From aa85a3c1c79997fadc3739eedfeff979de3a0e73 Mon Sep 17 00:00:00 2001
From: Mouhsin Elmajdouby <mouhsin.e.elmajdouby@oracle.com>
Date: Fri, 13 Jun 2025 17:28:35 +0100
Subject: [PATCH 1/3] Improve empty secret name validation in Azure Vault
 Config Provider

---
 .../provider/azure/configuration/AzureVaultURLParser.java  | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java b/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
index f4a6cd98..dc39b84e 100644
--- a/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
+++ b/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
@@ -70,12 +70,15 @@ static void parseVaultSecretUri(
 
     String path = urlBuilder.getPath();
 
-    if (!path.contains("/secrets"))
+    if (!path.contains("/secrets/"))
       throw new IllegalArgumentException("The Vault Secret URI should " +
         "contain \"/secrets\" following by the name of the Secret: " +
         vaultSecretUri);
 
-    String secretName = path.replace("/secrets", "");
+    String secretName = path.replace("/secrets/", "");
+    if (secretName.trim().isEmpty()){
+      throw new IllegalArgumentException("Missing secret name in Vault URI: " + vaultSecretUri);
+    }
     builder.add("value", KeyVaultSecretFactory.SECRET_NAME, secretName);
   }
 }

From 1ce3114a4dee8f92c838b64091946f7c11ce9ef4 Mon Sep 17 00:00:00 2001
From: Mouhsin Elmajdouby <mouhsin.e.elmajdouby@oracle.com>
Date: Mon, 16 Jun 2025 15:30:36 +0100
Subject: [PATCH 2/3] Add unit test

---
 .../AzureVaultSecretProviderTest.java         | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/ojdbc-provider-azure/src/test/java/oracle/jdbc/provider/azure/configuration/AzureVaultSecretProviderTest.java b/ojdbc-provider-azure/src/test/java/oracle/jdbc/provider/azure/configuration/AzureVaultSecretProviderTest.java
index 3a24c93a..67c644f6 100644
--- a/ojdbc-provider-azure/src/test/java/oracle/jdbc/provider/azure/configuration/AzureVaultSecretProviderTest.java
+++ b/ojdbc-provider-azure/src/test/java/oracle/jdbc/provider/azure/configuration/AzureVaultSecretProviderTest.java
@@ -75,6 +75,32 @@ public void test() {
     )));
   }
 
+  /**
+   * Verifies that calling getSecret(...) with an empty secret name
+   * is rejected by throwing an IllegalArgumentException whose message
+   * indicates a missing secret name.
+   */
+  @Test
+  public void testEmptySecretNameThrows() {
+    IllegalArgumentException ex = Assertions.assertThrows(
+      IllegalArgumentException.class,
+        () -> PROVIDER.getSecret(
+          constructSecretProperties(
+            TestProperties.getOrAbort(AzureTestProperty.AZURE_KEY_VAULT_URL),
+            "",   // <— empty secret path
+            TestProperties.getOrAbort(AzureTestProperty.AZURE_CLIENT_ID),
+            TestProperties.getOrAbort(AzureTestProperty.AZURE_CLIENT_SECRET),
+            TestProperties.getOrAbort(AzureTestProperty.AZURE_TENANT_ID)
+          )
+        ),
+            "Expected getSecret(...) to throw when secret name is empty"
+    );
+    Assertions.assertTrue(
+      ex.getMessage().toLowerCase().contains("missing secret name"),
+      "Exception message should mention 'secret name', but was: " + ex.getMessage()
+    );
+  }
+
   private Map<String,String> constructSecretProperties(
     String vaultUrl, String secretName, String clientId, String clientSecret, String tenantId) {
     Map<String,String> secretProperties = new HashMap<>();

From ab9fc9c9fb362b2f9e779819fe7c687ead85d934 Mon Sep 17 00:00:00 2001
From: Mouhsin Elmajdouby <mouhsin.e.elmajdouby@oracle.com>
Date: Mon, 30 Jun 2025 13:57:15 +0100
Subject: [PATCH 3/3] Address review comment

---
 .../jdbc/provider/azure/configuration/AzureVaultURLParser.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java b/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
index dc39b84e..faf92e00 100644
--- a/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
+++ b/ojdbc-provider-azure/src/main/java/oracle/jdbc/provider/azure/configuration/AzureVaultURLParser.java
@@ -72,7 +72,7 @@ static void parseVaultSecretUri(
 
     if (!path.contains("/secrets/"))
       throw new IllegalArgumentException("The Vault Secret URI should " +
-        "contain \"/secrets\" following by the name of the Secret: " +
+        "contain \"/secrets\" followed by the name of the Secret: " +
         vaultSecretUri);
 
     String secretName = path.replace("/secrets/", "");