Protect STOMP passcode from showing up in logs
Issue: SRP-10868
This commit is contained in:
@@ -44,6 +44,8 @@ import org.springframework.util.StringUtils;
|
||||
*/
|
||||
public class StompHeaderAccessor extends SimpMessageHeaderAccessor {
|
||||
|
||||
private static final AtomicLong messageIdCounter = new AtomicLong();
|
||||
|
||||
// STOMP header names
|
||||
|
||||
public static final String STOMP_ID_HEADER = "id";
|
||||
@@ -83,10 +85,9 @@ public class StompHeaderAccessor extends SimpMessageHeaderAccessor {
|
||||
|
||||
// Other header names
|
||||
|
||||
public static final String COMMAND_HEADER = "stompCommand";
|
||||
private static final String COMMAND_HEADER = "stompCommand";
|
||||
|
||||
|
||||
private static final AtomicLong messageIdCounter = new AtomicLong();
|
||||
private static final String CREDENTIALS_HEADER = "stompCredentials";
|
||||
|
||||
|
||||
/**
|
||||
@@ -128,6 +129,12 @@ public class StompHeaderAccessor extends SimpMessageHeaderAccessor {
|
||||
super.setSubscriptionId(values.get(0));
|
||||
}
|
||||
}
|
||||
else if (StompCommand.CONNECT.equals(command)) {
|
||||
if (!StringUtils.isEmpty(getPasscode())) {
|
||||
setHeader(CREDENTIALS_HEADER, new StompPasscode(getPasscode()));
|
||||
setPasscode("PROTECTED");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -197,6 +204,18 @@ public class StompHeaderAccessor extends SimpMessageHeaderAccessor {
|
||||
return result;
|
||||
}
|
||||
|
||||
public Map<String, List<String>> toStompHeaderMap() {
|
||||
if (StompCommand.CONNECT.equals(getCommand())) {
|
||||
StompPasscode credentials = (StompPasscode) getHeader(CREDENTIALS_HEADER);
|
||||
if (credentials != null) {
|
||||
Map<String, List<String>> headers = toNativeHeaderMap();
|
||||
headers.put(STOMP_PASSCODE_HEADER, Arrays.asList(credentials.passcode));
|
||||
return headers;
|
||||
}
|
||||
}
|
||||
return toNativeHeaderMap();
|
||||
}
|
||||
|
||||
public void setCommandIfNotSet(StompCommand command) {
|
||||
if (getCommand() == null) {
|
||||
setHeader(COMMAND_HEADER, command);
|
||||
@@ -338,4 +357,18 @@ public class StompHeaderAccessor extends SimpMessageHeaderAccessor {
|
||||
setNativeHeader(STOMP_VERSION_HEADER, version);
|
||||
}
|
||||
|
||||
|
||||
private static class StompPasscode {
|
||||
|
||||
private final String passcode;
|
||||
|
||||
public StompPasscode(String passcode) {
|
||||
this.passcode = passcode;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "[PROTECTED]";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -141,7 +141,7 @@ public class StompMessageConverter {
|
||||
try {
|
||||
out.write(stompHeaders.getCommand().toString().getBytes("UTF-8"));
|
||||
out.write(LF);
|
||||
for (Entry<String, List<String>> entry : stompHeaders.toNativeHeaderMap().entrySet()) {
|
||||
for (Entry<String, List<String>> entry : stompHeaders.toStompHeaderMap().entrySet()) {
|
||||
String key = entry.getKey();
|
||||
key = replaceAllOutbound(key);
|
||||
for (String value : entry.getValue()) {
|
||||
|
||||
Reference in New Issue
Block a user