More unit tests, annotation support, bug fixes

Bug fixes and additional unit tests. Annotation support completes the
feature required to address #15. The service does not automatically
load annotated filter classes, these will have to be added manually
with the new startup event.

Author: sapessi

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsServletContext.java

@@ -354,8 +354,11 @@ public FilterRegistration.Dynamic addFilter(String name, Filter filter) {
             return null;
         }
 
-        FilterHolder newFilter = new FilterHolder(name, filter, this);
-        filters.put(name, newFilter);
+        FilterHolder newFilter = new FilterHolder(filter, this);
+        if (!"".equals(name.trim())) {
+            newFilter.setFilterName(name);
+        }
+        filters.put(newFilter.getFilterName(), newFilter);
         return newFilter.getRegistration();
     }
 

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/FilterChainHolder.java

@@ -62,6 +62,31 @@ public void addFilter(FilterHolder newFilter) {
         filters.add(newFilter);
     }
 
+    /**
+     * Returns the number of filters loaded in the chain holder
+     * @return The number of filters in the chain holder. If the filter chain is null then this will return 0
+     */
+    public int filterCount() {
+        if (filters == null) {
+            return 0;
+        } else {
+            return filters.size();
+        }
+    }
+
+    /**
+     * Get the <code>FilterHolder</code> object from the chain at the given index.
+     * @param idx The index in the chain. Use the <code>filterCount</code> method to get the filter count
+     * @return A populated FilterHolder object
+     */
+    public FilterHolder getFilter(int idx) {
+        if (filters == null) {
+            return null;
+        } else {
+            return filters.get(idx);
+        }
+    }
+
     //-------------------------------------------------------------
     // Implementation - FilterChain
     //-------------------------------------------------------------

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/FilterChainManager.java

@@ -35,6 +35,7 @@ public abstract class FilterChainManager<ServletContextType> {
     // we use the synchronizedMap because we do not expect high concurrency on this object. Lambda only allows one
     // event at a time per container
     private Map<TargetCacheKey, FilterChainHolder> filterCache = Collections.synchronizedMap(new HashMap<TargetCacheKey, FilterChainHolder>());
+    private int filtersSize = -1;
 
     //-------------------------------------------------------------
     // Variables - Protected
@@ -79,7 +80,11 @@ public FilterChainHolder getFilterChain(HttpServletRequest request) {
         String targetPath = request.getServletPath();
         DispatcherType type = request.getDispatcherType();
 
-        if (getFilterChainCache(type, targetPath) != null) {
+        if (filtersSize == -1) {
+            getFilterHolders().size();
+        }
+        // only return the cached result if the filter list hasn't changed in the meanwhile
+        if (getFilterHolders().size() == filtersSize && getFilterChainCache(type, targetPath) != null) {
             return getFilterChainCache(type, targetPath);
         }
 
@@ -107,6 +112,10 @@ public FilterChainHolder getFilterChain(HttpServletRequest request) {
         }
 
         putFilterChainCache(type, targetPath, chainHolder);
+        // update total filter size
+        if (filtersSize != registrations.size()) {
+            filtersSize = registrations.size();
+        }
         return chainHolder;
     }
 
@@ -188,13 +197,13 @@ protected boolean pathMatches(String target, String mapping) {
                 return false;
             }
             // the exact work doesn't match the and holder is not a wildcard
-            if (!targetParts[i].equals(mappingParts[i]) && !mappingParts[i].equals("*")) {
-                return false;
-            } else {
-                // stop the loop, we have found a wildcard and all path parts prior to this matched.
-                break;
+            if (!targetParts[i].equals(mappingParts[i])) {
+                if (mappingParts[i].equals("*")) {
+                    break;
+                } else {
+                    return false;
+                }
             }
-
         }
 
         return true;
@@ -204,7 +213,7 @@ protected boolean pathMatches(String target, String mapping) {
      * Object used as a key for the filter chain cache. It contains a target path and dispatcher type property. It overrides
      * the default <code>hashCode</code> and <code>equals</code> methods to return a consistent hash for comparison.
      */
-    private class TargetCacheKey {
+    protected static class TargetCacheKey {
         private String targetPath;
         private DispatcherType dispatcherType;
 
@@ -224,12 +233,34 @@ public void setDispatcherType(DispatcherType dispatcherType) {
             this.dispatcherType = dispatcherType;
         }
 
+        /**
+         * The hash code for a cache key is calculated using the target path and dispatcher type. First, the target path
+         * is cleaned following these rules:
+         *  1. trim white spaces
+         *  2. Add "/" as first character if not there
+         *  3. Remove "/" as last character if it is there
+         *
+         * Once the path is cleaned, a string in the form of TARGET_PATH:DISPATCHER_TYPE is generated and used for the
+         * hash code
+         * @return An int representing the hash code fo the generated string
+         */
         @Override
         public int hashCode() {
             if (targetPath == null || dispatcherType == null) {
                 return -1;
             }
-            return (targetPath + ":" + dispatcherType.name()).hashCode();
+
+            // clean up path
+            String hashString = targetPath.trim();
+            if (hashString.endsWith(PATH_PART_SEPARATOR)) {
+                hashString = hashString.substring(0, hashString.length() - 1);
+            }
+            if (!hashString.startsWith(PATH_PART_SEPARATOR)) {
+                hashString = PATH_PART_SEPARATOR + hashString;
+            }
+            hashString += ":" + dispatcherType.name();
+
+            return hashString.hashCode();
         }
 
         @Override

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/FilterHolder.java

@@ -13,6 +13,8 @@
 package com.amazonaws.serverless.proxy.internal.servlet;
 
 import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.annotation.WebInitParam;
 import java.util.*;
 
 /**
@@ -55,10 +57,26 @@ public FilterHolder(String name, Filter newFilter, ServletContext context) {
         filterInitialized = false;
     }
 
+    public FilterHolder(Filter newFilter, ServletContext context) {
+        this(newFilter.getClass().getName(), newFilter, context);
+
+        if (isAnnotated()) {
+            filterName = readAnnotatedFilterName();
+            initParameters = readAnnotatedInitParams();
+            registration = new Registration(getAnnotation());
+        }
+
+    }
+
     //-------------------------------------------------------------
     // Methods - Public
     //-------------------------------------------------------------
 
+
+    public void setFilterName(String filterName) {
+        this.filterName = filterName;
+    }
+
     /**
      * Checks whether the filter this holder is responsible for has been initialized. This method should be checked before
      * calling a filter, if it returns false then you should call the <code>init</code> method.
@@ -128,6 +146,47 @@ public ServletContext getServletContext() {
         return servletContext;
     }
 
+    public boolean isAnnotated() {
+        return filter.getClass().isAnnotationPresent(WebFilter.class);
+    }
+
+    //-------------------------------------------------------------
+    // Methods - Private
+    //-------------------------------------------------------------
+
+    private String readAnnotatedFilterName() {
+        if (isAnnotated()) {
+            WebFilter regAnnotation = filter.getClass().getAnnotation(WebFilter.class);
+            if (!"".equals(regAnnotation.filterName().trim())) {
+                return regAnnotation.filterName();
+            } else {
+                return filter.getClass().getName();
+            }
+        } else {
+            return null;
+        }
+    }
+
+    private Map<String, String> readAnnotatedInitParams() {
+        Map<String, String> initParams = new HashMap<>();
+        if (isAnnotated()) {
+            WebFilter regAnnotation = filter.getClass().getAnnotation(WebFilter.class);
+            for (WebInitParam param : regAnnotation.initParams()) {
+                initParams.put(param.name(), param.value());
+            }
+        }
+
+        return initParams;
+    }
+
+    private WebFilter getAnnotation() {
+        if (isAnnotated()) {
+            return filter.getClass().getAnnotation(WebFilter.class);
+        } else {
+            return null;
+        }
+    }
+
     /**
      * Registration class for the filter. This object stores the servlet names and the url patterns the filter is
      * associated with.
@@ -143,6 +202,24 @@ public Registration() {
             asyncSupported = false;
         }
 
+        public Registration(WebFilter annotation) {
+            urlPatterns = new ArrayList<>();
+            dispatcherTypes = new ArrayList<>();
+
+            EnumSet<DispatcherType> dispatchers = EnumSet.noneOf(DispatcherType.class);
+            dispatchers.addAll(Arrays.asList(annotation.dispatcherTypes()));
+
+            if (annotation.value().length > 0) {
+                addMappingForUrlPatterns(dispatchers, true, annotation.value());
+            }
+
+            if (annotation.urlPatterns().length > 0) {
+                addMappingForUrlPatterns(dispatchers, true, annotation.urlPatterns());
+            }
+
+            asyncSupported = annotation.asyncSupported();
+        }
+
         @Override
         public void addMappingForServletNames(EnumSet<DispatcherType> types, boolean isLast, String... servlets) {
             throw new UnsupportedOperationException();

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/filters/UrlPathValidator.java

@@ -0,0 +1,93 @@
+/*
+ * Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ * with the License. A copy of the License is located at
+ *
+ * http://aws.amazon.com/apache2.0/
+ *
+ * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
+ * OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
+ * and limitations under the License.
+ */
+package com.amazonaws.serverless.proxy.internal.servlet.filters;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.regex.Pattern;
+
+/**
+ * Simple path validator filter. This is a default implementation to prevent malformed paths from hitting the framework
+ * app. This applies to all paths by default
+ */
+@WebFilter(filterName = "UrlPathValidator", urlPatterns = {"/*"})
+public class UrlPathValidator implements Filter {
+    public static final int DEFAULT_ERROR_CODE = 404;
+    public static final Pattern PATH_PATTERN = Pattern.compile("^(/[-\\w:@&?=+,.!/~*'%$_;]*)?$");
+    private int invalidStatusCode;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        if (filterConfig.getInitParameter("invalid_status_code") != null) {
+            String statusCode = filterConfig.getInitParameter("invalid_status_code");
+            try {
+                invalidStatusCode = Integer.parseInt(statusCode);
+            } catch (NumberFormatException e) {
+                invalidStatusCode = DEFAULT_ERROR_CODE;
+            }
+        }
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        // the getServletPath method of the AwsProxyHttpServletRequest returns the request path
+        String path = ((HttpServletRequest)servletRequest).getServletPath();
+        if (path == null) {
+            setErrorResponse(servletResponse);
+            return;
+        }
+
+        if (!PATH_PATTERN.matcher(path).matches()) {
+            setErrorResponse(servletResponse);
+            return;
+        }
+
+        // Logic taken from the Apache UrlValidator. I opted not to include Apache lib as a dependency to save space
+        // in the final Lambda function package
+        int slashCount = countStrings("/", path);
+        int dot2Count = countStrings("..", path);
+        int slash2Count = countStrings("//", path);
+        if (dot2Count > 0 && (slashCount - slash2Count - 1) <= dot2Count){
+            setErrorResponse(servletResponse);
+            return;
+        }
+
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+
+    private void setErrorResponse(ServletResponse resp) {
+        ((HttpServletResponse)resp).setStatus(invalidStatusCode);
+    }
+
+    private int countStrings(String needle, String haystack) {
+        int curIndex = 0;
+        int stringCount = 0;
+
+        while (curIndex != -1) {
+            curIndex = haystack.indexOf(needle, curIndex);
+            if (curIndex > -1) {
+                curIndex++;
+                stringCount++;
+            }
+        }
+        return stringCount;
+    }
+}