Introduce base64 encoded scope name as path param for scope client#13855
Open
O-sura wants to merge 1 commit into
Open
Introduce base64 encoded scope name as path param for scope client#13855O-sura wants to merge 1 commit into
O-sura wants to merge 1 commit into
Conversation
O-sura
requested review from
AnuGayan,
Arshardh,
HeshanSudarshana,
HiranyaKavishani,
Krishanx92,
PasanT9,
RakhithaRR,
ashera96,
chamilaadhi,
dushaniw,
hisanhunais,
npamudika,
pubudu538,
senthuran16,
tgtshanika,
tharikaGitHub and
tharindu1st
as code owners
![wso2-engineering[bot]](https://avatars.githubusercontent.com/in/1856828?s=60&v=4){kind=small}
Comment on lines
1357
to
1359
| public void deleteScope(String scopeName) throws APIManagementException { | ||
|
|
||
| try { |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 1
Suggested change
| public void deleteScope(String scopeName) throws APIManagementException { | |
| try { | |
| @Override | |
| public void deleteScope(String scopeName) throws APIManagementException { | |
| try { | |
| log.info("Deleting scope: " + scopeName); |
Comment on lines
+1655
to
+1661
| public static String base64UrlEncode(String value) { | ||
| if (value == null || StringUtils.isBlank(value)) { | ||
| if (log.isDebugEnabled()) { | ||
| log.debug("Scope name is null, empty, or blank"); | ||
| } | ||
| return value; | ||
| } |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 2
Suggested change
| public static String base64UrlEncode(String value) { | |
| if (value == null || StringUtils.isBlank(value)) { | |
| if (log.isDebugEnabled()) { | |
| log.debug("Scope name is null, empty, or blank"); | |
| } | |
| return value; | |
| } | |
| public static String base64UrlEncode(String value) { | |
| if (value == null || StringUtils.isBlank(value)) { | |
| if (log.isDebugEnabled()) { | |
| log.debug("Scope name is null, empty, or blank"); | |
| } | |
| return value; | |
| } | |
| if (log.isDebugEnabled()) { | |
| log.debug("Base64 URL encoding value"); |
Contributor
There was a problem hiding this comment.
AI Agent Log Improvement Checklist
- The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
- Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.
✅ Before merging this pull request:
- Review all AI-generated comments for accuracy and relevance.
- Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.
| Comment | Accepted (Y/N) | Reason |
|---|---|---|
| #### Log Improvement Suggestion No: 1 | ||
| #### Log Improvement Suggestion No: 2 |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
📝 WalkthroughWalkthroughAdds URL-safe, no-padding Base64 encoding for scope identifiers in AMDefaultKeyManagerImpl and updates ScopeClient request lines to include encoded=true for scope-by-name operations. ChangesScope Identifier Encoding in Key Manager API Calls
Sequence DiagramsequenceDiagram
participant Caller as Scope API Consumer
participant AMDefaultKeyManagerImpl
participant ScopeClient
participant KMAPI as Key Manager API
Caller->>AMDefaultKeyManagerImpl: getScopeByName(scopeName)
AMDefaultKeyManagerImpl->>AMDefaultKeyManagerImpl: base64UrlEncode(scopeName)
AMDefaultKeyManagerImpl->>ScopeClient: getScopeByName(encodedName)
ScopeClient->>KMAPI: GET /name/{encodedName}?encoded=true
KMAPI->>ScopeClient: ScopeDTO
ScopeClient->>AMDefaultKeyManagerImpl: ScopeDTO
AMDefaultKeyManagerImpl->>Caller: ScopeDTO
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AMDefaultKeyManagerImpl.java (1)
1655-1664: 🏗️ Heavy liftAdd regression coverage for reserved-character scope names.
This helper is the new choke point for
getScopeByName,deleteScope,updateScope, andisScopeExists, but I do not see any coverage in this cohort proving those calls round-trip names such asread/write,scope:admin, or%scopethrough the newencoded=truecontract.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AMDefaultKeyManagerImpl.java` around lines 1655 - 1664, The new base64UrlEncode(String) helper is the choke point for scope name handling but there are no regression tests ensuring scopes with reserved characters round-trip via the encoded=true contract; add tests that exercise getScopeByName, deleteScope, updateScope, and isScopeExists using base64UrlEncode on names like "read/write", "scope:admin", and "%scope", asserting that creating a scope with the raw name then retrieving/updating/deleting it via the encoded=true endpoint (or service call) succeeds and returns the original raw name; reference base64UrlEncode, getScopeByName, deleteScope, updateScope, and isScopeExists in tests to ensure the encoding/decoding path is covered.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
`@components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AMDefaultKeyManagerImpl.java`:
- Around line 1359-1361: In AMDefaultKeyManagerImpl.deleteScope, the Response
returned by scopeClient.deleteScope(base64UrlEncode(scopeName)) is not closed,
causing resource leaks; wrap the call in a try-with-resources (try (Response
response = scopeClient.deleteScope(...)) { ... }) so the Response is always
closed, and move existing response.status() checks and response.body() handling
inside that block to ensure the body is consumed or closed in both OK and non-OK
branches; reference the scopeClient.deleteScope(...) call and the
response.status()/response.body() usages when applying the change.
---
Nitpick comments:
In
`@components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AMDefaultKeyManagerImpl.java`:
- Around line 1655-1664: The new base64UrlEncode(String) helper is the choke
point for scope name handling but there are no regression tests ensuring scopes
with reserved characters round-trip via the encoded=true contract; add tests
that exercise getScopeByName, deleteScope, updateScope, and isScopeExists using
base64UrlEncode on names like "read/write", "scope:admin", and "%scope",
asserting that creating a scope with the raw name then
retrieving/updating/deleting it via the encoded=true endpoint (or service call)
succeeds and returns the original raw name; reference base64UrlEncode,
getScopeByName, deleteScope, updateScope, and isScopeExists in tests to ensure
the encoding/decoding path is covered.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 6e78313c-32cc-46ce-ba2d-af8cdac609a4
📒 Files selected for processing (2)
components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/AMDefaultKeyManagerImpl.javacomponents/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/kmclient/model/ScopeClient.java
O-sura
force-pushed
the
special-char-scopes
branch
from
89d86f3 to
ba75a43
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR addresses the problem occurring when creating scopes with special characters
Fix for: wso2/api-manager#4659