Merge pull request #1839 from akto-api-security/fix/fix_replace_varia…

…bles_auth

Fixing replace variable function

apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java

@@ -1156,11 +1156,11 @@ private static void actuallySendWebhook(CustomWebhook webhook, Map<String, Objec
                 } else {
                     // in case the body is provided, then the data needs to escaped.
                     // for Microsoft teams workflow webhooks
-                    payload = Utils.replaceVariables(webhook.getBody(), valueMap, true);
+                    payload = Utils.replaceVariables(webhook.getBody(), valueMap, true, true);
                 } 
             } else {
                 // default case.
-                payload = Utils.replaceVariables(webhook.getBody(), valueMap, false);
+                payload = Utils.replaceVariables(webhook.getBody(), valueMap, false, true);
             }
         } catch (Exception e) {
             errors.add("Failed to replace variables");

apps/testing/src/main/java/com/akto/testing/workflow_node_executor/Utils.java

@@ -306,7 +306,7 @@ public static LoginFlowResponse runLoginFlow(WorkflowTest workflowTest, AuthMech
 
         for (AuthParam param : authMechanism.getAuthParams()) {
             try {
-                String value = executeCode(param.getValue(), valuesMap);
+                String value = executeCode(param.getValue(), valuesMap, false);
                 if (!param.getValue().equals(value) && value == null) {
                     return new LoginFlowResponse(responses, "auth param not found at specified path " + 
                     param.getValue(), false);
@@ -544,45 +544,17 @@ public static OriginalHttpRequest buildHttpRequest(WorkflowUpdatedSampleData upd
         return request;
     }
 
+    public static String executeCode(String ogPayload, Map<String, Object> valuesMap, boolean shouldThrowException) throws Exception {
+        return replaceVariables(ogPayload,valuesMap, true, shouldThrowException);
+    }
 
     public static String executeCode(String ogPayload, Map<String, Object> valuesMap) throws Exception {
-        return replaceVariables(ogPayload,valuesMap, true);
+        return replaceVariables(ogPayload,valuesMap, true, true);
     }
 
 
-    public static String replaceVariables(String payload, Map<String, Object> valuesMap, boolean escapeString) throws Exception {
-        String regex = "\\$\\{((x|step)\\d+\\.[\\w\\-\\[\\].]+|AKTO\\.changes_info\\..*?)\\}"; 
-        Pattern p = Pattern.compile(regex);
-
-        // replace with values
-        Matcher matcher = p.matcher(payload);
-        StringBuffer sb = new StringBuffer();
-        while (matcher.find()) {
-            String key = matcher.group(1);
-            if (key == null) continue;
-            Object obj = valuesMap.get(key);
-            if (obj == null) {
-                loggerMaker.errorAndAddToDb("couldn't find: " + key, LogDb.TESTING);
-                throw new Exception("Couldn't find " + key);
-            }
-            String val = obj.toString();
-            if (escapeString) {
-                val = val.replace("\\", "\\\\")
-                        .replace("\t", "\\t")
-                        .replace("\b", "\\b")
-                        .replace("\n", "\\n")
-                        .replace("\r", "\\r")
-                        .replace("\f", "\\f")
-                        .replace("\'", "\\'")
-                        .replace("\"", "\\\"");
-            }
-            matcher.appendReplacement(sb, "");
-            sb.append(val);
-        }
-
-        matcher.appendTail(sb);
-
-        return sb.toString();
+    public static String replaceVariables(String payload, Map<String, Object> valuesMap, boolean escapeString, boolean shouldThrowException) throws Exception {
+        return com.akto.testing.Utils.replaceVariables(payload, valuesMap, escapeString, shouldThrowException);
     }
 
     public static String generateKey(String nodeId, boolean isHeader, String param, boolean isRequest) {

apps/testing/src/test/java/com/akto/testing/ApiWorkflowExecutorTest.java

@@ -126,7 +126,7 @@ public void testReplaceVariables() throws Exception {
                 "}";
 
         ApiWorkflowExecutor apiWorkflowExecutor = new ApiWorkflowExecutor();
-        String payload = com.akto.testing.workflow_node_executor.Utils.replaceVariables(body, valuesMap, false);
+        String payload = com.akto.testing.workflow_node_executor.Utils.replaceVariables(body, valuesMap, false, true);
 
         BasicDBObject payloadObject = BasicDBObject.parse(payload);
 

libs/utils/src/main/java/com/akto/testing/Utils.java

@@ -184,10 +184,10 @@ public static OriginalHttpRequest buildHttpRequest(WorkflowUpdatedSampleData upd
     }
 
     public static String executeCode(String ogPayload, Map<String, Object> valuesMap) throws Exception {
-        return replaceVariables(ogPayload,valuesMap, true);
+        return replaceVariables(ogPayload,valuesMap, true, true);
     }
 
-    public static String replaceVariables(String payload, Map<String, Object> valuesMap, boolean escapeString) throws Exception {
+    public static String replaceVariables(String payload, Map<String, Object> valuesMap, boolean escapeString, boolean shouldThrowException) throws Exception {
         String regex = "\\$\\{((x|step)\\d+\\.[\\w\\-\\[\\].]+|AKTO\\.changes_info\\..*?)\\}"; 
         Pattern p = Pattern.compile(regex);
 
@@ -200,7 +200,11 @@ public static String replaceVariables(String payload, Map<String, Object> values
             Object obj = valuesMap.get(key);
             if (obj == null) {
                 loggerMaker.errorAndAddToDb("couldn't find: " + key, LogDb.TESTING);
-                throw new Exception("Couldn't find " + key);
+                if(shouldThrowException){
+                    throw new Exception("Couldn't find " + key);
+                }else{
+                    continue;
+                }
             }
             String val = obj.toString();
             if (escapeString) {