From b12630f1e45910e8e22f1db3c410c71b882fa490 Mon Sep 17 00:00:00 2001 From: Yash Kumar Date: Mon, 17 Feb 2025 18:42:31 -0800 Subject: [PATCH 1/2] add JSON validation interface and exception classes --- .../sechub/commons/model/JSONValidatable.java | 13 +++++++++++++ .../commons/model/JSONValidationException.java | 18 ++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidatable.java create mode 100644 sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidationException.java diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidatable.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidatable.java new file mode 100644 index 000000000..6e91b45e2 --- /dev/null +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidatable.java @@ -0,0 +1,13 @@ +// SPDX-License-Identifier: MIT +package com.mercedesbenz.sechub.commons.model; + +/** + * Interface for objects that can validate themselves after JSON deserialization + */ +public interface JSONValidatable { + /** + * Validates the object's state after deserialization + * @throws JSONValidationException if validation fails + */ + void validate() throws JSONValidationException; +} diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidationException.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidationException.java new file mode 100644 index 000000000..2f739e85d --- /dev/null +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONValidationException.java @@ -0,0 +1,18 @@ +// SPDX-License-Identifier: MIT +package com.mercedesbenz.sechub.commons.model; + +/** + * Exception thrown when JSON validation fails + */ +public class JSONValidationException extends SecHubRuntimeException { + + private static final long serialVersionUID = 1L; + + public JSONValidationException(String message) { + super(message); + } + + public JSONValidationException(String message, Throwable cause) { + super(message, cause); + } +} From e2fe085febfb50d7fc8a6209fcf8c31e036f84b1 Mon Sep 17 00:00:00 2001 From: Yash Kumar Date: Mon, 17 Feb 2025 18:42:49 -0800 Subject: [PATCH 2/2] enhance JSONConverter to validate objects --- .../sechub/commons/model/JSONConverter.java | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONConverter.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONConverter.java index 94023f29d..7439b023f 100644 --- a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONConverter.java +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/JSONConverter.java @@ -70,9 +70,19 @@ public T fromJSON(Class clazz, String json) throws JSONConverterException } try { byte[] bytes = string.getBytes(); - return mapper.readValue(bytes, clazz); + T result = mapper.readValue(bytes, clazz); + + // Validate the object if it implements JSONValidatable + if (result instanceof JSONValidatable) { + try { + ((JSONValidatable) result).validate(); + } catch (JSONValidationException e) { + throw new JSONConverterException("Validation failed for " + clazz.getSimpleName(), e); + } + } + + return result; } catch (IOException e) { - LOG.debug("JSON conversion failed, origin JSON:\n{}", json); /* * we truncate json - because when JSON to big it could flood logs - debugging