Revise the security schema and fix unescape characters (#31)

.golangci.yml

@@ -5,9 +5,7 @@ linters:
     - err113
     - lll
     - gocognit
-    - execinquery
     - exportloopref
-    - gomnd
     - funlen
     - godot
     - gofumpt
@@ -20,7 +18,6 @@ linters:
     - wsl
     - wrapcheck
     - varnamelen
-    - nlreturn
     - exhaustive
     - exhaustruct
     - gocyclo

connector/connector.go

@@ -71,6 +71,7 @@ func (c *HTTPConnector) ParseConfiguration(ctx context.Context, configurationDir
 		schemas, errs = configuration.BuildSchemaFromConfig(config, configurationDir, logger)
 		if len(errs) > 0 {
 			printSchemaValidationError(logger, errs)
+
 			return nil, errBuildSchemaFailed
 		}
 	}

connector/connector_test.go

@@ -654,8 +654,9 @@ func createMockServer(t *testing.T, apiKey string, bearerToken string) *httptest
 	mux.HandleFunc("/model", func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case http.MethodPost:
-			if r.Header.Get("api_key") != apiKey {
-				t.Errorf("invalid api key, expected %s, got %s", apiKey, r.Header.Get("api_key"))
+			user, password, ok := r.BasicAuth()
+			if !ok || user != "user" || password != "password" {
+				t.Errorf("invalid basic auth, expected user:password, got %s:%s", user, password)
 				t.FailNow()
 				return
 			}

connector/internal/client.go

@@ -10,6 +10,7 @@ import (
 	"log/slog"
 	"math"
 	"net/http"
+	"net/url"
 	"slices"
 	"strconv"
 	"strings"
@@ -250,12 +251,21 @@ func (client *HTTPClient) doRequest(ctx context.Context, request *RetryableReque
 	ctx, span := client.tracer.Start(ctx, fmt.Sprintf("%s %s", method, request.RawRequest.URL), trace.WithSpanKind(trace.SpanKindClient))
 	defer span.End()
 
-	requestURL := request.URL.String()
+	urlAttr := cloneURL(&request.URL)
+	password, hasPassword := urlAttr.User.Password()
+	if urlAttr.User.String() != "" || hasPassword {
+		maskedUser := MaskString(urlAttr.User.Username())
+		if hasPassword {
+			urlAttr.User = url.UserPassword(maskedUser, MaskString(password))
+		} else {
+			urlAttr.User = url.User(maskedUser)
+		}
+	}
 
 	span.SetAttributes(
 		attribute.String("db.system", "http"),
 		attribute.String("http.request.method", method),
-		attribute.String("url.full", requestURL),
+		attribute.String("url.full", urlAttr.String()),
 		attribute.String("server.address", request.URL.Hostname()),
 		attribute.Int("server.port", port),
 		attribute.String("network.protocol.name", "http"),
@@ -355,12 +365,14 @@ func evalHTTPResponse(ctx context.Context, span trace.Span, resp *http.Response,
 		if len(respBody) == 0 {
 			return nil, resp.Header, nil
 		}
+
 		return string(respBody), resp.Header, nil
 	case "text/plain", "text/html":
 		respBody, err := io.ReadAll(resp.Body)
 		if err != nil {
 			return nil, nil, schema.NewConnectorError(http.StatusInternalServerError, err.Error(), nil)
 		}
+
 		return string(respBody), resp.Header, nil
 	case rest.ContentTypeJSON:
 		if len(resultType) > 0 {
@@ -378,6 +390,7 @@ func evalHTTPResponse(ctx context.Context, span trace.Span, resp *http.Response,
 					// fallback to raw string response if the result type is String
 					return string(respBytes), resp.Header, nil
 				}
+
 				return strResult, resp.Header, nil
 			}
 		}
@@ -395,6 +408,7 @@ func evalHTTPResponse(ctx context.Context, span trace.Span, resp *http.Response,
 		if err != nil {
 			return nil, nil, schema.InternalServerError(err.Error(), nil)
 		}
+
 		return result, resp.Header, nil
 	case rest.ContentTypeNdJSON:
 		var results []any
@@ -415,6 +429,7 @@ func evalHTTPResponse(ctx context.Context, span trace.Span, resp *http.Response,
 		if err != nil {
 			return nil, nil, schema.InternalServerError(err.Error(), nil)
 		}
+
 		return result, resp.Header, nil
 	default:
 		return nil, nil, schema.NewConnectorError(http.StatusInternalServerError, "failed to evaluate response", map[string]any{
@@ -428,5 +443,6 @@ func parseContentType(input string) string {
 		return ""
 	}
 	parts := strings.Split(input, ";")
+
 	return strings.TrimSpace(parts[0])
 }

connector/internal/decode.go

@@ -34,6 +34,7 @@ func DecodeDataURI(input string) (*DataURI, error) {
 		if err != nil {
 			return nil, err
 		}
+
 		return &DataURI{
 			Data: string(rawDecodedBytes),
 		}, nil

connector/internal/metadata.go

@@ -17,6 +17,7 @@ func (rms MetadataCollection) GetFunction(name string) (*rest.OperationInfo, con
 			return fn, rm, nil
 		}
 	}
+
 	return nil, configuration.NDCHttpRuntimeSchema{}, schema.UnprocessableContentError("unsupported query: "+name, nil)
 }
 
@@ -28,5 +29,6 @@ func (rms MetadataCollection) GetProcedure(name string) (*rest.OperationInfo, co
 			return fn, rm, nil
 		}
 	}
+
 	return nil, configuration.NDCHttpRuntimeSchema{}, schema.UnprocessableContentError("unsupported mutation: "+name, nil)
 }

connector/internal/multipart.go

@@ -79,6 +79,7 @@ func (w *MultipartWriter) WriteJSON(fieldName string, value any, headers http.He
 	}
 
 	_, err = p.Write(bs)
+
 	return err
 }
 
@@ -90,6 +91,7 @@ func (w *MultipartWriter) WriteField(fieldName, value string, headers http.Heade
 		return err
 	}
 	_, err = p.Write([]byte(value))
+
 	return err
 }
 
@@ -100,5 +102,6 @@ func createFieldMIMEHeader(fieldName string, headers http.Header) textproto.MIME
 	}
 	h.Set("Content-Disposition",
 		fmt.Sprintf(`form-data; name="%s"`, escapeQuotes(fieldName)))
+
 	return h
 }

connector/internal/parameter.go

@@ -23,13 +23,15 @@ func (ssp ParameterItems) String() string {
 		str := item.String()
 		results = append(results, str)
 	}
+
 	return strings.Join(results, "&")
 }
 
 func (ssp *ParameterItems) Add(keys []Key, values []string) {
 	index := ssp.FindIndex(keys)
 	if index == -1 {
 		*ssp = append(*ssp, NewParameterItem(keys, values))
+
 		return
 	}
 	(*ssp)[index].AddValues(values)
@@ -41,16 +43,19 @@ func (ssp ParameterItems) FindDefault() *ParameterItem {
 		return item
 	}
 	item, _ = ssp.find([]Key{})
+
 	return item
 }
 
 func (ssp ParameterItems) Find(keys []Key) *ParameterItem {
 	item, _ := ssp.find(keys)
+
 	return item
 }
 
 func (ssp ParameterItems) FindIndex(keys []Key) int {
 	_, i := ssp.find(keys)
+
 	return i
 }
 
@@ -73,6 +78,7 @@ func (ssp ParameterItems) find(keys []Key) (*ParameterItem, int) {
 			return &item, i
 		}
 	}
+
 	return nil, -1
 }
 
@@ -89,6 +95,7 @@ func (ks Keys) String() string {
 	for i, k := range ks {
 		if k.index != nil {
 			sb.WriteString(fmt.Sprintf("[%d]", *k.index))
+
 			continue
 		}
 		if k.key != "" {
@@ -98,6 +105,7 @@ func (ks Keys) String() string {
 			sb.WriteString(k.key)
 		}
 	}
+
 	return sb.String()
 }
 
@@ -137,6 +145,7 @@ func (k Key) String() string {
 	if k.index != nil {
 		return strconv.Itoa(*k.index)
 	}
+
 	return k.key
 }
 
@@ -161,6 +170,7 @@ func (ssp ParameterItem) String() string {
 	if key == "" {
 		return value
 	}
+
 	return fmt.Sprintf("%s=%s", key, value)
 }