refactor SpringWebClient

Porcupiney Hairs · Porcupiney Hairs · commit f8de94e90611 · 2020-11-13T00:32:27.000+05:30
diff --git a/java/ql/src/experimental/CWE-918/RequestForgeryCustomizations.qll b/java/ql/src/experimental/CWE-918/RequestForgeryCustomizations.qll
@@ -141,3 +141,42 @@ module RequestForgery {
     }
   }
 }
+
+/**
+ * A class representing all Spring Rest Template methods
+ * which take an URL as an argument.
+ */
+class SpringRestTemplateUrlMethods extends Method {
+  SpringRestTemplateUrlMethods() {
+    this.getDeclaringType() instanceof SpringRestTemplate and
+    this.hasName("doExecute")
+    or
+    this.hasName("postForEntity")
+    or
+    this.hasName("postForLocation")
+    or
+    this.hasName("postForObject")
+    or
+    this.hasName("put")
+    or
+    this.hasName("exchange")
+    or
+    this.hasName("execute")
+    or
+    this.hasName("getForEntity")
+    or
+    this.hasName("getForObject")
+    or
+    this.hasName("patchForObject")
+  }
+
+  /**
+   * Gets the argument which corresponds to a URL argument
+   * passed as a `java.net.URL` object or as a string or the like
+   */
+  Argument getUrlArgument(MethodAccess ma) {
+    // doExecute(URI url, HttpMethod method, RequestCallback requestCallback,
+    //  ResponseExtractor<T> responseExtractor)
+    result = ma.getArgument(0)
+  }
+}
diff --git a/java/ql/src/semmle/code/java/frameworks/spring/SpringWebClient.qll b/java/ql/src/semmle/code/java/frameworks/spring/SpringWebClient.qll
@@ -27,119 +27,3 @@ class SpringWebClient extends Interface {
     this.hasQualifiedName("org.springframework.web.reactive.function.client", "WebClient")
   }
 }
-
-/**
- * An abstract class representing all Spring Rest Template methods
- * which take an URL as an argument.
- */
-abstract class SpringRestTemplateUrlMethods extends Method {
-  /**
-   * Gets the argument which corresponds to a URL argument
-   * passed as a `java.net.URL` object or as a string or the like
-   */
-  abstract Argument getUrlArgument(MethodAccess ma);
-}
-
-/** Models `RestTemplate` class's `doExecute` method */
-class RestTemplateDoExecute extends SpringRestTemplateUrlMethods {
-  RestTemplateDoExecute() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("doExecute")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) {
-    // doExecute(URI url, HttpMethod method, RequestCallback requestCallback,
-    //  ResponseExtractor<T> responseExtractor)
-    result = ma.getArgument(0)
-  }
-}
-
-/** Models `RestTemplate` class's `exchange` method */
-class RestTemplateExchange extends SpringRestTemplateUrlMethods {
-  RestTemplateExchange() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("exchange")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `execute` method */
-class RestTemplateExecute extends SpringRestTemplateUrlMethods {
-  RestTemplateExecute() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("execute")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `getForEntity` method */
-class RestTemplateGetForEntity extends SpringRestTemplateUrlMethods {
-  RestTemplateGetForEntity() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("getForEntity")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `getForObject` method */
-class RestTemplateGetForObject extends SpringRestTemplateUrlMethods {
-  RestTemplateGetForObject() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("getForObject")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `patchForObject` method */
-class RestTemplatePatchForObject extends SpringRestTemplateUrlMethods {
-  RestTemplatePatchForObject() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("patchForObject")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `postForEntity` method */
-class RestTemplatePostForEntity extends SpringRestTemplateUrlMethods {
-  RestTemplatePostForEntity() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("postForEntity")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `postForLocation` method */
-class RestTemplatePostForLocation extends SpringRestTemplateUrlMethods {
-  RestTemplatePostForLocation() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("postForLocation")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `postForObject` method */
-class RestTemplatePostForObject extends SpringRestTemplateUrlMethods {
-  RestTemplatePostForObject() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("postForObject")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
-
-/** Models `RestTemplate` class's `put` method */
-class RestTemplatePut extends SpringRestTemplateUrlMethods {
-  RestTemplatePut() {
-    this.getDeclaringType() instanceof SpringRestTemplate and
-    this.hasName("put")
-  }
-
-  override Argument getUrlArgument(MethodAccess ma) { result = ma.getArgument(0) }
-}
