This is an automated email from the ASF dual-hosted git repository.
robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git
The following commit(s) were added to refs/heads/master by this push:
new 620d35f JSON, make sure the messageName that starts the JSON String
passed in via the client matches the Axis2 server operation name defined in the
service class
620d35f is described below
commit 620d35fd7e6e5926a2089212b189de7cfd325f2b
Author: Robert Lazarski <robertlazar...@gmail.com>
AuthorDate: Sun Jul 18 17:12:03 2021 -0400
JSON, make sure the messageName that starts the JSON String passed in via
the client matches the Axis2 server operation name defined in the service class
---
.../src/org/apache/axis2/json/gson/GsonXMLStreamReader.java | 1 +
.../src/org/apache/axis2/json/gson/GsonXMLStreamWriter.java | 5 +++++
.../src/org/apache/axis2/json/gson/JSONMessageHandler.java | 13 ++++++-------
.../json/src/org/apache/axis2/json/gson/JsonBuilder.java | 1 +
.../json/src/org/apache/axis2/json/gson/JsonFormatter.java | 1 +
.../axis2/json/gson/rpc/JsonInOnlyRPCMessageReceiver.java | 1 +
.../json/src/org/apache/axis2/json/gson/rpc/JsonUtils.java | 7 +++++++
.../src/org/apache/axis2/json/moshi/JSONMessageHandler.java | 11 ++++-------
.../json/src/org/apache/axis2/json/moshi/JsonBuilder.java | 1 +
.../json/src/org/apache/axis2/json/moshi/JsonFormatter.java | 1 +
.../org/apache/axis2/json/moshi/MoshiXMLStreamReader.java | 1 +
.../org/apache/axis2/json/moshi/MoshiXMLStreamWriter.java | 1 +
.../axis2/json/moshi/rpc/JsonInOnlyRPCMessageReceiver.java | 1 +
.../json/src/org/apache/axis2/json/moshi/rpc/JsonUtils.java | 4 ++++
.../dispatchers/RequestURIBasedOperationDispatcher.java | 2 +-
15 files changed, 36 insertions(+), 15 deletions(-)
diff --git
a/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamReader.java
b/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamReader.java
index 3823546..9184ce6 100644
--- a/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamReader.java
+++ b/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamReader.java
@@ -133,6 +133,7 @@ public class GsonXMLStreamReader implements XMLStreamReader
{
newNodeMap.put(elementQname, mainXmlNode);
configContext.setProperty(JsonConstant.XMLNODES, newNodeMap);
}
+ log.debug("GsonXMLStreamReader.process() completed");
isProcessed = true;
}
diff --git
a/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamWriter.java
b/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamWriter.java
index 95646b1..2890a90 100644
--- a/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamWriter.java
+++ b/modules/json/src/org/apache/axis2/json/gson/GsonXMLStreamWriter.java
@@ -26,6 +26,8 @@ import org.apache.axis2.json.factory.JsonConstant;
import org.apache.axis2.json.factory.JsonObject;
import org.apache.axis2.json.factory.XmlNode;
import org.apache.axis2.json.factory.XmlNodeGenerator;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.ws.commons.schema.XmlSchema;
import javax.xml.namespace.NamespaceContext;
@@ -43,6 +45,8 @@ import java.util.Stack;
public class GsonXMLStreamWriter implements XMLStreamWriter {
+ private static final Log log =
LogFactory.getLog(GsonXMLStreamWriter.class);
+
private JsonWriter jsonWriter;
/**
@@ -125,6 +129,7 @@ public class GsonXMLStreamWriter implements XMLStreamWriter
{
}
isProcessed = true;
this.jsonWriter.beginObject();
+ log.debug("GsonXMLStreamWriter.process() completed");
}
diff --git
a/modules/json/src/org/apache/axis2/json/gson/JSONMessageHandler.java
b/modules/json/src/org/apache/axis2/json/gson/JSONMessageHandler.java
index 4a75d95..7cee12a 100644
--- a/modules/json/src/org/apache/axis2/json/gson/JSONMessageHandler.java
+++ b/modules/json/src/org/apache/axis2/json/gson/JSONMessageHandler.java
@@ -65,12 +65,15 @@ public class JSONMessageHandler extends AbstractHandler {
public InvocationResponse invoke(MessageContext msgContext) throws
AxisFault {
AxisOperation axisOperation = msgContext.getAxisOperation();
if (axisOperation != null) {
+ log.debug("Axis operation has been found from the MessageContext,
proceeding with the JSON request");
MessageReceiver messageReceiver =
axisOperation.getMessageReceiver();
if (messageReceiver instanceof JsonRpcMessageReceiver ||
messageReceiver instanceof JsonInOnlyRPCMessageReceiver) {
// do not need to parse XMLSchema list, as this message
receiver will not use GsonXMLStreamReader to read the inputStream.
} else {
+ log.debug("JSON MessageReceiver found, proceeding with the
JSON request");
Object tempObj =
msgContext.getProperty(JsonConstant.IS_JSON_STREAM);
if (tempObj != null) {
+ log.debug("JSON MessageReceiver found JSON stream,
proceeding with the JSON request");
boolean isJSON = Boolean.valueOf(tempObj.toString());
Object o =
msgContext.getProperty(JsonConstant.GSON_XML_STREAM_READER);
if (o != null) {
@@ -80,11 +83,10 @@ public class JSONMessageHandler extends AbstractHandler {
gsonXMLStreamReader.initXmlStreamReader(elementQname,
schemas, msgContext.getConfigurationContext());
OMXMLParserWrapper stAXOMBuilder =
OMXMLBuilderFactory.createStAXOMBuilder(gsonXMLStreamReader);
OMElement omElement =
stAXOMBuilder.getDocumentElement();
+ log.debug("GsonXMLStreamReader found elementQname: " +
elementQname);
msgContext.getEnvelope().getBody().addChild(omElement);
} else {
- if (log.isDebugEnabled()) {
- log.debug("GsonXMLStreamReader is null");
- }
+ log.error("GsonXMLStreamReader is null");
throw new AxisFault("GsonXMLStreamReader should not be
null");
}
} else {
@@ -92,10 +94,7 @@ public class JSONMessageHandler extends AbstractHandler {
}
}
} else {
- if (log.isDebugEnabled()) {
- log.debug("Axis operation is null");
- }
- // message hasn't been dispatched to operation, ignore it
+ log.debug("Axis operation is null, message hasn't been dispatched
to operation, ignore it");
}
return InvocationResponse.CONTINUE;
}
diff --git a/modules/json/src/org/apache/axis2/json/gson/JsonBuilder.java
b/modules/json/src/org/apache/axis2/json/gson/JsonBuilder.java
index b65ecb7..022f5be 100644
--- a/modules/json/src/org/apache/axis2/json/gson/JsonBuilder.java
+++ b/modules/json/src/org/apache/axis2/json/gson/JsonBuilder.java
@@ -55,6 +55,7 @@ public class JsonBuilder implements Builder {
log.debug("Inputstream is null, This is possible with GET
request");
}
}
+ log.debug("JsonBuilder.processDocument() has completed, returning
default envelope");
// dummy envelop
SOAPFactory soapFactory = OMAbstractFactory.getSOAP11Factory();
return soapFactory.getDefaultEnvelope();
diff --git a/modules/json/src/org/apache/axis2/json/gson/JsonFormatter.java
b/modules/json/src/org/apache/axis2/json/gson/JsonFormatter.java
index cbd3033..776674f 100644
--- a/modules/json/src/org/apache/axis2/json/gson/JsonFormatter.java
+++ b/modules/json/src/org/apache/axis2/json/gson/JsonFormatter.java
@@ -116,6 +116,7 @@ public class JsonFormatter implements MessageFormatter {
throw AxisFault.makeFault(e);
}
}
+ log.debug("JsonFormatter.writeTo() has completed");
} catch (UnsupportedEncodingException e) {
msg = "Exception occur when try to encode output stream usig " +
Constants.Configuration.CHARACTER_SET_ENCODING + "
charset";
diff --git
a/modules/json/src/org/apache/axis2/json/gson/rpc/JsonInOnlyRPCMessageReceiver.java
b/modules/json/src/org/apache/axis2/json/gson/rpc/JsonInOnlyRPCMessageReceiver.java
index 6a2c591..a77c617 100644
---
a/modules/json/src/org/apache/axis2/json/gson/rpc/JsonInOnlyRPCMessageReceiver.java
+++
b/modules/json/src/org/apache/axis2/json/gson/rpc/JsonInOnlyRPCMessageReceiver.java
@@ -57,6 +57,7 @@ public class JsonInOnlyRPCMessageReceiver extends
RPCInOnlyMessageReceiver {
Object serviceObj = getTheImplementationObject(inMessage);
AxisOperation op =
inMessage.getOperationContext().getAxisOperation();
String operation = op.getName().getLocalPart();
+ log.debug("JsonInOnlyRPCMessageReceiver.invokeBusinessLogic()
executing invokeService() with operation: " + operation);
invokeService(jsonReader, serviceObj, operation);
} else {
throw new AxisFault("GsonXMLStreamReader should have put as a
property of messageContext " +
diff --git a/modules/json/src/org/apache/axis2/json/gson/rpc/JsonUtils.java
b/modules/json/src/org/apache/axis2/json/gson/rpc/JsonUtils.java
index c893407..b0cfcf7 100644
--- a/modules/json/src/org/apache/axis2/json/gson/rpc/JsonUtils.java
+++ b/modules/json/src/org/apache/axis2/json/gson/rpc/JsonUtils.java
@@ -51,12 +51,17 @@ public class JsonUtils {
}
jsonReader.beginObject();
String messageName=jsonReader.nextName(); // get message name
from input json stream
+ if (messageName == null ||
!messageName.equals(operation.getName())) {
+ log.error("JsonUtils.invokeServiceClass() throwing
IOException, messageName: " +messageName+ " is unknown, it does not match the
axis2 operation, the method name: " + operation.getName());
+ throw new IOException("Bad Request");
+ }
jsonReader.beginArray();
int i = 0;
for (Class paramType : paramClasses) {
jsonReader.beginObject();
argNames[i] = jsonReader.nextName();
+ log.debug("JsonUtils.invokeServiceClass() on messageName: "
+messageName+ " , is currently processing argName: " + argNames[i]);
methodParam[i] = gson.fromJson(jsonReader, paramType); //
gson handle all types well and return an object from it
jsonReader.endObject();
i++;
@@ -77,9 +82,11 @@ public class JsonUtils {
for (Method method : methodSet) {
String mName = method.getName();
if (mName.equals(methodName)) {
+ log.debug("JsonUtils.getOpMethod() returning methodName: "
+methodName);
return method;
}
}
+ log.debug("JsonUtils.getOpMethod() returning null");
return null;
}
diff --git
a/modules/json/src/org/apache/axis2/json/moshi/JSONMessageHandler.java
b/modules/json/src/org/apache/axis2/json/moshi/JSONMessageHandler.java
index 324a5ec..1b7a1fe 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/JSONMessageHandler.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/JSONMessageHandler.java
@@ -65,10 +65,12 @@ public class JSONMessageHandler extends AbstractHandler {
public InvocationResponse invoke(MessageContext msgContext) throws
AxisFault {
AxisOperation axisOperation = msgContext.getAxisOperation();
if (axisOperation != null) {
+ log.debug("Axis operation has been found from the MessageContext,
proceeding with the JSON request");
MessageReceiver messageReceiver =
axisOperation.getMessageReceiver();
if (messageReceiver instanceof JsonRpcMessageReceiver ||
messageReceiver instanceof JsonInOnlyRPCMessageReceiver) {
// do not need to parse XMLSchema list, as this message
receiver will not use MoshiXMLStreamReader to read the inputStream.
} else {
+ log.debug("JSON MessageReceiver found, proceeding with the
JSON request");
Object tempObj =
msgContext.getProperty(JsonConstant.IS_JSON_STREAM);
if (tempObj != null) {
boolean isJSON = Boolean.valueOf(tempObj.toString());
@@ -82,9 +84,7 @@ public class JSONMessageHandler extends AbstractHandler {
OMElement omElement =
stAXOMBuilder.getDocumentElement();
msgContext.getEnvelope().getBody().addChild(omElement);
} else {
- if (log.isDebugEnabled()) {
- log.debug("MoshiXMLStreamReader is null");
- }
+ log.error("MoshiXMLStreamReader is null");
throw new AxisFault("MoshiXMLStreamReader should not
be null");
}
} else {
@@ -92,10 +92,7 @@ public class JSONMessageHandler extends AbstractHandler {
}
}
} else {
- if (log.isDebugEnabled()) {
- log.debug("Axis operation is null");
- }
- // message hasn't been dispatched to operation, ignore it
+ log.debug("Axis operation is null, message hasn't been dispatched
to operation, ignore it");
}
return InvocationResponse.CONTINUE;
}
diff --git a/modules/json/src/org/apache/axis2/json/moshi/JsonBuilder.java
b/modules/json/src/org/apache/axis2/json/moshi/JsonBuilder.java
index f2fabe8..09976cf 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/JsonBuilder.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/JsonBuilder.java
@@ -65,6 +65,7 @@ public class JsonBuilder implements Builder {
log.debug("Inputstream is null, This is possible with GET
request");
}
}
+ log.debug("JsonBuilder.processDocument() has completed, returning
default envelope");
// dummy envelope
SOAPFactory soapFactory = OMAbstractFactory.getSOAP11Factory();
return soapFactory.getDefaultEnvelope();
diff --git a/modules/json/src/org/apache/axis2/json/moshi/JsonFormatter.java
b/modules/json/src/org/apache/axis2/json/moshi/JsonFormatter.java
index 93870ea..5785849 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/JsonFormatter.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/JsonFormatter.java
@@ -121,6 +121,7 @@ public class JsonFormatter implements MessageFormatter {
throw AxisFault.makeFault(e);
}
}
+ log.debug("JsonFormatter.writeTo() has completed");
} catch (Exception e) {
msg = "Exception occurred when try to encode output stream using
" +
Constants.Configuration.CHARACTER_SET_ENCODING + "
charset";
diff --git
a/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamReader.java
b/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamReader.java
index b3221a2..6700902 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamReader.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamReader.java
@@ -135,6 +135,7 @@ public class MoshiXMLStreamReader implements
XMLStreamReader {
configContext.setProperty(JsonConstant.XMLNODES, newNodeMap);
}
isProcessed = true;
+ log.debug("MoshiXMLStreamReader.process() completed");
}
diff --git
a/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamWriter.java
b/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamWriter.java
index f00caea..fc84652 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamWriter.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/MoshiXMLStreamWriter.java
@@ -130,6 +130,7 @@ public class MoshiXMLStreamWriter implements
XMLStreamWriter {
}
isProcessed = true;
this.jsonWriter.beginObject();
+ log.debug("MoshiXMLStreamWriter.process() completed");
}
diff --git
a/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonInOnlyRPCMessageReceiver.java
b/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonInOnlyRPCMessageReceiver.java
index 1959895..6f2c35d 100644
---
a/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonInOnlyRPCMessageReceiver.java
+++
b/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonInOnlyRPCMessageReceiver.java
@@ -57,6 +57,7 @@ public class JsonInOnlyRPCMessageReceiver extends
RPCInOnlyMessageReceiver {
Object serviceObj = getTheImplementationObject(inMessage);
AxisOperation op =
inMessage.getOperationContext().getAxisOperation();
String operation = op.getName().getLocalPart();
+ log.debug("JsonInOnlyRPCMessageReceiver.invokeBusinessLogic()
executing invokeService() with operation: " + operation);
invokeService(jsonReader, serviceObj, operation);
} else {
throw new AxisFault("MoshiXMLStreamReader should have put as a
property of messageContext " +
diff --git a/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonUtils.java
b/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonUtils.java
index 012ca3e..712f6ce 100644
--- a/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonUtils.java
+++ b/modules/json/src/org/apache/axis2/json/moshi/rpc/JsonUtils.java
@@ -104,6 +104,10 @@ public class JsonUtils {
jsonReader.beginObject();
String messageName=jsonReader.nextName(); // get message name
from input json stream
+ if (messageName == null ||
!messageName.equals(operation.getName())) {
+ log.error("JsonUtils.invokeServiceClass() throwing
IOException, messageName: " +messageName+ " is unknown, it does not match the
axis2 operation, the method name: " + operation.getName());
+ throw new IOException("Bad Request");
+ }
jsonReader.beginArray();
int i = 0;
diff --git
a/modules/kernel/src/org/apache/axis2/dispatchers/RequestURIBasedOperationDispatcher.java
b/modules/kernel/src/org/apache/axis2/dispatchers/RequestURIBasedOperationDispatcher.java
index bc262c1..761dd1f 100644
---
a/modules/kernel/src/org/apache/axis2/dispatchers/RequestURIBasedOperationDispatcher.java
+++
b/modules/kernel/src/org/apache/axis2/dispatchers/RequestURIBasedOperationDispatcher.java
@@ -60,7 +60,7 @@ public class RequestURIBasedOperationDispatcher extends
AbstractOperationDispatc
return service.getOperation(operationName);
} else {
log.debug(messageContext.getLogIDString() +
- " Attempted to check for Operation using target
endpoint URI, but the operation fragment was missing");
+ " Attempted to check for Operation using target
endpoint URI, but the operation fragment was missing on filePart: " + filePart
+ " , service name: " + service.getName());
return null;
}
} else {
