Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
BLasan committed Nov 19, 2024
1 parent 11155dc commit 5f1dcd0
Show file tree
Hide file tree
Showing 6 changed files with 55 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ public class HttpClientConfigurationDTO {
private String proxyUsername;
private char[] proxyPassword = new char[]{};
private String[] nonProxyHosts = new String[]{};
private String[] targetProxyHosts = new String[]{};
private String proxyProtocol;
private SSLContext sslContext;
private HostnameVerifier hostnameVerifier;
Expand Down Expand Up @@ -80,6 +81,10 @@ public String[] getNonProxyHosts() {
return Arrays.copyOf(nonProxyHosts, nonProxyHosts.length);
}

public String[] getTargetProxyHosts() {
return Arrays.copyOf(targetProxyHosts, targetProxyHosts.length);
}

public String getProxyProtocol() {
return proxyProtocol;
}
Expand All @@ -106,6 +111,7 @@ public static class Builder {
private String proxyUsername;
private char[] proxyPassword = new char[]{};
private String[] nonProxyHosts = new String[]{};
private String[] targetProxyHosts = new String[]{};
private String proxyProtocol;
private SSLContext sslContext;
private HostnameVerifier hostnameVerifier;
Expand All @@ -119,7 +125,7 @@ public Builder withConnectionParams(int connectionLimit, int maximumConnectionsP
}

public Builder withProxy(String proxyHost, int proxyPort, String proxyUsername, String proxyPassword,
String proxyProtocol, String[] nonProxyHosts) {
String proxyProtocol, String[] nonProxyHosts, String[] targetProxyHosts) {
this.proxyEnabled = true;
this.proxyHost = proxyHost;
this.proxyPort = proxyPort;
Expand All @@ -128,6 +134,9 @@ public Builder withProxy(String proxyHost, int proxyPort, String proxyUsername,
this.proxyProtocol = proxyProtocol;
this.nonProxyHosts = nonProxyHosts != null ?
Arrays.copyOf(nonProxyHosts, nonProxyHosts.length) : new String[]{};
this.targetProxyHosts = targetProxyHosts != null ?
Arrays.copyOf(targetProxyHosts, targetProxyHosts.length) :
new String[] {};
return this;
}

Expand All @@ -154,6 +163,7 @@ public HttpClientConfigurationDTO build() {
configuration.proxyPassword = this.proxyPassword;
configuration.proxyProtocol = this.proxyProtocol;
configuration.nonProxyHosts = this.nonProxyHosts;
configuration.targetProxyHosts = this.targetProxyHosts;
configuration.hostnameVerifier = this.hostnameVerifier;
if (this.sslContext != null) {
configuration.sslContext = this.sslContext;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,20 +65,33 @@ private boolean doesTargetMatchNonProxy(HttpHost target) {
String uriHost = target.getHostName();
String uriScheme = target.getSchemeName();
String[] nonProxyHosts = configuration.getNonProxyHosts();
int nphLength = nonProxyHosts != null ? nonProxyHosts.length : 0;
if (nonProxyHosts == null || nphLength < 1) {
log.debug("scheme:'" + uriScheme + "', host:'" + uriHost + "' : DEFAULT (0 non proxy host)");
return false;
String[] targetProxyHosts = configuration.getTargetProxyHosts();

if (nonProxyHosts != null) {
for (String nonProxyHost : nonProxyHosts) {
if ("*".equals(nonProxyHost)) {
return true;
}
if (uriHost.matches(nonProxyHost)) {
log.debug("sheme:'" + uriScheme + "', host:'" + uriHost + "' matches nonProxyHost '" + nonProxyHost
+ "' : NO PROXY");
return true;
}
}
}
for (String nonProxyHost : nonProxyHosts) {
if (uriHost.matches(nonProxyHost)) {
log.debug("scheme:'" + uriScheme + "', host:'" + uriHost + "' matches nonProxyHost '" +
nonProxyHost + "' : NO PROXY");
return true;

if (targetProxyHosts != null) {
for (String targetProxyHost : targetProxyHosts) {
if ("*".equals(targetProxyHost)) {
return false;
}
if (uriHost.matches(targetProxyHost)) {
return false;
}
}
}
log.debug("scheme:'" + uriScheme + "', host:'" + uriHost + "' : DEFAULT (no match of " + nphLength +
" non proxy host)");

log.debug("sheme:'" + uriScheme + "', host:'" + uriHost + "' : DEFAULT (no match of non proxy hosts)");
return false;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ public void testGetHttpClientWithProxy() {
.withSSLContext(sslContext)
// proxyProtocol here is https (due to existing limitation)
.withProxy(proxyHost, proxyServer.getPort(), proxyUsername, "random", proxyProtocol,
new String[]{"localhost"})
new String[]{"localhost"}, new String[]{})
.build();
HttpClient clientForNonProxyHost = null;
clientForNonProxyHost = CommonAPIUtil.getHttpClient("https", nonProxyHostBasedProxyConfig);
Expand All @@ -112,7 +112,8 @@ public void testGetHttpClientWithProxy() {
HttpClientConfigurationDTO configuration = builder
.withConnectionParams(connectionLimit, maximumConnectionsPerRoute, connectionTimeout)
.withSSLContext(sslContext)
.withProxy(proxyHost, proxyServer.getPort(), proxyUsername, proxyPassword, proxyProtocol, nonProxyHosts)
.withProxy(proxyHost, proxyServer.getPort(), proxyUsername, proxyPassword, proxyProtocol, nonProxyHosts,
new String[] {})
.build();

HttpClient client = null;
Expand All @@ -132,7 +133,8 @@ public void testGetHttpClientWithProxy() {
HttpClientConfigurationDTO configWithWrongProxyCredentials = builder
.withConnectionParams(connectionLimit, maximumConnectionsPerRoute, connectionTimeout)
.withSSLContext(sslContext)
.withProxy(proxyHost, proxyServer.getPort(), proxyUsername, "random", proxyProtocol, nonProxyHosts)
.withProxy(proxyHost, proxyServer.getPort(), proxyUsername, "random", proxyProtocol, nonProxyHosts,
new String[] {})
.build();
HttpClient clientWithWrongProxyCreds = null;
clientWithWrongProxyCreds = CommonAPIUtil.getHttpClient("https", configWithWrongProxyCredentials);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1548,6 +1548,7 @@ private OAuthConstants() {
public static final String PROXY_USERNAME = "ProxyConfig.Username";
public static final String PROXY_PASSWORD = "ProxyConfig.Password";
public static final String NON_PROXY_HOSTS = "ProxyConfig.NonProxyHosts";
public static final String TARGET_PROXY_HOSTS = "ProxyConfig.TargetProxyHosts";
public static final String PROXY_PROTOCOL = "ProxyConfig.Protocol";

public static final String KEYMANAGER_HOSTNAME = "keyManagerHostname";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1042,9 +1042,10 @@ void populateHttpClientConfiguration() {
String proxyUsername = configuration.getFirstProperty(APIConstants.PROXY_USERNAME);
String proxyPassword = configuration.getFirstProperty(APIConstants.PROXY_PASSWORD);
String[] nonProxyHosts = getNonProxyHostsListByNonProxyHostsStringConfiguration(configuration);
String[] targetProxyHosts = getTargetProxyHostsStringConfiguration(configuration);
String proxyProtocol = configuration.getFirstProperty(APIConstants.PROXY_PROTOCOL);
builder = builder.withProxy(proxyHost, proxyPort, proxyUsername, proxyPassword, proxyProtocol,
nonProxyHosts);
nonProxyHosts, targetProxyHosts);
}

SSLContext sslContext = null;
Expand Down Expand Up @@ -1098,6 +1099,17 @@ String[] getNonProxyHostsListByNonProxyHostsStringConfiguration(APIManagerConfig
return nonProxyHostsString != null ? nonProxyHostsString.split("\\|") : null;
}

/**
* Populates list of TargetProxyHosts for given targetProxyHostsString through APIManager Configuration
*
* @param config APIManager Configuration
* @return String array of target proxy list
*/
String[] getTargetProxyHostsStringConfiguration(APIManagerConfiguration config) {
String targetProxyHostsString = config.getFirstProperty(APIConstants.TARGET_PROXY_HOSTS);
return targetProxyHostsString != null ? targetProxyHostsString.split("\\|") : null;
}

@Reference(
name = "apim.workflow.task.service",
service = org.wso2.carbon.apimgt.api.model.WorkflowTaskService.class,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1681,6 +1681,7 @@
<Username>{{apim.proxy_config.username}}</Username>
<Password>{{apim.proxy_config.password}}</Password>
<NonProxyHosts>{{apim.proxy_config.nonProxyHosts}}</NonProxyHosts>
<TargetProxyHosts>{{apim.proxy_config.targetProxyHosts}}</TargetProxyHosts>
<Protocol>{{apim.proxy_config.protocol}}</Protocol>
</ProxyConfig>
<!--This parameter is used to Enable the password changing feature in devportal. When this is enabled, a user can
Expand Down

0 comments on commit 5f1dcd0

Please sign in to comment.