Issue #5362 - Adding SslContextFactory.Client to Proxy's HttpClient

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
jetty · Sep 28, 2020 · 31e0f76 · 31e0f76
1 parent 1904903
commit 31e0f76
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 113 deletions.
diff --git a/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java b/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java
@@ -55,6 +55,7 @@
 import org.eclipse.jetty.util.StringUtil;
 import org.eclipse.jetty.util.log.Log;
 import org.eclipse.jetty.util.log.Logger;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
 
 /**
@@ -362,7 +363,8 @@ protected HttpClient newHttpClient()
         String value = getServletConfig().getInitParameter("selectors");
         if (value != null)
             selectors = Integer.parseInt(value);
-        return new HttpClient(new HttpClientTransportOverHTTP(selectors), null);
+        SslContextFactory.Client clientSsl = new SslContextFactory.Client();
+        return new HttpClient(new HttpClientTransportOverHTTP(selectors), clientSsl);
     }
 
     protected HttpClient getHttpClient()

diff --git a/tests/test-webapps/test-proxy-webapp/pom.xml b/tests/test-webapps/test-proxy-webapp/pom.xml
@@ -45,14 +45,6 @@
       <artifactId>javax.servlet-api</artifactId>
       <scope>provided</scope>
     </dependency>
-
-    <!--
-        <dependency>
-          <groupId>org.eclipse.jetty.orbit</groupId>
-          <artifactId>javax.servlet</artifactId>
-          <scope>provided</scope>
-        </dependency>
-    -->
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
       <artifactId>jetty-webapp</artifactId>
@@ -61,13 +53,14 @@
     </dependency>
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
-      <artifactId>jetty-jmx</artifactId>
+      <artifactId>jetty-client</artifactId>
       <version>${project.version}</version>
-      <scope>test</scope>
+      <scope>provided</scope>
     </dependency>
     <dependency>
-      <groupId>org.eclipse.jetty.toolchain</groupId>
-      <artifactId>jetty-test-helper</artifactId>
+      <groupId>org.eclipse.jetty</groupId>
+      <artifactId>jetty-jmx</artifactId>
+      <version>${project.version}</version>
       <scope>test</scope>
     </dependency>
     <dependency>

diff --git a/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml b/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml
@@ -7,10 +7,12 @@
     <servlet-name>JavadocTransparentProxy</servlet-name>
     <servlet-class>org.eclipse.jetty.proxy.ProxyServlet$Transparent</servlet-class>
     <init-param>
-      <param-name>proxyTo</param-name><param-value>http://www.eclipse.org/jetty/javadoc/</param-value>
+      <param-name>proxyTo</param-name>
+      <param-value>https://www.eclipse.org/jetty/javadoc/</param-value>
     </init-param>
     <init-param>
-      <param-name>hostHeader</param-name><param-value>eclipse.org</param-value>
+      <param-name>hostHeader</param-name>
+      <param-value>www.eclipse.org</param-value>
     </init-param>
     <load-on-startup>1</load-on-startup>
     <async-supported>true</async-supported>

diff --git a/...webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java b/...webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java
@@ -18,118 +18,78 @@
 
 package org.eclipse.jetty;
 
-import java.lang.management.ManagementFactory;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.TimeoutException;
 
-import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
-import org.eclipse.jetty.http2.HTTP2Cipher;
-import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
-import org.eclipse.jetty.jmx.MBeanContainer;
-import org.eclipse.jetty.server.ForwardedRequestCustomizer;
-import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.HttpConfiguration;
-import org.eclipse.jetty.server.HttpConnectionFactory;
-import org.eclipse.jetty.server.SecureRequestCustomizer;
+import org.eclipse.jetty.client.HttpClient;
+import org.eclipse.jetty.client.api.ContentResponse;
+import org.eclipse.jetty.http.HttpStatus;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.SslConnectionFactory;
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;
-import org.eclipse.jetty.server.handler.DefaultHandler;
-import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.util.log.Log;
-import org.eclipse.jetty.util.log.StdErrLog;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
+import org.eclipse.jetty.util.component.LifeCycle;
+import org.eclipse.jetty.util.resource.PathResource;
 import org.eclipse.jetty.webapp.WebAppContext;
-import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Tag;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
 
-@Disabled("Not a test case")
 public class TestTransparentProxyServer
 {
-    public static void main(String[] args) throws Exception
-    {
-        ((StdErrLog)Log.getLog()).setSource(false);
-
-        String jettyRoot = "../../..";
-
-        // Setup Threadpool
-        QueuedThreadPool threadPool = new QueuedThreadPool();
-        threadPool.setMaxThreads(100);
-
-        // Setup server
-        Server server = new Server(threadPool);
-        server.manage(threadPool);
-
-        // Setup JMX
-        MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
-        server.addBean(mbContainer);
-        server.addBean(Log.getLog());
-
-        // Common HTTP configuration
-        HttpConfiguration config = new HttpConfiguration();
-        config.setSecurePort(8443);
-        config.addCustomizer(new ForwardedRequestCustomizer());
-        config.setSendDateHeader(true);
-        config.setSendServerVersion(true);
-
-        // Http Connector
-        HttpConnectionFactory http = new HttpConnectionFactory(config);
-        ServerConnector httpConnector = new ServerConnector(server, http);
-        httpConnector.setPort(8080);
-        httpConnector.setIdleTimeout(30000);
-        server.addConnector(httpConnector);
-
-        // SSL configurations
-        SslContextFactory sslContextFactory = new SslContextFactory.Server();
-        sslContextFactory.setKeyStorePath(jettyRoot + "/jetty-server/src/main/config/etc/keystore");
-        sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
-        sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
-        sslContextFactory.setTrustStorePath(jettyRoot + "/jetty-server/src/main/config/etc/keystore");
-        sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
-        sslContextFactory.setExcludeCipherSuites(
-            "SSL_RSA_WITH_DES_CBC_SHA",
-            "SSL_DHE_RSA_WITH_DES_CBC_SHA",
-            "SSL_DHE_DSS_WITH_DES_CBC_SHA",
-            "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
-            "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
-            "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
-            "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
-        sslContextFactory.setCipherComparator(new HTTP2Cipher.CipherComparator());
+    private Server server;
+    private HttpClient client;
 
-        // HTTPS Configuration
-        HttpConfiguration httpsConfig = new HttpConfiguration(config);
-        httpsConfig.addCustomizer(new SecureRequestCustomizer());
+    @BeforeEach
+    public void setup() throws Exception
+    {
+        server = new Server();
 
-        // HTTP2 factory
-        HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig);
-        ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
-        alpn.setDefaultProtocol(h2.getProtocol());
+        ServerConnector connector = new ServerConnector(server);
+        connector.setPort(0);
+        server.addConnector(connector);
 
-        // SSL Factory
-        SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol());
+        WebAppContext webapp = new WebAppContext();
+        // This is a pieced together WebApp.
+        // We don't have a valid WEB-INF/lib to rely on at this point.
+        // So, open up server classes here, for purposes of this testcase.
+        webapp.getServerClasspathPattern().add(
+            "-org.eclipse.jetty.proxy.",
+            "-org.eclipse.jetty.client.",
+            "-org.eclipse.jetty.util.ssl.");
+        webapp.getSystemClasspathPattern().add(
+            "org.eclipse.jetty.proxy.",
+            "org.eclipse.jetty.client.",
+            "org.eclipse.jetty.util.ss.");
+        webapp.setBaseResource(new PathResource(MavenTestingUtils.getProjectDirPath("src/main/webapp")));
+        webapp.setExtraClasspath(MavenTestingUtils.getTargetPath().resolve("classes").toString());
+        server.setHandler(webapp);
 
-        // HTTP2 Connector
-        ServerConnector http2Connector =
-            new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(httpsConfig));
-        http2Connector.setPort(8443);
-        http2Connector.setIdleTimeout(15000);
-        server.addConnector(http2Connector);
+        server.start();
 
-        // Handlers
-        HandlerCollection handlers = new HandlerCollection();
-        ContextHandlerCollection contexts = new ContextHandlerCollection();
-        handlers.setHandlers(new Handler[]
-            {contexts, new DefaultHandler()});
+        client = new HttpClient();
+        client.start();
+    }
 
-        server.setHandler(handlers);
+    @AfterEach
+    public void teardown()
+    {
+        LifeCycle.stop(client);
+        LifeCycle.stop(server);
+    }
 
-        // Setup proxy webapp
-        WebAppContext webapp = new WebAppContext();
-        webapp.setResourceBase("src/main/webapp");
-        contexts.addHandler(webapp);
+    @Test
+    @Tag("external")
+    public void testProxyRequest() throws InterruptedException, ExecutionException, TimeoutException
+    {
+        ContentResponse response = client.newRequest(server.getURI().resolve("/proxy/current/"))
+            .followRedirects(false)
+            .send();
 
-        // start server
-        server.setStopAtShutdown(true);
-        server.start();
-        server.join();
+        // Expecting a 200 OK (not a 302 redirect or other error)
+        assertThat("response status", response.getStatus(), is(HttpStatus.OK_200));
     }
 }
diff --git a/tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties b/tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties
@@ -0,0 +1,5 @@
+org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog
+#org.eclipse.jetty.LEVEL=WARN
+#org.eclipse.jetty.client.LEVEL=DEBUG
+#org.eclipse.jetty.http.LEVEL=DEBUG
+#org.eclipse.jetty.proxy.LEVEL=DEBUG