From e937258b854ad0f4ac5d4092b48d372742d94759 Mon Sep 17 00:00:00 2001
From: Aman Sharma <mannu.poski10@gmail.com>
Date: Thu, 10 Aug 2023 15:45:49 +0200
Subject: [PATCH] fix: make the external jar path relative to config file (#50)

---
 README.md                                     |  6 +++-
 .../io/github/algomaster99/GenerateMojo.java  |  8 ++++--
 .../algomaster99/it/GenerateMojoIT.java       |  2 +-
 .../external_source/externalJars.json         |  5 ++++
 .../src/test/resources/externalJars.json      |  5 ----
 .../terminator/commons/data/ExternalJar.java  | 28 +++++++++++++++++++
 6 files changed, 45 insertions(+), 9 deletions(-)
 create mode 100644 classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/external_source/externalJars.json
 delete mode 100644 classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/src/test/resources/externalJars.json

diff --git a/README.md b/README.md
index e453cb3e..3e05243b 100644
--- a/README.md
+++ b/README.md
@@ -68,9 +68,13 @@ mvn compile io.github.algomaster99:classfile-fingerprint:generate
 > ```json
 > [
 >  {
->   "path": "path/to/jar",
+>   "path": "path/to/jar"
 >  }
 > ]
+> ```
+> 1. Path to `externalJars` **must** be absolute if the maven project is multimodular.
+> 2. The `path` inside the file is relativized to the path of the `externalJars` file itself.
+>     However, if the path is absolute, it is not relativized.
 
 Both methods will output a file `classfile.sha256.jsonl` in the `target` directory.
 
diff --git a/classfile-fingerprint/src/main/java/io/github/algomaster99/GenerateMojo.java b/classfile-fingerprint/src/main/java/io/github/algomaster99/GenerateMojo.java
index a72cd1aa..89b835f4 100644
--- a/classfile-fingerprint/src/main/java/io/github/algomaster99/GenerateMojo.java
+++ b/classfile-fingerprint/src/main/java/io/github/algomaster99/GenerateMojo.java
@@ -3,6 +3,7 @@
 import static io.github.algomaster99.terminator.commons.fingerprint.classfile.HashComputer.computeHash;
 
 import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.InjectableValues;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.github.algomaster99.terminator.commons.data.ExternalJar;
 import io.github.algomaster99.terminator.commons.fingerprint.ParsingHelper;
@@ -144,6 +145,7 @@ private void goInsideJar(File artifactFileOnSystem, String... provenanceInformat
             }
         } catch (IOException e) {
             getLog().error("Could not open JAR file: " + artifactFileOnSystem);
+            throw new RuntimeException(e);
         } catch (NoSuchAlgorithmException e) {
             throw new RuntimeException(e);
         }
@@ -215,8 +217,10 @@ private void processExternalJars() {
         ObjectMapper mapper = new ObjectMapper();
         List<ExternalJar> externalJarList;
         try {
-            externalJarList =
-                    mapper.readerFor(new TypeReference<List<ExternalJar>>() {}).readValue(externalJars);
+            InjectableValues inject = new InjectableValues.Std().addValue("configFile", externalJars.getAbsolutePath());
+            externalJarList = mapper.setInjectableValues(inject)
+                    .readerFor(new TypeReference<List<ExternalJar>>() {})
+                    .readValue(externalJars);
         } catch (IOException e) {
             throw new RuntimeException("Could not open external jar file: " + e);
         }
diff --git a/classfile-fingerprint/src/test/java/io/github/algomaster99/it/GenerateMojoIT.java b/classfile-fingerprint/src/test/java/io/github/algomaster99/it/GenerateMojoIT.java
index 2a4bbacf..db8689ae 100644
--- a/classfile-fingerprint/src/test/java/io/github/algomaster99/it/GenerateMojoIT.java
+++ b/classfile-fingerprint/src/test/java/io/github/algomaster99/it/GenerateMojoIT.java
@@ -180,7 +180,7 @@ void multi_module_with_sources(MavenExecutionResult result) throws IOException {
     }
 
     @MavenTest
-    @MavenOption("-DexternalJars=src/test/resources/externalJars.json")
+    @MavenOption("-DexternalJars=external_source/externalJars.json")
     void url_classloader_local_jar(MavenExecutionResult result) {
         assertThat(result).isSuccessful();
 
diff --git a/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/external_source/externalJars.json b/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/external_source/externalJars.json
new file mode 100644
index 00000000..28beb6df
--- /dev/null
+++ b/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/external_source/externalJars.json
@@ -0,0 +1,5 @@
+[
+  {
+    "path": "non-malicious.jar"
+  }
+]
\ No newline at end of file
diff --git a/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/src/test/resources/externalJars.json b/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/src/test/resources/externalJars.json
deleted file mode 100644
index ac14a92f..00000000
--- a/classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/src/test/resources/externalJars.json
+++ /dev/null
@@ -1,5 +0,0 @@
-[
-  {
-    "path": "external_source/non-malicious.jar"
-  }
-]
\ No newline at end of file
diff --git a/terminator-commons/src/main/java/io/github/algomaster99/terminator/commons/data/ExternalJar.java b/terminator-commons/src/main/java/io/github/algomaster99/terminator/commons/data/ExternalJar.java
index 606723bf..6a84f9a7 100644
--- a/terminator-commons/src/main/java/io/github/algomaster99/terminator/commons/data/ExternalJar.java
+++ b/terminator-commons/src/main/java/io/github/algomaster99/terminator/commons/data/ExternalJar.java
@@ -1,5 +1,33 @@
 package io.github.algomaster99.terminator.commons.data;
 
+import com.fasterxml.jackson.core.JacksonException;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import java.io.File;
+import java.io.IOException;
+import java.nio.file.Path;
 
+@JsonDeserialize(using = ExternalJarDeserialize.class)
 public record ExternalJar(File path) {}
+
+class ExternalJarDeserialize extends JsonDeserializer<ExternalJar> {
+
+    @Override
+    public ExternalJar deserialize(JsonParser jp, DeserializationContext ctx) throws IOException, JacksonException {
+        JsonNode node = jp.getCodec().readTree(jp);
+
+        String configFile = String.valueOf(ctx.findInjectableValue("configFile", null, null));
+
+        File absolutePathOfExternalJar = new File(configFile)
+                .getParentFile()
+                .toPath()
+                // It trivially returns the path of external jar if it is absolute
+                .resolve(Path.of(node.get("path").asText()))
+                .toFile();
+
+        return new ExternalJar(absolutePathOfExternalJar.getAbsoluteFile());
+    }
+}