diff --git a/api/incubator/src/main/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtil.java b/api/incubator/src/main/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtil.java index 4ec91325f46..845ac38438d 100644 --- a/api/incubator/src/main/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtil.java +++ b/api/incubator/src/main/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtil.java @@ -5,7 +5,11 @@ package io.opentelemetry.api.incubator.config; +import static java.util.Collections.emptyList; + import com.fasterxml.jackson.databind.ObjectMapper; +import java.util.Arrays; +import java.util.Collections; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -18,6 +22,10 @@ */ public class InstrumentationConfigUtil { + private static final List DEFAULT_SENSITIVE_QUERY_PARAMETERS = + Collections.unmodifiableList( + Arrays.asList("AWSAccessKeyId", "Signature", "sig", "X-Goog-Signature")); + /** * Return a map representation of the peer service map entries in {@code * .instrumentation.general.peer.service_mapping}, or null if none is configured. @@ -52,67 +60,80 @@ public static Map peerServiceMapping(ConfigProvider configProvid } /** - * Return {@code .instrumentation.general.http.client.request_captured_headers}, or null if none - * is configured. + * Return {@code .instrumentation.general.http.client.request_captured_headers}, or empty list if + * none is configured. * * @throws DeclarativeConfigException if an unexpected type is encountered accessing the property */ - @Nullable public static List httpClientRequestCapturedHeaders(ConfigProvider configProvider) { - return getOrNull( - configProvider, - config -> config.getScalarList("request_captured_headers", String.class), - "general", - "http", - "client"); + return configProvider + .getInstrumentationConfig() + .get("general") + .get("http") + .get("client") + .getScalarList("request_captured_headers", String.class, emptyList()); } /** - * Return {@code .instrumentation.general.http.client.response_captured_headers}, or null if none - * is configured. + * Return {@code .instrumentation.general.http.client.response_captured_headers}, or empty list if + * none is configured. * * @throws DeclarativeConfigException if an unexpected type is encountered accessing the property */ - @Nullable public static List httpClientResponseCapturedHeaders(ConfigProvider configProvider) { - return getOrNull( - configProvider, - config -> config.getScalarList("response_captured_headers", String.class), - "general", - "http", - "client"); + return configProvider + .getInstrumentationConfig() + .get("general") + .get("http") + .get("client") + .getScalarList("response_captured_headers", String.class, emptyList()); } /** - * Return {@code .instrumentation.general.http.server.request_captured_headers}, or null if none - * is configured. + * Return {@code .instrumentation.general.http.server.request_captured_headers}, or empty list if + * none is configured. * * @throws DeclarativeConfigException if an unexpected type is encountered accessing the property */ - @Nullable public static List httpServerRequestCapturedHeaders(ConfigProvider configProvider) { - return getOrNull( - configProvider, - config -> config.getScalarList("request_captured_headers", String.class), - "general", - "http", - "server"); + return configProvider + .getInstrumentationConfig() + .get("general") + .get("http") + .get("server") + .getScalarList("request_captured_headers", String.class, emptyList()); } /** - * Return {@code .instrumentation.general.http.server.response_captured_headers}, or null if none - * is configured. + * Return {@code .instrumentation.general.http.server.response_captured_headers}, or empty list if + * none is configured. * * @throws DeclarativeConfigException if an unexpected type is encountered accessing the property */ - @Nullable public static List httpServerResponseCapturedHeaders(ConfigProvider configProvider) { - return getOrNull( - configProvider, - config -> config.getScalarList("response_captured_headers", String.class), - "general", - "http", - "server"); + return configProvider + .getInstrumentationConfig() + .get("general") + .get("http") + .get("server") + .getScalarList("response_captured_headers", String.class, emptyList()); + } + + /** + * Return {@code .instrumentation.general.sanitization.url.sensitive_query_parameters}, or the + * default list (currently {@code AWSAccessKeyId}, {@code Signature}, {@code sig}, {@code + * X-Goog-Signature}) if none is configured. + * + * @throws DeclarativeConfigException if an unexpected type is encountered accessing the property + */ + public static List sensitiveQueryParameters(ConfigProvider configProvider) { + return configProvider + .getInstrumentationConfig() + .get("general") + .get("sanitization") + .get("url") + .getScalarList( + "sensitive_query_parameters", String.class, DEFAULT_SENSITIVE_QUERY_PARAMETERS); } /** @@ -133,7 +154,10 @@ public static DeclarativeConfigProperties javaInstrumentationConfig( * {@code segments}, or if {@code accessor} returns null. * *

See other methods in {@link InstrumentationConfigUtil} for usage examples. + * + * @deprecated Use {@link DeclarativeConfigProperties#get(String)} to walk segments. */ + @Deprecated @Nullable public static T getOrNull( ConfigProvider configProvider, diff --git a/api/incubator/src/test/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtilTest.java b/api/incubator/src/test/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtilTest.java index 9048d744d36..c16f1f54c49 100644 --- a/api/incubator/src/test/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtilTest.java +++ b/api/incubator/src/test/java/io/opentelemetry/api/incubator/config/InstrumentationConfigUtilTest.java @@ -46,6 +46,13 @@ class InstrumentationConfigUtilTest { + " response_captured_headers:\n" + " - server-response-header1\n" + " - server-response-header2\n" + + " sanitization:\n" + + " url:\n" + + " sensitive_query_parameters:\n" + + " - AWSAccessKeyId\n" + + " - Signature\n" + + " - sig\n" + + " - X-Goog-Signature\n" + " java:\n" + " example:\n" + " property: \"value\""; @@ -58,6 +65,8 @@ class InstrumentationConfigUtilTest { toConfigProvider("instrumentation/development:\n general:\n"); private static final ConfigProvider emptyHttpConfigProvider = toConfigProvider("instrumentation/development:\n general:\n http:\n"); + private static final ConfigProvider emptySanitizationConfigProvider = + toConfigProvider("instrumentation/development:\n general:\n sanitization:\n"); private static ConfigProvider toConfigProvider(String configYaml) { return SdkConfigProvider.create( @@ -84,12 +93,12 @@ void httpClientRequestCapturedHeaders() { assertThat( InstrumentationConfigUtil.httpClientRequestCapturedHeaders( emptyInstrumentationConfigProvider)) - .isNull(); + .isEmpty(); assertThat( InstrumentationConfigUtil.httpClientRequestCapturedHeaders(emptyGeneralConfigProvider)) - .isNull(); + .isEmpty(); assertThat(InstrumentationConfigUtil.httpClientRequestCapturedHeaders(emptyHttpConfigProvider)) - .isNull(); + .isEmpty(); } @Test @@ -100,12 +109,12 @@ void httpClientResponseCapturedHeaders() { assertThat( InstrumentationConfigUtil.httpClientResponseCapturedHeaders( emptyInstrumentationConfigProvider)) - .isNull(); + .isEmpty(); assertThat( InstrumentationConfigUtil.httpClientResponseCapturedHeaders(emptyGeneralConfigProvider)) - .isNull(); + .isEmpty(); assertThat(InstrumentationConfigUtil.httpClientResponseCapturedHeaders(emptyHttpConfigProvider)) - .isNull(); + .isEmpty(); } @Test @@ -116,12 +125,12 @@ void httpServerRequestCapturedHeaders() { assertThat( InstrumentationConfigUtil.httpServerRequestCapturedHeaders( emptyInstrumentationConfigProvider)) - .isNull(); + .isEmpty(); assertThat( InstrumentationConfigUtil.httpServerRequestCapturedHeaders(emptyGeneralConfigProvider)) - .isNull(); + .isEmpty(); assertThat(InstrumentationConfigUtil.httpServerRequestCapturedHeaders(emptyHttpConfigProvider)) - .isNull(); + .isEmpty(); } @Test @@ -132,12 +141,25 @@ void httpServerResponseCapturedHeaders() { assertThat( InstrumentationConfigUtil.httpServerResponseCapturedHeaders( emptyInstrumentationConfigProvider)) - .isNull(); + .isEmpty(); assertThat( InstrumentationConfigUtil.httpServerResponseCapturedHeaders(emptyGeneralConfigProvider)) - .isNull(); + .isEmpty(); assertThat(InstrumentationConfigUtil.httpServerResponseCapturedHeaders(emptyHttpConfigProvider)) - .isNull(); + .isEmpty(); + } + + @Test + void sensitiveQueryParameters() { + assertThat(InstrumentationConfigUtil.sensitiveQueryParameters(kitchenSinkConfigProvider)) + .isEqualTo(Arrays.asList("AWSAccessKeyId", "Signature", "sig", "X-Goog-Signature")); + assertThat( + InstrumentationConfigUtil.sensitiveQueryParameters(emptyInstrumentationConfigProvider)) + .isEqualTo(Arrays.asList("AWSAccessKeyId", "Signature", "sig", "X-Goog-Signature")); + assertThat(InstrumentationConfigUtil.sensitiveQueryParameters(emptyGeneralConfigProvider)) + .isEqualTo(Arrays.asList("AWSAccessKeyId", "Signature", "sig", "X-Goog-Signature")); + assertThat(InstrumentationConfigUtil.sensitiveQueryParameters(emptySanitizationConfigProvider)) + .isEqualTo(Arrays.asList("AWSAccessKeyId", "Signature", "sig", "X-Goog-Signature")); } @Test