Merge remote-tracking branch 'origin/HEAD' into observability-provider

fmeheust · fmeheust · commit 5f93f5eafeca · 2026-02-05T14:22:10.000+01:00
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStoreConnectionStringProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStoreConnectionStringProvider.java
@@ -107,6 +107,10 @@ public String getConnectionString(Map<Parameter, CharSequence> parameterValues)
       return connectionString;
     } catch (IOException e) {
       throw new IllegalStateException("Failed to read tnsnames.ora content", e);
+    } catch (StringIndexOutOfBoundsException | IllegalStateException parseException) {
+      throw new IllegalStateException(
+        "Invalid or corrupted tnsnames.ora content. Ensure the secret contains valid, complete tnsnames.ora data (base64-encoded or plain text).", parseException
+      );
     }
   }
 }
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStorePasswordProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStorePasswordProvider.java
@@ -73,6 +73,10 @@ public ParameterStorePasswordProvider() {
    */
   @Override
   public char[] getPassword(Map<Parameter, CharSequence> parameterValues) {
-    return getSecret(parameterValues).toCharArray();
+    String password = getSecret(parameterValues);
+    if (password == null || password.trim().isEmpty()) {
+      throw new IllegalArgumentException("Password parameter content is blank.");
+    }
+    return password.toCharArray();
   }
 }
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStoreUsernameProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/ParameterStoreUsernameProvider.java
@@ -73,6 +73,10 @@ public ParameterStoreUsernameProvider() {
    */
   @Override
   public String getUsername(Map<Parameter, CharSequence> parameterValues) {
-    return getSecret(parameterValues);
+    String username = getSecret(parameterValues);
+    if (username == null || username.trim().isEmpty()) {
+      throw new IllegalArgumentException("Username parameter content is blank.");
+    }
+    return username;
   }
 }
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerConnectionStringProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerConnectionStringProvider.java
@@ -113,6 +113,10 @@ public String getConnectionString(Map<Parameter, CharSequence> parameterValues)
       return connectionString;
     } catch (IOException e) {
       throw new IllegalStateException("Failed to read tnsnames.ora content", e);
+    } catch (StringIndexOutOfBoundsException | IllegalStateException parseException) {
+      throw new IllegalStateException(
+        "Invalid or corrupted tnsnames.ora content. Ensure the secret contains valid, complete tnsnames.ora data (base64-encoded or plain text).", parseException
+      );
     }
   }
 
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerPasswordProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerPasswordProvider.java
@@ -72,6 +72,10 @@ public SecretsManagerPasswordProvider() {
    */
   @Override
   public char[] getPassword(Map<Parameter, CharSequence> parameterValues) {
-    return getSecret(parameterValues).toCharArray();
+    String password = getSecret(parameterValues);
+    if (password == null || password.trim().isEmpty()) {
+      throw new IllegalArgumentException("Password secret content is blank.");
+    }
+    return password.toCharArray();
   }
 }
diff --git a/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerUsernameProvider.java b/ojdbc-provider-aws/src/main/java/oracle/jdbc/provider/aws/resource/SecretsManagerUsernameProvider.java
@@ -72,6 +72,10 @@ public SecretsManagerUsernameProvider() {
    */
   @Override
   public String getUsername(Map<Parameter, CharSequence> parameterValues) {
-    return getSecret(parameterValues);
+    String username = getSecret(parameterValues);
+    if (username == null || username.trim().isEmpty()) {
+      throw new IllegalArgumentException("Username secret content is blank.");
+    }
+    return username;
   }
 }
diff --git a/ojdbc-provider-common/src/main/java/oracle/jdbc/provider/util/WalletUtils.java b/ojdbc-provider-common/src/main/java/oracle/jdbc/provider/util/WalletUtils.java
@@ -194,7 +194,11 @@ public static Credentials getCredentials(
       wallet.setWalletArray(walletBytes, walletPassword);
     }
     catch (IOException ioException) {
-      throw new IllegalStateException("Failed to open wallet", ioException);
+      String message = "Failed to open wallet. The wallet content may be corrupted or incomplete.";
+      if (walletPassword != null) {
+        message += " If a walletPassword is required and was provided, it may be incorrect.";
+      }
+      throw new IllegalStateException(message, ioException);
     }
 
     try {
diff --git a/ojdbc-provider-gcp/src/main/java/oracle/jdbc/provider/gcp/resource/GcpSecretManagerPasswordProvider.java b/ojdbc-provider-gcp/src/main/java/oracle/jdbc/provider/gcp/resource/GcpSecretManagerPasswordProvider.java
@@ -63,6 +63,11 @@ public GcpSecretManagerPasswordProvider() {
   public char[] getPassword(Map<Parameter, CharSequence> parameterValues) {
     ByteString secret = getSecret(parameterValues);
     String password = secret.toStringUtf8();
+
+    if (password == null || password.trim().isEmpty()) {
+      throw new IllegalArgumentException("Password secret content is blank.");
+    }
+
     return password.toCharArray();
   }
 
diff --git a/ojdbc-provider-gcp/src/main/java/oracle/jdbc/provider/gcp/resource/GcpSecretManagerUsernameProvider.java b/ojdbc-provider-gcp/src/main/java/oracle/jdbc/provider/gcp/resource/GcpSecretManagerUsernameProvider.java
@@ -60,7 +60,12 @@ public GcpSecretManagerUsernameProvider() {
 
   @Override
   public String getUsername(Map<Parameter, CharSequence> parameterValues) {
-    return getSecret(parameterValues).toStringUtf8();
+    String username = getSecret(parameterValues).toStringUtf8();
+
+    if (username == null || username.trim().isEmpty()) {
+      throw new IllegalArgumentException("Username secret content is blank");
+    }
+    return username;
   }
 
 }
diff --git a/ojdbc-provider-oci/src/main/java/oracle/jdbc/provider/oci/resource/VaultConnectionStringProvider.java b/ojdbc-provider-oci/src/main/java/oracle/jdbc/provider/oci/resource/VaultConnectionStringProvider.java
@@ -119,7 +119,12 @@ public String getConnectionString(Map<Parameter, CharSequence> parameterValues)
     String secretValue = getVaultSecret(parameterValues)
                            .getBase64Secret();
 
-    byte[] fileBytes = Base64.getDecoder().decode(secretValue);
+    byte[] fileBytes;
+    try {
+      fileBytes = Base64.getDecoder().decode(secretValue);
+    } catch (IllegalArgumentException e) {
+      throw new IllegalStateException("Invalid base64 encoding in secret", e);
+    }
 
     TNSNames tnsNames;
     try (InputStream inputStream = new ByteArrayInputStream(fileBytes)) {

Original file line number	Diff line number	Diff line change
`@@ -107,6 +107,10 @@ public String getConnectionString(Map<Parameter, CharSequence> parameterValues)`
`107`	`107`	`return connectionString;`
`108`	`108`	`} catch (IOException e) {`
`109`	`109`	`throw new IllegalStateException("Failed to read tnsnames.ora content", e);`
	`110`	`+ } catch (StringIndexOutOfBoundsException \| IllegalStateException parseException) {`
	`111`	`+ throw new IllegalStateException(`
	`112`	`+ "Invalid or corrupted tnsnames.ora content. Ensure the secret contains valid, complete tnsnames.ora data (base64-encoded or plain text).", parseException`
	`113`	`+ );`
`110`	`114`	`}`
`111`	`115`	`}`
`112`	`116`	`}`
Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,10 @@ public ParameterStorePasswordProvider() {`
`73`	`73`	`*/`
`74`	`74`	`@Override`
`75`	`75`	`public char[] getPassword(Map<Parameter, CharSequence> parameterValues) {`
`76`		`- return getSecret(parameterValues).toCharArray();`
	`76`	`+ String password = getSecret(parameterValues);`
	`77`	`+ if (password == null \|\| password.trim().isEmpty()) {`
	`78`	`+ throw new IllegalArgumentException("Password parameter content is blank.");`
	`79`	`+ }`
	`80`	`+ return password.toCharArray();`
`77`	`81`	`}`
`78`	`82`	`}`
Original file line number	Diff line number	Diff line change
`@@ -113,6 +113,10 @@ public String getConnectionString(Map<Parameter, CharSequence> parameterValues)`
`113`	`113`	`return connectionString;`
`114`	`114`	`} catch (IOException e) {`
`115`	`115`	`throw new IllegalStateException("Failed to read tnsnames.ora content", e);`
	`116`	`+ } catch (StringIndexOutOfBoundsException \| IllegalStateException parseException) {`
	`117`	`+ throw new IllegalStateException(`
	`118`	`+ "Invalid or corrupted tnsnames.ora content. Ensure the secret contains valid, complete tnsnames.ora data (base64-encoded or plain text).", parseException`
	`119`	`+ );`
`116`	`120`	`}`
`117`	`121`	`}`
`118`	`122`
Original file line number	Diff line number	Diff line change
`@@ -72,6 +72,10 @@ public SecretsManagerPasswordProvider() {`
`72`	`72`	`*/`
`73`	`73`	`@Override`
`74`	`74`	`public char[] getPassword(Map<Parameter, CharSequence> parameterValues) {`
`75`		`- return getSecret(parameterValues).toCharArray();`
	`75`	`+ String password = getSecret(parameterValues);`
	`76`	`+ if (password == null \|\| password.trim().isEmpty()) {`
	`77`	`+ throw new IllegalArgumentException("Password secret content is blank.");`
	`78`	`+ }`
	`79`	`+ return password.toCharArray();`
`76`	`80`	`}`
`77`	`81`	`}`
Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,11 @@ public static Credentials getCredentials(`
`194`	`194`	`wallet.setWalletArray(walletBytes, walletPassword);`
`195`	`195`	`}`
`196`	`196`	`catch (IOException ioException) {`
`197`		`- throw new IllegalStateException("Failed to open wallet", ioException);`
	`197`	`+ String message = "Failed to open wallet. The wallet content may be corrupted or incomplete.";`
	`198`	`+ if (walletPassword != null) {`
	`199`	`+ message += " If a walletPassword is required and was provided, it may be incorrect.";`
	`200`	`+ }`
	`201`	`+ throw new IllegalStateException(message, ioException);`
`198`	`202`	`}`
`199`	`203`
`200`	`204`	`try {`
Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,12 @@ public GcpSecretManagerUsernameProvider() {`
`60`	`60`
`61`	`61`	`@Override`
`62`	`62`	`public String getUsername(Map<Parameter, CharSequence> parameterValues) {`
`63`		`- return getSecret(parameterValues).toStringUtf8();`
	`63`	`+ String username = getSecret(parameterValues).toStringUtf8();`
	`64`	`+`
	`65`	`+ if (username == null \|\| username.trim().isEmpty()) {`
	`66`	`+ throw new IllegalArgumentException("Username secret content is blank");`
	`67`	`+ }`
	`68`	`+ return username;`
`64`	`69`	`}`
`65`	`70`
`66`	`71`	`}`