From b823e8dc01a8e4c9690ab856548b1a8433488bbc Mon Sep 17 00:00:00 2001
From: idawda <idawda@newrelic.com>
Date: Fri, 7 Jun 2024 15:12:39 +0530
Subject: [PATCH] Add Endpoint route in Servlet-3.0 Framework

---
 .../servlet/FilterChain_Instrumentation.java  |  3 ---
 .../javax/servlet/Filter_Instrumentation.java |  3 ---
 .../servlet/Servlet_Instrumentation.java      |  3 ---
 .../servlet30/HttpServletHelper.java          | 15 +++++++++++++
 .../servlet/Servlet_Instrumentation.java      | 21 +++++++++++++++++++
 5 files changed, 36 insertions(+), 9 deletions(-)
 create mode 100644 instrumentation-security/servlet-3.0/src/main/java/javax/servlet/Servlet_Instrumentation.java

diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java
index fdfa5e45f..60989cca0 100644
--- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java
+++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java
@@ -65,9 +65,6 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp
                 securityAgentMetaData.getIps().add(securityRequest.getClientIP());
                 securityRequest.setClientPort(String.valueOf(httpServletRequest.getRemotePort()));
             }
-            // route detection
-            securityAgentMetaData.setFramework(Framework.SERVLET);
-            securityRequest.setRoute(httpServletRequest.getServletPath());
 
             HttpServletHelper.processHttpRequestHeader(httpServletRequest, securityRequest);
 
diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java
index 4a8c2a641..69d23f0e5 100644
--- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java
+++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java
@@ -67,9 +67,6 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp
                 securityAgentMetaData.getIps().add(securityRequest.getClientIP());
                 securityRequest.setClientPort(String.valueOf(httpServletRequest.getRemotePort()));
             }
-            // route detection
-            securityAgentMetaData.setFramework(Framework.SERVLET);
-            securityRequest.setRoute(httpServletRequest.getServletPath());
 
             HttpServletHelper.processHttpRequestHeader(httpServletRequest, securityRequest);
 
diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java
index fb06328c3..2ad0dab08 100644
--- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java
+++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java
@@ -71,9 +71,6 @@ private void preprocessSecurityHook(ServletRequest_Instrumentation request, Serv
                 securityAgentMetaData.getIps().add(securityRequest.getClientIP());
                 securityRequest.setClientPort(String.valueOf(httpServletRequest.getRemotePort()));
             }
-            // route detection
-            securityAgentMetaData.setFramework(Framework.SERVLET);
-            securityRequest.setRoute(httpServletRequest.getServletPath());
 
             HttpServletHelper.processHttpRequestHeader(httpServletRequest, securityRequest);
 
diff --git a/instrumentation-security/servlet-3.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet30/HttpServletHelper.java b/instrumentation-security/servlet-3.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet30/HttpServletHelper.java
index 5084a7634..8680fbc6d 100644
--- a/instrumentation-security/servlet-3.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet30/HttpServletHelper.java
+++ b/instrumentation-security/servlet-3.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet30/HttpServletHelper.java
@@ -4,11 +4,17 @@
 import com.newrelic.api.agent.security.NewRelicSecurity;
 import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper;
 import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper;
+import com.newrelic.api.agent.security.schema.AgentMetaData;
 import com.newrelic.api.agent.security.schema.ApplicationURLMapping;
+import com.newrelic.api.agent.security.schema.Framework;
+import com.newrelic.api.agent.security.schema.HttpRequest;
 import com.newrelic.api.agent.security.utils.logging.LogLevel;
 
 import javax.servlet.ServletContext;
 import javax.servlet.ServletRegistration;
+import javax.servlet.http.HttpServletMapping;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.MappingMatch;
 import java.util.Collection;
 import java.util.Map;
 
@@ -48,4 +54,13 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP")
             NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, SERVLET_3_0, e.getMessage()), e, HttpServletHelper.class.getName());
         }
     }
+    public static void setRoute(HttpServletRequest request, HttpRequest securityRequest, AgentMetaData metaData){
+        HttpServletMapping mapping = request.getHttpServletMapping();
+        if (!mapping.getMappingMatch().equals(MappingMatch.EXTENSION)){
+            securityRequest.setRoute(mapping.getPattern());
+        } else {
+            securityRequest.setRoute(request.getServletPath());
+        }
+        metaData.setFramework(Framework.SERVLET);
+    }
 }
diff --git a/instrumentation-security/servlet-3.0/src/main/java/javax/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-3.0/src/main/java/javax/servlet/Servlet_Instrumentation.java
new file mode 100644
index 000000000..1165e9bc0
--- /dev/null
+++ b/instrumentation-security/servlet-3.0/src/main/java/javax/servlet/Servlet_Instrumentation.java
@@ -0,0 +1,21 @@
+package javax.servlet;
+
+import com.newrelic.agent.security.instrumentation.servlet30.HttpServletHelper;
+import com.newrelic.api.agent.security.NewRelicSecurity;
+import com.newrelic.api.agent.security.schema.SecurityMetaData;
+import com.newrelic.api.agent.weaver.MatchType;
+import com.newrelic.api.agent.weaver.Weave;
+import com.newrelic.api.agent.weaver.Weaver;
+
+import javax.servlet.http.HttpServletRequest;
+
+@Weave(type = MatchType.Interface, originalName = "javax.servlet.Servlet")
+public class Servlet_Instrumentation {
+    public void service(ServletRequest req, ServletResponse res){
+        if (NewRelicSecurity.isHookProcessingActive() && req instanceof HttpServletRequest){
+            SecurityMetaData metaData = NewRelicSecurity.getAgent().getSecurityMetaData();
+            HttpServletHelper.setRoute((HttpServletRequest) req, metaData.getRequest(), metaData.getMetaData());
+        }
+        Weaver.callOriginal();
+    }
+}