Cherry pick over SAST fixes from community, add .snyk file

.gitignore

@@ -3,6 +3,7 @@ target
 *.ipr
 *.iws
 .idea
+.dccache
 .DS_Store
 .classpath
 .ekstazi

.snyk

@@ -0,0 +1,4 @@
+exclude:
+    global:
+        - "*IT.java"
+        - "*Test.java"

components-starter/camel-ftp-starter/src/test/java/org/apache/camel/component/file/remote/springboot/ftp/FtpEmbeddedService.java

@@ -38,10 +38,12 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.IOException;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.Collections;
 import java.util.Map;
+import java.util.Properties;
 import java.util.Set;
 import java.util.function.BiConsumer;
 
@@ -94,6 +96,12 @@ protected void createUser(UserManager userMgr, String name, String password, Pat
         }
     }
 
+    private static Properties loadAuthProperties() throws IOException {
+        Properties properties = new Properties();
+        properties.load(FtpEmbeddedService.class.getClassLoader().getResourceAsStream("users.properties"));
+        return properties;
+    }
+
     protected FtpServerFactory createFtpServerFactory() {
         NativeFileSystemFactory fsf = new NativeFileSystemFactory();
         fsf.setCreateHome(true);
@@ -103,13 +111,17 @@ protected FtpServerFactory createFtpServerFactory() {
         pumf.setPasswordEncryptor(new ClearTextPasswordEncryptor());
         pumf.setFile(null);
         UserManager userMgr = pumf.createUserManager();
-        createUser(userMgr, "admin", "admin", rootDir, true);
-        createUser(userMgr, "scott", "tiger", rootDir, true);
-        createUser(userMgr, "dummy", "foo", rootDir, false);
-        createUser(userMgr, "us@r", "t%st", rootDir, true);
+        Properties users;
+        try {
+            users = loadAuthProperties();
+        } catch (IOException ioe) {
+            throw new IllegalStateException(ioe);
+        }
+        for (String username : users.stringPropertyNames()) {
+            createUser(userMgr, username, users.getProperty(username), rootDir, true);
+        }
         createUser(userMgr, "anonymous", null, rootDir, false);
-        createUser(userMgr, "joe", "p+%w0&r)d", rootDir, true);
-        createUser(userMgr, "jane", "%j#7%c6i", rootDir, true);
+        createUser(userMgr, "dummy", "foo", rootDir, false);
 
         ListenerFactory factory = new ListenerFactory();
         factory.setPort(port);

components-starter/camel-ftp-starter/src/test/resources/users.properties

@@ -0,0 +1,5 @@
+admin=admin
+scott=tiger
+us@r=t%st
+joe=p+%w0&r)d
+jane=%j#7%c6i

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/AbstractEncryptedPropertiesIvGeneratorAutoDetectionTest.java

@@ -27,7 +27,9 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 import java.io.PrintStream;
+import java.util.Properties;
 
 import static org.apache.camel.component.jasypt.springboot.JasyptEncryptedPropertiesUtils.isIVNeeded;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -41,18 +43,24 @@ public abstract class AbstractEncryptedPropertiesIvGeneratorAutoDetectionTest {
 
 
     String stringToEncrypt = "A password-cracker walks into a bar. Orders a beer. Then a Beer. Then a BEER. beer. b33r. BeeR. Be3r. bEeR. bE3R. BeEr";
-    String password = "s0m3R@nD0mP@ssW0rD";
-
-
+    //String password = "s0m3R@nD0mP@ssW0rD";
 
     protected String provider;
 
+    public static Properties loadAuthProperties() throws IOException {
+        Properties properties = new Properties();
+        properties.load(AbstractEncryptedPropertiesIvGeneratorAutoDetectionTest.class.getClassLoader().getResourceAsStream("test.properties"));
+        return properties;
+    }
+
     @ParameterizedTest
     @MethodSource("data")
-    public void testEncryptionAndDecryption(String algorithm) {
+    public void testEncryptionAndDecryption(String algorithm) throws IOException {
 
         LOG.info("Testing Algorithm: '{}', requires IV: {}", algorithm, isIVNeeded(algorithm));
 
+        Properties properties = loadAuthProperties();
+
         // Create a ByteArrayOutputStream so that we can get the output
         // from the call to print
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -64,7 +72,7 @@ public void testEncryptionAndDecryption(String algorithm) {
         environmentStringPBEConfig.setIvGenerator(isIVNeeded(algorithm)?new RandomIvGenerator():new NoIvGenerator());
         environmentStringPBEConfig.setSaltGenerator(new RandomSaltGenerator());
         environmentStringPBEConfig.setProviderName(provider);
-        environmentStringPBEConfig.setPassword(password);
+        environmentStringPBEConfig.setPassword(properties.getProperty("password"));
 
         StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
         standardPBEStringEncryptor.setConfig(environmentStringPBEConfig);

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedPropertiesCustomConfigurationBeansTest.java

@@ -16,6 +16,9 @@
  */
 package org.apache.camel.component.jasypt.springboot;
 
+import java.io.IOException;
+import java.util.Properties;
+
 import org.apache.camel.spring.boot.CamelAutoConfiguration;
 import org.apache.camel.test.spring.junit5.CamelSpringBootTest;
 import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
@@ -38,9 +41,13 @@
 @SpringBootTest(
         classes = {EncryptedPropertiesCustomConfigurationBeansTest.TestConfiguration.class},
         properties = {"encrypted.password=ENC(6q7H+bWqPbSZVW1hUzDVgnl7iSnC04zRmKwD31ounBMPM/2CtDS7fwb4u1OGZ2Q4)"})
-public class EncryptedPropertiesCustomConfigurationBeansTest extends EncryptedProperiesTestBase {
-
+public class EncryptedPropertiesCustomConfigurationBeansTest extends EncryptedPropertiesTestBase {
 
+    public static Properties loadAuthProperties() throws IOException {
+        Properties properties = new Properties();
+        properties.load(EncryptedPropertiesCustomConfigurationBeansTest.class.getClassLoader().getResourceAsStream("test.properties"));
+        return properties;
+    }
 
     @Test
     public void testCustomEnvironmentVariablesConfiguration() {
@@ -68,12 +75,14 @@ private String getSecureRandomAlgorithm() {
         }
 
         @Bean("customEnvironmentStringPBEConfig")
-        public EnvironmentStringPBEConfig environmentVariablesConfiguration() {
+        public EnvironmentStringPBEConfig environmentVariablesConfiguration() throws IOException {
+            Properties props = loadAuthProperties();
+
             EnvironmentStringPBEConfig environmentStringPBEConfig = new EnvironmentStringPBEConfig();
             environmentStringPBEConfig.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
             environmentStringPBEConfig.setIvGenerator(new RandomIvGenerator(getSecureRandomAlgorithm()));
             environmentStringPBEConfig.setSaltGenerator(new RandomSaltGenerator(getSecureRandomAlgorithm()));
-            environmentStringPBEConfig.setPassword("mainpassword");
+            environmentStringPBEConfig.setPassword(props.getProperty("mainpassword"));
             return environmentStringPBEConfig;
         }
 

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedPropertiesDisabledCustomConfigurationBeansTest.java

@@ -36,7 +36,7 @@
         properties = {
                 "camel.component.jasypt.enabled = false",
                 "encrypted.password=ENC(6q7H+bWqPbSZVW1hUzDVgnl7iSnC04zRmKwD31ounBMPM/2CtDS7fwb4u1OGZ2Q4)"})
-public class EncryptedPropertiesDisabledCustomConfigurationBeansTest extends EncryptedProperiesTestBase {
+public class EncryptedPropertiesDisabledCustomConfigurationBeansTest extends EncryptedPropertiesTestBase {
 
     @Test
     public void testCustomEnvironmentVariablesConfiguration() {

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedPropertiesDisabledTest.java

@@ -34,7 +34,7 @@
 @SpringBootTest(
         properties = {"camel.component.jasypt.enabled = false"},
         classes = {EncryptedPropertiesCustomConfigurationBeansTest.TestConfiguration.class})
-public class EncryptedPropertiesDisabledTest extends EncryptedProperiesTestBase{
+public class EncryptedPropertiesDisabledTest extends EncryptedPropertiesTestBase{
 
 
     /**

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedPropertiesTest.java

@@ -35,7 +35,7 @@
 @DirtiesContext
 @SpringBootApplication
 @SpringBootTest(classes = {EncryptedPropertiesTest.TestConfiguration.class})
-public class EncryptedPropertiesTest extends EncryptedProperiesTestBase {
+public class EncryptedPropertiesTest extends EncryptedPropertiesTestBase {
 
     @Test
     public void testEncryptionInsideCamelContext() {

components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedProperiesTestBase.java → components-starter/camel-jasypt-starter/src/test/java/org/apache/camel/component/jasypt/springboot/EncryptedPropertiesTestBase.java

@@ -30,7 +30,7 @@
 import static org.apache.camel.component.jasypt.springboot.Constants.START_URI_TEST_UNENCRYPTED_PROPS_OUT_CC;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
-public abstract class EncryptedProperiesTestBase {
+public abstract class EncryptedPropertiesTestBase {
 
 
     @EndpointInject(MOCK_URI)

components-starter/camel-jasypt-starter/src/test/resources/test.properties

@@ -0,0 +1,2 @@
+password=s0m3R@nD0mP@ssW0rD
+mainpassword=mainpassword

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/AddCommentProducerTest.java

@@ -19,14 +19,14 @@
 
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_KEY;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssueWithComments;
 import static org.apache.camel.component.jira.springboot.test.Utils.newComment;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
@@ -151,16 +151,14 @@ public void verifyLastComment() throws InterruptedException {
     @Configuration
     public class TestConfiguration {
 
-
-
         @Bean
         public RouteBuilder routeBuilder() {
             return new RouteBuilder() {
                 @Override
-                public void configure() {
+                public void configure() throws IOException {
                     comment = "A new test comment " + new Date();
                     from("direct:start")
-                            .to("jira://addComment?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://addComment?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/AddIssueLinkProducerTest.java

@@ -21,7 +21,6 @@
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
 import static org.apache.camel.component.jira.JiraConstants.LINK_TYPE;
 import static org.apache.camel.component.jira.JiraConstants.PARENT_ISSUE_KEY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssue;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssueWithLinks;
 import static org.apache.camel.component.jira.springboot.test.Utils.newIssueLink;
@@ -32,6 +31,7 @@
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
@@ -254,9 +254,9 @@ public class TestConfiguration {
         public RouteBuilder routeBuilder() {
             return new RouteBuilder() {
                 @Override
-                public void configure() {
+                public void configure() throws IOException {
                     from("direct:start")
-                            .to("jira://addIssueLink?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://addIssueLink?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/AddIssueProducerTest.java

@@ -25,14 +25,14 @@
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_TYPE_ID;
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_TYPE_NAME;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.KEY;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssue;
 import static org.apache.camel.component.jira.springboot.test.Utils.userAssignee;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.mock;
 
+import java.io.IOException;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -222,9 +222,9 @@ public class TestConfiguration {
         public RouteBuilder routeBuilder() {
             return new RouteBuilder() {
                 @Override
-                public void configure() {
+                public void configure() throws IOException {
                     from("direct:start")
-                            .to("jira://addIssue?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://addIssue?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/AddWorkLogProducerTest.java

@@ -23,7 +23,6 @@
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssueWithComments;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssueWithWorkLogs;
 import static org.apache.camel.component.jira.springboot.test.Utils.newWorkLog;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.lenient;
@@ -236,7 +235,7 @@ public RouteBuilder routeBuilder() {
                 @Override
                 public void configure() throws Exception {
                     from("direct:start")
-                    .to("jira://addWorkLog?jiraUrl=" + JIRA_CREDENTIALS)
+                    .to("jira://addWorkLog?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                     .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/AttachFileProducerTest.java

@@ -19,7 +19,6 @@
 
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_KEY;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.KEY;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssue;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssueWithAttachment;
@@ -178,10 +177,10 @@ public class TestConfiguration {
         public RouteBuilder routeBuilder() {
             return new RouteBuilder() {
                 @Override
-                public void configure() {
+                public void configure() throws IOException {
                     from("direct:start")
                             .setHeader(ISSUE_KEY, () -> KEY + "-1")
-                            .to("jira://attach?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://attach?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/DeleteIssueProducerTest.java

@@ -19,7 +19,6 @@
 
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_KEY;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.KEY;
 import static org.apache.camel.component.jira.springboot.test.Utils.createIssue;
 import static org.mockito.ArgumentMatchers.any;
@@ -148,7 +147,7 @@ public RouteBuilder routeBuilder() {
                 public void configure() throws IOException {
                     from("direct:start")
                             .setHeader(ISSUE_KEY, () -> KEY + "-1")
-                            .to("jira://deleteIssue?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://deleteIssue?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/FetchCommentsProducerTest.java

@@ -19,14 +19,14 @@
 
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_KEY;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
+import java.io.IOException;
 
 import com.atlassian.jira.rest.client.api.IssueRestClient;
 import com.atlassian.jira.rest.client.api.JiraRestClient;
@@ -160,9 +160,9 @@ public class TestConfiguration {
         public RouteBuilder routeBuilder() {
             return new RouteBuilder() {
                 @Override
-                public void configure() {
+                public void configure() throws IOException {
                     from("direct:start")
-                            .to("jira://fetchComments?jiraUrl=" + JIRA_CREDENTIALS)
+                            .to("jira://fetchComments?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                             .to(mockResult);
                 }
             };

components-starter/camel-jira-starter/src/test/java/org/apache/camel/component/jira/springboot/test/FetchIssueProducerTest.java

@@ -19,7 +19,6 @@
 
 import static org.apache.camel.component.jira.JiraConstants.ISSUE_KEY;
 import static org.apache.camel.component.jira.JiraConstants.JIRA_REST_CLIENT_FACTORY;
-import static org.apache.camel.component.jira.springboot.test.JiraTestConstants.JIRA_CREDENTIALS;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.mock;
@@ -159,7 +158,7 @@ public RouteBuilder routeBuilder() {
                 @Override
                 public void configure() throws Exception {
                     from("direct:start")
-                    .to("jira://fetchIssue?jiraUrl=" + JIRA_CREDENTIALS)
+                    .to("jira://fetchIssue?jiraUrl=" + JiraTestConstants.getJiraCredentials())
                     .to(mockResult);
                 }
             };