From 3015bb5c7d1f36cb5aa6e55b32319dc58ebed0aa Mon Sep 17 00:00:00 2001 From: Ruud Senden <8635138+rsenden@users.noreply.github.com> Date: Fri, 18 Aug 2023 14:33:47 +0200 Subject: [PATCH] feat: Configurable connect & socket timeout --- .../cli/mixin/ConnectionConfigOptions.java | 71 +++++++++++++++++++ .../rest/cli/mixin/UrlConfigOptions.java | 5 +- .../rest/runner/config/IConnectionConfig.java | 34 +++++++++ .../common/rest/runner/config/IUrlConfig.java | 6 +- .../config/UnirestUrlConfigConfigurer.java | 4 +- .../common/rest/runner/config/UrlConfig.java | 8 ++- .../cli/mixin/FoDSessionLoginOptions.java | 11 ++- .../cli/mixin/SCDastUrlConfigOptions.java | 6 +- .../cli/mixin/SCSastUrlConfigOptions.java | 6 +- .../debricked/DebrickedUrlConfigOptions.java | 6 +- 10 files changed, 133 insertions(+), 24 deletions(-) create mode 100644 fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/ConnectionConfigOptions.java create mode 100644 fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IConnectionConfig.java diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/ConnectionConfigOptions.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/ConnectionConfigOptions.java new file mode 100644 index 0000000000..eaeef3dc7e --- /dev/null +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/ConnectionConfigOptions.java @@ -0,0 +1,71 @@ +/******************************************************************************* + * (c) Copyright 2021 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ +package com.fortify.cli.common.rest.cli.mixin; + +import com.fortify.cli.common.rest.runner.config.IConnectionConfig; +import com.fortify.cli.common.util.DateTimePeriodHelper; +import com.fortify.cli.common.util.DateTimePeriodHelper.Period; + +import io.micronaut.core.annotation.ReflectiveAccess; +import kong.unirest.Config; +import lombok.Getter; +import picocli.CommandLine.Option; + +/** + * Configure connection options to a remote system + * + * @author Ruud Senden + */ +@ReflectiveAccess +public abstract class ConnectionConfigOptions implements IConnectionConfig { + private static final DateTimePeriodHelper periodHelper = DateTimePeriodHelper.byRange(Period.SECONDS, Period.MINUTES); + + @Option(names = {"--insecure", "-k"}, required = false, description = "Disable SSL checks", defaultValue = "false", order=6) + @Getter private Boolean insecureModeEnabled; + + @Option(names = {"--socket-timeout"}, required = false, description = "Socket timeout for this session, for example 30s (30 seconds), 5m (5 minutes)", order=7) + private String socketTimeout; + + @Option(names = {"--connect-timeout"}, required = false, description = "Connection timeout for this session in seconds, for example 30s (30 seconds), 5m (5 minutes)", order=8) + private String connectTimeout; + + @Override + public int getConnectTimeoutInMillis() { + return connectTimeout==null ? getDefaultConnectTimeoutInMillis() : (int)periodHelper.parsePeriodToMillis(connectTimeout); + } + + @Override + public int getSocketTimeoutInMillis() { + return socketTimeout==null ? getDefaultSocketTimeoutInMillis() : (int)periodHelper.parsePeriodToMillis(socketTimeout); + } + + protected int getDefaultSocketTimeoutInMillis() { + return Config.DEFAULT_SOCKET_TIMEOUT; + } + + protected int getDefaultConnectTimeoutInMillis() { + return Config.DEFAULT_CONNECT_TIMEOUT; + } +} diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/UrlConfigOptions.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/UrlConfigOptions.java index 330f3a1317..866dd7a025 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/UrlConfigOptions.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/UrlConfigOptions.java @@ -36,13 +36,10 @@ * @author Ruud Senden */ @ReflectiveAccess -public class UrlConfigOptions implements IUrlConfig { +public class UrlConfigOptions extends ConnectionConfigOptions implements IUrlConfig { @Option(names = {"--url"}, required = true, order=1) @Getter private String url; - @Option(names = {"--insecure", "-k"}, required = false, description = "Disable SSL checks", defaultValue = "false", order=6) - @Getter private Boolean insecureModeEnabled; - public boolean hasUrlConfig() { return url!=null; } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IConnectionConfig.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IConnectionConfig.java new file mode 100644 index 0000000000..aa5ea64da4 --- /dev/null +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IConnectionConfig.java @@ -0,0 +1,34 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ +package com.fortify.cli.common.rest.runner.config; + +public interface IConnectionConfig { + int getConnectTimeoutInMillis(); + int getSocketTimeoutInMillis(); + Boolean getInsecureModeEnabled(); + default boolean isInsecureModeEnabled() { + return Boolean.TRUE.equals(getInsecureModeEnabled()); + } +} diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IUrlConfig.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IUrlConfig.java index d5d7febcbf..ec7d3bf0e5 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IUrlConfig.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/IUrlConfig.java @@ -24,10 +24,6 @@ ******************************************************************************/ package com.fortify.cli.common.rest.runner.config; -public interface IUrlConfig { +public interface IUrlConfig extends IConnectionConfig { String getUrl(); - Boolean getInsecureModeEnabled(); - default boolean isInsecureModeEnabled() { - return Boolean.TRUE.equals(getInsecureModeEnabled()); - } } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UnirestUrlConfigConfigurer.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UnirestUrlConfigConfigurer.java index 922bd2799f..8c6c91a78c 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UnirestUrlConfigConfigurer.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UnirestUrlConfigConfigurer.java @@ -37,7 +37,9 @@ public static final void configure(UnirestInstance unirestInstance, IUrlConfig u if ( urlConfig==null ) { throw new IllegalArgumentException("URL configuration may not be null"); } unirestInstance.config() .defaultBaseUrl(normalizeUrl(urlConfig.getUrl())) - .verifySsl(!urlConfig.isInsecureModeEnabled()); + .verifySsl(!urlConfig.isInsecureModeEnabled()) + .socketTimeout(urlConfig.getSocketTimeoutInMillis()) + .connectTimeout(urlConfig.getConnectTimeoutInMillis()); } /** diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UrlConfig.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UrlConfig.java index c77d66b0ea..4bd8c7885c 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UrlConfig.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/config/UrlConfig.java @@ -37,6 +37,8 @@ @Data @ReflectiveAccess @NoArgsConstructor @AllArgsConstructor @Builder public class UrlConfig implements IUrlConfig { private String url; + private int socketTimeoutInMillis; + private int connectTimeoutInMillis; private Boolean insecureModeEnabled; public static final UrlConfig from(IUrlConfig other) { @@ -48,7 +50,9 @@ public static final UrlConfigBuilder builderFrom(IUrlConfig other) { if ( other!=null ) { builder = builder .url(other.getUrl()) - .insecureModeEnabled(other.isInsecureModeEnabled()); + .insecureModeEnabled(other.isInsecureModeEnabled()) + .connectTimeoutInMillis(other.getConnectTimeoutInMillis()) + .socketTimeoutInMillis(other.getSocketTimeoutInMillis()); } return builder; } @@ -58,6 +62,8 @@ public static final UrlConfigBuilder builderFrom(IUrlConfig other, IUrlConfig ov if ( other!=null && overrides!=null ) { override(overrides.getUrl(), builder::url); override(overrides.getInsecureModeEnabled(), builder::insecureModeEnabled); + builder.connectTimeoutInMillis(overrides.getConnectTimeoutInMillis()) + .socketTimeoutInMillis(overrides.getSocketTimeoutInMillis()); } return builder; } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/session/cli/mixin/FoDSessionLoginOptions.java b/fcli-fod/src/main/java/com/fortify/cli/fod/session/cli/mixin/FoDSessionLoginOptions.java index 28bac21c8c..affa5cd189 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/session/cli/mixin/FoDSessionLoginOptions.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/session/cli/mixin/FoDSessionLoginOptions.java @@ -14,15 +14,24 @@ public class FoDSessionLoginOptions { @ArgGroup(exclusive = false, multiplicity = "1", headingKey = "arggroup.fod-connection-options.heading", order = 1) - @Getter private UrlConfigOptions urlConfigOptions = new UrlConfigOptions(); + @Getter private UrlConfigOptions urlConfigOptions = new FoDUrlConfigOptions(); @ArgGroup(exclusive = false, multiplicity = "1", headingKey = "arggroup.fod-authentication-options.heading", order = 2) @Getter private FoDAuthOptions authOptions = new FoDAuthOptions(); + + public String[] getScopes() { return new String[]{"api-tenant"}; // TODO make scopes configurable } + public static class FoDUrlConfigOptions extends UrlConfigOptions { + @Override + protected int getDefaultSocketTimeoutInMillis() { + return 600000; + } + } + public static class FoDAuthOptions { @ArgGroup(exclusive = true, multiplicity = "1", order = 3) @Getter private FoDCredentialOptions credentialOptions = new FoDCredentialOptions(); diff --git a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/session/cli/mixin/SCDastUrlConfigOptions.java b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/session/cli/mixin/SCDastUrlConfigOptions.java index 2e746a1415..927a962725 100644 --- a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/session/cli/mixin/SCDastUrlConfigOptions.java +++ b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/session/cli/mixin/SCDastUrlConfigOptions.java @@ -24,6 +24,7 @@ ******************************************************************************/ package com.fortify.cli.sc_dast.session.cli.mixin; +import com.fortify.cli.common.rest.cli.mixin.ConnectionConfigOptions; import com.fortify.cli.common.rest.runner.config.IUrlConfig; import io.micronaut.core.annotation.ReflectiveAccess; @@ -31,13 +32,10 @@ import picocli.CommandLine.Option; @ReflectiveAccess -public class SCDastUrlConfigOptions implements IUrlConfig { +public class SCDastUrlConfigOptions extends ConnectionConfigOptions implements IUrlConfig { @Option(names = {"--ssc-url"}, required = true, order=1) @Getter private String url; - @Option(names = {"--insecure", "-k"}, required = false, description = "Disable SSL checks", defaultValue = "false", order=6) - @Getter private Boolean insecureModeEnabled; - public boolean hasUrlConfig() { return url!=null; } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastUrlConfigOptions.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastUrlConfigOptions.java index 9aa5e31276..05e3153356 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastUrlConfigOptions.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastUrlConfigOptions.java @@ -24,6 +24,7 @@ ******************************************************************************/ package com.fortify.cli.sc_sast.session.cli.mixin; +import com.fortify.cli.common.rest.cli.mixin.ConnectionConfigOptions; import com.fortify.cli.common.rest.runner.config.IUrlConfig; import io.micronaut.core.annotation.ReflectiveAccess; @@ -31,13 +32,10 @@ import picocli.CommandLine.Option; @ReflectiveAccess -public class SCSastUrlConfigOptions implements IUrlConfig { +public class SCSastUrlConfigOptions extends ConnectionConfigOptions implements IUrlConfig { @Option(names = {"--ssc-url"}, required = true, order=1) @Getter private String url; - @Option(names = {"--insecure", "-k"}, required = false, description = "Disable SSL checks", defaultValue = "false", order=6) - @Getter private Boolean insecureModeEnabled; - public boolean hasUrlConfig() { return url!=null; } diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/imprt/debricked/DebrickedUrlConfigOptions.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/imprt/debricked/DebrickedUrlConfigOptions.java index 2fc6d36957..7ac1f3ee98 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/imprt/debricked/DebrickedUrlConfigOptions.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/imprt/debricked/DebrickedUrlConfigOptions.java @@ -24,6 +24,7 @@ ******************************************************************************/ package com.fortify.cli.ssc.appversion_artifact.cli.cmd.imprt.debricked; +import com.fortify.cli.common.rest.cli.mixin.ConnectionConfigOptions; import com.fortify.cli.common.rest.runner.config.IUrlConfig; import io.micronaut.core.annotation.ReflectiveAccess; @@ -31,14 +32,11 @@ import picocli.CommandLine.Option; @ReflectiveAccess -public class DebrickedUrlConfigOptions implements IUrlConfig { +public class DebrickedUrlConfigOptions extends ConnectionConfigOptions implements IUrlConfig { // For now, this option is hidden as there is only the single debricked.com SaaS instance @Option(names = {"--debricked-url"}, required = true, order=1, defaultValue = "https://debricked.com", hidden = true) @Getter private String url; - @Option(names = {"--insecure", "-k"}, required = false, description = "Disable SSL checks", defaultValue = "false", order=6) - @Getter private Boolean insecureModeEnabled; - public boolean hasUrlConfig() { return url!=null; }