From 8bb2d56b4a0d0984ae33af654c4732836a2b2835 Mon Sep 17 00:00:00 2001
From: v1ll4n <v1ll4n.a5k@gmail.com>
Date: Thu, 18 Jul 2024 11:40:13 +0800
Subject: [PATCH] add controller supporting

---
 java-servlet/java-servlet-finding.sf          |  16 +++
 java-servlet/sample/HttpServletDemo.java      |  27 ++++
 .../java-rest-controller-entry.sf             |  24 ++++
 .../sample/RestControllerDemo1.java           | 124 ++++++++++++++++++
 scripts/test.sh                               |   2 +
 5 files changed, 193 insertions(+)
 create mode 100644 java-servlet/java-servlet-finding.sf
 create mode 100644 java-servlet/sample/HttpServletDemo.java
 create mode 100644 java-springboot-controller/java-rest-controller-entry.sf
 create mode 100644 java-springboot-controller/sample/RestControllerDemo1.java

diff --git a/java-servlet/java-servlet-finding.sf b/java-servlet/java-servlet-finding.sf
new file mode 100644
index 0000000..85d782c
--- /dev/null
+++ b/java-servlet/java-servlet-finding.sf
@@ -0,0 +1,16 @@
+desc(
+  title: 'checking [Servlet Interface Finding]',
+  type: audit
+)
+
+
+.getParameter as $entry;
+check $entry;
+$entry<getObject> as $param;
+check $param;
+$param?{opcode: param} as $fparam; check $fparam;
+$entry(*?{opcode: const} as $parameterName);
+alert $parameterName;
+
+// /do((Get)|(Post)|(Put)|(Delete)|(Head)|(Options)|(Trace))/(*?{opcode: param} as $params) as $entry;
+// check $entry;
diff --git a/java-servlet/sample/HttpServletDemo.java b/java-servlet/sample/HttpServletDemo.java
new file mode 100644
index 0000000..370e379
--- /dev/null
+++ b/java-servlet/sample/HttpServletDemo.java
@@ -0,0 +1,27 @@
+import javax.servlet.*;
+import javax.servlet.http.*;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SimpleServlet extends HttpServlet {
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        // 设置响应内容类型
+        resp.setContentType("text/html");
+        // 获取响应的 writer 对象，用于发送响应数据
+        PrintWriter out = resp.getWriter();
+        out.println("<h1>Hello, World from GET request!</h1>");
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        // 设置响应内容类型
+        resp.setContentType("text/html");
+        // 从请求中获取参数
+        String message = req.getParameter("message");
+        // 获取响应的 writer 对象，用于发送响应数据
+        PrintWriter out = resp.getWriter();
+        out.println("<h1>Received POST request with message: " + message + "</h1>");
+    }
+}
\ No newline at end of file
diff --git a/java-springboot-controller/java-rest-controller-entry.sf b/java-springboot-controller/java-rest-controller-entry.sf
new file mode 100644
index 0000000..de667cd
--- /dev/null
+++ b/java-springboot-controller/java-rest-controller-entry.sf
@@ -0,0 +1,24 @@
+desc(
+  title: 'checking [Controller\'s Method Entry]',
+  type: audit
+)
+
+GetMapping.__ref__ as $entry;
+PostMapping.__ref__ as $entry;
+PutMapping.__ref__ as $entry;
+DeleteMapping.__ref__ as $entry;
+$entry(*?{!have: this} as $params);
+
+$params?{.annotation.Cookie*} as $cookie;
+$params?{.annotation.RequestBody} as $requestBody;
+$params?{.annotation.PathVariable} as $pathVariable;
+$params?{.annotation.RequestHeader} as $headerParams;
+
+check $entry then "Found Controller Entry" else "No SpringFramework Controller Entry Found";
+alert $params for "Controller Params";
+alert $cookie for "Cookie Params"
+alert $requestBody for "Request Body Params";
+alert $pathVariable for "Path Variable Params";
+alert $headerParams for "Header Params";
+
+// the template is generate by yak.ssa.syntaxflow command line
diff --git a/java-springboot-controller/sample/RestControllerDemo1.java b/java-springboot-controller/sample/RestControllerDemo1.java
new file mode 100644
index 0000000..32d7a13
--- /dev/null
+++ b/java-springboot-controller/sample/RestControllerDemo1.java
@@ -0,0 +1,124 @@
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@SpringBootApplication
+@RestController
+public class PaymentService {
+
+    public static void main(String[] args) {
+        SpringApplication.run(PaymentService.class, args);
+    }
+
+    @GetMapping("/pay")
+    public String pay(@RequestParam("amount") double amount) {
+        return "Processed payment of: $" + amount;
+    }
+}
+
+
+public class User {
+    private Long id;
+    private String name;
+    private int age;
+
+    // 构造函数
+    public User(Long id, String name, int age) {
+        this.id = id;
+        this.name = name;
+        this.age = age;
+    }
+
+    // getters 和 setters
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public int getAge() {
+        return age;
+    }
+
+    public void setAge(int age) {
+        this.age = age;
+    }
+}
+
+
+public class UserService {
+    private Map<Long, User> users = new HashMap<>();
+
+    public void addUser(User user) {
+        users.put(user.getId(), user);
+    }
+
+    public User getUser(Long id) {
+        return users.get(id);
+    }
+
+    public void deleteUser(Long id) {
+        users.remove(id);
+    }
+}
+
+@RestController
+@RequestMapping("/users")
+public class UserController {
+
+    @Autowired
+    private UserService userService;
+
+    @PostMapping("/")
+    public ResponseEntity<?> addUser(@RequestBody User user) {
+        try {
+            userService.addUser(user);
+            return new ResponseEntity<>("User added successfully", HttpStatus.CREATED);
+        } catch (Exception e) {
+            return new ResponseEntity<>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    @GetMapping("/{id}")
+    public ResponseEntity<?> getUser(@PathVariable Long id) {
+        User user = userService.getUser(id);
+        if (user == null) {
+            return new ResponseEntity<>("User not found", HttpStatus.NOT_FOUND);
+        }
+        return new ResponseEntity<>(user, HttpStatus.OK);
+    }
+
+    @DeleteMapping("/{id}")
+    public ResponseEntity<?> deleteUser(@PathVariable Long id) {
+        userService.deleteUser(id);
+        return new ResponseEntity<>("User deleted successfully", HttpStatus.OK);
+    }
+
+    @PostMapping("/add")
+    public String addProduct(@RequestBody Product product,
+                             @RequestHeader("Authorization") String token) {
+        // 这里可以添加权限验证逻辑
+        return "Product added with name: " + product.getName();
+    }
+
+    @GetMapping("/info")
+    public String getProductInfo(@CookieValue("sessionId") String sessionId) {
+        return "Session ID from Cookie: " + sessionId;
+    }
+}
\ No newline at end of file
diff --git a/scripts/test.sh b/scripts/test.sh
index 326a4ac..80f7c8b 100755
--- a/scripts/test.sh
+++ b/scripts/test.sh
@@ -7,6 +7,8 @@ PROJECTS=(
   "java-security-config"
   "java-springboot-misc"
   "javascript-axios-in-chunk"
+  "java-servlet"
+  "java-springboot-controller"
 )
 
 for PROJECT in "${PROJECTS[@]}"; do