From 95b4f4645fe544c8f11651d7aa78381b24fc3769 Mon Sep 17 00:00:00 2001 From: GuangrongFu Date: Mon, 24 Aug 2020 20:03:30 +0800 Subject: Fixed Some Vulnerability Issues Fixed the fastjson issue Fixed the retrofit issue Change-Id: Ife7dca0f0aeaf09c753615ef870b84867a970c8d Issue-ID: HOLMES-345 Signed-off-by: GuangrongFu --- .../holmes/rulemgt/bolt/enginebolt/EngineWrapper.java | 16 ++++++++-------- .../holmes/rulemgt/dcae/DcaeConfigurationPolling.java | 18 +++++++++--------- 2 files changed, 17 insertions(+), 17 deletions(-) (limited to 'rulemgt/src/main/java/org') diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java index b0bd1f5..479437e 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,17 +15,18 @@ */ package org.onap.holmes.rulemgt.bolt.enginebolt; -import com.alibaba.fastjson.JSON; -import com.alibaba.fastjson.JSONObject; -import javax.inject.Inject; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; import lombok.extern.slf4j.Slf4j; import org.apache.http.HttpResponse; import org.jvnet.hk2.annotations.Service; +import org.onap.holmes.common.exception.CorrelationException; import org.onap.holmes.common.utils.HttpsUtils; import org.onap.holmes.rulemgt.bean.request.CorrelationCheckRule4Engine; import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine; import org.onap.holmes.rulemgt.constant.RuleMgtConstant; -import org.onap.holmes.common.exception.CorrelationException; + +import javax.inject.Inject; @Service @Slf4j @@ -44,9 +45,8 @@ public class EngineWrapper { if (response.getStatusLine().getStatusCode() == RuleMgtConstant.RESPONSE_STATUS_OK) { log.info("Succeeded in calling the rule deployment RESTful API from the engine management service."); try { - // JSONObject json = JSONObject.fromObject(HttpsUtils.extractResponseEntity(response)); - JSONObject json= JSON.parseObject(HttpsUtils.extractResponseEntity(response)); - return json.get(RuleMgtConstant.PACKAGE).toString(); + JsonObject json = JsonParser.parseString(HttpsUtils.extractResponseEntity(response)).getAsJsonObject(); + return json.get(RuleMgtConstant.PACKAGE).getAsString(); } catch (Exception e) { throw new CorrelationException("Failed to parse the value returned by the engine management service.", e); } diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java index dcd530c..e6bc790 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. *

* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -13,14 +13,8 @@ */ package org.onap.holmes.rulemgt.dcae; -import com.alibaba.fastjson.JSONObject; - -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.util.HashMap; -import java.util.List; -import javax.ws.rs.core.MediaType; +import com.google.gson.Gson; import lombok.extern.slf4j.Slf4j; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpDelete; @@ -39,6 +33,12 @@ import org.onap.holmes.rulemgt.bean.request.RuleCreateRequest; import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse; import org.onap.holmes.rulemgt.bean.response.RuleResult4API; +import javax.ws.rs.core.MediaType; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.HashMap; +import java.util.List; + @Slf4j public class DcaeConfigurationPolling implements Runnable { @@ -106,7 +106,7 @@ public class DcaeConfigurationPolling implements Runnable { httpClient = HttpsUtils.getConditionalHttpsClient(HttpsUtils.DEFUALT_TIMEOUT); HttpResponse httpResponse = HttpsUtils.get(httpGet, headers, httpClient); String response = HttpsUtils.extractResponseEntity(httpResponse); - return JSONObject.parseObject(response, RuleQueryListResponse.class); + return GsonUtil.jsonToBean(response, RuleQueryListResponse.class); } finally { httpGet.releaseConnection(); closeHttpClient(httpClient); -- cgit 1.2.3-korg