Consider corner cases for servlet route detection

instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/HttpServletHelper.java

@@ -6,7 +6,6 @@
 import com.newrelic.api.agent.security.schema.ApplicationURLMapping;
 import com.newrelic.api.agent.security.schema.Framework;
 import com.newrelic.api.agent.security.schema.HttpRequest;
-import com.newrelic.api.agent.security.schema.StringUtils;
 import com.newrelic.api.agent.security.schema.policy.AgentPolicy;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 
@@ -15,7 +14,6 @@
 import javax.servlet.http.HttpServletRequest;
 import java.util.Collection;
 import java.util.Enumeration;
-import java.util.Iterator;
 import java.util.Map;
 
 public class HttpServletHelper {
@@ -156,12 +154,21 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP")
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, SERVLET_2_4, e.getMessage()), e, HttpServletHelper.class.getName());
         }
     }
+
     public static void setRoute(HttpServletRequest request, HttpRequest securityRequest, AgentMetaData metaData) {
-        if (StringUtils.isNotBlank(securityRequest.getRoute())){
-            return;
+        try {
+            if (URLMappingsHelper.getApplicationURLMappings().isEmpty()){
+                return;
+            }
+            String route = request.getServletPath();
+            if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, route))) {
+                securityRequest.setRoute(route);
+            } else if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, route+URLMappingsHelper.subResourceSegment))) {
+                securityRequest.setRoute(route + URLMappingsHelper.subResourceSegment);
+            }
+            metaData.setFramework(Framework.SERVLET);
+        } catch (Exception e){
+            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_ROUTE_FOR_INCOMING_REQUEST, SERVLET_2_4, e.getMessage()), e, HttpServletHelper.class.getName());
         }
-        // TODO verify if request.getServletPath() present in detected API Endpoints then simply set Route else add /* to ServletPath
-        securityRequest.setRoute(request.getServletPath());
-        metaData.setFramework(Framework.SERVLET);
     }
 }

instrumentation-security/servlet-3.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet30/HttpServletHelper.java

@@ -8,7 +8,6 @@
 import com.newrelic.api.agent.security.schema.ApplicationURLMapping;
 import com.newrelic.api.agent.security.schema.Framework;
 import com.newrelic.api.agent.security.schema.HttpRequest;
-import com.newrelic.api.agent.security.schema.StringUtils;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 
 import javax.servlet.ServletContext;
@@ -53,12 +52,21 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP")
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, SERVLET_3_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
     }
+
     public static void setRoute(HttpServletRequest request, HttpRequest securityRequest, AgentMetaData metaData) {
-        if (StringUtils.isNotBlank(securityRequest.getRoute())){
-            return;
+        try {
+            if (URLMappingsHelper.getApplicationURLMappings().isEmpty()){
+                return;
+            }
+            String route = request.getServletPath();
+            if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, route))) {
+                securityRequest.setRoute(route);
+            } else if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, route+URLMappingsHelper.subResourceSegment))) {
+                securityRequest.setRoute(route + URLMappingsHelper.subResourceSegment);
+            }
+            metaData.setFramework(Framework.SERVLET);
+        } catch (Exception e){
+            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_ROUTE_FOR_INCOMING_REQUEST, SERVLET_3_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
-        // TODO verify if request.getServletPath() present in detected API Endpoints then simply set Route else add /* to ServletPath
-        securityRequest.setRoute(request.getServletPath());
-        metaData.setFramework(Framework.SERVLET);
     }
 }

instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/HttpServletHelper.java

@@ -156,13 +156,21 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP")
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, SERVLET_5_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
     }
+
     public static void setRoute(HttpServletRequest request, HttpRequest securityRequest, AgentMetaData metaData){
-        HttpServletMapping mapping = request.getHttpServletMapping();
-        if (!mapping.getMappingMatch().equals(MappingMatch.EXTENSION)){
-            securityRequest.setRoute(mapping.getPattern());
-        } else {
-            securityRequest.setRoute(request.getServletPath());
+        try {
+            if (URLMappingsHelper.getApplicationURLMappings().isEmpty()){
+                return;
+            }
+            HttpServletMapping mapping = request.getHttpServletMapping();
+            if (!mapping.getMappingMatch().equals(MappingMatch.EXTENSION) && URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, mapping.getPattern()))){
+                securityRequest.setRoute(mapping.getPattern());
+            } else if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, mapping.getPattern()))) {
+                securityRequest.setRoute(request.getServletPath());
+            }
+            metaData.setFramework(Framework.SERVLET);
+        } catch (Exception e){
+            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_ROUTE_FOR_INCOMING_REQUEST, SERVLET_5_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
-        metaData.setFramework(Framework.SERVLET);
     }
 }

instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/HttpServletHelper.java

@@ -156,13 +156,21 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP")
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, SERVLET_6_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
     }
+
     public static void setRoute(HttpServletRequest request, HttpRequest securityRequest, AgentMetaData metaData){
-        HttpServletMapping mapping = request.getHttpServletMapping();
-        if (!mapping.getMappingMatch().equals(MappingMatch.EXTENSION)){
-            securityRequest.setRoute(mapping.getPattern());
-        } else {
-            securityRequest.setRoute(request.getServletPath());
+        try {
+            if (URLMappingsHelper.getApplicationURLMappings().isEmpty()){
+                return;
+            }
+            HttpServletMapping mapping = request.getHttpServletMapping();
+            if (!mapping.getMappingMatch().equals(MappingMatch.EXTENSION) && URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, mapping.getPattern()))){
+                securityRequest.setRoute(mapping.getPattern());
+            } else if (URLMappingsHelper.getApplicationURLMappings().contains(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, mapping.getPattern()))) {
+                securityRequest.setRoute(request.getServletPath());
+            }
+            metaData.setFramework(Framework.SERVLET);
+        } catch (Exception e){
+            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_ROUTE_FOR_INCOMING_REQUEST, SERVLET_6_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
-        metaData.setFramework(Framework.SERVLET);
     }
 }