fix codeql concerns

phrocker · phrocker · commit 3bb5a993bd61 · 2025-07-21T14:11:26.000-04:00
diff --git a/agent-launcher/src/main/java/io/sentrius/agent/launcher/api/AgentLauncherController.java b/agent-launcher/src/main/java/io/sentrius/agent/launcher/api/AgentLauncherController.java
@@ -69,7 +69,8 @@ public ResponseEntity<String> getAgentStatus(@RequestParam(name="agentId") Strin
         try {
             return ResponseEntity.ok(podLauncherService.statusById(agentId) );
         } catch (Exception e) {
-            return ResponseEntity.status(500).body("Status failed: " + e.getMessage());
+            log.error("Status failed", e);
+            return ResponseEntity.status(500).body("Status retrieval failed");
         }
     }
 
diff --git a/api/src/main/java/io/sentrius/sso/controllers/api/AgentBootstrapController.java b/api/src/main/java/io/sentrius/sso/controllers/api/AgentBootstrapController.java
@@ -221,8 +221,6 @@ public ResponseEntity<String> getAgentStatus(
         @RequestParam("agentId") String agentId, HttpServletRequest request, HttpServletResponse response
     ) throws GeneralSecurityException, IOException, ZtatException {
 
-
-        var operatingUser = getOperatingUser(request, response );
         String podResponse =
             agentClientService.getAgentPodStatus(appConfig.getSentriusLauncherService(), agentId);
         // bootstrap with a default policy
diff --git a/api/src/main/resources/templates/sso/agents/design_chat.html b/api/src/main/resources/templates/sso/agents/design_chat.html
@@ -343,7 +343,7 @@ <h2><i class="fas fa-robot"></i> Agent Designer</h2>
 
     <script type="module">
         import * as Chat from '/js/chat.js';
-        let sessionId = Math.floor(Math.random() * 1e12); // up to 12 digit
+        let sessionId = crypto.randomUUID();
         let conversationHistory = [];
         let availableAgent = null;
         const csrfToken = document.getElementById("csrf-token").value;
@@ -611,7 +611,7 @@ <h2><i class="fas fa-robot"></i> Agent Designer</h2>
                 </div>
             `;
             conversationHistory = [];
-            sessionId = Math.floor(Math.random() * 1e12); // up to 12 digit
+            sessionId = crypto.randomUUID();
         }
 
         window.clearChat = clearChat;
diff --git a/api/src/main/resources/templates/sso/atpl/chat.html b/api/src/main/resources/templates/sso/atpl/chat.html
@@ -361,7 +361,7 @@ <h2><i class="fas fa-robot"></i> ATPL Configuration Assistant</h2>
 
     <script type="module">
         import * as Chat from '/js/chat.js';
-        let sessionId = Math.floor(Math.random() * 1e12); // up to 12 digit
+        let sessionId = crypto.randomUUID();
         let conversationHistory = [];
         let availableAgent = null;
         const csrfToken = document.getElementById("csrf-token").value;
@@ -588,7 +588,7 @@ <h2><i class="fas fa-robot"></i> ATPL Configuration Assistant</h2>
                 </div>
             `;
             conversationHistory = [];
-            sessionId = Math.floor(Math.random() * 1e12); // up to 12 digit
+            sessionId = crypto.randomUUID();
         }
 
         window.clearChat = clearChat;
diff --git a/core/src/main/java/io/sentrius/sso/core/services/agents/AgentClientService.java b/core/src/main/java/io/sentrius/sso/core/services/agents/AgentClientService.java
@@ -240,9 +240,31 @@ public List<EndpointDescriptor> getAvailableVerbs(TokenDTO token) throws ZtatExc
     }
 
     public String getAgentPodStatus(String launcherService, String agentId) throws ZtatException {
-        return zeroTrustClientService.callAuthenticatedGetOnApi(launcherService,
+        var podResponse = zeroTrustClientService.callAuthenticatedGetOnApi(launcherService,
             "agent/launcher" +
                 "/status", Maps.immutableEntry("agentId", List.of(agentId)) );
+        String apiResponse = "Running";
+        switch(podResponse){
+            case "Running":
+                apiResponse = "Running";
+                break;
+            case "Pending":
+                apiResponse = "Pending";
+                break;
+            case "Succeeded":
+                apiResponse = "Succeeded";
+                break;
+            case "Failed":
+                apiResponse = "Failed";
+                break;
+            case "NotFound":
+                apiResponse = "NotFound";
+                break;
+            default:
+                log.error("Unknown pod status response: {}", podResponse);
+                apiResponse = "Unknown";
+        }
+        return apiResponse;
     }
 
     public AgentContextDTO getAgentContext(TokenDTO token, String agentContextId) throws ZtatException,

Original file line number	Diff line number	Diff line change
`@@ -69,7 +69,8 @@ public ResponseEntity<String> getAgentStatus(@RequestParam(name="agentId") Strin`
`69`	`69`	`try {`
`70`	`70`	`return ResponseEntity.ok(podLauncherService.statusById(agentId) );`
`71`	`71`	`} catch (Exception e) {`
`72`		`- return ResponseEntity.status(500).body("Status failed: " + e.getMessage());`
	`72`	`+ log.error("Status failed", e);`
	`73`	`+ return ResponseEntity.status(500).body("Status retrieval failed");`
`73`	`74`	`}`
`74`	`75`	`}`
`75`	`76`