Moving most of the sanitization logic and tests to JsonTelemetryDataSerializer, updating tests

dhaval24 · dhaval24 · commit cdede9ec2eed · 2017-09-20T14:26:02.000-07:00
diff --git a/core/src/main/java/com/microsoft/applicationinsights/telemetry/JsonTelemetryDataSerializer.java b/core/src/main/java/com/microsoft/applicationinsights/telemetry/JsonTelemetryDataSerializer.java
@@ -24,11 +24,13 @@
 import com.google.common.base.Strings;
 import com.microsoft.applicationinsights.internal.schemav2.DataPointType;
 import com.microsoft.applicationinsights.internal.util.LocalStringsUtils;
+import org.apache.http.annotation.Obsolete;
 
 import java.io.BufferedWriter;
 import java.io.IOException;
 import java.io.StringWriter;
 import java.io.Writer;
+import java.text.StringCharacterIterator;
 import java.util.*;
 
 /**
@@ -178,14 +180,26 @@ public void write(String name, Date value) throws IOException {
         separator = JSON_SEPARATOR;
     }
 
+    @Obsolete
     public void write(String name, String value) throws IOException {
-        if (value == null) {
+        //This method is practically not used anywhere .Will be removed with all other
+        //obsolete classes in next major release
+    }
+
+    public void write(String name, String value, int len, boolean isReq) throws IOException {
+        if (value == null && !isReq) {
             return;
         }
 
+        //If field is required and not present set default value
+        if (value == null && isReq) {
+            value = "DEFAULT " + name;
+        }
+
         writeName(name);
         out.write(JSON_COMMA);
-        writeEscapedString(value);
+        String sanitizedValue = sanitizeStringForJSON(value, len);
+        out.write(sanitizedValue);
         out.write(JSON_COMMA);
         separator = JSON_SEPARATOR;
     }
@@ -207,6 +221,7 @@ public <T extends JsonSerializable> void write(String name, T value) throws IOEx
     }
 
     public <T> void write(String name, Map<String, T> map) throws IOException {
+
         if (map == null) {
             return;
         }
@@ -220,7 +235,7 @@ public <T> void write(String name, Map<String, T> map) throws IOException {
 
                 separator = "";
                 for (Map.Entry<String, T> entry : map.entrySet()) {
-                    writeName(entry.getKey());
+                    writeName(sanitizeKey(entry.getKey()));
                     write(entry.getValue());
                     separator = JSON_SEPARATOR;
                 }
@@ -232,6 +247,7 @@ public <T> void write(String name, Map<String, T> map) throws IOException {
         }
     }
 
+
     public <T> void write(String name, List<T> list) throws IOException {
         if (list == null) {
             return;
@@ -273,7 +289,7 @@ private <T> void write(T item) throws IOException {
                 out.write(String.valueOf(item));
             } else {
                 String truncatedName = truncate(String.valueOf(item), 8192);
-                String sanitizedItem = SanitizationUtils.sanitizeStringForJSON(truncatedName, false);
+                String sanitizedItem = sanitizeStringForJSON(truncatedName, 8192);
                 out.write(JSON_COMMA);
                 out.write(sanitizedItem);
                 out.write(JSON_COMMA);
@@ -296,11 +312,10 @@ private <T extends JsonSerializable> String createJsonFor(T value) throws IOExce
     }
 
     private void writeName(String name) throws IOException {
-        String truncatedString = truncate(name, 150);
-        String sanitizedName = SanitizationUtils.sanitizeStringForJSON(truncatedString, true);
+
         out.write(separator);
         out.write(JSON_COMMA);
-        out.write(sanitizedName);
+        out.write(name);
         out.write(JSON_COMMA);
         out.write(JSON_NAME_VALUE_SEPARATOR);
     }
@@ -320,35 +335,76 @@ private static Set<Class<?>> getWrapperTypes()
         return ret;
     }
 
-    protected void writeEscapedString(String value) throws IOException {
-        for (char c : value.toCharArray()) {
-            switch (c) {
-                case '\\':
-                    out.write("\\\\");
-                    break;
-                case '"':
-                    out.write("\\\"");
-                    break;
-                case '\n':
-                    out.write("\\n");
-                    break;
-                case '\b':
-                    out.write("\\b");
-                    break;
-                case '\f':
-                    out.write("\\f");
-                    break;
-                case '\r':
-                    out.write("\\r");
-                    break;
-                case '\t':
-                    out.write("\\t");
-                    break;
-                default:
-                    out.write(c);
+    private String sanitizeStringForJSON(String text, int maxLength) {
+
+        final StringBuilder result = new StringBuilder();
+        StringCharacterIterator iterator = new StringCharacterIterator(text);
+        for (char curr = iterator.current(); curr != iterator.DONE && result.length() < maxLength - 2; curr = iterator.next()) {
+            if( curr == '\"' ){
+                result.append("\\\"");
+            }
+            else if (curr == '\'') {
+                result.append("\\\'");
+            }
+            else if(curr == '\\'){
+                result.append("\\\\");
+            }
+            else if(curr == '/'){
+                result.append("\\/");
+            }
+            else if(curr == '\b'){
+                result.append("\\b");
+            }
+            else if(curr == '\f'){
+                result.append("\\f");
+            }
+            else if(curr == '\n'){
+                result.append("\\n");
+            }
+            else if(curr == '\r'){
+                result.append("\\r");
+            }
+            else if(curr == '\t'){
+                result.append("\\t");
+            }
+            else if (!Character.isISOControl(curr)){
+                result.append(curr);
+            }
+            else {
+                if (result.length() + 7 < maxLength) { // needs 7 more character space to be appended
+                    result.append("\\u");
+                    result.append((String.format( "%04x", Integer.valueOf(curr))));
+                }
+                else {
                     break;
+                }
             }
         }
+        return result.toString();
+    }
+
+    private String sanitizeKey(String key) {
+        String sanitizedKey = trimAndTruncate(key, 150);
+        sanitizedKey = sanitizeStringForJSON(sanitizedKey, 150);
+        sanitizedKey = MakeKeyNonEmpty(sanitizedKey);
+        return sanitizedKey;
+    }
+
+    private static String trimAndTruncate(String value, int maxLength) {
+        if (value == null) {
+            return value;
+        }
+
+        String sanitized = value.trim();
+        if (sanitized.length() > maxLength) {
+            sanitized = sanitized.substring(0, maxLength);
+        }
+
+        return sanitized;
+    }
+
+    private String MakeKeyNonEmpty(String key) {
+        return Strings.isNullOrEmpty(key) ? "(required property name is empty)" : key;
     }
 
     private String truncate(String value, int len) {
diff --git a/core/src/test/java/com/microsoft/applicationinsights/telemetry/JsonTelemetryDataSerializerTest.java b/core/src/test/java/com/microsoft/applicationinsights/telemetry/JsonTelemetryDataSerializerTest.java
@@ -21,7 +21,10 @@
 
 package com.microsoft.applicationinsights.telemetry;
 
-import java.io.BufferedWriter;
+import com.google.gson.Gson;
+import com.google.gson.reflect.TypeToken;
+import org.junit.Test;
+
 import java.io.IOException;
 import java.io.Serializable;
 import java.io.StringWriter;
@@ -30,20 +33,18 @@
 import java.util.List;
 import java.util.Map;
 
-import com.google.gson.Gson;
-import org.junit.Test;
-
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
 
 public class JsonTelemetryDataSerializerTest {
-    private final static class TestClassWithStrings implements JsonSerializable, Serializable {
+        private final static class TestClassWithStrings implements JsonSerializable, Serializable {
         private String s1;
         private String s2;
 
         @Override
         public void serialize(JsonTelemetryDataSerializer serializer) throws IOException {
-            serializer.write("s1", s1);
-            serializer.write("s2", s2);
+            serializer.write("s1", s1, 100, true);
+            serializer.write("s2", s2, 15, false);
         }
 
         public String getS1() {
@@ -155,10 +156,10 @@ public void setList1(List<String> list1) {
         public void serialize(JsonTelemetryDataSerializer serializer) throws IOException {
             serializer.write("i1", i1);
             serializer.write("i2", i2);
-            serializer.write("s1", s1);
+            serializer.write("s1", s1, 10, true);
             serializer.write("l1", l1);
             serializer.write("l2", l2);
-            serializer.write("s2", s2);
+            serializer.write("s2", s2, 15, false);
             serializer.write("m1", m1);
             serializer.write("list1", list1);
         }
@@ -189,7 +190,6 @@ public void testStrings() throws IOException {
         testClassWithStrings.setS2("s2");
 
         StringWriter stringWriter = new StringWriter();
-        BufferedWriter bufferedWriter = new BufferedWriter(stringWriter);
         JsonTelemetryDataSerializer tested = new JsonTelemetryDataSerializer(stringWriter);
         testClassWithStrings.serialize(tested);
         tested.close();
@@ -198,6 +198,42 @@ public void testStrings() throws IOException {
         assertEquals(bac, testClassWithStrings);
     }
 
+    //This is to test if the write method with name parameters work
+    @Test
+    public void testLengthOfStrings() throws IOException {
+            TestClassWithStrings testClassWithStrings = new TestClassWithStrings();
+            String s1 = TelemetryTestsUtils.createString(110);
+            testClassWithStrings.setS1(s1);
+            testClassWithStrings.setS2("abc");
+            StringWriter stringWriter = new StringWriter();
+            JsonTelemetryDataSerializer tested = new JsonTelemetryDataSerializer(stringWriter);
+            testClassWithStrings.serialize(tested);
+            tested.close();
+            String str = stringWriter.toString();
+            TestClassWithStrings bac = new Gson().fromJson(str, TestClassWithStrings.class);
+            Map<String, String> recoveryMap = new Gson().fromJson(str, new TypeToken<HashMap<String, String>>() {}.getType());
+            assertNotEquals((recoveryMap.get("s1")).length(), s1.length());
+            assertNotEquals(bac, testClassWithStrings);
+    }
+
+
+    @Test
+    public void testSanitization() throws IOException {
+        TestClassWithStrings testClassWithStrings = new TestClassWithStrings();
+        String s1 = "\\'\\f\\b\\f\\n\\r\\t/\\";
+        String s2 = "0x0021\t";
+        testClassWithStrings.setS1(s1);
+        testClassWithStrings.setS2(s2);
+        StringWriter stringWriter = new StringWriter();
+        JsonTelemetryDataSerializer tested = new JsonTelemetryDataSerializer(stringWriter);
+        testClassWithStrings.serialize(tested);
+        tested.close();
+        String str = stringWriter.toString();
+        Map<String, String> recoveryMap = new Gson().fromJson(str, new TypeToken<HashMap<String, String>>() {}.getType());
+        assertEquals(recoveryMap.get("s1"), "\\'\\f\\b\\f\\n\\r\\t/\\");
+        assertEquals(recoveryMap.get("s2"), "0x0021\t");
+
+    }
     @Test
     public void test() throws IOException {
         StubClass stubClass = new StubClass();
@@ -210,15 +246,21 @@ public void test() throws IOException {
         stubClass.getM1().put("key1", 5);
         stubClass.getM1().put("key2", 6);
         stubClass.getM1().put("key3", 7);
-
         StringWriter stringWriter = new StringWriter();
-        BufferedWriter bufferedWriter = new BufferedWriter(stringWriter);
         JsonTelemetryDataSerializer tested = new JsonTelemetryDataSerializer(stringWriter);
         stubClass.serialize(tested);
         tested.close();
         String str = stringWriter.toString();
         StubClass bac = new Gson().fromJson(str, StubClass.class);
+        assertEquals(bac.i1, stubClass.i1);
+        assertEquals(bac.i2, stubClass.i2);
+        assertEquals(bac.l1, stubClass.l1);
+        assertEquals(bac.l2, stubClass.l2);
+        assertEquals(bac.list1, stubClass.list1);
+        assertEquals(bac.m1, stubClass.m1);
 //        System.out.println(str);
     }
 
+
+
 }
