Add option to configure the sanitized metadata keys

fixes codecentric#590

Author: joshiste

spring-boot-admin-docs/src/main/asciidoc/server.adoc

@@ -27,7 +27,12 @@
 
 | spring.boot.admin.routes.endpoints
 | The enpoints which will be available via spring boot admin zuul proxy. If you write ui modules using other endpoints you need to add them.
-| `"env, metrics, trace, dump, jolokia, info, configprops, activiti, logfile, refresh, flyway, liquibase, loggers"`
+| `"env", "metrics", "trace", "dump", "jolokia", "info", "configprops", "activiti", "logfile", "refresh", "flyway", "liquibase", "loggers"`
+
+| spring.boot.admin.metadata-keys-to-sanitize
+| Metadata values for the keys matching these regex patterns will be sanitized in all json output.
+| `".*password$", ".*secret$", ".*key$", ".*$token$", ".*credentials.*", ".*vcap_services$"`
+
 |===
 
 include::server-discovery.adoc[]

spring-boot-admin-server/src/main/java/de/codecentric/boot/admin/config/AdminServerProperties.java

@@ -16,6 +16,11 @@ public class AdminServerProperties {
 
  private RoutesProperties routes = new RoutesProperties();
 
+ /**
+ * The metadata keys which should be sanitized when serializing to json
+ */
+ private String[] metadataKeysToSanitize = new String[]{".*password$", ".*secret$", ".*key$", ".*$token$", ".*credentials.*", ".*vcap_services$"};
+
  public void setContextPath(String pathPrefix) {
  if (!pathPrefix.startsWith("/") || pathPrefix.endsWith("/")) {
  throw new IllegalArgumentException("ContextPath must start with '/' and not end with '/'");
@@ -27,6 +32,14 @@ public String getContextPath() {
  return contextPath;
  }
 
+ public String[] getMetadataKeysToSanitize() {
+ return metadataKeysToSanitize;
+ }
+
+ public void setMetadataKeysToSanitize(String[] metadataKeysToSanitize) {
+ this.metadataKeysToSanitize = metadataKeysToSanitize;
+ }
+
  public MonitorProperties getMonitor() {
  return monitor;
  }

spring-boot-admin-server/src/main/java/de/codecentric/boot/admin/config/AdminServerWebConfiguration.java

@@ -36,12 +36,17 @@
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.module.SimpleModule;
 
 import de.codecentric.boot.admin.event.ClientApplicationDeregisteredEvent;
 import de.codecentric.boot.admin.event.ClientApplicationRegisteredEvent;
 import de.codecentric.boot.admin.event.RoutesOutdatedEvent;
+import de.codecentric.boot.admin.jackson.ApplicationBeanSerializerModifier;
+import de.codecentric.boot.admin.jackson.ApplicationDeserializer;
+import de.codecentric.boot.admin.jackson.SanitizingMapSerializer;
 import de.codecentric.boot.admin.journal.ApplicationEventJournal;
 import de.codecentric.boot.admin.journal.web.JournalController;
+import de.codecentric.boot.admin.model.Application;
 import de.codecentric.boot.admin.registry.ApplicationRegistry;
 import de.codecentric.boot.admin.registry.web.RegistryController;
 import de.codecentric.boot.admin.web.AdminController;
@@ -51,107 +56,112 @@
 import de.codecentric.boot.admin.web.servlet.resource.ResourcePatternResolvingResourceResolver;
 
 @Configuration
-public class AdminServerWebConfiguration extends WebMvcConfigurerAdapter
-implements ApplicationContextAware {
-private final ApplicationEventPublisher publisher;
-private final ServerProperties server;
-private final ResourcePatternResolver resourcePatternResolver;
-private final AdminServerProperties adminServerProperties;
-private ApplicationContext applicationContext;
-
-public AdminServerWebConfiguration(ApplicationEventPublisher publisher, ServerProperties server,
-ResourcePatternResolver resourcePatternResolver,
-AdminServerProperties adminServerProperties) {
-this.publisher = publisher;
-this.server = server;
-this.resourcePatternResolver = resourcePatternResolver;
-this.adminServerProperties = adminServerProperties;
-}
-
-@Override
-public void setApplicationContext(ApplicationContext applicationContext) {
-this.applicationContext = applicationContext;
-}
-
-@Override
-public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {
-if (!hasConverter(converters, MappingJackson2HttpMessageConverter.class)) {
-ObjectMapper objectMapper = Jackson2ObjectMapperBuilder.json()
-.applicationContext(this.applicationContext).build();
-converters.add(new MappingJackson2HttpMessageConverter(objectMapper));
-}
-}
-
-private boolean hasConverter(List<HttpMessageConverter<?>> converters,
-Class<? extends HttpMessageConverter<?>> clazz) {
-for (HttpMessageConverter<?> converter : converters) {
-if (clazz.isInstance(converter)) {
-return true;
-}
-}
-return false;
-}
-
-@Override
-public void addResourceHandlers(ResourceHandlerRegistry registry) {
-registry.addResourceHandler(adminServerProperties.getContextPath() + "/**")
-.addResourceLocations("classpath:/META-INF/spring-boot-admin-server-ui/")
-.resourceChain(true)
-.addResolver(new PreferMinifiedFilteringResourceResolver(".min"));
-
-registry.addResourceHandler(adminServerProperties.getContextPath() + "/all-modules.css")
-.resourceChain(true)
-.addResolver(new ResourcePatternResolvingResourceResolver(resourcePatternResolver,
-"classpath*:/META-INF/spring-boot-admin-server-ui/*/module.css"))
-.addResolver(new ConcatenatingResourceResolver("\n".getBytes()));
-
-registry.addResourceHandler(adminServerProperties.getContextPath() + "/all-modules.js")
-.resourceChain(true)
-.addResolver(new ResourcePatternResolvingResourceResolver(resourcePatternResolver,
-"classpath*:/META-INF/spring-boot-admin-server-ui/*/module.js"))
-.addResolver(new PreferMinifiedFilteringResourceResolver(".min"))
-.addResolver(new ConcatenatingResourceResolver(";\n".getBytes()));
-}
-
-@Override
-public void addViewControllers(ViewControllerRegistry registry) {
-String contextPath = adminServerProperties.getContextPath();
-if (StringUtils.hasText(contextPath)) {
-registry.addRedirectViewController(contextPath, server.getPath(contextPath) + "/");
-}
-registry.addViewController(contextPath + "/").setViewName("forward:index.html");
-}
-
-@Bean
-public PrefixHandlerMapping prefixHandlerMapping() {
-Map<String, Object> beans = applicationContext
-.getBeansWithAnnotation(AdminController.class);
-PrefixHandlerMapping prefixHandlerMapping = new PrefixHandlerMapping(
-beans.values().toArray(new Object[beans.size()]));
-prefixHandlerMapping.setPrefix(adminServerProperties.getContextPath());
-return prefixHandlerMapping;
-}
-
-@Bean
-@ConditionalOnMissingBean
-public RegistryController registryController(ApplicationRegistry applicationRegistry) {
-return new RegistryController(applicationRegistry);
-}
-
-@Bean
-@ConditionalOnMissingBean
-public JournalController journalController(ApplicationEventJournal applicationEventJournal) {
-return new JournalController(applicationEventJournal);
-}
-
-@EventListener
-public void onClientApplicationRegistered(ClientApplicationRegisteredEvent event) {
-publisher.publishEvent(new RoutesOutdatedEvent());
-}
-
-@EventListener
-public void onClientApplicationDeregistered(ClientApplicationDeregisteredEvent event) {
-publisher.publishEvent(new RoutesOutdatedEvent());
-}
+public class AdminServerWebConfiguration extends WebMvcConfigurerAdapter implements ApplicationContextAware {
+ private final ApplicationEventPublisher publisher;
+ private final ServerProperties server;
+ private final ResourcePatternResolver resourcePatternResolver;
+ private final AdminServerProperties adminServerProperties;
+ private ApplicationContext applicationContext;
+
+ public AdminServerWebConfiguration(ApplicationEventPublisher publisher, ServerProperties server, ResourcePatternResolver resourcePatternResolver, AdminServerProperties adminServerProperties) {
+ this.publisher = publisher;
+ this.server = server;
+ this.resourcePatternResolver = resourcePatternResolver;
+ this.adminServerProperties = adminServerProperties;
+ }
+
+ @Override
+ public void setApplicationContext(ApplicationContext applicationContext) {
+ this.applicationContext = applicationContext;
+ }
+
+ @Override
+ public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {
+ if (!hasConverter(converters, MappingJackson2HttpMessageConverter.class)) {
+ ObjectMapper objectMapper = Jackson2ObjectMapperBuilder.json()
+ .applicationContext(this.applicationContext)
+ .build();
+ converters.add(new MappingJackson2HttpMessageConverter(objectMapper));
+ }
+ }
+
+ private boolean hasConverter(List<HttpMessageConverter<?>> converters, Class<? extends HttpMessageConverter<?>> clazz) {
+ for (HttpMessageConverter<?> converter : converters) {
+ if (clazz.isInstance(converter)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public void addResourceHandlers(ResourceHandlerRegistry registry) {
+ registry.addResourceHandler(adminServerProperties.getContextPath() + "/**")
+ .addResourceLocations("classpath:/META-INF/spring-boot-admin-server-ui/")
+ .resourceChain(true)
+ .addResolver(new PreferMinifiedFilteringResourceResolver(".min"));
+
+ registry.addResourceHandler(adminServerProperties.getContextPath() + "/all-modules.css")
+ .resourceChain(true)
+ .addResolver(new ResourcePatternResolvingResourceResolver(resourcePatternResolver,
+ "classpath*:/META-INF/spring-boot-admin-server-ui/*/module.css"))
+ .addResolver(new ConcatenatingResourceResolver("\n".getBytes()));
+
+ registry.addResourceHandler(adminServerProperties.getContextPath() + "/all-modules.js")
+ .resourceChain(true)
+ .addResolver(new ResourcePatternResolvingResourceResolver(resourcePatternResolver,
+ "classpath*:/META-INF/spring-boot-admin-server-ui/*/module.js"))
+ .addResolver(new PreferMinifiedFilteringResourceResolver(".min"))
+ .addResolver(new ConcatenatingResourceResolver(";\n".getBytes()));
+ }
+
+ @Override
+ public void addViewControllers(ViewControllerRegistry registry) {
+ String contextPath = adminServerProperties.getContextPath();
+ if (StringUtils.hasText(contextPath)) {
+ registry.addRedirectViewController(contextPath, server.getPath(contextPath) + "/");
+ }
+ registry.addViewController(contextPath + "/").setViewName("forward:index.html");
+ }
+
+ @Bean
+ public SimpleModule adminJacksonModule() {
+ SimpleModule module = new SimpleModule();
+ module.addDeserializer(Application.class, new ApplicationDeserializer());
+ module.setSerializerModifier(new ApplicationBeanSerializerModifier(
+ new SanitizingMapSerializer(adminServerProperties.getMetadataKeysToSanitize()))) ;
+ return module;
+ }
+
+ @Bean
+ public PrefixHandlerMapping prefixHandlerMapping() {
+ Map<String, Object> beans = applicationContext.getBeansWithAnnotation(AdminController.class);
+ PrefixHandlerMapping prefixHandlerMapping = new PrefixHandlerMapping(
+ beans.values().toArray(new Object[beans.size()]));
+ prefixHandlerMapping.setPrefix(adminServerProperties.getContextPath());
+ return prefixHandlerMapping;
+ }
+
+ @Bean
+ @ConditionalOnMissingBean
+ public RegistryController registryController(ApplicationRegistry applicationRegistry) {
+ return new RegistryController(applicationRegistry);
+ }
+
+ @Bean
+ @ConditionalOnMissingBean
+ public JournalController journalController(ApplicationEventJournal applicationEventJournal) {
+ return new JournalController(applicationEventJournal);
+ }
+
+ @EventListener
+ public void onClientApplicationRegistered(ClientApplicationRegisteredEvent event) {
+ publisher.publishEvent(new RoutesOutdatedEvent());
+ }
+
+ @EventListener
+ public void onClientApplicationDeregistered(ClientApplicationDeregisteredEvent event) {
+ publisher.publishEvent(new RoutesOutdatedEvent());
+ }
 
 }

spring-boot-admin-server/src/main/java/de/codecentric/boot/admin/jackson/ApplicationBeanSerializerModifier.java

@@ -0,0 +1,34 @@
+package de.codecentric.boot.admin.jackson;
+
+import de.codecentric.boot.admin.model.Application;
+
+import java.util.List;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.ser.BeanPropertyWriter;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
+
+public class ApplicationBeanSerializerModifier extends BeanSerializerModifier {
+
+ private final JsonSerializer<Object> metadataSerializer;
+
+ @SuppressWarnings("unchecked")
+ public ApplicationBeanSerializerModifier(SanitizingMapSerializer metadataSerializer) {
+ this.metadataSerializer = (JsonSerializer<Object>) (JsonSerializer) metadataSerializer;
+ }
+
+ @Override
+ public List<BeanPropertyWriter> changeProperties(SerializationConfig config, BeanDescription beanDesc, List<BeanPropertyWriter> beanProperties) {
+ if (!Application.class.isAssignableFrom(beanDesc.getBeanClass())) {
+ return beanProperties;
+ }
+
+ for (BeanPropertyWriter beanProperty : beanProperties) {
+ if ("metadata".equals(beanProperty.getName())) {
+ beanProperty.assignSerializer(metadataSerializer);
+ }
+ }
+ return beanProperties;
+ }
+}

spring-boot-admin-server/src/main/java/de/codecentric/boot/admin/jackson/ApplicationDeserializer.java

@@ -0,0 +1,51 @@
+package de.codecentric.boot.admin.jackson;
+
+import de.codecentric.boot.admin.model.Application;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.Map;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
+
+public class ApplicationDeserializer extends StdDeserializer<Application> {
+ private static final long serialVersionUID = 1L;
+
+ public ApplicationDeserializer() {
+ super(Application.class);
+ }
+
+ @Override
+ public Application deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException {
+ JsonNode node = p.readValueAsTree();
+
+ Application.Builder builder = Application.create(node.get("name").asText());
+
+ if (node.has("url")) {
+ String url = node.get("url").asText();
+ builder.withHealthUrl(url.replaceFirst("/+$", "") + "/health").withManagementUrl(url);
+ } else {
+ if (node.has("healthUrl")) {
+ builder.withHealthUrl(node.get("healthUrl").asText());
+ }
+ if (node.has("managementUrl")) {
+ builder.withManagementUrl(node.get("managementUrl").asText());
+ }
+ if (node.has("serviceUrl")) {
+ builder.withServiceUrl(node.get("serviceUrl").asText());
+ }
+ }
+
+ if (node.has("metadata")) {
+ Iterator<Map.Entry<String, JsonNode>> it = node.get("metadata").fields();
+ while (it.hasNext()) {
+ Map.Entry<String, JsonNode> entry = it.next();
+ builder.addMetadata(entry.getKey(), entry.getValue().asText());
+ }
+ }
+ return builder.build();
+ }
+}