TMS: Print response content for status codes 3xx in addition to 4xx and 5xx (#1441)

* Extend JenkinsLoggingRule and TransportManagementServiceTest * Print response content for status codes >= 300, also test that it's not revealed in the case of unexpected status codes between 200 and 300 (both not included) for authentication Co-authored-by: Marcus Holl <marcus.holl@sap.com>
2025-03-03 15:02:35 +02:00 · 2020-04-23 09:46:25 +02:00 · 2020-04-23 09:46:25 +02:00 · 8206fb9716
commit 8206fb9716
parent b25079f862
3 changed files with 57 additions and 1 deletions
--- a/src/com/sap/piper/integration/TransportManagementService.groovy
+++ b/src/com/sap/piper/integration/TransportManagementService.groovy
@ -169,7 +169,7 @@ class TransportManagementService implements Serializable {
    }

    private prepareAndThrowException(response, errorMessage) {
-        if (response.status >= 400) {
+        if (response.status >= 300) {
            errorMessage += " Response content '${response.content}'."
        }
        script.error "[${getClass().getSimpleName()}] ${errorMessage}"
--- a/test/groovy/com/sap/piper/integration/TransportManagementServiceTest.groovy
+++ b/test/groovy/com/sap/piper/integration/TransportManagementServiceTest.groovy
@ -93,6 +93,28 @@ class TransportManagementServiceTest extends BasePiperTest {
        tms.authentication(uaaUrl, clientId, clientSecret)
    }

+    @Test
+    void retrieveOAuthToken__failure__status__less__than__300() {
+        def uaaUrl = 'http://dummy.sap.com/oauth'
+        def clientId = 'myId'
+        def clientSecret = 'mySecret'
+        def responseStatusCode = 201
+        def responseContent = 'This response content should not be printed to the logs as well as be thrown in exception message, since it might contain a token, if for some reason authentication service spec changes'
+
+        thrown.expect(AbortException)
+        thrown.expectMessage("[TransportManagementService] OAuth Token retrieval failed (HTTP status code '${responseStatusCode}').")
+        thrown.expectMessage(not(containsString(responseContent)))
+        loggingRule.expect("[TransportManagementService] OAuth Token retrieval started.")
+        loggingRule.notExpect(responseContent)
+
+        helper.registerAllowedMethod('httpRequest', [Map.class], {
+            return [content: responseContent, status: responseStatusCode]
+        })
+
+        def tms = new TransportManagementService(nullScript, [verbose: false])
+        tms.authentication(uaaUrl, clientId, clientSecret)
+    }
+
    @Test
    void retrieveOAuthToken__failure__status__400__inVerboseMode() {
        def uaaUrl = 'http://dummy.sap.com/oauth'
@ -114,6 +136,29 @@ class TransportManagementServiceTest extends BasePiperTest {
        tms.authentication(uaaUrl, clientId, clientSecret)
    }

+    @Test
+    void retrieveOAuthToken__failure__status__less__than__300__inVerboseMode() {
+        def uaaUrl = 'http://dummy.sap.com/oauth'
+        def clientId = 'myId'
+        def clientSecret = 'mySecret'
+        def responseStatusCode = 201
+        def responseContent = 'This response content should not be printed to the logs as well as be thrown in exception message, since it might contain a token, if for some reason authentication service spec changes'
+
+        thrown.expect(AbortException)
+        thrown.expectMessage("[TransportManagementService] OAuth Token retrieval failed (HTTP status code '${responseStatusCode}').")
+        thrown.expectMessage(not(containsString(responseContent)))
+        loggingRule.expect("[TransportManagementService] OAuth Token retrieval started.")
+        loggingRule.expect("[TransportManagementService] UAA-URL: '${uaaUrl}', ClientId: '${clientId}'")
+        loggingRule.notExpect(responseContent)
+
+        helper.registerAllowedMethod('httpRequest', [Map.class], {
+            return [content: responseContent, status: responseStatusCode]
+        })
+
+        def tms = new TransportManagementService(nullScript, [verbose: true])
+        tms.authentication(uaaUrl, clientId, clientSecret)
+    }
+
    @Test
    void uploadFile__successfully() {

--- a/test/groovy/util/JenkinsLoggingRule.groovy
+++ b/test/groovy/util/JenkinsLoggingRule.groovy
@ -8,6 +8,7 @@ import org.junit.runner.Description
 import org.junit.runners.model.Statement

 import static org.hamcrest.Matchers.containsString
+import static org.hamcrest.Matchers.not
 import static org.junit.Assert.assertThat

 import org.hamcrest.Matchers
@ -17,6 +18,7 @@ class JenkinsLoggingRule implements TestRule {
    final BasePipelineTest testInstance

    def expected = []
+    def notExpected = []

    String log = ""

@ -29,6 +31,11 @@ class JenkinsLoggingRule implements TestRule {
        return this
    }

+    public JenkinsLoggingRule notExpect(String substring) {
+        notExpected.add(substring)
+        return this
+    }
+
    @Override
    Statement apply(Statement base, Description description) {
        return statement(base)
@ -62,6 +69,10 @@ class JenkinsLoggingRule implements TestRule {
                                                            log,
                                                            containsString(substring)) }

+                    notExpected.each { substring -> assertThat("Substring '${substring}' is present in log.",
+                                                            log,
+                                                            not(containsString(substring))) }
+
                    if(caught != null) {
                        // do not swallow, so that other rules located farer away
                        // to the test case can react