From d18c3bbbdb56f2f55926e01101a570f39dbaff6a Mon Sep 17 00:00:00 2001 From: "waqas.ikram" Date: Fri, 25 Jun 2021 13:21:15 +0100 Subject: [PATCH] Fixing XML parsers sonar issue Change-Id: Id67c01bbe19057902127e8a66ba0382589789537 Issue-ID: SO-3665 Signed-off-by: waqas.ikram --- .../so/bpmn/common/scripts/SDNCAdapterTest.groovy | 7 +++-- .../java/org/onap/so/bpmn/core/xml/XmlTool.java | 30 ++++++++++++---------- bpmn/pom.xml | 2 +- .../sdnc/tasks/SDNCRequestTasks.java | 24 ++++++++++++----- 4 files changed, 38 insertions(+), 25 deletions(-) diff --git a/bpmn/MSOCommonBPMN/src/test/groovy/org/onap/so/bpmn/common/scripts/SDNCAdapterTest.groovy b/bpmn/MSOCommonBPMN/src/test/groovy/org/onap/so/bpmn/common/scripts/SDNCAdapterTest.groovy index 3438c7957c..235b6219d1 100644 --- a/bpmn/MSOCommonBPMN/src/test/groovy/org/onap/so/bpmn/common/scripts/SDNCAdapterTest.groovy +++ b/bpmn/MSOCommonBPMN/src/test/groovy/org/onap/so/bpmn/common/scripts/SDNCAdapterTest.groovy @@ -22,7 +22,6 @@ package org.onap.so.bpmn.common.scripts import static org.mockito.Mockito.* - import org.camunda.bpm.engine.ProcessEngineServices import org.camunda.bpm.engine.RepositoryService import org.camunda.bpm.engine.impl.persistence.entity.ExecutionEntity @@ -48,10 +47,10 @@ public class SDNCAdapterTest { } - String workflowResponse = """ + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> testRequestId diff --git a/bpmn/MSOCoreBPMN/src/main/java/org/onap/so/bpmn/core/xml/XmlTool.java b/bpmn/MSOCoreBPMN/src/main/java/org/onap/so/bpmn/core/xml/XmlTool.java index da096e5461..58238c8ff6 100644 --- a/bpmn/MSOCoreBPMN/src/main/java/org/onap/so/bpmn/core/xml/XmlTool.java +++ b/bpmn/MSOCoreBPMN/src/main/java/org/onap/so/bpmn/core/xml/XmlTool.java @@ -49,6 +49,7 @@ import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory; import org.apache.commons.lang3.StringEscapeUtils; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Document; @@ -87,44 +88,47 @@ public final class XmlTool { * @throws SAXException * @throws XPathExpressionException */ - public static String normalize(Object xml) throws IOException, TransformerException, ParserConfigurationException, - SAXException, XPathExpressionException { + public static String normalize(final Object xml) throws IOException, TransformerException, + ParserConfigurationException, SAXException, XPathExpressionException { if (xml == null) { return null; } - Source xsltSource = new StreamSource(new StringReader(readResourceFile("normalize-namespaces.xsl"))); + final Source xsltSource = new StreamSource(new StringReader(readResourceFile("normalize-namespaces.xsl"))); - DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); + final DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); dbFactory.setNamespaceAware(true); dbFactory.setFeature("http://xml.org/sax/features/external-general-entities", false); dbFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - DocumentBuilder db = dbFactory.newDocumentBuilder(); - InputSource source = new InputSource(new StringReader(String.valueOf(xml))); - Document doc = db.parse(source); + final DocumentBuilder db = dbFactory.newDocumentBuilder(); + final InputSource source = new InputSource(new StringReader(String.valueOf(xml))); + final Document doc = db.parse(source); // Start of code to remove whitespace outside of tags - XPath xPath = XPathFactory.newInstance().newXPath(); - NodeList nodeList = (NodeList) xPath.evaluate("//text()[normalize-space()='']", doc, XPathConstants.NODESET); + final XPath xPath = XPathFactory.newInstance().newXPath(); + final NodeList nodeList = + (NodeList) xPath.evaluate("//text()[normalize-space()='']", doc, XPathConstants.NODESET); for (int i = 0; i < nodeList.getLength(); ++i) { - Node node = nodeList.item(i); + final Node node = nodeList.item(i); node.getParentNode().removeChild(node); } // End of code to remove whitespace outside of tags // the factory pattern supports different XSLT processors - TransformerFactory transformerFactory = TransformerFactory.newInstance(); + final TransformerFactory transformerFactory = TransformerFactory.newInstance(); + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, StringUtils.EMPTY); + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, StringUtils.EMPTY); transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - Transformer transformer = transformerFactory.newTransformer(xsltSource); + final Transformer transformer = transformerFactory.newTransformer(xsltSource); transformer.setOutputProperty(OutputKeys.INDENT, "yes"); transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8"); transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2"); - StringWriter writer = new StringWriter(); + final StringWriter writer = new StringWriter(); transformer.transform(new DOMSource(doc), new StreamResult(writer)); return writer.toString().trim(); } diff --git a/bpmn/pom.xml b/bpmn/pom.xml index 33c0415d9d..6a61ed1df3 100644 --- a/bpmn/pom.xml +++ b/bpmn/pom.xml @@ -15,7 +15,7 @@ 1.2 1.4.196 2.5.3 - 9.5.1-8 + 10.5 2.4.0 UTF-8 UTF-8 diff --git a/bpmn/so-bpmn-tasks/src/main/java/org/onap/so/bpmn/infrastructure/sdnc/tasks/SDNCRequestTasks.java b/bpmn/so-bpmn-tasks/src/main/java/org/onap/so/bpmn/infrastructure/sdnc/tasks/SDNCRequestTasks.java index e55fa9e24b..5b40768573 100644 --- a/bpmn/so-bpmn-tasks/src/main/java/org/onap/so/bpmn/infrastructure/sdnc/tasks/SDNCRequestTasks.java +++ b/bpmn/so-bpmn-tasks/src/main/java/org/onap/so/bpmn/infrastructure/sdnc/tasks/SDNCRequestTasks.java @@ -31,13 +31,13 @@ import javax.xml.transform.stream.StreamResult; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathFactory; import org.camunda.bpm.engine.delegate.DelegateExecution; +import org.onap.logging.filter.base.ONAPComponents; import org.onap.so.bpmn.infrastructure.sdnc.exceptions.SDNCErrorResponseException; import org.onap.so.client.exception.BadResponseException; import org.onap.so.client.exception.ExceptionBuilder; import org.onap.so.client.exception.MapperException; import org.onap.so.client.sdnc.SDNCClient; import org.onap.so.client.sdnc.beans.SDNCRequest; -import org.onap.logging.filter.base.ONAPComponents; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -47,10 +47,17 @@ import org.w3c.dom.Document; import org.xml.sax.InputSource; import com.jayway.jsonpath.JsonPath; import com.jayway.jsonpath.PathNotFoundException; +import net.sf.saxon.lib.NamespaceConstant; +import net.sf.saxon.xpath.XPathFactoryImpl; @Component public class SDNCRequestTasks { + private static final String NET_SF_SAXON_XPATH_IMPL = "net.sf.saxon.xpath.XPathFactoryImpl"; + + private static final String XPATH_FACTORY_PROPERTY_NAME = + "javax.xml.xpath.XPathFactory:" + NamespaceConstant.OBJECT_MODEL_SAXON; + private static final Logger logger = LoggerFactory.getLogger(SDNCRequestTasks.class); private static final String SDNC_REQUEST = "SDNCRequest"; @@ -143,14 +150,17 @@ public class SDNCRequestTasks { return "Y".equals(finalMessageIndicator); } - protected String getXmlElement(Document doc, String exp) throws Exception { - TransformerFactory tf = TransformerFactory.newInstance(); - Transformer transformer = tf.newTransformer(); - StringWriter writer = new StringWriter(); + protected String getXmlElement(final Document doc, final String exp) throws Exception { + final TransformerFactory tf = TransformerFactory.newInstance(); + final Transformer transformer = tf.newTransformer(); + final StringWriter writer = new StringWriter(); transformer.transform(new DOMSource(doc), new StreamResult(writer)); logger.debug(writer.getBuffer().toString()); - XPath xPath = XPathFactory.newInstance().newXPath(); - String result = xPath.evaluate(exp, doc); + + System.setProperty(XPATH_FACTORY_PROPERTY_NAME, NET_SF_SAXON_XPATH_IMPL); + final XPathFactory xPathFactory = XPathFactoryImpl.newInstance(NamespaceConstant.OBJECT_MODEL_SAXON); + final XPath xPath = xPathFactory.newXPath(); + final String result = xPath.evaluate(exp, doc); if (result == null || result.isEmpty()) { throw new Exception("XPath Failed to find element expression: " + exp); } -- 2.16.6