root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Fully prepare connection when using SSL bundle 

Fixes gh-36007
This commit is contained in:
Andy Wilkinson 2023-06-21 19:05:44 +01:00
parent 7266d4863b
commit b770ffc160
2 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/client/ClientHttpRequestFactories.java
View File

@ -245,6 +245,7 @@ public final class ClientHttpRequestFactories {
@Override @Override
protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException { protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
super.prepareConnection(connection, httpMethod);
if (this.sslBundle != null && connection instanceof HttpsURLConnection secureConnection) { if (this.sslBundle != null && connection instanceof HttpsURLConnection secureConnection) {
SSLSocketFactory socketFactory = this.sslBundle.createSslContext().getSocketFactory(); SSLSocketFactory socketFactory = this.sslBundle.createSslContext().getSocketFactory();
secureConnection.setSSLSocketFactory(socketFactory); secureConnection.setSSLSocketFactory(socketFactory);

28
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/client/AbstractClientHttpRequestFactoriesTests.java
View File

@ -16,13 +16,20 @@
package org.springframework.boot.web.client; package org.springframework.boot.web.client;
import java.io.IOException;
import java.net.URI; import java.net.URI;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.time.Duration; import java.time.Duration;
import javax.net.ssl.SSLHandshakeException; import javax.net.ssl.SSLHandshakeException;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.CsvSource;
import org.springframework.boot.ssl.SslBundle; import org.springframework.boot.ssl.SslBundle;
import org.springframework.boot.ssl.SslBundleKey; import org.springframework.boot.ssl.SslBundleKey;
@ -94,8 +101,9 @@ abstract class AbstractClientHttpRequestFactoriesTests<T extends ClientHttpReque
assertThat(readTimeout((T) requestFactory)).isEqualTo(Duration.ofSeconds(120).toMillis()); assertThat(readTimeout((T) requestFactory)).isEqualTo(Duration.ofSeconds(120).toMillis());
} }
@Test @ParameterizedTest
void connectWithSslBundle() throws Exception { @CsvSource({ "GET", "POST" })
void connectWithSslBundle(String httpMethod) throws Exception {
TomcatServletWebServerFactory webServerFactory = new TomcatServletWebServerFactory(0); TomcatServletWebServerFactory webServerFactory = new TomcatServletWebServerFactory(0);
Ssl ssl = new Ssl(); Ssl ssl = new Ssl();
ssl.setClientAuth(ClientAuth.NEED); ssl.setClientAuth(ClientAuth.NEED);
@ -103,7 +111,8 @@ abstract class AbstractClientHttpRequestFactoriesTests<T extends ClientHttpReque
ssl.setKeyStore("classpath:test.jks"); ssl.setKeyStore("classpath:test.jks");
ssl.setTrustStore("classpath:test.jks"); ssl.setTrustStore("classpath:test.jks");
webServerFactory.setSsl(ssl); webServerFactory.setSsl(ssl);
WebServer webServer = webServerFactory.getWebServer(); WebServer webServer = webServerFactory
.getWebServer((context) -> context.addServlet("test", TestServlet.class).addMapping("/"));
try { try {
webServer.start(); webServer.start();
int port = webServer.getPort(); int port = webServer.getPort();
@ -118,9 +127,9 @@ abstract class AbstractClientHttpRequestFactoriesTests<T extends ClientHttpReque
SslBundle sslBundle = SslBundle.of(stores, SslBundleKey.of("password")); SslBundle sslBundle = SslBundle.of(stores, SslBundleKey.of("password"));
ClientHttpRequestFactory secureRequestFactory = ClientHttpRequestFactories ClientHttpRequestFactory secureRequestFactory = ClientHttpRequestFactories
.get(ClientHttpRequestFactorySettings.DEFAULTS.withSslBundle(sslBundle)); .get(ClientHttpRequestFactorySettings.DEFAULTS.withSslBundle(sslBundle));
ClientHttpRequest secureRequest = secureRequestFactory.createRequest(uri, HttpMethod.GET); ClientHttpRequest secureRequest = secureRequestFactory.createRequest(uri, HttpMethod.valueOf(httpMethod));
String secureResponse = StreamUtils.copyToString(secureRequest.execute().getBody(), StandardCharsets.UTF_8); String secureResponse = StreamUtils.copyToString(secureRequest.execute().getBody(), StandardCharsets.UTF_8);
assertThat(secureResponse).contains("HTTP Status 404 Not Found"); assertThat(secureResponse).contains("Received " + httpMethod + " request to /");
} }
finally { finally {
webServer.stop(); webServer.stop();
@ -131,4 +140,13 @@ abstract class AbstractClientHttpRequestFactoriesTests<T extends ClientHttpReque
protected abstract long readTimeout(T requestFactory); protected abstract long readTimeout(T requestFactory);
public static class TestServlet extends HttpServlet {
@Override
public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
res.getWriter().println("Received " + req.getMethod() + " request to " + req.getRequestURI());
}
}
} }