Add messages endpoint to sidecar (#176)

* Add messages endpoint to sidecar

* Address Sonar flagged security issue

Author: russgold

wls-exporter-core/src/main/java/com/oracle/wls/exporter/AuthenticatedCall.java

@@ -24,7 +24,7 @@ public abstract class AuthenticatedCall {
     private final UrlBuilder urlBuilder;
 
 
-    public AuthenticatedCall(WebClientFactory webClientFactory, InvocationContext context) {
+    protected AuthenticatedCall(WebClientFactory webClientFactory, InvocationContext context) {
         this.webClientFactory = webClientFactory;
         this.context = context;
         this.urlBuilder = context.createUrlBuilder();

wls-exporter-core/src/main/java/com/oracle/wls/exporter/ConfigurationCall.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2021, Oracle and/or its affiliates.
+// Copyright (c) 2021, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter;
@@ -11,7 +11,7 @@
 
 public abstract class ConfigurationCall extends AuthenticatedCall {
 
-  public ConfigurationCall(WebClientFactory webClientFactory, InvocationContext context) {
+  protected ConfigurationCall(WebClientFactory webClientFactory, InvocationContext context) {
     super(webClientFactory, context);
   }
 
@@ -40,7 +40,7 @@ private void authenticate(WebClient webClient) throws IOException {
 
   abstract void reportUnableToUpdateConfiguration(InvocationContext context, ConfigurationException e) throws IOException;
 
-  static abstract class ConfigurationAction {
+  abstract static class ConfigurationAction {
 
     private ExporterConfig uploadedConfig;
 
@@ -49,8 +49,8 @@ final void defineUploadedFile(InputStream inputStream) {
         uploadedConfig = ExporterConfig.loadConfig(inputStream);
       } catch (ConfigurationException e) {
         throw e;
-      } catch (Throwable e) {
-        throw new RuntimeException("Unable to understand specified configuration");
+      } catch (Exception e) {
+        throw new ConfigurationException("Unable to understand specified configuration");
       }
     }
 
@@ -60,4 +60,6 @@ ExporterConfig getUploadedConfig() {
       return uploadedConfig;
     }
   }
+
+
 }

wls-exporter-core/src/main/java/com/oracle/wls/exporter/InvocationContext.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2021, Oracle and/or its affiliates.
+// Copyright (c) 2021, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter;
@@ -71,7 +71,7 @@ public interface InvocationContext {
   void setResponseHeader(String name, String value);
 
   /**
-   * Updates the response with a status but does not close he response stream.
+   * Updates the response with a status but does not close the response stream.
    * @param status an HTTP status code
    */
   void setStatus(int status);

wls-exporter-core/src/main/java/com/oracle/wls/exporter/MessagesCall.java

@@ -0,0 +1,22 @@
+// Copyright (c) 2022, Oracle and/or its affiliates.
+// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+package com.oracle.wls.exporter;
+
+import java.io.IOException;
+import java.io.PrintStream;
+
+public class MessagesCall extends AuthenticatedCall {
+
+  public MessagesCall(WebClientFactory webClientFactory, InvocationContext context) {
+    super(webClientFactory, context);
+  }
+
+  @Override
+  protected void invoke(WebClient webClient, InvocationContext context) throws IOException {
+    try (PrintStream out = context.getResponseStream()) {
+      for (String message : WlsRestExchanges.getExchanges())
+        out.println(message);
+    }
+  }
+}

wls-exporter-core/src/main/java/com/oracle/wls/exporter/WlsRestExchanges.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2021, Oracle and/or its affiliates.
+// Copyright (c) 2021, 2022 Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter;
@@ -16,7 +16,10 @@ public class WlsRestExchanges {
   public static final int MAX_EXCHANGES = 5;
   private static final String TEMPLATE = "REQUEST to %s:%n%s%nREPLY:%n%s%n";
 
-  public static final Queue<String> exchanges = new ConcurrentLinkedDeque<>();
+  private static final Queue<String> exchanges = new ConcurrentLinkedDeque<>();
+
+  private WlsRestExchanges() {
+  }
 
   /**
    * Returns a list of the most recent exchanges.

wls-exporter-core/src/main/java/com/oracle/wls/exporter/domain/ConfigurationException.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2017, 2020, Oracle and/or its affiliates.
+// Copyright (c) 2017, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter.domain;
@@ -17,7 +17,7 @@ public class ConfigurationException extends RuntimeException {
     static final String NO_QUERY_SYNC_URL = "query_sync defined without url";
     private final List<String> context = new ArrayList<>();
 
-    ConfigurationException(String description) {
+    public ConfigurationException(String description) {
         super(description);
     }
 

wls-exporter-core/src/main/java/com/oracle/wls/exporter/webapp/MessagesServlet.java

@@ -1,16 +1,18 @@
-// Copyright (c) 2019, 2021, Oracle and/or its affiliates.
+// Copyright (c) 2019, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter.webapp;
 
 import java.io.IOException;
-import javax.servlet.ServletOutputStream;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import com.oracle.wls.exporter.WlsRestExchanges;
+import com.oracle.wls.exporter.MessagesCall;
+import com.oracle.wls.exporter.ServletInvocationContext;
+import com.oracle.wls.exporter.WebClientFactory;
+import com.oracle.wls.exporter.WebClientFactoryImpl;
 
 import static com.oracle.wls.exporter.WebAppConstants.MESSAGES_PAGE;
 
@@ -20,11 +22,24 @@
 @WebServlet("/" + MESSAGES_PAGE)
 public class MessagesServlet extends HttpServlet {
 
+    private final WebClientFactory webClientFactory;
+
+    public MessagesServlet() {
+        this(new WebClientFactoryImpl());
+    }
+
+    public MessagesServlet(WebClientFactory webClientFactory) {
+        this.webClientFactory = webClientFactory;
+    }
+
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        try(ServletOutputStream out = resp.getOutputStream()) {
-            for (String message : WlsRestExchanges.getExchanges())
-                out.println(message);
+        try {
+            ServletUtils.setServer(req);
+            MessagesCall call = new MessagesCall(webClientFactory, new ServletInvocationContext(req, resp));
+            call.doWithAuthentication();
+        } catch (IOException e) {
+            resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         }
     }
 

wls-exporter-core/src/test/java/com/oracle/wls/exporter/webapp/MessagesServletTest.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2019, 2021, Oracle and/or its affiliates.
+// Copyright (c) 2019, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter.webapp;
@@ -9,6 +9,7 @@
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 
+import com.oracle.wls.exporter.WebClientFactoryStub;
 import com.oracle.wls.exporter.WlsRestExchanges;
 import org.hamcrest.Matcher;
 import org.junit.jupiter.api.BeforeEach;
@@ -27,83 +28,87 @@
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.notNullValue;
 
-public class MessagesServletTest {
-    private static final int EXCESS_EXCHANGES = 3;
-    private static final String URL = "http://localhost:7001";
-    private final MessagesServlet servlet = new MessagesServlet();
-    private final HttpServletRequestStub request = createGetRequest();
-    private final HttpServletResponseStub response = createServletResponse();
+class MessagesServletTest {
 
-    @BeforeEach
-    public void setUp() {
-        WlsRestExchanges.clear();
-    }
+  private static final int EXCESS_EXCHANGES = 3;
+  private static final String URL = "http://localhost:7001";
+  private final WebClientFactoryStub factory = new WebClientFactoryStub();
+  private final MessagesServlet servlet = new MessagesServlet(factory);
+  private final HttpServletRequestStub request = createGetRequest();
+  private final HttpServletResponseStub response = createServletResponse();
 
-    @Test
-    public void diagnostics_isHttpServlet() {
-        assertThat(servlet, instanceOf(HttpServlet.class));
-    }
+  @BeforeEach
+  public void setUp() {
+    WlsRestExchanges.clear();
+  }
 
-    @Test
-    public void servlet_isPublic() {
-        assertThat(Modifier.isPublic(MessagesServlet.class.getModifiers()), is(true));
-    }
+  @Test
+  void diagnostics_isHttpServlet() {
+    assertThat(servlet, instanceOf(HttpServlet.class));
+  }
 
-    @Test
-    public void servlet_hasWebServletAnnotation() {
-        assertThat(MessagesServlet.class.getAnnotation(WebServlet.class), notNullValue());
-    }
+  @Test
+  void servlet_isPublic() {
+    assertThat(Modifier.isPublic(MessagesServlet.class.getModifiers()), is(true));
+  }
 
-    @Test
-    public void servletAnnotationIndicatesMetricsPage() {
-        WebServlet annotation = MessagesServlet.class.getAnnotation(WebServlet.class);
+  @Test
+  void servlet_hasWebServletAnnotation() {
+    assertThat(MessagesServlet.class.getAnnotation(WebServlet.class), notNullValue());
+  }
 
-        assertThat(annotation.value(), arrayContaining("/messages"));
-    }
+  @Test
+  void servletAnnotationIndicatesMetricsPage() {
+    WebServlet annotation = MessagesServlet.class.getAnnotation(WebServlet.class);
 
-    @Test
-    public void afterExchangeAdded_retrieveExchange() {
-        WlsRestExchanges.addExchange(URL, "request 1", "response1");
+    assertThat(annotation.value(), arrayContaining("/messages"));
+  }
 
-      assertThat(WlsRestExchanges.getExchanges(), hasItem(both(containsString("request 1")).and(containsString("response1"))));
-    }
+  @Test
+  void afterExchangeAdded_retrieveExchange() {
+    WlsRestExchanges.addExchange(URL, "request 1", "response1");
 
-    @Test
-    public void afterMaximumExchangesAdded_retrieveAllExchanges() {
-        IntStream.rangeClosed(1, MAX_EXCHANGES).forEach(this::addTestExchange);
+    assertThat(WlsRestExchanges.getExchanges(),
+          hasItem(both(containsString("request 1")).and(containsString("response1"))));
+  }
 
-      assertThat(WlsRestExchanges.getExchanges(), contains(getExchangeMatchers(1, MAX_EXCHANGES)));
-    }
+  @Test
+  void afterMaximumExchangesAdded_retrieveAllExchanges() {
+    IntStream.rangeClosed(1, MAX_EXCHANGES).forEach(this::addTestExchange);
 
-    private void addTestExchange(int i) {
-        WlsRestExchanges.addExchange(URL, "request " + i, "response " + i);
-    }
+    assertThat(WlsRestExchanges.getExchanges(), contains(getExchangeMatchers(1, MAX_EXCHANGES)));
+  }
 
-    @SuppressWarnings("unchecked")
-    private Matcher<String>[] getExchangeMatchers(int first, int last) {
-        return IntStream.rangeClosed(first, last).mapToObj(this::getExchangeMatcher).toArray(Matcher[]::new);
-    }
+  private void addTestExchange(int i) {
+    WlsRestExchanges.addExchange(URL, "request " + i, "response " + i);
+  }
 
-    private Matcher<String> getExchangeMatcher(int i)  {
-        return containsString("request " + i);
-    }
+  @SuppressWarnings("unchecked")
+  private Matcher<String>[] getExchangeMatchers(int first, int last) {
+    return IntStream.rangeClosed(first, last).mapToObj(this::getExchangeMatcher).toArray(Matcher[]::new);
+  }
 
-    @Test
-    public void afterMoreThanMaximumExchangesAdded_retrieveLastMExchanges() {
-        IntStream.rangeClosed(1, MAX_EXCHANGES+EXCESS_EXCHANGES).forEach(this::addTestExchange);
+  private Matcher<String> getExchangeMatcher(int i) {
+    return containsString("request " + i);
+  }
 
-      assertThat(WlsRestExchanges.getExchanges(), contains(getExchangeMatchers(EXCESS_EXCHANGES+1, MAX_EXCHANGES+EXCESS_EXCHANGES)));
-    }
+  @Test
+  void afterMoreThanMaximumExchangesAdded_retrieveLastMExchanges() {
+    IntStream.rangeClosed(1, MAX_EXCHANGES + EXCESS_EXCHANGES).forEach(this::addTestExchange);
 
-    @Test
-    public void whenServletInvoked_responseDisplaysRecentExchanges() throws IOException {
-        IntStream.rangeClosed(1, MAX_EXCHANGES).forEach(this::addTestExchange);
+    assertThat(WlsRestExchanges.getExchanges(),
+          contains(getExchangeMatchers(EXCESS_EXCHANGES + 1, MAX_EXCHANGES + EXCESS_EXCHANGES)));
+  }
 
-        servlet.doGet(request, response);
+  @Test
+  void whenServletInvoked_responseDisplaysRecentExchanges() throws IOException {
+    IntStream.rangeClosed(1, MAX_EXCHANGES).forEach(this::addTestExchange);
 
-        assertThat(response.getHtml(), containsString("request 4"));
-    }
+    servlet.doGet(request, response);
 
-    // todo report last commit
-    // todo diagnose classpath issues (all should be in the WAR)
+    assertThat(response.getHtml(), containsString("request 4"));
+  }
+
+  // todo report last commit
+  // todo diagnose classpath issues (all should be in the WAR)
 }

wls-exporter-sidecar/src/main/java/com/oracle/wls/exporter/sidecar/MetricsService.java

@@ -1,4 +1,4 @@
-// Copyright (c) 2021, Oracle and/or its affiliates.
+// Copyright (c) 2021, 2022, Oracle and/or its affiliates.
 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 package com.oracle.wls.exporter.sidecar;
@@ -13,6 +13,7 @@
 import com.oracle.wls.exporter.ExporterCall;
 import com.oracle.wls.exporter.InvocationContext;
 import com.oracle.wls.exporter.LiveConfiguration;
+import com.oracle.wls.exporter.MessagesCall;
 import com.oracle.wls.exporter.WebClientFactory;
 import io.helidon.common.configurable.ThreadPoolSupplier;
 import io.helidon.webserver.Routing;
@@ -28,6 +29,7 @@ class MetricsService implements Service {
     private final AuthenticatedHandler metricsHandler = new AuthenticatedHandler(ExporterCall::new);
     private final AuthenticatedHandler configurationHandler = new AuthenticatedHandler(ConfigurationPutCall::new);
     private final MainHandler mainHandler = new MainHandler();
+    private final AuthenticatedHandler messagesHandler = new AuthenticatedHandler(MessagesCall::new);
     private final int listenPort;
 
     MetricsService(SidecarConfiguration configuration, WebClientFactory webClientFactory) {
@@ -48,6 +50,7 @@ public void update(Routing.Rules rules) {
         rules
               .get("/", mainHandler::dispatch)
               .get("/metrics", metricsHandler::dispatch)
+              .get("/messages", messagesHandler::dispatch)
               .put("/configuration", configurationHandler::dispatch);
     }
 
@@ -92,4 +95,5 @@ void invoke(InvocationContext context) throws IOException {
             context.close();
         }
     }
+
 }