From f09c7e4318fc23164bd862987dae8e90780aed3e Mon Sep 17 00:00:00 2001 From: Ali Oezyetimoglu Date: Thu, 10 Nov 2022 16:19:27 +0100 Subject: [PATCH] RED-5293: jdbcUrl is checked for protocol and sql --- .../v1/server/service/TenantManagementService.java | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/service/TenantManagementService.java b/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/service/TenantManagementService.java index 70caaa3ff..cd5972748 100644 --- a/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/service/TenantManagementService.java +++ b/persistence-service-v1/persistence-service-server-v1/src/main/java/com/iqser/red/service/peristence/v1/server/service/TenantManagementService.java @@ -36,6 +36,7 @@ import lombok.extern.slf4j.Slf4j; @EnableConfigurationProperties(LiquibaseProperties.class) public class TenantManagementService { + private static final Set SUPPORTED_DATABASES = Set.of("postgresql"); private static final Set SQL_CONNECTION_ERROR_CODES = Set.of( // connection_exception "08000", @@ -132,13 +133,14 @@ public class TenantManagementService { @SneakyThrows private void validateJdbcUrl(String jdbcUrl) { - String startExpr = "jdbc:postgresql://"; - if (!jdbcUrl.startsWith(startExpr)) { - throw new IllegalArgumentException("Your jdbcUrl is not URL conform."); + // just create a URI object to check if the string is a valid URI + var uri = new URI(jdbcUrl); + var subUri = new URI(uri.getSchemeSpecificPart()); + + if (!uri.getScheme().startsWith("jdbc") || !SUPPORTED_DATABASES.contains(subUri.getScheme())) { + throw new IllegalArgumentException("Your jdbcUrl is not valid."); } - // just create a URI object to check if the string is a valid URI - new URI(jdbcUrl); }