Generate gandom key name based on ConfigVarExpender#KEY_PATTERN regex.

mashhurs · mashhurs · commit 6e816bc94fc7 · 2025-04-11T11:05:25.000-07:00
diff --git a/logstash-core/src/main/java/org/logstash/secret/cli/SecretStoreCli.java b/logstash-core/src/main/java/org/logstash/secret/cli/SecretStoreCli.java
@@ -263,7 +263,7 @@ public void command(String primaryCommand, SecureConfig config, String... allArg
                     final SecretStore secretStore = secretStoreFactory.load(config);
                     for (String argument : commandLine.getArguments()) {
                         if (!ConfigVariableExpander.KEY_PATTERN.matcher(argument).matches()) {
-                            throw new IllegalArgumentException(String.format("Invalid secret key name `%s` provided. %s", argument, ConfigVariableExpander.KEY_PATTERN_DESCRIPTION);
+                            throw new IllegalArgumentException(String.format("Invalid secret key name `%s` provided. %s", argument, ConfigVariableExpander.KEY_PATTERN_DESCRIPTION));
                         }
                         final SecretIdentifier id = new SecretIdentifier(argument);
                         final byte[] existingValue = secretStore.retrieveSecret(id);
diff --git a/logstash-core/src/test/java/org/logstash/secret/cli/SecretStoreCliTest.java b/logstash-core/src/test/java/org/logstash/secret/cli/SecretStoreCliTest.java
@@ -35,7 +35,7 @@
 import java.util.Map;
 import java.util.Optional;
 import java.util.Queue;
-import java.util.UUID;
+import java.util.Random;
 
 import static junit.framework.TestCase.assertTrue;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -387,9 +387,21 @@ private void assertNotListed(String... expected) {
         assertTrue(Arrays.stream(expected).noneMatch(terminal.out::contains));
     }
 
+    private final static String KEY_FIRST_CHAR_CANDIDATES = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_.";
+    private final static String KEY_REST_CHARS = KEY_FIRST_CHAR_CANDIDATES.concat("01234567890");
     private String getRandomKeyName() {
-        final String[] uuidParts = UUID.randomUUID().toString().split("-");
-        return "r".concat(uuidParts[0]).concat("_").concat(uuidParts[1]);
+        final Random random = new Random();
+        final StringBuilder sb = new StringBuilder();
+
+        // add a random legal first-character
+        sb.append(KEY_FIRST_CHAR_CANDIDATES.charAt(random.nextInt(KEY_FIRST_CHAR_CANDIDATES.length())));
+
+        // add between 0 and 40 random legal rest-characters
+        final int more = 40;
+        random.ints(more, 0, KEY_REST_CHARS.length())
+                .mapToObj(KEY_REST_CHARS::charAt)
+                .forEach(sb::append);
+        return sb.toString().toLowerCase();
     }
 
     private void assertPrimaryHelped() {

Original file line number	Diff line number	Diff line change
`@@ -263,7 +263,7 @@ public void command(String primaryCommand, SecureConfig config, String... allArg`
`263`	`263`	`final SecretStore secretStore = secretStoreFactory.load(config);`
`264`	`264`	`for (String argument : commandLine.getArguments()) {`
`265`	`265`	`if (!ConfigVariableExpander.KEY_PATTERN.matcher(argument).matches()) {`
`266`		- throw new IllegalArgumentException(String.format("Invalid secret key name `%s` provided. %s", argument, ConfigVariableExpander.KEY_PATTERN_DESCRIPTION);
	`266`	+ throw new IllegalArgumentException(String.format("Invalid secret key name `%s` provided. %s", argument, ConfigVariableExpander.KEY_PATTERN_DESCRIPTION));
`267`	`267`	`}`
`268`	`268`	`final SecretIdentifier id = new SecretIdentifier(argument);`
`269`	`269`	`final byte[] existingValue = secretStore.retrieveSecret(id);`