comments

Signed-off-by: sezen.leblay <[email protected]>

Author: sezen-datadog

dd-smoke-tests/appsec/springboot/src/main/java/datadog/smoketest/appsec/springboot/controller/WebController.java

@@ -9,6 +9,7 @@
 import java.nio.file.Paths;
 import java.sql.Connection;
 import java.sql.DriverManager;
+import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import org.apache.commons.httpclient.HttpClient;
@@ -240,7 +241,8 @@ public ResponseEntity<String> exceedResponseHeaders() {
   }
 
   @PostMapping("/api_security/response")
-  public ResponseEntity<String> apiSecurityResponse(@RequestBody String body) {
+  public ResponseEntity<Map<String, Object>> apiSecurityResponse(
+      @RequestBody Map<String, Object> body) {
     // This endpoint is used to test API security response handling
     // It simply returns the body received in the request
     return ResponseEntity.ok(body);

dd-smoke-tests/appsec/springboot/src/test/groovy/datadog/smoketest/appsec/AppSecHttpMessageConverterSmokeTest.groovy

@@ -1,10 +1,13 @@
 package datadog.smoketest.appsec
 
 import groovy.json.JsonOutput
+import groovy.json.JsonSlurper
 import okhttp3.MediaType
 import okhttp3.Request
 import okhttp3.RequestBody
 
+import java.util.zip.GZIPInputStream
+
 class AppSecHttpMessageConverterSmokeTest extends AbstractAppSecServerSmokeTest {
 
   @Override
@@ -39,17 +42,8 @@ class AppSecHttpMessageConverterSmokeTest extends AbstractAppSecServerSmokeTest
     given:
     def url = "http://localhost:${httpPort}/api_security/response"
     def body = [
-      source: 'AppSecSpringSmokeTest',
-      tests : [
-        [
-          name  : 'API Security samples only one request per endpoint',
-          status: 'SUCCESS'
-        ],
-        [
-          name  : 'test response schema extraction',
-          status: 'FAILED'
-        ]
-      ]
+      "main"    : [["key": "id001", "value": 1345.67], ["value": 1567.89, "key": "id002"]],
+      "nullable": null,
     ]
     def request = new Request.Builder()
       .url(url)
@@ -65,5 +59,12 @@ class AppSecHttpMessageConverterSmokeTest extends AbstractAppSecServerSmokeTest
     def span = rootSpans.first()
     span.meta.containsKey('_dd.appsec.s.res.headers')
     span.meta.containsKey('_dd.appsec.s.res.body')
+    final schema = new JsonSlurper().parse(unzip(span.meta.get('_dd.appsec.s.res.body')))
+    assert schema == [["main": [[[["key": [8], "value": [16]]]], ["len": 2]], "nullable": [1]]]
+  }
+
+  private static byte[] unzip(final String text) {
+    final inflaterStream = new GZIPInputStream(new ByteArrayInputStream(text.decodeBase64()))
+    return inflaterStream.getBytes()
   }
 }