[camel] 01/02: CAMEL-19476: rest-dsl - ClientRequestValidation accepted content-type may not validate correctly

Tue, 20 Jun 2023 05:12:29 -0700 

This is an automated email from the ASF dual-hosted git repository.

davsclaus pushed a commit to branch camel-3.20.x
in repository https://gitbox.apache.org/repos/asf/camel.git

commit 761501cd9fb12a6787127bca0e55b0d080279850
Author: Claus Ibsen <[email protected]>
AuthorDate: Tue Jun 20 13:40:50 2023 +0200

    CAMEL-19476: rest-dsl - ClientRequestValidation accepted content-type may 
not validate correctly
---
 ...alidContentTypeClientRequestValidationTest.java | 67 ++++++++++++++++++++++
 .../http/vertx/VertxPlatformHttpEngineTest.java    | 36 ++++++++++++
 .../apache/camel/processor/RestBindingAdvice.java  |  6 +-
 3 files changed, 106 insertions(+), 3 deletions(-)

diff --git 
a/components/camel-jetty/src/test/java/org/apache/camel/component/jetty/rest/RestJettyInvalidContentTypeClientRequestValidationTest.java
 
b/components/camel-jetty/src/test/java/org/apache/camel/component/jetty/rest/RestJettyInvalidContentTypeClientRequestValidationTest.java
new file mode 100644
index 00000000000..59dcfcac051
--- /dev/null
+++ 
b/components/camel-jetty/src/test/java/org/apache/camel/component/jetty/rest/RestJettyInvalidContentTypeClientRequestValidationTest.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.jetty.rest;
+
+import org.apache.camel.CamelExecutionException;
+import org.apache.camel.Exchange;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.jetty.BaseJettyTest;
+import org.apache.camel.http.base.HttpOperationFailedException;
+import org.apache.camel.model.rest.RestBindingMode;
+import org.junit.jupiter.api.Test;
+
+import static org.apache.camel.test.junit5.TestSupport.assertIsInstanceOf;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+public class RestJettyInvalidContentTypeClientRequestValidationTest extends 
BaseJettyTest {
+
+    @Test
+    public void testJettyInvalidContentType() {
+        fluentTemplate = fluentTemplate.withHeader(Exchange.CONTENT_TYPE, 
"application/json")
+                .withHeader(Exchange.HTTP_METHOD, "post")
+                .withBody("{\"name\": \"Donald\"}")
+                .to("http://localhost:"; + getPort() + "/users/123/update");
+
+        Exception ex = assertThrows(CamelExecutionException.class, () -> 
fluentTemplate.request(String.class));
+
+        // we send json but the service accepts only text/plain, so we get a 
415
+        HttpOperationFailedException cause = 
assertIsInstanceOf(HttpOperationFailedException.class, ex.getCause());
+        assertEquals(415, cause.getStatusCode());
+    }
+
+    @Override
+    protected RouteBuilder createRouteBuilder() {
+        return new RouteBuilder() {
+            @Override
+            public void configure() {
+                // configure to use jetty on localhost with the given port
+                
restConfiguration().component("jetty").host("localhost").port(getPort())
+                        .bindingMode(RestBindingMode.json)
+                        // turn on client request validation
+                        .clientRequestValidation(true);
+
+                // use the rest DSL to define the rest services
+                rest("/users/").post("{id}/update")
+                        .consumes("text/json").produces("application/json")
+                        .to("direct:update");
+                from("direct:update").setBody(constant("{ \"status\": \"ok\" 
}"));
+            }
+        };
+    }
+
+}
diff --git 
a/components/camel-platform-http-vertx/src/test/java/org/apache/camel/component/platform/http/vertx/VertxPlatformHttpEngineTest.java
 
b/components/camel-platform-http-vertx/src/test/java/org/apache/camel/component/platform/http/vertx/VertxPlatformHttpEngineTest.java
index 4e15f971341..a02ab615c9e 100644
--- 
a/components/camel-platform-http-vertx/src/test/java/org/apache/camel/component/platform/http/vertx/VertxPlatformHttpEngineTest.java
+++ 
b/components/camel-platform-http-vertx/src/test/java/org/apache/camel/component/platform/http/vertx/VertxPlatformHttpEngineTest.java
@@ -45,6 +45,7 @@ import 
org.apache.camel.component.platform.http.HttpEndpointModel;
 import org.apache.camel.component.platform.http.PlatformHttpComponent;
 import org.apache.camel.component.platform.http.spi.Method;
 import org.apache.camel.impl.DefaultCamelContext;
+import org.apache.camel.model.rest.RestBindingMode;
 import org.apache.camel.model.rest.RestParamType;
 import org.apache.camel.spi.RestConfiguration;
 import org.apache.camel.support.jsse.KeyManagersParameters;
@@ -714,6 +715,41 @@ public class VertxPlatformHttpEngineTest {
         }
     }
 
+    @Test
+    public void testInvalidContentTypeClientRequestValidation() throws 
Exception {
+        final CamelContext context = createCamelContext();
+
+        try {
+            context.addRoutes(new RouteBuilder() {
+                @Override
+                public void configure() {
+                    restConfiguration()
+                            .component("platform-http")
+                            .bindingMode(RestBindingMode.json)
+                            .clientRequestValidation(true);
+
+                    rest("/rest")
+                            
.post("/validate/body").consumes("text/plain").produces("application/json")
+                            .to("direct:rest");
+                    from("direct:rest")
+                            .setBody(simple("Hello ${body}"));
+                }
+            });
+
+            context.start();
+
+            given()
+                    .when()
+                    .body("{\"name\": \"Donald\"}")
+                    .contentType("application/json")
+                    .post("/rest/validate/body")
+                    .then()
+                    .statusCode(415);
+        } finally {
+            context.stop();
+        }
+    }
+
     static CamelContext createCamelContext() throws Exception {
         return createCamelContext(null);
     }
diff --git 
a/core/camel-core-processor/src/main/java/org/apache/camel/processor/RestBindingAdvice.java
 
b/core/camel-core-processor/src/main/java/org/apache/camel/processor/RestBindingAdvice.java
index 8ddfedefeba..b6737e9f545 100644
--- 
a/core/camel-core-processor/src/main/java/org/apache/camel/processor/RestBindingAdvice.java
+++ 
b/core/camel-core-processor/src/main/java/org/apache/camel/processor/RestBindingAdvice.java
@@ -573,16 +573,16 @@ public class RestBindingAdvice implements 
CamelInternalProcessorAdvice<Map<Strin
         }
 
         boolean isXml = valid.contains("xml");
-        boolean isJson = valid.contains("json");
-
         if (isXml && !target.contains("xml")) {
             return false;
         }
+
+        boolean isJson = valid.contains("json");
         if (isJson && !target.contains("json")) {
             return false;
         }
 
-        return true;
+        return false;
     }
 
 }

Reply via email to