Merge branch 'cgfrost-master'

[resolves cloudfoundry#116][resolves cloudfoundry#114]

Author: nebhale

java-buildpack.iml

@@ -266,37 +266,37 @@
       <excludeFolder url="file://$MODULE_DIR$/coverage" />
       <excludeFolder url="file://$MODULE_DIR$/doc" />
     </content>
-    <orderEntry type="jdk" jdkName="rbenv: 1.9.3-p550" jdkType="RUBY_SDK" />
+    <orderEntry type="jdk" jdkName="ruby-1.9.3-p551" jdkType="RUBY_SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" scope="PROVIDED" name="addressable (v2.3.6, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="ast (v2.0.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="astrolabe (v1.3.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="bundler (v1.7.4, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="codeclimate-test-reporter (v0.4.1, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="crack (v0.4.2, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="diff-lcs (v1.2.5, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="docile (v1.1.5, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="multi_json (v1.10.1, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="parser (v2.2.0.pre.6, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="powerpack (v0.0.9, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rainbow (v2.0.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rake (v10.3.2, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="redcarpet (v3.2.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec (v3.1.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-core (v3.1.7, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-expectations (v3.1.2, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-mocks (v3.1.3, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rspec-support (v3.1.2, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rubocop (v0.26.1, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="ruby-progressbar (v1.6.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="rubyzip (v1.1.6, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="safe_yaml (v1.0.4, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="simplecov (v0.9.1, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="simplecov-html (v0.8.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="slop (v3.6.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="tee (v1.0.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="webmock (v1.20.0, rbenv: 1.9.3-p550) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="yard (v0.8.7.6, rbenv: 1.9.3-p550) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="addressable (v2.3.6, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ast (v2.0.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="astrolabe (v1.3.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="bundler (v1.7.6, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="codeclimate-test-reporter (v0.4.1, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="crack (v0.4.2, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="diff-lcs (v1.2.5, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="docile (v1.1.5, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="multi_json (v1.10.1, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="parser (v2.2.0.pre.6, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="powerpack (v0.0.9, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rainbow (v2.0.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rake (v10.3.2, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="redcarpet (v3.2.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec (v3.1.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-core (v3.1.7, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-expectations (v3.1.2, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-mocks (v3.1.3, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-support (v3.1.2, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop (v0.26.1, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ruby-progressbar (v1.6.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubyzip (v1.1.6, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="safe_yaml (v1.0.4, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="simplecov (v0.9.1, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="simplecov-html (v0.8.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="slop (v3.6.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="tee (v1.0.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="webmock (v1.20.0, ruby-1.9.3-p551) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="yard (v0.8.7.6, ruby-1.9.3-p551) [gem]" level="application" />
   </component>
   <component name="RModuleSettingsStorage">
     <LOAD_PATH number="4" string0="$MODULE_DIR$/lib" string1="$MODULE_DIR$/spec" string2="$MODULE_DIR$/bin" string3="$MODULE_DIR$/spec/bin" />

lib/java_buildpack/component/base_component.rb

@@ -20,6 +20,7 @@
 require 'java_buildpack/util/format_duration'
 require 'java_buildpack/util/shell'
 require 'java_buildpack/util/space_case'
+require 'java_buildpack/util/sanitizer'
 
 module JavaBuildpack
   module Component
@@ -84,7 +85,7 @@ def release
       # @return [Void]
       def download(version, uri, name = @component_name)
         download_start_time = Time.now
-        print "-----> Downloading #{name} #{version} from #{uri} "
+        print "-----> Downloading #{name} #{version} from #{uri.sanitize_uri} "
 
         JavaBuildpack::Util::Cache::ApplicationCache.new.get(uri) do |file, downloaded|
           puts downloaded ? "(#{(Time.now - download_start_time).duration})" : '(found in cache)'

lib/java_buildpack/util/cache/cached_file.rb

@@ -33,7 +33,7 @@ class CachedFile
         # @param [String] uri a uri which uniquely identifies the file in the cache
         # @param [Boolean] mutable whether the cached file should be mutable
         def initialize(cache_root, uri, mutable)
-          key            = URI.escape(uri, ':/')
+          key            = URI.escape(uri.sanitize_uri, ':/')
           @cached        = cache_root + "#{key}.cached"
           @etag          = cache_root + "#{key}.etag"
           @last_modified = cache_root + "#{key}.last_modified"

lib/java_buildpack/util/cache/download_cache.rb

@@ -19,6 +19,7 @@
 require 'java_buildpack/util/cache/cached_file'
 require 'java_buildpack/util/cache/inferred_network_failure'
 require 'java_buildpack/util/cache/internet_availability'
+require 'java_buildpack/util/sanitizer'
 require 'monitor'
 require 'net/http'
 require 'pathname'
@@ -63,7 +64,7 @@ def get(uri, &block)
           cached_file, downloaded = from_mutable_cache uri if InternetAvailability.instance.available?
           cached_file, downloaded = from_immutable_caches(uri), false unless cached_file
 
-          fail "Unable to find cached file for #{uri}" unless cached_file
+          fail "Unable to find cached file for #{uri.sanitize_uri}" unless cached_file
           cached_file.cached(File::RDONLY | File::BINARY, downloaded, &block)
         end
 
@@ -191,7 +192,7 @@ def from_mutable_cache(uri)
           cached      = update URI(uri), cached_file
           [cached_file, cached]
         rescue => e
-          @logger.warn { "Unable to download #{uri} into cache #{@mutable_cache_root}: #{e.message}" }
+          @logger.warn { "Unable to download #{uri.sanitize_uri} into cache #{@mutable_cache_root}: #{e.message}" }
           nil
         end
 
@@ -201,7 +202,7 @@ def from_immutable_caches(uri)
 
             next unless candidate.cached?
 
-            @logger.debug { "#{uri} found in cache #{cache_root}" }
+            @logger.debug { "#{uri.sanitize_uri} found in cache #{cache_root}" }
             return candidate
           end
 

lib/java_buildpack/util/sanitizer.rb

@@ -0,0 +1,30 @@
+# Encoding: utf-8
+# Cloud Foundry Java Buildpack
+# Copyright (c) 2014 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# A mixin that adds the ability to turn a +String+ into sanitized uri
+class String
+
+  # Takes a uri and strips out any credentials it may contain.
+  #
+  # @return [String] the sanitized uri
+  def sanitize_uri
+    rich_uri          = URI(self)
+    rich_uri.user     = nil
+    rich_uri.password = nil
+    rich_uri.to_s
+  end
+
+end

spec/java_buildpack/util/cache/download_cache_spec.rb

@@ -86,7 +86,7 @@
     expect(Net::HTTP).not_to receive(:Proxy).with('proxy', 9000, nil, nil)
 
     expect { |b| download_cache.get uri_credentials, &b }.to yield_file_with_content(/foo-cached/)
-    expect_complete_credential_cache mutable_cache_root
+    expect_complete_cache mutable_cache_root
   end
 
   it 'should follow redirects' do
@@ -292,28 +292,12 @@ def cache_file(root, extension)
     root + "http%3A%2F%2Ffoo-uri%2F.#{extension}"
   end
 
-  def credential_cache_file(root, extension)
-    root + "http%3A%2F%2Ftest-username%3Atest-password@foo-uri%2F.#{extension}"
-  end
-
   def expect_complete_cache(root)
     expect_file_content root, 'cached', 'foo-cached'
     expect_file_content root, 'etag', 'foo-etag'
     expect_file_content root, 'last_modified', 'foo-last-modified'
   end
 
-  def expect_complete_credential_cache(root)
-    expect_credential_file_content root, 'cached', 'foo-cached'
-    expect_credential_file_content root, 'etag', 'foo-etag'
-    expect_credential_file_content root, 'last_modified', 'foo-last-modified'
-  end
-
-  def expect_credential_file_content(root, extension, content = '')
-    file = credential_cache_file root, extension
-    expect(file).to exist
-    expect(file.read).to eq(content)
-  end
-
   def expect_file_content(root, extension, content = '')
     file = cache_file root, extension
     expect(file).to exist

spec/java_buildpack/util/sanitize_spec.rb

@@ -0,0 +1,32 @@
+# Encoding: utf-8
+# Cloud Foundry Java Buildpack
+# Copyright (c) 2014 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'spec_helper'
+require 'application_helper'
+require 'java_buildpack/util/sanitizer'
+
+describe 'sanitize uri' do
+  include_context 'application_helper'
+
+  it 'should sanatize uri with credentials in' do
+    expect('https://myuser:mypass@myhost/path/to/file'.sanitize_uri).to eq('https://myhost/path/to/file')
+  end
+
+  it 'should not sanatize uri with no credentials in' do
+    expect('https://myhost/path/to/file'.sanitize_uri).to eq('https://myhost/path/to/file')
+  end
+
+end