Merge pull request #2686 from akto-api-security/feature/support_for_event_stream

notshivansh · web-flow · commit f6df3e7145db · 2025-06-18T13:57:56.000+05:30
add support for event stream response in api executor
diff --git a/apps/testing/src/main/java/com/akto/test_editor/execution/Executor.java b/apps/testing/src/main/java/com/akto/test_editor/execution/Executor.java
@@ -492,6 +492,14 @@ public ExecutorSingleOperationResp invokeOperation(String operationType, Object
                     queryData.put(TestExecutorModifier._OPERATION, operation);
                     BasicDBObject generatedData = new TestExecutorModifier().handle(queryData);
                     generatedOperationKeyValuePairs = parseGeneratedKeyValues(generatedData, operationTypeLower, value);
+
+                    if (generatedOperationKeyValuePairs != null) {
+                        loggerMaker.infoAndAddToDb("Generated data in invokeOperation: operation:" + operation
+                                + " output: " + generatedOperationKeyValuePairs.toString());
+                    } else {
+                        loggerMaker.errorAndAddToDb("Generated data is null for operation: " + operation);
+                    }
+
                 }
             }
 
@@ -500,7 +508,7 @@ public ExecutorSingleOperationResp invokeOperation(String operationType, Object
         }
 
         try {
-            if(!generatedOperationKeyValuePairs.isEmpty()){
+            if (generatedOperationKeyValuePairs != null && !generatedOperationKeyValuePairs.isEmpty()) {
                 ExecutorSingleOperationResp resp = new ExecutorSingleOperationResp(false, "AI generated operation key value pairs, executing them");
                 for (BasicDBObject generatedPair : generatedOperationKeyValuePairs) {
                     String generatedKey = generatedPair.keySet().iterator().next();
diff --git a/libs/dao/src/main/java/com/akto/util/HttpRequestResponseUtils.java b/libs/dao/src/main/java/com/akto/util/HttpRequestResponseUtils.java
@@ -37,6 +37,8 @@ public class HttpRequestResponseUtils {
 
     public static final String FORM_URL_ENCODED_CONTENT_TYPE = "application/x-www-form-urlencoded";
     public static final String GRPC_CONTENT_TYPE = "application/grpc";
+    public static final String TEXT_EVENT_STREAM_CONTENT_TYPE = "text/event-stream";
+    public static final String CONTENT_TYPE = "CONTENT-TYPE";
 
     public static List<SingleTypeInfo> generateSTIsFromPayload(int apiCollectionId, String url, String method,String body, int responseCode) {
         int now = Context.now();
diff --git a/libs/utils/src/main/java/com/akto/test_editor/filter/Filter.java b/libs/utils/src/main/java/com/akto/test_editor/filter/Filter.java
@@ -39,6 +39,7 @@ public Filter() {
     public static Object generateQuerySet(FilterActionRequest filterActionRequest) {
         Object querySet = filterActionRequest.getQuerySet();
         String operationTypeLower = filterActionRequest.getOperand().toLowerCase();
+        String operation = "";
         Object newQuerySet = querySet;
         try {
             int accountId = Context.accountId.get();
@@ -64,7 +65,7 @@ public static Object generateQuerySet(FilterActionRequest filterActionRequest) {
 
                 if(!operationPrompt.isEmpty()){
 
-                    String operation = operationTypeLower + ": " + operationPrompt;
+                    operation = operationTypeLower + ": " + operationPrompt;
                     if(filterActionRequest.getConcernedProperty() != null && !filterActionRequest.getConcernedProperty().isEmpty()) {
                         operation = operation + " in " + filterActionRequest.getConcernedProperty();
                     }
@@ -99,6 +100,16 @@ public static Object generateQuerySet(FilterActionRequest filterActionRequest) {
         } catch (Exception e) {
             loggerMaker.errorAndAddToDb(e, "error invoking operation " + operationTypeLower + " " + e.getMessage());
         }
+
+        if(newQuerySet == null) {
+            loggerMaker.infoAndAddToDb("Generated query set: operation:" + operation + " output: null");
+        } else if (newQuerySet instanceof List) {
+            loggerMaker.infoAndAddToDb(
+                    "Generated query set: operation:" + operation + " output: " + newQuerySet.toString());
+        } else {
+            loggerMaker.infoAndAddToDb("Generated query set: operation:" + operation + " output: " + newQuerySet);
+        }
+
         return newQuerySet;
     }
 
diff --git a/libs/utils/src/main/java/com/akto/testing/ApiExecutor.java b/libs/utils/src/main/java/com/akto/testing/ApiExecutor.java
@@ -46,7 +46,7 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
             while (RateLimitHandler.getInstance(accountId).shouldWait(request)) {
                 if(rateLimitHit){
                     if (!(request.url().toString().contains("insertRuntimeLog") || request.url().toString().contains("insertTestingLog") || request.url().toString().contains("insertProtectionLog"))) {
-                        loggerMaker.infoAndAddToDb("Rate limit hit, sleeping", LogDb.TESTING);
+                        loggerMaker.infoAndAddToDb("Rate limit hit, sleeping");
                     }else {
                         System.out.println("Rate limit hit, sleeping");
                     }
@@ -57,7 +57,7 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
 
                 if (i%30 == 0) {
                     if (!(request.url().toString().contains("insertRuntimeLog") || request.url().toString().contains("insertTestingLog") || request.url().toString().contains("insertProtectionLog"))) {
-                        loggerMaker.infoAndAddToDb("waiting for rate limit availability", LogDb.TESTING);
+                        loggerMaker.infoAndAddToDb("waiting for rate limit availability");
                     }else{
                         System.out.println("waiting for rate limit availability");
                     }                
@@ -81,13 +81,27 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
 
         Call call = client.newCall(request);
         Response response = null;
-        String body;
+        String body = null;
         byte[] grpcBody = null;
+        Map<String, List<String>> responseHeaders = new HashMap<>();
         try {
             response = call.execute();
-            ResponseBody responseBody = response.peekBody(MAX_RESPONSE_SIZE);
-            if (responseBody == null) {
-                throw new Exception("Couldn't read response body");
+            Headers headers = response.headers();
+            responseHeaders = generateHeadersMapFromHeadersObject(headers);
+
+            String contentTypeHeader = getHeaderValue(responseHeaders, HttpRequestResponseUtils.CONTENT_TYPE);
+
+            if (contentTypeHeader != null && !contentTypeHeader.isEmpty() &&
+                    contentTypeHeader.equalsIgnoreCase(HttpRequestResponseUtils.TEXT_EVENT_STREAM_CONTENT_TYPE)) {
+                body = getEventStreamResponseBodyWithTimeout(response, 20000); // 20 seconds timeout
+            }
+
+            ResponseBody responseBody = null;
+            if (body == null) {
+                responseBody = response.peekBody(MAX_RESPONSE_SIZE);
+                if (responseBody == null) {
+                    throw new Exception("Couldn't read response body");
+                }
             }
             try {
                 if (requestProtocol != null && requestProtocol.contains(HttpRequestResponseUtils.GRPC_CONTENT_TYPE)) {//GRPC request
@@ -98,13 +112,13 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
                         builder.append(b).append(",");
                     }
                     if (!(request.url().toString().contains("insertRuntimeLog") || request.url().toString().contains("insertTestingLog") || request.url().toString().contains("insertProtectionLog"))) {
-                        loggerMaker.infoAndAddToDb(builder.toString(), LogDb.TESTING);
+                        loggerMaker.infoAndAddToDb(builder.toString());
                     }else {
                         System.out.println(builder.toString());
                     }
                     String responseBase64Encoded = Base64.getEncoder().encodeToString(grpcBody);
                     if (!(request.url().toString().contains("insertRuntimeLog") || request.url().toString().contains("insertTestingLog") || request.url().toString().contains("insertProtectionLog"))) {
-                        loggerMaker.infoAndAddToDb("grpc response base64 encoded:" + responseBase64Encoded, LogDb.TESTING);
+                        loggerMaker.infoAndAddToDb("grpc response base64 encoded:" + responseBase64Encoded);
                     }else {
                         System.out.println("grpc response base64 encoded:" + responseBase64Encoded);
                     }
@@ -115,7 +129,13 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
                     body = HttpRequestResponseUtils.convertXmlToJson(responseBody.string());
                 } 
                 else {
-                    body = responseBody.string();
+                    if (body == null) {
+                        if(responseBody != null){
+                            body = responseBody.string();
+                        } else {
+                            body = "{}"; // default to empty json if response body is null
+                        }
+                    }
                 }
             } catch (IOException e) {
                 if (!(request.url().toString().contains("insertRuntimeLog") || request.url().toString().contains("insertTestingLog") || request.url().toString().contains("insertProtectionLog"))) {
@@ -138,14 +158,36 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
             }
         }
 
-        int statusCode = response.code();
-        Headers headers = response.headers();
-
-        Map<String, List<String>> responseHeaders = generateHeadersMapFromHeadersObject(headers);
+        int statusCode = -1;
+        if (response != null) {
+            statusCode = response.code();
+        } else {
+            loggerMaker.errorAndAddToDb("Response is null when trying to access status code and headers", LogDb.TESTING);
+        }
         return new OriginalHttpResponse(body, responseHeaders, statusCode);
     }
 
+    private static String getHeaderValue(Map<String, List<String>> responseHeaders, String headerName) {
+        if (responseHeaders == null || responseHeaders.isEmpty()) {
+            return null;
+        }
+
+        for (String key : responseHeaders.keySet()) {
+            if (key.equalsIgnoreCase(headerName)) {
+                List<String> values = responseHeaders.get(key);
+                if (values != null && !values.isEmpty()) {
+                    return values.get(0).toUpperCase();
+                }
+            }
+        }
+        return null;
+    }
+
     public static Map<String, List<String>> generateHeadersMapFromHeadersObject(Headers headers) {
+        if (headers == null || headers.size() == 0) {
+            return Collections.emptyMap();
+        }
+
         Iterator<Pair<String, String>> headersIterator = headers.iterator();
         Map<String, List<String>> responseHeaders = new HashMap<>();
         while (headersIterator.hasNext()) {
@@ -556,6 +598,39 @@ private static boolean isJsonRpcRequest(OriginalHttpRequest request) {
             return false;
         }
     }
+    
+    private static String getEventStreamResponseBodyWithTimeout(Response response, long timeoutMs) throws IOException {
+        StringBuilder sb = new StringBuilder();
+        InputStream is = response.body().byteStream();
+        Scanner scanner = new Scanner(is);
+
+        long startTime = System.currentTimeMillis();
+        int waitLoopCount = 0;
+
+        try {
+            while (System.currentTimeMillis() - startTime < timeoutMs) {
+                if (scanner.hasNextLine()) {
+                    String line = scanner.nextLine();
+                    sb.append(line).append("\n");
+                    waitLoopCount = 0; // Reset wait loop count on new data
+                } else {
+                    // Avoid tight CPU loop; sleep briefly
+                    waitLoopCount++;
+                    if (waitLoopCount > 20) { // If no data for a while, break
+                        break;
+                    }
+                    Thread.sleep(100);
+                }
+            }
+        } catch (Exception e) {
+            // Read timeout or interruption: end gracefully
+            sb.append("\n[Stream ended early: ").append(e.getMessage()).append("]");
+        } finally {
+            scanner.close();
+        }
+        return sb.toString();
+    }
+
 
     private static class SseSession {
         String sessionId;
@@ -597,6 +672,7 @@ private static SseSession openSseSession(String host, boolean debug) throws Exce
                 }
             }
         }
+        scanner.close();
         // Keep the stream open for later reading
         session.messages = Collections.synchronizedList(new ArrayList<>());
         new Thread(() -> {
