Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add requested URI discovery support #6030

Merged
merged 13 commits into from
Feb 28, 2023
Merged

Conversation

tjquinno
Copy link
Member

@tjquinno tjquinno commented Jan 31, 2023

Resolves #5826

Intro

Forwarded and X-Forwarded-* header support allows code that processes requests to obtain, to the best of Helidon's ability, the URI information as specified by the original client even if the request passed through proxies from the original client to the Helidon service.

The feature adds two main outward interfaces to Helidon:

  1. Developers or deployers can control various settings on each socket which govern the behavior of this feature:

    • enabled/disabled
    • which proxies to trust (uses the new AllowList)
    • the priority of checking Forwarded vs. X-Forwarded-* vs. Host headers.

    In 4.x, the RequestedUriDiscoveryContext interface embodies these settings (in helidon-common-configurable along with its implementation), assignable via config or builders.

  2. The ServerRequest interfaces (one in Níma, one in reactive) now declare the UriInfo uriInfo() method so developer or Helidon code working with requests can obtain the requested URI information as specified by the original client.

The logic for building this new UriInfo record is in the new utility method RequestedUriDiscovery.uriInfo (in helidon-common-http).
This method accepts neutral (not specific to either Níma or reactive) information about the request and an instance of the new RequestedUriDiscoveryContext interface.

Because RequestedUriDiscoveryContext is an attribute of each socket, the server request implementation classes need a way to get the relevant socket information.

In Níma

The key ServerRequest implementations are Http1ServerRequest (helidon-nima-webserver) and Http2ServerRequest (helidon-nima-http2-webserver). Both already have a reference to ConnectionContext (helidon-nima-webserver).

The ConnectionContext interface extends interface SocketContext (in helidon-common-socket although it is used only by Níma, not reactive) to reflect the socket settings.

Adding RequestedUriDiscoveryContext requestedUriDiscoveryContext() to SocketContext (and its impls) therefore makes the discovery context available to the server request implementations.

SocketContext is also implemented by the PlainSocket class (which the class TlsSocket extends) and DirectSocket,
so these impls of SocketContext need to implement requestedUriDiscoveryContext():

  • ConnectionContextImpl
  • PlainSocket
  • DirectSocket (in helidon-nima-testing-junit5-webserver)

which means their constructors/factory methods/builders need to change as do the callers of those constructors/factory methods/builders:

  • PlainSocket#server (invokes PlainSocket#<init>
  • ServerListener (invokes PlainSocket#server and TlsSocket#server)

In reactive

The key ServerRequest impl is the abstract class Request (helidon-reactive-webserver).

That class already has a reference to BareRequest to which this PR adds a getter for its SocketConfiguration (interface in helidon-reactive-webserver).
The constructor for BareRequestImpl now accepts and stores the SocketConfiguration which the added getter method returns.

FoprwardingHandler (helidon-reactive-webserver) already has a reference to the SocketConfiguration so now it passes that as an additional parameter when it invokes the BareRequestImpl constructor.

This PR also changes SocketConfiguration:

  • Adds RequestedUriDiscoveryContext requestedUriDiscoveryContext()
  • To its inner interface SocketConfigurationBuilder:
    • Adds setter and getter for RequestedUriDiscoveryContext.Builder
    • Updates config to handle discovery context

Also, the PR updates the impls of SocketConfiguration and SocketConfigurationBuilder accordingly.

Other

There are some other changes to unrelated test classes, adding new required methods.

Depends on #6109

@tjquinno tjquinno self-assigned this Jan 31, 2023
@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Jan 31, 2023
@tjquinno tjquinno requested a review from spericas February 6, 2023 13:45
@tjquinno tjquinno marked this pull request as ready for review February 23, 2023 22:13
@danielkec danielkec dismissed tomas-langer’s stale review February 28, 2023 09:41

new sheriff in town

@tjquinno tjquinno merged commit 2d6dd5e into helidon-io:main Feb 28, 2023
@tjquinno tjquinno deleted the forwarded-main branch February 28, 2023 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants