Dlp

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/Action.java

@@ -0,0 +1,19 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.annot.MCAttribute;
+
+public abstract class Action {
+
+    private String field;
+
+    public abstract String apply(String json);
+
+    public String getField() {
+        return field;
+    }
+
+    @MCAttribute
+    public void setField(String field) {
+        this.field = field;
+    }
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/CsvFieldConfiguration.java

@@ -0,0 +1,65 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.*;
+
+/**
+ * Loads field risk mappings from CSV file with format:
+ * field_name,description,risk_level
+ * where risk_level should be one of: high, medium, low, unclassified
+ */
+public class CsvFieldConfiguration implements FieldConfiguration {
+
+    private static final Logger log = LoggerFactory.getLogger(CsvFieldConfiguration.class);
+
+    // Optional: define allowed risk levels
+    private static final Set<String> ALLOWED_RISK_LEVELS = Set.of("high", "medium", "low", "unclassified");
+
+    @Override
+    public Map<String, String> getFields(String fileName) {
+        try (InputStream inputStream = CsvFieldConfiguration.class.getClassLoader().getResourceAsStream(fileName)) {
+            if (inputStream == null) {
+                log.error("Could not find file: {}", fileName);
+                throw new NullPointerException("InputStream is null. File not found: " + fileName);
+            }
+
+            Map<String, String> riskDict = new HashMap<>();
+            BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
+            String line;
+            boolean isHeader = true;
+
+            while ((line = reader.readLine()) != null) {
+                line = line.trim();
+                if (isHeader) {
+                    isHeader = false;
+                    continue;
+                }
+                if (line.isEmpty() || line.startsWith("#")) continue;
+
+                String[] parts = line.split(",", -1);
+                if (parts.length >= 2) {
+                    String field = parts[0].trim().toLowerCase(Locale.ROOT);
+                    String riskLevel = parts[parts.length - 1].trim().toLowerCase(Locale.ROOT);
+
+                    if (!ALLOWED_RISK_LEVELS.contains(riskLevel)) {
+                        log.warn("Unknown risk level '{}' for field '{}'", riskLevel, field);
+                    }
+
+                    riskDict.put(field, riskLevel);
+                } else {
+                    log.warn("Invalid CSV line (too few columns): {}", line);
+                }
+            }
+
+            return riskDict;
+        } catch (IOException e) {
+            throw new RuntimeException("Failed to load risk data from " + fileName, e);
+        }
+    }
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/DLPAnalyzer.java

@@ -0,0 +1,67 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.fasterxml.jackson.core.JsonFactory;
+import com.fasterxml.jackson.core.JsonFactoryBuilder;
+import com.fasterxml.jackson.core.StreamReadConstraints;
+import com.fasterxml.jackson.core.json.JsonReadFeature;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.predic8.membrane.core.http.Message;
+
+import java.io.InputStream;
+import java.util.*;
+
+public class DLPAnalyzer {
+
+    private static final JsonFactory JSON_FACTORY = new JsonFactoryBuilder()
+            .configure(JsonReadFeature.ALLOW_TRAILING_COMMA, true)
+            .configure(JsonReadFeature.ALLOW_UNESCAPED_CONTROL_CHARS, false)
+            .streamReadConstraints(StreamReadConstraints.builder()
+                    .maxNestingDepth(64)
+                    .maxStringLength(16 * 1024)
+                    .build())
+            .build();
+
+    private static final ObjectMapper MAPPER = new ObjectMapper(JSON_FACTORY);
+
+    private final Map<String, String> riskDict;
+
+    public DLPAnalyzer(Map<String, String> riskDict) {
+        this.riskDict = Map.copyOf(riskDict);
+    }
+
+    public RiskReport analyze(Message msg) {
+        try (InputStream is = msg.getBodyAsStreamDecoded()) {
+            RiskReport report = new RiskReport();
+            traverse(MAPPER.readTree(is), new ArrayDeque<>(), report);
+            return report;
+        } catch (Exception e) {
+            throw new RuntimeException("Failed to analyse message", e);
+        }
+    }
+
+    private void traverse(JsonNode node, Deque<String> path, RiskReport report) {
+        if (node.isObject()) {
+            node.fieldNames().forEachRemaining(fieldName -> {
+                path.addLast(fieldName);
+                traverse(node.get(fieldName), path, report);
+                path.removeLast();
+            });
+        } else if (node.isArray()) {
+            for (JsonNode child : node) {
+                traverse(child, path, report);
+            }
+        } else {
+            String fullPath = String.join(".", path).toLowerCase(Locale.ROOT);
+            String simpleName = path.isEmpty() ? "" : path.getLast().toLowerCase(Locale.ROOT);
+            report.recordField(fullPath, classify(fullPath, simpleName));
+        }
+    }
+
+    private String classify(String fullPath, String simpleName) {
+        return Optional.ofNullable(riskDict.get(fullPath))
+                .or(() -> Optional.ofNullable(riskDict.get(simpleName)))
+                .orElse("unclassified")
+                .toLowerCase(Locale.ROOT);
+    }
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/DLPInterceptor.java

@@ -0,0 +1,119 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.annot.MCAttribute;
+import com.predic8.membrane.annot.MCChildElement;
+import com.predic8.membrane.annot.MCElement;
+import com.predic8.membrane.core.exchange.Exchange;
+import com.predic8.membrane.core.http.Message;
+import com.predic8.membrane.core.interceptor.AbstractInterceptor;
+import com.predic8.membrane.core.interceptor.Outcome;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.List;
+
+import static com.predic8.membrane.core.interceptor.Outcome.CONTINUE;
+
+@MCElement(name = "dlp")
+public class DLPInterceptor extends AbstractInterceptor {
+
+    private static final Logger log = LoggerFactory.getLogger(DLPInterceptor.class);
+    private DLPAnalyzer dlpAnalyzer;
+    private String fieldsConfig;
+    private List<Mask> masks = new ArrayList<>();
+    private List<Filter> filters = new ArrayList<>();
+    private List<Report> reports = new ArrayList<>();
+
+    @Override
+    public void init() {
+        if (fieldsConfig != null) {
+            dlpAnalyzer = new DLPAnalyzer(new CsvFieldConfiguration().getFields(fieldsConfig));
+        } else {
+            dlpAnalyzer = new DLPAnalyzer(java.util.Map.of());
+        }
+        super.init();
+    }
+
+    @Override
+    public Outcome handleRequest(Exchange exc) {
+        return handleInternal(exc.getRequest());
+    }
+
+    @Override
+    public Outcome handleResponse(Exchange exc) {
+        return handleInternal(exc.getResponse());
+    }
+
+    public Outcome handleInternal(Message msg) {
+        try {
+            log.info("DLP Risk Analysis: {}", dlpAnalyzer.analyze(msg).getLogReport());
+
+            if (!masks.isEmpty()) {
+                for (Mask mask : masks) {
+                    msg.setBodyContent(mask.apply(msg.getBodyAsStringDecoded())
+                            .getBytes(StandardCharsets.UTF_8));
+                }
+            }
+
+            if (!filters.isEmpty()) {
+                for (Filter filter : filters) {
+                    msg.setBodyContent(filter.apply(msg.getBodyAsStringDecoded())
+                            .getBytes(StandardCharsets.UTF_8));
+                }
+            }
+
+            if (!reports.isEmpty()) {
+                for (Report report : reports) {
+                    msg.setBodyContent(report.apply(msg.getBodyAsStringDecoded(), dlpAnalyzer.analyze(msg)).getBytes(StandardCharsets.UTF_8));
+                }
+            }
+
+            return CONTINUE;
+        } catch (Exception e) {
+            log.error("Exception in DLPInterceptor handleInternal: ", e);
+            return Outcome.ABORT;
+        }
+    }
+
+
+    public String getFieldsConfig() {
+        return fieldsConfig;
+    }
+
+    @MCAttribute
+    public void setFieldsConfig(String fieldsConfig) {
+        this.fieldsConfig = fieldsConfig;
+    }
+
+    public List<Mask> getMasks() {
+        return masks;
+    }
+
+    @MCChildElement
+    public DLPInterceptor setMasks(List<Mask> masks) {
+        this.masks = masks;
+        return this;
+    }
+
+    public List<Filter> getFilters() {
+        return filters;
+    }
+
+    @MCChildElement(order = 1)
+    public DLPInterceptor setFilters(List<Filter> filters) {
+        this.filters = filters;
+        return this;
+    }
+
+    public List<Report> getReports() {
+        return reports;
+    }
+
+    @MCChildElement(order = 2)
+    public void setReports(List<Report> reports) {
+        this.reports = reports;
+    }
+
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/Field.java

@@ -0,0 +1,19 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.annot.MCAttribute;
+import com.predic8.membrane.annot.MCElement;
+
+@MCElement(name = "field")
+public class Field {
+
+    private String jsonpath;
+
+    public String getJsonpath() {
+        return jsonpath;
+    }
+
+    @MCAttribute
+    public void setJsonpath(String jsonpath) {
+        this.jsonpath = jsonpath;
+    }
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/Field.txt

@@ -0,0 +1,50 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.annot.MCAttribute;
+import com.predic8.membrane.annot.MCElement;
+import com.predic8.membrane.core.http.Message;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Locale;
+import java.util.Objects;
+import java.util.regex.Pattern;
+
+@MCElement(name = "field")
+public class Field {
+
+    private static final Logger log = LoggerFactory.getLogger(Field.class);
+
+    private String name;
+    private Action action = Action.REPORT;
+    private Pattern compiled = Pattern.compile(".*");
+
+    @MCAttribute
+    public void setName(String name) {
+        this.name = Objects.requireNonNull(name, "field name must not be null");
+        this.compiled = Pattern.compile(name, Pattern.CASE_INSENSITIVE);
+    }
+
+    @MCAttribute
+    public void setAction(String action) {
+        this.action = Action.valueOf(action.toUpperCase(Locale.ROOT));
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getAction() {
+        return action.name().toLowerCase(Locale.ROOT);
+    }
+
+    public void handleAction(Message msg) {
+        try {
+            FieldActionStrategy.of(action.name().toLowerCase(Locale.ROOT)).apply(msg, compiled);
+        } catch (Exception e) {
+            log.error("DLP field action '{}' failed: {}", name, e);
+        }
+    }
+
+    private enum Action {MASK, FILTER, REPORT}
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/FieldActionStrategy.java

@@ -0,0 +1,19 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.core.http.Message;
+
+import java.util.Locale;
+import java.util.regex.Pattern;
+
+public interface FieldActionStrategy {
+    void apply(Message msg, Pattern pattern);
+
+    static FieldActionStrategy of(String action) {
+        return switch (action.toLowerCase(Locale.ROOT)) {
+            case "mask" -> new MaskField();
+            case "filter" -> new FilterField();
+            case "report" -> new ReportField();
+            default -> throw new IllegalArgumentException("Unknown action: " + action);
+        };
+    }
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/FieldConfiguration.java

@@ -0,0 +1,7 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import java.util.Map;
+
+public interface FieldConfiguration {
+    Map<String, String> getFields(String fileName);
+}

core/src/main/java/com/predic8/membrane/core/interceptor/dlp/Fields.java

@@ -0,0 +1,23 @@
+package com.predic8.membrane.core.interceptor.dlp;
+
+import com.predic8.membrane.annot.MCChildElement;
+import com.predic8.membrane.annot.MCElement;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@MCElement(name = "fields")
+public class Fields {
+
+    private List<Field> fields = new ArrayList<>();
+
+    @MCChildElement
+    public Fields setFields(List<Field> fields) {
+        this.fields = fields;
+        return this;
+    }
+
+    public List<Field> getFields() {
+        return fields;
+    }
+}