Handle path param validation regexes for undertow handlers

[fawind]

Before this PR

The Conjure spec technically allows simple regex validations in http path parameters such as /foo/{bar:.+} (see palantir/conjure#297, code). However, when used to generate an Undertow endpoint handler, those would result in runtime errors when trying to access the path param.

Currently, an Undertow handler would look something like this:

private static final class MyEndpoint implements HttpHandler, Endpoint {

    @Override
    public void handleRequest(HttpServerExchange exchange) throws IOException {
        Map<String, String> pathParams =
                exchange.getAttachment(PathTemplateMatch.ATTACHMENT_KEY).getParameters();
        String param = runtime.plainSerDe().deserializeString(pathParams.get("param"));
        // ...
    }

    @Override
    public String template() {
        return "/{param:.+}";
    }
}

Notice how it uses pathParams.get("param") while the path template still contains the regex validation. The template gets passed to undertow's PathTemplate, which doesn't support regex validations and instead handles the entire param:.+ as the parameter name.

At runtime, this will result in an invalid argument exception, due to the requested parameter param being null (see test: 4610af8).

After this PR

This PR adds a naive fix of ignoring path param validation regexes when generating Undertow handlers but I'm not sure if that's the best path forward.

If we don't want to support those validations, we could still allow them in the spec but drop them much earlier when parsing into endpoint definitions? There are a few usages in conjure definitions in the wild, so we can't drop them from the spec without a break.

==COMMIT_MSG==
Handle path param validation regexes for undertow handlers
==COMMIT_MSG==

Possible downsides?

[changelog-app]

Generate changelog in changelog/@unreleased

What do the change types mean?

• feature: A new feature of the service.
• improvement: An incremental improvement in the functionality or operation of the service.
• fix: Remedies the incorrect behaviour of a component of the service in a backwards-compatible way.
• break: Has the potential to break consumers of this service's API, inclusive of both Palantir services
  and external consumers of the service's API (e.g. customer-written software or integrations).
• deprecation: Advertises the intention to remove service functionality without any change to the
  operation of the service itself.
• manualTask: Requires the possibility of manual intervention (running a script, eyeballing configuration,
  performing database surgery, ...) at the time of upgrade for it to succeed.
• migration: A fully automatic upgrade migration task with no engineer input required.

Note: only one type should be chosen.

How are new versions calculated?

• ❗The break and manual task changelog types will result in a major release!
• 🐛 The fix changelog type will result in a minor release in most cases, and a patch release version for patch branches. This behaviour is configurable in autorelease.
• ✨ All others will result in a minor version release.

Type

• Feature
• Improvement
• Fix
• Break
• Deprecation
• Manual task
• Migration

Description

Handle path param validation regexes for undertow handlers

Check the box to generate changelog(s)

• Generate changelog entry

[fawind]

This is the actual code change.

[carterkozak]

At a high level, I think it would be better to fail fast if an input isn't fully supported rather than producing slightly unexpected behavior at runtime -- I could imagine a scenario where the path regex is used for security, perhaps to prevent certain path traversal attacks, where passing through the raw value may not be great. I think the malformed name including regex will not work, but currently I expect it fails consistently.

I would be in favor of causing the generator to fail eagerly when these patterns are detected. I thought we had officially deprecated the regex-in-pathparm feature, but perhaps that was never messaged out in the spec -- it was an intentional change not to support path param regex. We could write our own RoutingHandler which understands these patterns if the lack of support is causing problems

[fawind]

At a high level, I think it would be better to fail fast if an input isn't fully supported rather than producing slightly unexpected behavior at runtime -- [...]

Makes sense! There are a few usages, but I think those only use Jersey endpoints or would otherwise have broken endpoints anyway. Can update the PR to fail Undertow generation when encountering these cases later!