class fieldClass = field.getType(); // 因为类型可能是各种类型,所以这里要调用manager上的来路由 - return manager.convertClass(fieldClass); -// // 如果字段是原生类型,则直接转换即可 -// if (isPrimitiveType(fieldClass)) { -// return convertPrimitiveType(fieldClass); -// } else if (fieldClass.isArray()) { -// // 如果是数组的话,则走数组的转换逻辑 -// return convertArray(fieldClass); -// } else if () { -// -// } else { -// -// // TODO 2023-6-15 18:11:53 处理泛型 -// -// // 如果不是基本类型,则看一下是否已经处理完毕了,如果已经处理完毕了就直接拿来用 -// if (classToComponentMap.containsKey(fieldClass)) { -// Component refComponent = classToComponentMap.get(fieldClass); -// if (refComponent.canRef()) { -// // 创建一个新的组件,这个新的组件引用已经存在的这个组件 -// return new Component(refComponent.generateRef()); -// } -// } -// -// // 如果是已经存在但是没有处理完毕的,则注册一个回调 -// if (existsClassSet.contains(fieldClass)) { -// Component c = new Component(); -// if (!componentDoneCallbackMap.containsKey(fieldClass)) { -// componentDoneCallbackMap.put(fieldClass, new ArrayList<>()); -// } -// componentDoneCallbackMap.get(fieldClass).add(new Consumer() { -// @Override -// public void accept(Component component) { -// // 在处理完毕的时候把当前字段的引用指向这个转换完毕的组件 -// c.set$ref(component.generateRef()); -// } -// }); -// return c; -// } -// -// // 如果是一个新的类,则递归处理它 -// // 标记为已经发现过 -// existsClassSet.add(fieldClass); -// // 递归处理 -// Component c = generate(fieldClass); -// // 缓存结果 -// cache(fieldClass, c); -// // 只返回一个引用,并不真的进行嵌套 -// if (c.canRef()) { -// return new Component(c.generateRef()); -// } else { -// return c; -// } -// } + return manager.convertClass(field.getType()); } } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java index 7cc3a472b..37da42082 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/ListOpenApiSchemaConvertor.java @@ -36,9 +36,6 @@ public Schema convert(Class clazz) { @Override public Schema convert(Class clazz, Field field) { Schema itemsComponent = convertField(clazz, field); - if (itemsComponent == null) { - return new Schema(DataType.ObjectArray()); - } return new Schema(DataType.Array(itemsComponent)); } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java index bc750cf11..ac2458b6a 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/MapOpenApiSchemaConvertor.java @@ -27,7 +27,8 @@ public boolean canConvert(Class clazz) { @Override public Schema convert(Class clazz) { + // 2023-6-30 10:39:26 暂不处理map return new Schema(DataType.Object()); } - + } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java index 66de78df4..90b34b77d 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/OpenApiSchemaConvertorManager.java @@ -2,6 +2,7 @@ import io.dongtai.iast.api.openapi.domain.Schema; import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; /** * 转换器的入口类 @@ -12,17 +13,17 @@ public class OpenApiSchemaConvertorManager { // 内部用来存储组件的数据 - ComponentDatabase database; + final ComponentDatabase database; // 一堆类型转换器 - PrimitiveTypeConvertor primitiveTypeConvertor; - EnumOpenApiSchemaConvertor enumOpenApiSchemaConvertor; - ArrayOpenApiSchemaConvertor arrayOpenApiSchemaConvertor; - JavaBeanOpenApiSchemaConvertor javaBeanOpenApiSchemaConvertor; - CollectionOpenApiSchemaConvertor collectionOpenApiSchemaConvertor; + final PrimitiveTypeConvertor primitiveTypeConvertor; + final EnumOpenApiSchemaConvertor enumOpenApiSchemaConvertor; + final ArrayOpenApiSchemaConvertor arrayOpenApiSchemaConvertor; + final JavaBeanOpenApiSchemaConvertor javaBeanOpenApiSchemaConvertor; + final CollectionOpenApiSchemaConvertor collectionOpenApiSchemaConvertor; // 转换器使用的顺序 - private ClassOpenApiSchemaConvertor[] convertors; + final ClassOpenApiSchemaConvertor[] convertors; public OpenApiSchemaConvertorManager() { @@ -45,7 +46,7 @@ public OpenApiSchemaConvertorManager() { /** - * 为给定的类型生成类型 + * 将给定的类型转换为Open API的类型 * * @param clazz * @return @@ -58,71 +59,24 @@ public Schema convertClass(Class clazz) { // 依此使用转换器尝试转换 for (ClassOpenApiSchemaConvertor convertor : convertors) { - if (convertor.canConvert(clazz)) { - try { + try { + if (convertor.canConvert(clazz)) { Schema c = convertor.convert(clazz); if (c != null) { return c.direct(); } - } catch (Throwable e) { - DongTaiLog.error("OpenApiSchemaConvertorManager.convertClass error, convert {}, class {}", convertor.getConvertorName(), clazz.getName(), e); } + } catch (Throwable e) { + DongTaiLog.error(ErrorCode.API_GATHER_OPENAPI_CONVERT_ERROR, convertor.getConvertorName(), clazz.getName(), e); } } // 转换不了就算球 return null; -// -// // 数组 -// if (clazz.isArray()) { -// return arrayOpenApiSchemaConvertor.convert(clazz); -// } -// -// // 基本类型直接转换 -// if (manager.primitiveTypeConvertor.canConvert(componentType)) { -// Component items = manager.primitiveTypeConvertor.convert(componentType); -// return new Component(DataType.Array(items)); -// } -// -// // 集合类型调用其处理 -// if (manager.collectionOpenApiSchemaConvertor.canConvert(componentType)) { -// Component items = manager.collectionOpenApiSchemaConvertor.convert(componentType); -// return new Component(DataType.Array(items)); -// } -// -// // bean类型处理 -// if (manager.javaBeanOpenApiSchemaConvertor.canConvert(clazz)) { -// Component items = manager.javaBeanOpenApiSchemaConvertor.convert(componentType); -// return new Component(DataType.Array(items)); -// } - -// // 尝试进行基本类型的转换,如果能够转换成功的话说明是基本类型,则直接返回即可 -// Component c = convertPrimitiveType(clazz); -// if (c != null) { -// return c; -// } -// -// // 查询是否已经处理过,如果已经处理过的话则直接返回之前的结果 -// if (classToComponentMap.containsKey(clazz)) { -// return classToComponentMap.get(clazz); -// } -// -// // 数组的处理 -// if (clazz.isArray()) { -// c = convertArray(clazz); -// cache(clazz, c); -// return c; -// } -// -// // 尝试进行复杂类型转换 -// c = convertBean(clazz); -// // 放入到缓存中 -// cache(clazz, c); -// -// return c; } public ComponentDatabase getDatabase() { return database; } + } diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java index 50a84b488..3bbe3c2cb 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java @@ -18,6 +18,8 @@ public class PrimitiveTypeConvertor extends BaseOpenApiSchemaConvertor { public static Set primitiveTypeSet = new HashSet<>(); static { + + // 这里把String也看做是primitive的了 ,虽然看起来可能有点奇怪... primitiveTypeSet.add(String.class); primitiveTypeSet.add(Character.class); diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java index 65488d6fa..81ed22801 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/HandlerMethodConvertor.java @@ -58,7 +58,7 @@ private List parseParameters() { parameterMap.put(p.getName(), p); } } catch (Throwable e) { - DongTaiLog.error("Spring API HandlerMethodConvertor.parseParameters error", e); + DongTaiLog.debug("spring HandlerMethodConvertor.parseParameters exception", e); } } return new ArrayList<>(parameterMap.values()); diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java index 9ea3ae7c1..1702e1361 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/MethodParameterConvertor.java @@ -77,7 +77,7 @@ private Parameter parseMethodParameter() { String parameterName = parameterNames[this.methodParameter.getParameterIndex()]; p.setName(parameterName); } catch (Throwable e) { - DongTaiLog.error("parse method parameter error: {}", e.getMessage()); + DongTaiLog.debug("parse method parameter exception: {}", e.getMessage()); } // 参数的类型需要存储一下 diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java index 06f6e9d37..561e07199 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java @@ -60,7 +60,7 @@ private void parsePathPatternsRequestCondition() { }); } } catch (Throwable e) { - DongTaiLog.error("spring api path.getPathPatternsCondition router error", e); + DongTaiLog.debug("spring api path.getPathPatternsCondition router exception", e); } try { @@ -78,7 +78,7 @@ public void accept(String s) { }); } } catch (Throwable e) { - DongTaiLog.error("spring api path.getPatternsCondition router error", e); + DongTaiLog.debug("spring api path.getPatternsCondition router exception", e); } } @@ -126,7 +126,7 @@ public void accept(RequestMethod requestMethod) { } }); } catch (Throwable e) { - DongTaiLog.error("spring api method router error", e); + DongTaiLog.debug("spring api method router exception", e); } } @@ -143,7 +143,7 @@ private Operation parseOperation() { List parameterList = parseParamsRequestCondition(); operation.mergeParameters(parameterList); } catch (Throwable e) { - DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation parseParamsRequestCondition error", e); + DongTaiLog.debug("Spring MVC RequestMappingInfoConvertor.parseOperation parseParamsRequestCondition exception", e); } // 请求头参数 @@ -151,7 +151,7 @@ private Operation parseOperation() { List parameterList = parseHeadersRequestCondition(operation); operation.mergeParameters(parameterList); } catch (Throwable e) { - DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation parseHeadersRequestCondition error", e); + DongTaiLog.debug("Spring MVC RequestMappingInfoConvertor.parseOperation parseHeadersRequestCondition exception", e); } // 使用随机的id @@ -164,7 +164,7 @@ private Operation parseOperation() { // 解析HandlerMethod new HandlerMethodConvertor(this.manager, this.webApplicationContext, operation, this.handlerMethod).parse(); } catch (Throwable e) { - DongTaiLog.error("Spring MVC RequestMappingInfoConvertor.parseOperation HandlerMethodConvertor error", e); + DongTaiLog.debug("Spring MVC RequestMappingInfoConvertor.parseOperation HandlerMethodConvertor exception", e); } return operation; @@ -192,7 +192,7 @@ public void accept(NameValueExpression stringNameValueExpression) { }); return parameterList; } catch (Throwable e) { - DongTaiLog.error("spring api parameters router error: {}", e.getMessage()); + DongTaiLog.debug("spring api parameters router exception: {}", e.getMessage()); } return Collections.emptyList(); } @@ -224,7 +224,7 @@ public void accept(NameValueExpression stringNameValueExpression) { }); return headerParameterList; } catch (Throwable e) { - DongTaiLog.error("spring api headers router error: {}", e.getMessage()); + DongTaiLog.debug("spring api headers router exception: {}", e.getMessage()); } return Collections.emptyList(); } diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java index c6bb3fe82..280e9a3eb 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/extractor/SpringMVCApiExtractor.java @@ -56,7 +56,7 @@ private RequestMappingHandlerMapping findRequestMappingHandlerMapping(WebApplica } } } catch (Throwable e) { - DongTaiLog.debug("try use BeanFactoryUtils find RequestMappingHandlerMapping error: {}", e.getMessage()); + DongTaiLog.debug("try use BeanFactoryUtils find RequestMappingHandlerMapping exception", e); } // 没有工具类,就只从自己里面找 diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java index 864c4afc3..312397509 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/AbstractApiGatherThread.java @@ -27,7 +27,7 @@ protected void report(Object openApi, String framework) { String report = createReport(openApi, framework); ThreadPools.sendReport(ApiPath.REPORT_UPLOAD, report); } catch (Throwable e) { - DongTaiLog.warn(ErrorCode.get("API_COLLECTOR_GET_API_THREAD_EXECUTE_FAILED"), e); + DongTaiLog.warn(ErrorCode.API_COLLECTOR_GET_API_THREAD_EXECUTE_FAILED, e); } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java index e8064c6fb..dcc6dd331 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/DubboApiGatherThread.java @@ -4,6 +4,7 @@ import io.dongtai.iast.core.bytecode.enhance.plugin.PluginRegister; import io.dongtai.iast.core.handler.hookpoint.controller.impl.DubboImpl; import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; /** * @author CC11001100 @@ -96,10 +97,8 @@ private void gatherAlibabaDubboService() { Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.dubbo.extractor.AlibabaDubboServiceExtractor"); Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); report(openApi, FRAMEWORK_NAME); - } catch (NoClassDefFoundError e) { - DongTaiLog.error("DubboApiGatherThread.gatherAlibabaDubbo NoClassDefFoundError", e); } catch (Throwable e) { - DongTaiLog.error("DubboApiGatherThread.gatherAlibabaDubbo error", e); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_ALIBABA_ERROR, e); } } @@ -111,10 +110,8 @@ private void gatherApacheDubboService() { Class proxyClass = DubboImpl.getClassLoader().loadClass("io.dongtai.iast.api.gather.dubbo.extractor.ApacheDubboServiceExtractor"); Object openApi = proxyClass.getDeclaredMethod("run").invoke(null); report(openApi, FRAMEWORK_NAME); - } catch (NoClassDefFoundError e) { - DongTaiLog.error("DubboApiGatherThread.gatherApacheDubbo NoClassDefFoundError", e); } catch (Throwable e) { - DongTaiLog.error("DubboApiGatherThread.gatherApacheDubbo error", e); + DongTaiLog.error(ErrorCode.API_GATHER_DUBBO_APACHE_ERROR, e); } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java index e81ce15b5..cf39edcc9 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/api/SpringGatherApiThread.java @@ -4,6 +4,7 @@ import io.dongtai.iast.core.handler.hookpoint.IastClassLoader; import io.dongtai.iast.core.handler.hookpoint.controller.impl.HttpImpl; import io.dongtai.log.DongTaiLog; +import io.dongtai.log.ErrorCode; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; @@ -55,7 +56,7 @@ public void run() { } } catch (Throwable e) { - DongTaiLog.error("SpringGatherApiThread.reflection failed", e); + DongTaiLog.error(ErrorCode.API_GATHER_SPRING_MVC_ERROR, e); } } diff --git a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java index aeaf43df6..2679f5054 100644 --- a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java +++ b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java @@ -1,6 +1,9 @@ package io.dongtai.log; -import java.io.*; +import java.io.File; +import java.io.FileOutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; import java.text.SimpleDateFormat; import java.util.*; import java.util.concurrent.ConcurrentHashMap; @@ -29,6 +32,9 @@ public class DongTaiLog { private static final String TITLE = "[io.dongtai.iast.agent] "; private static final String TITLE_COLOR = "[" + colorStr("io.dongtai.iast.agent", BLUE) + "] "; + /** + * 把错误码放入到这个集合中,打印的时候会限制打印频率,最多每 {@link #FREQUENT_INTERVAL} 打一次 + */ private static final Set RESTRICTED_ERRORS = new HashSet(Arrays.asList( ErrorCode.AGENT_MONITOR_COLLECT_PERFORMANCE_METRICS_FAILED, ErrorCode.AGENT_MONITOR_CHECK_PERFORMANCE_METRICS_FAILED, diff --git a/dongtai-log/src/main/java/io/dongtai/log/ErrorCode.java b/dongtai-log/src/main/java/io/dongtai/log/ErrorCode.java index 91e497b9c..1a58079bf 100644 --- a/dongtai-log/src/main/java/io/dongtai/log/ErrorCode.java +++ b/dongtai-log/src/main/java/io/dongtai/log/ErrorCode.java @@ -103,6 +103,23 @@ public enum ErrorCode { UTIL_TAINT_ADD_OBJECT_TO_POOL_FAILED(20611, "add object to taint pool failed"), UTIL_TAINT_PARSE_CUSTOM_MODEL_FAILED(20612, "parse custom model {} getter {} failed"), + // api gather - open api [20700, 20799] + API_GATHER_OPENAPI_CONVERT_ERROR(20701, "open api convert class schema error, convertor name {}, class name {}"), + + // api gather - dubbo api [20800, 20899] + API_GATHER_DUBBO_PROTOCOL_NULL(20801, "dubbo protocol null"), + API_GATHER_DUBBO_GET_PROTOCOL_ERROR(20802, "dubbo get protocol error"), + API_GATHER_DUBBO_EXPORT_MAP_NULL(20803, "dubbo export map null"), + API_GATHER_DUBBO_GET_EXPORT_MAP_ERROR(20804, "dubbo get export map error"), + API_GATHER_DUBBO_SERVICE_CONVERT_ERROR(20805, "dubbo service convert error"), + API_GATHER_DUBBO_EXPORT_LIST_EMPTY(20806, "dubbo export list empty"), + API_GATHER_DUBBO_ALIBABA_PARSE_SERVICE_LIST_ERROR(20807, "dubbo alibaba parse service list error"), + API_GATHER_DUBBO_ALIBABA_ERROR(20808, "dubbo alibaba api gather error"), + API_GATHER_DUBBO_APACHE_ERROR(20809, "dubbo apache api gather error"), + + // api gather - spring mvc api [20900, 20999] + API_GATHER_SPRING_MVC_ERROR(20901, "spring mvc api gather error"), + UNKNOWN(99999, "unknown error"), NO_CODE(0, "no error code"), ; From b8fab6c2ec15e25a05ef0aa7e0446079b74defa0 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Fri, 30 Jun 2023 11:59:41 +0800 Subject: [PATCH 16/24] fix: disable plugin npe --- .../iast/core/bytecode/enhance/plugin/PluginRegister.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java index 41410478e..fe4ce1a33 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java @@ -73,7 +73,8 @@ public ClassVisitor initial(ClassVisitor classVisitor, ClassContext context, Pol */ public static boolean isPluginDisable(String pluginName) { // 现在插件比较少,O(n)性能损耗能够接受 - return PropertyUtils.getDisabledPlugins().contains(pluginName); + List l = PropertyUtils.getDisabledPlugins(); + return l != null && PropertyUtils.getDisabledPlugins().contains(pluginName); } } From d5a8659c317be2d4555af3133a062372d15c33d9 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Tue, 4 Jul 2023 10:57:41 +0800 Subject: [PATCH 17/24] fix: spring mvc api gather path with ContextPath --- .../convertor/RequestMappingInfoConvertor.java | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java index 561e07199..e11856eac 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java @@ -56,7 +56,7 @@ private void parsePathPatternsRequestCondition() { Path path = new Path(); // 方法是第二级 parseRequestMethodsRequestCondition(path); - pathMap.put(s, path); + pathMap.put(buildFullUrl(s), path); }); } } catch (Throwable e) { @@ -73,7 +73,7 @@ public void accept(String s) { Path path = new Path(); // 方法是第二级 parseRequestMethodsRequestCondition(path); - pathMap.put(s, path); + pathMap.put(buildFullUrl(s), path); } }); } @@ -82,6 +82,15 @@ public void accept(String s) { } } + private String buildFullUrl(String path) { + String contextPath = this.webApplicationContext.getApplicationName(); + if (contextPath == null || contextPath.isEmpty()) { + return path; + } else { + return contextPath + path; + } + } + /** * 根据请求方法扩展为多个 */ From e71aa4e521d376ce5d447e5af1ebb9dc7188aa4d Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Tue, 4 Jul 2023 11:22:49 +0800 Subject: [PATCH 18/24] fix: open api judge is java bean rule change from getter to setter --- .../JavaBeanOpenApiSchemaConvertor.java | 31 ++++++++----------- 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java index 5cc29afaf..2bb6e7d5f 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/JavaBeanOpenApiSchemaConvertor.java @@ -88,7 +88,7 @@ private List parseFieldList(Class clazz) { List allFieldList = new ArrayList<>(); Set fieldNameSet = new HashSet<>(); - Set getterNameLowercaseSet = new HashSet<>(); + Set setterNameLowercaseSet = new HashSet<>(); Class currentClass = clazz; while (currentClass != null && currentClass != Object.class) { @@ -104,7 +104,7 @@ private List parseFieldList(Class clazz) { } // 收集类上的方法名字 - getterNameLowercaseSet.addAll(parseGetterNameLowercaseSet(currentClass)); + setterNameLowercaseSet.addAll(parseSetterNameLowercaseSet(currentClass)); // 再处理父类,一路向上知道找到根 currentClass = currentClass.getSuperclass(); @@ -113,7 +113,7 @@ private List parseFieldList(Class clazz) { // 然后筛选出来符合条件的字段,作为bean的属性 List beanFieldList = new ArrayList<>(); allFieldList.forEach(field -> { - if (isBeanField(field, getterNameLowercaseSet)) { + if (isBeanField(field, setterNameLowercaseSet)) { beanFieldList.add(field); } }); @@ -125,10 +125,10 @@ private List parseFieldList(Class clazz) { * 判断Field是否是bean的field * * @param field - * @param getterNameLowercaseSet + * @param setterNameLowercaseSet * @return */ - private boolean isBeanField(Field field, Set getterNameLowercaseSet) { + private boolean isBeanField(Field field, Set setterNameLowercaseSet) { // 采用白名单的方式,public并且是实例方法则认为是可以的 if (Modifier.isPublic(field.getModifiers())) { @@ -136,30 +136,25 @@ private boolean isBeanField(Field field, Set getterNameLowercaseSet) { } // 私有方法并且有对应的getter - String setterMethodName = ""; - if (field.getType() == boolean.class || field.getType() == Boolean.class) { - setterMethodName = "is" + field.getName().toLowerCase(); - } else { - setterMethodName = "get" + field.getName().toLowerCase(); - } - return getterNameLowercaseSet.contains(setterMethodName); + String setterMethodName = "set" + field.getName().toLowerCase(); + return setterNameLowercaseSet.contains(setterMethodName); } /** - * 解析类上的getter方法,并将其方法名都转为小写返回 + * 解析类上的setter方法,并将其方法名都转为小写返回 * * @param clazz * @return */ - private Set parseGetterNameLowercaseSet(Class clazz) { - Set getterNameLowercaseSet = new HashSet<>(); + private Set parseSetterNameLowercaseSet(Class clazz) { + Set setterNameLowercaseSet = new HashSet<>(); for (Method declaredMethod : clazz.getDeclaredMethods()) { // 这里采用比较简单的策略,只要是关键字开头的就认为是ok的 - if (declaredMethod.getName().startsWith("get") || declaredMethod.getName().startsWith("is")) { - getterNameLowercaseSet.add(declaredMethod.getName().toLowerCase()); + if (declaredMethod.getName().startsWith("set")) { + setterNameLowercaseSet.add(declaredMethod.getName().toLowerCase()); } } - return getterNameLowercaseSet; + return setterNameLowercaseSet; } @Override From 44140ffc580dafb49ea1665f29a6d1344e452086 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Tue, 4 Jul 2023 11:25:14 +0800 Subject: [PATCH 19/24] fix: open api support date type --- .../iast/api/openapi/convertor/PrimitiveTypeConvertor.java | 4 ++++ .../java/io/dongtai/iast/api/openapi/domain/DataType.java | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java index 3bbe3c2cb..0bf2e783d 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/PrimitiveTypeConvertor.java @@ -3,6 +3,7 @@ import io.dongtai.iast.api.openapi.domain.DataType; import io.dongtai.iast.api.openapi.domain.Schema; +import java.util.Date; import java.util.HashSet; import java.util.Set; @@ -21,6 +22,7 @@ public class PrimitiveTypeConvertor extends BaseOpenApiSchemaConvertor { // 这里把String也看做是primitive的了 ,虽然看起来可能有点奇怪... primitiveTypeSet.add(String.class); + primitiveTypeSet.add(Date.class); primitiveTypeSet.add(Character.class); primitiveTypeSet.add(char.class); @@ -74,6 +76,8 @@ public Schema convert(Class simpleClass) { // 字符串类型和字符类型都修改为字符串类型,注意这里产生了一个类型丢失 if (simpleClass == String.class || simpleClass == Character.class || simpleClass == char.class) { return new Schema(DataType.String()); + } else if (simpleClass == Date.class) { + return new Schema(DataType.Date()); } else if (simpleClass == Byte.class || simpleClass == byte.class || simpleClass == Short.class || simpleClass == short.class || simpleClass == Integer.class || simpleClass == int.class) { diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java index eba285c17..83684fd97 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/domain/DataType.java @@ -71,6 +71,10 @@ public static DataType String() { return new DataType("string", null, null); } + public static DataType Date() { + return new DataType("string", "date-time", null); + } + public static DataType StringArray() { return Array(String()); } From 68350ceb6a610e5e211da2cdccfbcfd69b0ddcbf Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Tue, 4 Jul 2023 11:32:53 +0800 Subject: [PATCH 20/24] fix: open api support Collection.class --- .../convertor/CollectionOpenApiSchemaConvertor.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java index 285354863..88c382101 100644 --- a/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-openapi/src/main/java/io/dongtai/iast/api/openapi/convertor/CollectionOpenApiSchemaConvertor.java @@ -2,6 +2,8 @@ import io.dongtai.iast.api.openapi.domain.Schema; +import java.util.Collection; + /** * 用于Java内置的集合类型的转换,比如List、Set、Map * @@ -31,10 +33,15 @@ public boolean canConvert(Class clazz) { return clazz != null && ( listOpenApiSchemaConvertor.canConvert(clazz) || setOpenApiSchemaConvertor.canConvert(clazz) || - mapOpenApiSchemaConvertor.canConvert(clazz) + mapOpenApiSchemaConvertor.canConvert(clazz) || + isCollectionClass(clazz) ); } + private boolean isCollectionClass(Class clazz) { + return clazz != null && Collection.class.isAssignableFrom(clazz); + } + @Override public Schema convert(Class clazz) { if (listOpenApiSchemaConvertor.canConvert(clazz)) { @@ -43,6 +50,8 @@ public Schema convert(Class clazz) { return setOpenApiSchemaConvertor.convert(clazz); } else if (mapOpenApiSchemaConvertor.canConvert(clazz)) { return mapOpenApiSchemaConvertor.convert(clazz); + } else if (isCollectionClass(clazz)) { + return listOpenApiSchemaConvertor.convert(clazz); } else { return null; } From 5d460c104cb2ce277dc44a630b9716c2fed07199 Mon Sep 17 00:00:00 2001 From: cc11001100 Date: Tue, 4 Jul 2023 12:31:58 +0800 Subject: [PATCH 21/24] fix: spring mvc http method ignore trace --- .../convertor/RequestMappingInfoConvertor.java | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java index e11856eac..e953696a1 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/src/main/java/io/dongtai/iast/api/gather/spring/convertor/RequestMappingInfoConvertor.java @@ -100,7 +100,15 @@ private void parseRequestMethodsRequestCondition(Path path) { Set methods = c.getMethods(); // 如果此处默认为空的话,则将其扩展为所有的情况 if (methods.isEmpty()) { - methods = new HashSet<>(Arrays.asList(RequestMethod.values())); + // 2023-7-4 12:31:06 默认情况下认为方法不映射trace + methods = new HashSet<>(Arrays.asList(RequestMethod.GET, + RequestMethod.HEAD, + RequestMethod.POST, + RequestMethod.PUT, + RequestMethod.PATCH, + RequestMethod.DELETE, + RequestMethod.OPTIONS + )); } methods.forEach(new Consumer() { @Override @@ -128,9 +136,10 @@ public void accept(RequestMethod requestMethod) { case OPTIONS: path.setOptions(operation); break; - case TRACE: - path.setTrace(operation); - break; + // 2023-7-4 12:30:52 忽略所有的trace方法 +// case TRACE: +// path.setTrace(operation); +// break; } } }); From a032c4c2f9c8313e82bb6b54d608e2a8c889c538 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Jul 2023 10:59:02 +0000 Subject: [PATCH 22/24] build(deps): bump dubbo Bumps [dubbo](https://github.com/apache/dubbo) from 2.7.13 to 2.7.21. - [Release notes](https://github.com/apache/dubbo/releases) - [Changelog](https://github.com/apache/dubbo/blob/3.2/CHANGES.md) - [Commits](https://github.com/apache/dubbo/compare/dubbo-2.7.13...dubbo-2.7.21) --- updated-dependencies: - dependency-name: org.apache.dubbo:dubbo dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml index 628a00b6c..1c3d364ae 100644 --- a/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml +++ b/dongtai-api-gather/dongtai-api-gather-dubbo-api/pom.xml @@ -16,7 +16,7 @@ org.apache.dubbo dubbo - 2.7.13 + 2.7.21 provided From 208a0c44d65d8319e0ea3668833d86e67e38068d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Jul 2023 02:29:15 +0000 Subject: [PATCH 23/24] build(deps): bump spring-webmvc Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 5.3.10 to 5.3.18. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.10...v5.3.18) --- updated-dependencies: - dependency-name: org.springframework:spring-webmvc dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml b/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml index c4ef4a562..8ae40731b 100644 --- a/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml +++ b/dongtai-api-gather/dongtai-api-gather-spring-api/pom.xml @@ -15,7 +15,7 @@ org.springframework spring-webmvc - 5.3.10 + 5.3.18 provided From 09a90e9a651eb89d84f6166d149f07c4853d1aed Mon Sep 17 00:00:00 2001 From: lostsnow Date: Wed, 5 Jul 2023 11:01:43 +0800 Subject: [PATCH 24/24] bump version to 1.12.0-beta1 --- .../java/io/dongtai/iast/common/constants/AgentConstant.java | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai-common/src/main/java/io/dongtai/iast/common/constants/AgentConstant.java b/dongtai-common/src/main/java/io/dongtai/iast/common/constants/AgentConstant.java index ffa7158a7..c320fe002 100644 --- a/dongtai-common/src/main/java/io/dongtai/iast/common/constants/AgentConstant.java +++ b/dongtai-common/src/main/java/io/dongtai/iast/common/constants/AgentConstant.java @@ -1,7 +1,7 @@ package io.dongtai.iast.common.constants; public class AgentConstant { - public static final String VERSION_VALUE = "v1.11.0"; + public static final String VERSION_VALUE = "v1.12.0-beta1"; public static final String LANGUAGE = "JAVA"; public static final String THREAD_NAME_PREFIX = "DongTai-IAST-"; public static final String THREAD_NAME_PREFIX_CORE = "DongTai-IAST-Core-"; diff --git a/pom.xml b/pom.xml index f90255806..009db6b4c 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ 4.0.0 - 1.11.0 + 1.12.0-beta1 UTF-8 io.dongtai.iast.thirdparty