Refactor escaper usage to adhere to DRY, avoid reflection in tests using @VisibleForTesting, and improve validation clarity

Author: Praveenkumar76

pulsar-package-management/core/src/main/java/org/apache/pulsar/packages/management/core/common/PackageName.java

@@ -18,6 +18,7 @@
  */
 package org.apache.pulsar.packages.management.core.common;
 
+import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Splitter;
 import com.google.common.base.Strings;
 import com.google.common.cache.CacheBuilder;
@@ -108,6 +109,18 @@ private PackageName(String packageName) {
             String.format("%s://%s/%s/%s@%s", type.toString(), tenant, namespace, name, version);
     }
 
+    @VisibleForTesting
+    PackageName(PackageType type, String tenant, String namespace, String name, String version) {
+        this.type = type;
+        this.tenant = tenant;
+        this.namespace = namespace;
+        this.name = name;
+        this.version = version;
+        this.completeName = String.format("%s/%s/%s", tenant, namespace, name);
+        this.completePackageName =
+                String.format("%s://%s/%s/%s@%s", type.toString(), tenant, namespace, name, version);
+    }
+
     public PackageType getPkgType() {
         return this.type;
     }
@@ -137,13 +150,14 @@ public String toString() {
     }
 
     public String toRestPath() {
-        // Use Guava's urlPathSegmentEscaper to safely encode each segment and prevents Path Traversal (CWE-22)
+        // Use Guava's URL path segment escaper to safely encode each segment and prevent path traversal (CWE-22).
+        var escaper = UrlEscapers.urlPathSegmentEscaper();
         return String.format("%s/%s/%s/%s/%s",
                 type.toString(),
-                UrlEscapers.urlPathSegmentEscaper().escape(tenant),
-                UrlEscapers.urlPathSegmentEscaper().escape(namespace),
-                UrlEscapers.urlPathSegmentEscaper().escape(name),
-                UrlEscapers.urlPathSegmentEscaper().escape(version));
+                escaper.escape(tenant),
+                escaper.escape(namespace),
+                escaper.escape(name),
+                escaper.escape(version));
     }
 
     @Override

pulsar-package-management/core/src/test/java/org/apache/pulsar/packages/management/core/common/PackageNameTest.java

@@ -119,19 +119,24 @@ public void testPackageNameErrors() {
 
     @Test
     public void testPathTraversalBypassConstructor() throws Exception {
-        // Create a normal, valid package to bypass the splitter
-        PackageName packageName = PackageName.get("function://tenant-a/ns/name@v1");
-
-        java.lang.reflect.Field tenantField = PackageName.class.getDeclaredField("tenant");
-        tenantField.setAccessible(true);
-        tenantField.set(packageName, "tenant-a/../../system-tenant");
-        // Define what the SAFE, patched output should look like
+        // Use the package-private constructor annotated with @VisibleForTesting
+        // to inject a traversal payload directly, bypassing normal Splitter validation.
+        PackageName packageName = new PackageName(
+                PackageType.FUNCTION,
+                "tenant-a/../../system-tenant",
+                "ns",
+                "name",
+                "v1"
+        );
+
+        // Verify that path separators in package components are percent-encoded in the generated REST path.
         String expectedSafePath = "function/tenant-a%2F..%2F..%2Fsystem-tenant/ns/name/v1";
 
-        // Trigger the vulnerable method
+        // Invoke the method under test
         String actualPath = packageName.toRestPath();
-        // The Trap: This will fail, because actualPath will still contain unencoded slashes
+
+        // This assertion verifies that traversal characters are encoded rather than emitted as raw slashes.
         Assert.assertEquals(actualPath, expectedSafePath,
-                "VULNERABILITY REPLICATED: The toRestPath method failed to encode path traversal characters!");
+                "The toRestPath method must encode path traversal characters in package components.");
     }
 }