Merge pull request #233 from noir-cr/improve/add-param-in-spring-anal…

…yzer

👔 Add identification logic of parameters in Spring #232

spec/functional_test/fixtures/java_spring/.gitignore

@@ -0,0 +1 @@
+.gradle

spec/functional_test/fixtures/java_spring/src/HttpServletRequest.java

@@ -0,0 +1,22 @@
+package com.test;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class MyController {
+
+    @GetMapping("/greet")
+    public String greet(HttpServletRequest request) {
+        String name = request.getParameter("name");
+        if (name == null || name.isEmpty()) {
+            name = "World";
+        }
+
+        String header = request.getHeader("header");
+        if (header == null || header.isEmpty()) {
+            header = "!";
+        }
+        return "Hello, " + name + header;
+    }
+}

spec/functional_test/fixtures/java_spring/src/ItemController.java

@@ -1,11 +1,14 @@
+package com.test;
 import org.springframework.web.bind.annotation.*;
+import a.b.c.bind.annotation.*;
+import org.springframework.c.d.e.*;
 
 @RestController
 @RequestMapping("/items")
 public class ItemController {
 
     @GetMapping("/{id}")
-    public Item getItem(@PathVariable Long id) {
+    public Item getItem(@PathVariable Long id) throws ItemNotFoundException {
     }
 
     @PostMapping
@@ -23,4 +26,25 @@ public void deleteItem(@PathVariable Long id) {
     @GetMapping("/json/{id}", produces = [MediaType.APPLICATION_JSON_VALUE])
     public void getItemJson(){       
     }
+}
+
+class Item {
+    int id;
+    String name;
+
+    public void setId(int _id) {
+        id = _id;
+    }
+
+    public int getId() {
+        return id;
+    }
+
+    public void setName(String _name) {
+        name = _name;
+    }
+
+    public String getName() {
+        return name;
+    }
 }

spec/functional_test/fixtures/java_spring/src/RequestParam.java

@@ -0,0 +1,13 @@
+package com.test;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class MyController {
+
+    @GetMapping("/greet2")
+    public String greet2(@RequestParam("myname") String a, @RequestParam("b") int b, String name) {
+        return "Hello, " + a + b"!";
+    }
+}

spec/functional_test/fixtures/kotlin_spring/.gitignore

@@ -0,0 +1 @@
+.gradle

spec/functional_test/testers/java_spring_spec.cr

@@ -16,12 +16,21 @@ extected_endpoints = [
   # ItemController.java
   Endpoint.new("/items/{id}", "GET"),
   Endpoint.new("/items/json/{id}", "GET"),
-  Endpoint.new("/items", "POST"),
-  Endpoint.new("/items/update/{id}", "PUT"),
+  Endpoint.new("/items", "POST", [Param.new("id", "", "form"), Param.new("name", "", "form")]),
+  Endpoint.new("/items/update/{id}", "PUT", [Param.new("id", "", "json"), Param.new("name", "", "json")]),
   Endpoint.new("/items/delete/{id}", "DELETE"),
+  Endpoint.new("/greet", "GET", [
+    Param.new("name", "", "query"),
+    Param.new("header", "", "header"),
+  ]),
+  Endpoint.new("/greet2", "GET", [
+    Param.new("myname", "", "query"),
+    Param.new("b", "", "query"),
+    Param.new("name", "", "query"),
+  ]),
 ]
 
 FunctionalTester.new("fixtures/java_spring/", {
   :techs     => 1,
-  :endpoints => 15,
+  :endpoints => 17,
 }, extected_endpoints).test_all

spec/unit_test/analyzer/analyzer_spring_spec.cr → spec/unit_test/analyzer/analyzer_kotlin_spring_spec.cr

@@ -1,9 +1,9 @@
-require "../../../src/analyzer/analyzers/analyzer_spring.cr"
+require "../../../src/analyzer/analyzers/analyzer_kotlin_spring.cr"
 require "../../../src/options"
 
 describe "mapping_to_path" do
   options = default_options()
-  instance = AnalyzerSpring.new(options)
+  instance = AnalyzerKotlinSpring.new(options)
 
   it "mapping_to_path - GET" do
     instance.mapping_to_path("@GetMapping(\"/abcd\")").should eq(["/abcd"])
@@ -72,7 +72,7 @@ end
 
 describe "utils func" do
   options = default_options()
-  instance = AnalyzerSpring.new(options)
+  instance = AnalyzerKotlinSpring.new(options)
 
   it "is_bracket - true" do
     instance.is_bracket("{abcd=1234}").should eq(true)

spec/unit_test/detector/detect_kotlin_spring_spe_spec.cr

@@ -0,0 +1,10 @@
+require "../../../src/detector/detectors/*"
+
+describe "Detect Java Spring" do
+  options = default_options()
+  instance = DetectorKotlinSpring.new options
+
+  it "build.gradle.kts" do
+    instance.detect("build.gradle.kts", "'org.springframework.boot' version '2.6.2'").should eq(true)
+  end
+end

src/analyzer/analyzer.cr

@@ -15,9 +15,9 @@ def initialize_analyzers(logger : NoirLogger)
   analyzers["go_gin"] = ->analyzer_go_gin(Hash(Symbol, String))
   analyzers["java_armeria"] = ->analyzer_armeria(Hash(Symbol, String))
   analyzers["java_jsp"] = ->analyzer_jsp(Hash(Symbol, String))
-  analyzers["java_spring"] = ->analyzer_spring(Hash(Symbol, String))
+  analyzers["java_spring"] = ->analyzer_java_spring(Hash(Symbol, String))
   analyzers["js_express"] = ->analyzer_express(Hash(Symbol, String))
-  analyzers["kotlin_spring"] = ->analyzer_spring(Hash(Symbol, String))
+  analyzers["kotlin_spring"] = ->analyzer_kotlin_spring(Hash(Symbol, String))
   analyzers["oas2"] = ->analyzer_oas2(Hash(Symbol, String))
   analyzers["oas3"] = ->analyzer_oas3(Hash(Symbol, String))
   analyzers["php_pure"] = ->analyzer_php_pure(Hash(Symbol, String))
@@ -51,10 +51,6 @@ def analysis_endpoints(options : Hash(Symbol, String), techs, logger : NoirLogge
   logger.system "Analysis Started"
   logger.info_sub "Code Analyzer: #{techs.size} in use"
 
-  if (techs.includes? "java_spring") && (techs.includes? "kotlin_spring")
-    techs.delete("kotlin_spring")
-  end
-
   techs.each do |tech|
     if analyzer.has_key?(tech)
       if NoirTechs.similar_to_tech(options[:exclude_techs]).includes?(tech)