fix: add support for deserializing zoned expressions (#153)

* fix: add support for deserializing zoned expressions * chore: suppression update
hypertrace · Nov 30, 2023 · 6b980ed · 6b980ed
1 parent beeb208
commit 6b980ed
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 19 deletions.
diff --git a/...src/main/java/org/hypertrace/core/graphql/common/schema/typefunctions/DateTimeScalar.java b/...src/main/java/org/hypertrace/core/graphql/common/schema/typefunctions/DateTimeScalar.java
@@ -12,6 +12,7 @@
 import java.lang.reflect.AnnotatedType;
 import java.time.DateTimeException;
 import java.time.Instant;
+import java.time.OffsetDateTime;
 import java.time.temporal.TemporalAccessor;
 import java.util.function.Function;
 
@@ -45,10 +46,10 @@ private <E extends GraphqlErrorException> Instant toInstant(
                       return Instant.from((TemporalAccessor) instantInput);
                     }
                     if (instantInput instanceof CharSequence) {
-                      return Instant.parse((CharSequence) instantInput);
+                      return parse((CharSequence) instantInput);
                     }
                     if (instantInput instanceof StringValue) {
-                      return Instant.parse(((StringValue) instantInput).getValue());
+                      return parse(((StringValue) instantInput).getValue());
                     }
                   } catch (DateTimeException exception) {
                     throw errorWrapper.apply(exception);
@@ -75,4 +76,8 @@ public GraphQLScalarType buildType(
       ProcessingElementsContainer container) {
     return DATE_TIME_SCALAR;
   }
+
+  private static Instant parse(CharSequence charSequence) {
+    return OffsetDateTime.parse(charSequence).toInstant();
+  }
 }
diff --git a/...a/src/test/java/org/hypertrace/core/graphql/common/schema/scalars/DateTimeScalarTest.java b/...a/src/test/java/org/hypertrace/core/graphql/common/schema/scalars/DateTimeScalarTest.java
@@ -19,8 +19,9 @@
 @ExtendWith(MockitoExtension.class)
 class DateTimeScalarTest {
 
-  private static final String TEST_DATE_TIME_STRING = "2019-10-29T21:30:12.871Z";
-  private static final Instant TEST_DATE_TIME_INSTANT = Instant.parse(TEST_DATE_TIME_STRING);
+  private static final String TEST_UTC_DATE_TIME_STRING = "2019-10-29T21:30:12.871Z";
+  private static final String TEST_ZONED_DATE_TIME_STRING = "2019-10-30T03:00:12.871+05:30";
+  private static final Instant TEST_DATE_TIME_INSTANT = Instant.parse(TEST_UTC_DATE_TIME_STRING);
   private DateTimeScalar dateTimeFunction;
   private GraphQLScalarType dateTimeType;
   @Mock AnnotatedType mockAnnotatedType;
@@ -45,18 +46,24 @@ void canDetermineIfConvertible() {
   @Test
   void canConvertFromLiteral() {
     assertEquals(
-        TEST_DATE_TIME_INSTANT, dateTimeType.getCoercing().parseLiteral(TEST_DATE_TIME_STRING));
+        TEST_DATE_TIME_INSTANT, dateTimeType.getCoercing().parseLiteral(TEST_UTC_DATE_TIME_STRING));
+    assertEquals(
+        TEST_DATE_TIME_INSTANT,
+        dateTimeType.getCoercing().parseLiteral(TEST_ZONED_DATE_TIME_STRING));
   }
 
   @Test
   void canSerialize() {
     assertEquals(
-        TEST_DATE_TIME_STRING, dateTimeType.getCoercing().serialize(TEST_DATE_TIME_INSTANT));
+        TEST_UTC_DATE_TIME_STRING, dateTimeType.getCoercing().serialize(TEST_DATE_TIME_INSTANT));
     assertEquals(
-        TEST_DATE_TIME_STRING, dateTimeType.getCoercing().serialize(TEST_DATE_TIME_STRING));
+        TEST_UTC_DATE_TIME_STRING, dateTimeType.getCoercing().serialize(TEST_UTC_DATE_TIME_STRING));
+    assertEquals(
+        TEST_UTC_DATE_TIME_STRING,
+        dateTimeType.getCoercing().serialize(TEST_ZONED_DATE_TIME_STRING));
 
     assertEquals(
-        TEST_DATE_TIME_STRING,
+        TEST_UTC_DATE_TIME_STRING,
         dateTimeType
             .getCoercing()
             .serialize(TEST_DATE_TIME_INSTANT.atOffset(ZoneOffset.ofHoursMinutes(12, 30))));
@@ -68,6 +75,11 @@ void canConvertFromValue() {
         TEST_DATE_TIME_INSTANT,
         dateTimeType
             .getCoercing()
-            .parseValue(StringValue.newStringValue().value(TEST_DATE_TIME_STRING).build()));
+            .parseValue(StringValue.newStringValue().value(TEST_UTC_DATE_TIME_STRING).build()));
+    assertEquals(
+        TEST_DATE_TIME_INSTANT,
+        dateTimeType
+            .getCoercing()
+            .parseValue(StringValue.newStringValue().value(TEST_ZONED_DATE_TIME_STRING).build()));
   }
 }
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
@@ -8,14 +8,7 @@
     <cpe>cpe:/a:grpc:grpc</cpe>
     <cpe>cpe:/a:utils_project:utils</cpe>
   </suppress>
-  <suppress>
-    <notes><![CDATA[
-   file name: graphql-java-annotations-9.1.jar
-   ]]></notes>
-    <packageUrl regex="true">^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$</packageUrl>
-    <cpe>cpe:/a:graphql-java:graphql-java</cpe>
-  </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
   This vulnerability is disputed, with the argument that SSL configuration is the responsibility of the client rather
   than the transport. The change in default is under consideration for the next major Netty release, revisit then.
@@ -27,7 +20,7 @@
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
   </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
    This CVE is declared fixed from 9.4.52, but the vuln db is not reflecting that. Suppress that specific version until
    db is updated.
@@ -37,7 +30,7 @@
     <packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty\[email protected]\..*$</packageUrl>
     <vulnerabilityName>CVE-2023-36479</vulnerabilityName>
   </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
    file name: jackson-databind-2.15.2.jar
    ]]></notes>