feat: SP-2487 Implement path obfuscation on Winnowing class

Author: isasmendiagus

src/main/java/com/scanoss/Scanner.java

@@ -49,6 +49,7 @@
 import java.util.concurrent.Executors;
 import java.util.concurrent.Future;
 import java.util.function.Predicate;
+import java.util.stream.Collectors;
 
 import static com.scanoss.ScanossConstants.*;
 

src/main/java/com/scanoss/Winnowing.java

@@ -28,9 +28,11 @@
 import lombok.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.FilenameUtils;
 import org.apache.tika.Tika;
 import org.apache.tika.mime.MediaType;
 import org.apache.tika.mime.MediaTypeRegistry;
+import org.jetbrains.annotations.NotNull;
 
 import java.io.ByteArrayInputStream;
 import java.io.File;
@@ -68,6 +70,12 @@ public class Winnowing {
     private boolean hpsm = Boolean.FALSE; // Enable High Precision Snippet Matching data collection
     @Builder.Default
     private int snippetLimit = MAX_LONG_LINE_CHARS; // Enable limiting of size of a single line of snippet generation
+    @Builder.Default
+    private Map<String, String> obfuscationMap = new HashMap<>();
+
+    public String getRealFilePathFor(String obfuscatedPath) {
+        return obfuscationMap.get(obfuscatedPath);
+    }
 
     /**
      * Calculate the WFP (fingerprint) for the given file
@@ -112,7 +120,11 @@ public String wfpForContents(@NonNull String filename, Boolean binFile, byte[] c
         char[] fileContents = (new String(contents, Charset.defaultCharset())).toCharArray();
         String fileMD5 = DigestUtils.md5Hex(contents);
         StringBuilder wfpBuilder = new StringBuilder();
-        // TODO add obfuscation of the filename here
+
+        if (obfuscate) {
+            filename = obfuscateFilePath(filename);
+        }
+
         wfpBuilder.append(String.format("file=%s,%d,%s\n", fileMD5, contents.length, filename));
         if (binFile || this.skipSnippets || this.skipSnippets(filename, fileContents)) {
             return wfpBuilder.toString();
@@ -180,6 +192,42 @@ public String wfpForContents(@NonNull String filename, Boolean binFile, byte[] c
         return wfpBuilder.toString();
     }
 
+    /**
+     * Obfuscates the given file path by replacing it with a generated unique identifier while
+     * retaining its original file extension. The obfuscated path can be used to mask
+     * sensitive or easily guessable file names.
+     *
+     * @param originalPath the original file path to be obfuscated; must not be null
+     * @return the obfuscated file path with a unique identifier and the original file extension
+     */
+    private String obfuscateFilePath(@NotNull String originalPath) {
+        final String extension = extractExtension(originalPath);
+
+        // Generate a unique identifier for the obfuscated file
+        final int mapIndex = obfuscationMap.size();
+
+        final String obfuscatedPath = mapIndex + extension;
+        this.obfuscationMap.put(obfuscatedPath, originalPath);
+        return obfuscatedPath;
+    }
+
+    /**
+     * Extracts file extension from the given path, including the leading dot.
+     *
+     * @param path the file path or name (must not be null)
+     * @return the file extension with leading dot (e.g., ".txt") or empty string if no extension
+     */
+    private String extractExtension(@NotNull String path) {
+        try {
+            String extractedExtension = FilenameUtils.getExtension(path).trim();
+            return extractedExtension.isEmpty() ? "" : "." + extractedExtension;
+        } catch (IllegalArgumentException e) {
+            log.debug("Could not extract extension from filename '{}': {}",
+                    path, e.getMessage());
+            return "";
+        }
+    }
+
     /**
      * Determine if a file/contents should be skipped for snippet generation or not
      * @param filename filename for the contents (optional)

src/main/java/com/scanoss/dto/ScanFileResult.java

@@ -23,6 +23,7 @@
 package com.scanoss.dto;
 
 import lombok.Data;
+import lombok.With;
 
 import java.util.List;
 
@@ -31,6 +32,7 @@
  */
 @Data
 public class ScanFileResult {
+    @With
     private final String filePath;
     private final List<ScanFileDetails> fileDetails;
 }

src/test/java/com/scanoss/TestWinnowing.java

@@ -24,6 +24,7 @@
 
 
 import com.scanoss.exceptions.WinnowingException;
+import com.scanoss.utils.WinnowingUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.junit.After;
 import org.junit.Before;
@@ -265,4 +266,39 @@ public void TestWinnowingFileFailures() {
 
         log.info("Finished {} -->", methodName);
     }
+
+    @Test
+    public void testWinnowingObfuscation() {
+        String methodName = new Object() {}.getClass().getEnclosingMethod().getName();
+        log.info("<-- Starting {}", methodName);
+
+        // Create a winnowing instance with obfuscation map
+        Winnowing winnowing = Winnowing.builder()
+                .allExtensions(true)
+                .obfuscate(true)
+                .build();
+
+        // Path to test file
+        String file = "testing/data/test-file.txt";
+
+        // Generate WFP with obfuscation enabled
+        String wfp = winnowing.wfpForFile(file, file);
+        log.info("WFP with obfuscation: {}", wfp);
+        assertNotNull("Expected a result from WFP", wfp);
+
+
+        // Get the obfuscated path from the WFP
+        String obfuscatedPath = WinnowingUtils.extractFilePathFromWFP(wfp);
+        assertNotNull("Should have found an obfuscated path in WFP", obfuscatedPath);
+
+        // Verify we can retrieve the original path
+        String originalPath = winnowing.getRealFilePathFor(obfuscatedPath);
+        assertNotNull("Should be able to retrieve original path", originalPath);
+        assertEquals("Original path should match input file", file, originalPath);
+        assertNotEquals("Original path should not match obfuscated path", obfuscatedPath, originalPath);
+
+        log.info("Finished {} -->", methodName);
+    }
+
 }
+