Support numbers in secret names (#522)

* Support numbers in secret names. * Support dots and slashes for secret names.
camunda · Jul 26, 2023 · 9e5438f · 9e5438f
1 parent 5d26936
commit 9e5438f
Show file tree

Hide file tree

Showing 2 changed files with 68 additions and 5 deletions.
diff --git a/core/src/main/java/io/camunda/connector/impl/secret/SecretUtil.java b/core/src/main/java/io/camunda/connector/impl/secret/SecretUtil.java
@@ -25,7 +25,7 @@
 public class SecretUtil {
 
   private static final Pattern SECRET_PATTERN_SECRETS =
-      Pattern.compile("secrets\\.(?<secret>[a-zA-Z_-]*)");
+      Pattern.compile("secrets\\.(?<secret>([a-zA-Z0-9]+[\\/._-])*[a-zA-Z0-9]+)");
 
   private static final Pattern SECRET_PATTERN_PARENTHESES =
       Pattern.compile("\\{\\{\\s*secrets\\.(?<secret>\\S+?\\s*)}}");
@@ -67,11 +67,16 @@ private static String replaceSecretsWithoutParentheses(
 
   private static String resolveSecretValue(
       Function<String, String> secretReplacer, Matcher matcher) {
-    var result = secretReplacer.apply(matcher.group("secret").trim());
-    if (result != null) {
-      return result;
+    var secretName = matcher.group("secret").trim();
+    if (!secretName.isBlank() && !secretName.isEmpty()) {
+      var result = secretReplacer.apply(secretName);
+      if (result != null) {
+        return result;
+      } else {
+        return matcher.group();
+      }
     } else {
-      return matcher.group();
+      return null;
     }
   }
 }
diff --git a/core/src/test/java/io/camunda/connector/impl/secret/SecretUtilTests.java b/core/src/test/java/io/camunda/connector/impl/secret/SecretUtilTests.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH
+ * under one or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information regarding copyright
+ * ownership. Camunda licenses this file to you under the Apache License,
+ * Version 2.0; you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.camunda.connector.impl.secret;
+
+import static org.mockito.Mockito.*;
+
+import java.util.function.Function;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+
+public class SecretUtilTests {
+
+  @ParameterizedTest
+  @CsvSource({
+    "secrets.test,test, true",
+    "secrets.TEST,TEST, true",
+    "secrets.A/B,A/B, true",
+    "secrets.A.B,A.B, true",
+    "{secrets.TEST},TEST, true",
+    "secrets.TEST0,TEST0, true",
+    "secrets.TEST-0,TEST-0, true",
+    "secrets.TEST_0,TEST_0, true",
+    "secrets.TEST_TEST,TEST_TEST, true",
+    "secrets.a_b_c_d_e_f,a_b_c_d_e_f, true",
+    "secrets.a.b.c.d.e.f,a.b.c.d.e.f, true",
+    "secrets.TEST TEST,TEST,true",
+    "secrets._TEST,,false",
+    "secrets./TEST,,false",
+    "secrets.-TEST,,false",
+    "secrets..TEST,,false",
+    "secrets.,,false",
+    "secrets..,,false",
+    "secrets.?,,false"
+  })
+  void testSecretPattern(String input, String secret, Boolean shouldDetect) {
+    var secretReplacer = mock(Function.class);
+    SecretUtil.replaceSecrets(input, secretReplacer);
+    if (shouldDetect) {
+      verify(secretReplacer).apply(secret);
+    } else {
+      verifyNoInteractions(secretReplacer);
+    }
+  }
+}