Polish SanitizingFunction

philwebb · philwebb · commit 28495d7d13c0 · 2025-02-11T19:26:29.000-08:00
See gh-39243
diff --git a/spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/SanitizingFunction.java b/spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/SanitizingFunction.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2021 the original author or authors.
+ * Copyright 2012-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -80,7 +80,7 @@ default SanitizableData applyUnlessFiltered(SanitizableData data) {
 	 * @see #sanitizeValue()
 	 */
 	default SanitizingFunction ifLikelySenstive() {
-		return ifLikelyCredential().ifLikelyUri().ifLikelySenstiveEnvironmentVariable().ifVcapServices();
+		return ifLikelyCredential().ifLikelyUri().ifLikelySenstiveProperty().ifVcapServices();
 	}
 
 	/**
@@ -113,15 +113,15 @@ default SanitizingFunction ifLikelyUri() {
 
 	/**
 	 * Return a new function with a filter that <em>also</em> applies if the data is
-	 * likely to sensitive environment variable value. This method can help construct a
+	 * likely to contain a sensitive property value. This method can help construct a
 	 * useful sanitizing function, but may not catch all sensitive data so care should be
 	 * taken to test the results for your specific environment.
 	 * @return a new sanitizing function with an updated {@link #filter()}
 	 * @since 3.5.0
 	 * @see #filter()
 	 * @see #sanitizeValue()
 	 */
-	default SanitizingFunction ifLikelySenstiveEnvironmentVariable() {
+	default SanitizingFunction ifLikelySenstiveProperty() {
 		return ifKeyMatches("sun.java.command", "^spring[._]application[._]json$");
 	}
 
@@ -431,4 +431,18 @@ static SanitizingFunction sanitizeValue() {
 		return SanitizableData::withSanitizedValue;
 	}
 
+	/**
+	 * Helper method that can be used working with a sanitizingFunction as a lambda. For
+	 * example: <pre class="code">
+	 * SanitizingFunction.of((data) -> data.withValue("----")).ifKeyContains("password");
+	 * </pre>
+	 * @param sanitizingFunction the sanitizing function lambda
+	 * @return a {@link SanitizingFunction} for further method calls
+	 * @since 3.5.0
+	 */
+	static SanitizingFunction of(SanitizingFunction sanitizingFunction) {
+		Assert.notNull(sanitizingFunction, "'sanitizingFunction' must not be null");
+		return sanitizingFunction;
+	}
+
 }
diff --git a/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizingFunctionTests.java b/spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizingFunctionTests.java
@@ -60,7 +60,7 @@ void applyUnlessFilteredWhenHasFilterTestingFalseReturnsUnfiltered() {
 	void ifLikelySenstiveFiltersExpected() {
 		SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstive();
 		assertThat(function).satisfies(this::likelyCredentialChecks, this::likelyUriChecks,
-				this::likelySenstiveEnvironmentVariableChecks, this::vcapServicesChecks);
+				this::likelySenstivePropertyChecks, this::vcapServicesChecks);
 	}
 
 	@Test
@@ -101,12 +101,12 @@ private void likelyUriChecks(SanitizingFunction function) {
 	}
 
 	@Test
-	void ifLikelySenstiveEnvironmentVariableFiltersExpected() {
-		SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstiveEnvironmentVariable();
-		assertThat(function).satisfies(this::likelySenstiveEnvironmentVariableChecks);
+	void ifLikelySenstivePropertyFiltersExpected() {
+		SanitizingFunction function = SanitizingFunction.sanitizeValue().ifLikelySenstiveProperty();
+		assertThat(function).satisfies(this::likelySenstivePropertyChecks);
 	}
 
-	private void likelySenstiveEnvironmentVariableChecks(SanitizingFunction function) {
+	private void likelySenstivePropertyChecks(SanitizingFunction function) {
 		assertThatApplyingToKey(function, "sun.java.command").has(sanitizedValue());
 		assertThatApplyingToKey(function, "spring.application.json").has(sanitizedValue());
 		assertThatApplyingToKey(function, "SPRING_APPLICATION_JSON").has(sanitizedValue());
@@ -305,6 +305,13 @@ void ifMatchesPredicateFiltersExpected() {
 		assertThatApplying(function, data("spring", null)).is(unsanitizedValue());
 	}
 
+	@Test
+	void ofAllowsChainingFromLambda() {
+		SanitizingFunction function = SanitizingFunction.of((data) -> data.withValue("----")).ifKeyContains("password");
+		assertThat(function.applyUnlessFiltered(data("username", "spring")).getValue()).isEqualTo("spring");
+		assertThat(function.applyUnlessFiltered(data("password", "boot")).getValue()).isEqualTo("----");
+	}
+
 	private ObjectAssert<SanitizableData> assertThatApplyingToKey(SanitizingFunction function, String key) {
 		return assertThatApplying(function, data(key));
 	}
