Feedback from Java Integration (#8272)

scbedd · web-flow · commit 34521ccdad0a · 2024-05-15T13:45:53.000-07:00
* ensure we get the exact same version of the list. this is probably paranoia but nothing telling we can't do it
* make it so that a crashing body key sanitizer is logged, but doesn't kill the sanitization session
* handle when the targeted path actually exists before attempting to secret scan it
* remove duplicate sanitizer
diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/ModifiableRecordSession.cs b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/ModifiableRecordSession.cs
@@ -14,14 +14,20 @@ public class ModifiableRecordSession
 
         public ModifiableRecordSession(SanitizerDictionary sanitizerRegistry, string sessionId)
         {
-            this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();
+            lock(sanitizerRegistry.SessionSanitizerLock)
+            {
+                this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();
+            }
             this.SessionId = sessionId;
         }
 
         public ModifiableRecordSession(RecordSession session, SanitizerDictionary sanitizerRegistry, string sessionId)
         {
             Session = session;
-            this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();
+            lock (sanitizerRegistry.SessionSanitizerLock)
+            {
+                this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();
+            }
             this.SessionId = sessionId;
         }
 
diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/SanitizerDictionary.cs b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/SanitizerDictionary.cs
@@ -607,10 +607,6 @@ public SanitizerDictionary() {
                     new BodyKeySanitizer("$..apiKey"),
                     "AZSDK3480"
                 ),
-                new RegisteredSanitizer(
-                    new BodyKeySanitizer("$..connectionString"),
-                    "AZSDK3481"
-                ),
                 new RegisteredSanitizer(
                     new BodyKeySanitizer("$..password"),
                     "AZSDK3482"
diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/SecretScanner.cs b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Common/SecretScanner.cs
@@ -38,20 +38,25 @@ public List<Tuple<string, Detection>> DiscoverSecrets(string assetRepoRoot, IEnu
 
             Parallel.ForEach(relativePaths, options, (filePath) =>
             {
-                var content = File.ReadAllText(Path.Combine(assetRepoRoot, filePath));
-                var fileDetections = DetectSecrets(content);
+                var path = Path.Combine(assetRepoRoot, filePath);
 
-                if (fileDetections != null && fileDetections.Count > 0)
+                if (File.Exists(path))
                 {
-                    foreach (Detection detection in fileDetections)
+                    var content = File.ReadAllText(path);
+                    var fileDetections = DetectSecrets(content);
+
+                    if (fileDetections != null && fileDetections.Count > 0)
                     {
-                        detectedSecrets.Add(Tuple.Create(filePath, detection));
+                        foreach (Detection detection in fileDetections)
+                        {
+                            detectedSecrets.Add(Tuple.Create(filePath, detection));
+                        }
                     }
-                }
 
-                Interlocked.Increment(ref seen);
+                    Interlocked.Increment(ref seen);
 
-                Console.Write($"\r\u001b[2KScanned {seen}/{total}.");
+                    Console.Write($"\r\u001b[2KScanned {seen}/{total}.");
+                }
             });
 
             Console.WriteLine(string.Empty);
diff --git a/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/BodyKeySanitizer.cs b/tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/BodyKeySanitizer.cs
@@ -64,33 +64,40 @@ public override string SanitizeTextBody(string contentType, string body)
                 return body;
             }
 
-            
             if (jsonO != null)
             {
-                foreach (JToken token in jsonO.SelectTokens(_jsonPath))
+                try
                 {
-                    // HasValues is false for tokens with children. We will not apply sanitization if that is the case.
-                    if (!token.HasValues)
+                    foreach (JToken token in jsonO.SelectTokens(_jsonPath))
                     {
-                        var originalValue = token.Value<string>();
-
-                        // regex replacement does not support null
-                        if (originalValue == null)
+                        // HasValues is false for tokens with children. We will not apply sanitization if that is the case.
+                        if (!token.HasValues)
                         {
-                            continue;
-                        }
+                            var originalValue = token.Value<string>();
 
-                        var replacement = StringSanitizer.SanitizeValue(originalValue, _newValue, _regexValue, _groupForReplace);
+                            // regex replacement does not support null
+                            if (originalValue == null)
+                            {
+                                continue;
+                            }
 
-                        // this sanitizer should only apply to actual values
-                        // if we attempt to apply a regex update to a jtoken that has a more complex type, throw
-                        token.Replace(JToken.FromObject(replacement));
+                            var replacement = StringSanitizer.SanitizeValue(originalValue, _newValue, _regexValue, _groupForReplace);
 
-                        if (originalValue != replacement)
-                        {
-                            sanitized = true;
+                            // this sanitizer should only apply to actual values
+                            // if we attempt to apply a regex update to a jtoken that has a more complex type, throw
+                            token.Replace(JToken.FromObject(replacement));
+
+                            if (originalValue != replacement)
+                            {
+                                sanitized = true;
+                            }
                         }
                     }
+                } 
+                catch(Exception e)
+                {
+                    DebugLogger.LogError($"Ran into exception \"{e.Message}\" while attempting to run regex \"{_regexValue}\" against body value \"{body}\"");
+                    return body;
                 }
             }
 

Original file line number	Diff line number	Diff line change
`@@ -14,14 +14,20 @@ public class ModifiableRecordSession`
`14`	`14`
`15`	`15`	`public ModifiableRecordSession(SanitizerDictionary sanitizerRegistry, string sessionId)`
`16`	`16`	`{`
`17`		`- this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();`
	`17`	`+ lock(sanitizerRegistry.SessionSanitizerLock)`
	`18`	`+ {`
	`19`	`+ this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();`
	`20`	`+ }`
`18`	`21`	`this.SessionId = sessionId;`
`19`	`22`	`}`
`20`	`23`
`21`	`24`	`public ModifiableRecordSession(RecordSession session, SanitizerDictionary sanitizerRegistry, string sessionId)`
`22`	`25`	`{`
`23`	`26`	`Session = session;`
`24`		`- this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();`
	`27`	`+ lock (sanitizerRegistry.SessionSanitizerLock)`
	`28`	`+ {`
	`29`	`+ this.AppliedSanitizers = sanitizerRegistry.SessionSanitizers.ToList();`
	`30`	`+ }`
`25`	`31`	`this.SessionId = sessionId;`
`26`	`32`	`}`
`27`	`33`