/** * Returns the {@link SSLSession} of the connection. * * @return the {@link SSLSession}, or {@code null} if the {@link SessionProtocol} is not TLS. */ @Nullable protected final SSLSession sslSession() { checkState(!sessionProtocol.isTls() || sslSession != null, "sslSession must be set for a TLS-enabled protocol: %s", sessionProtocol); return sessionProtocol.isTls() ? sslSession : null; }
/** * Finds the {@link SSLSession} of the current TLS connection. * * @return the {@link SSLSession} if found, or {@code null} if {@link SessionProtocol} is not TLS, * the {@link SSLSession} is not found or {@link Channel} is {@code null}. */ @Nullable public static SSLSession findSslSession(@Nullable Channel channel, SessionProtocol sessionProtocol) { if (!sessionProtocol.isTls()) { return null; } return findSslSession(channel); }
@Nullable private static String getAuthority(RequestContext ctx, HttpHeaders headers) { String authority = headers.authority(); if (authority != null) { final Pattern portPattern = ctx.sessionProtocol().isTls() ? PORT_443 : PORT_80; final Matcher m = portPattern.matcher(authority); if (m.find()) { authority = authority.substring(0, m.start()); } return authority; } return null; }
private static HttpUrl convertToOkHttpUrl(HttpClient baseHttpClient, String basePath, String groupPrefix) { final URI uri = baseHttpClient.uri(); final SessionProtocol sessionProtocol = Scheme.tryParse(uri.getScheme()) .map(Scheme::sessionProtocol) .orElseGet(() -> SessionProtocol.of(uri.getScheme())); final String authority = uri.getAuthority(); final String protocol = sessionProtocol.isTls() ? "https" : "http"; final HttpUrl parsed; if (authority.startsWith("group:")) { parsed = HttpUrl.parse(protocol + "://" + authority.replace("group:", groupPrefix) + basePath); } else { parsed = HttpUrl.parse(protocol + "://" + authority + basePath); } assert parsed != null; return parsed; } }
private void fillSchemeIfMissing(HttpHeaders headers) { if (headers.scheme() == null) { headers.scheme(protocol.isTls() ? "https" : "http"); } }
private void startRequest0(@Nullable Channel channel, SessionProtocol sessionProtocol, @Nullable SSLSession sslSession, long requestStartTimeNanos, long requestStartTimeMicros, boolean updateAvailability) { if (isAvailabilityAlreadyUpdated(REQUEST_START)) { return; } this.requestStartTimeNanos = requestStartTimeNanos; this.requestStartTimeMicros = requestStartTimeMicros; this.channel = channel; this.sslSession = sslSession; this.sessionProtocol = sessionProtocol; if (sessionProtocol.isTls()) { // Switch to the dummy headers with ':scheme=https' if the connection is TLS. if (requestHeaders == DUMMY_REQUEST_HEADERS_HTTP) { requestHeaders = DUMMY_REQUEST_HEADERS_HTTPS; } } if (updateAvailability) { updateAvailability(REQUEST_START); } }
/** * Returns the URI for the {@link Server} of the specified protocol. * * @throws IllegalStateException if the {@link Server} is not started or * it did not open a port of the protocol. */ public String uri(SessionProtocol protocol, String path) { requireNonNull(protocol, "protocol"); requireNonNull(path, "path"); // This will ensure that the server has started. server(); final int port; if (!protocol.isTls() && hasHttp()) { port = httpPort(); } else if (protocol.isTls() && hasHttps()) { port = httpsPort(); } else { throw new IllegalStateException("can't find the specified port"); } return protocol.uriText() + "://127.0.0.1:" + port + path; }
this.protocol = protocol; if (protocol == H1 || protocol == H1C) { requestEncoder = new Http1ObjectEncoder(channel, false, protocol.isTls()); responseDecoder = ctx.pipeline().get(Http1ResponseDecoder.class); } else if (protocol == H2 || protocol == H2C) {
if (sessionProtocol.isTls()) { try { final SslContextBuilder builder = SslContextBuilder.forClient();
private static MetaData.Request toRequestMetadata(ServiceRequestContext ctx, AggregatedHttpMessage aReq) { // Construct the HttpURI final StringBuilder uriBuf = new StringBuilder(); final HttpHeaders aHeaders = aReq.headers(); uriBuf.append(ctx.sessionProtocol().isTls() ? "https" : "http"); uriBuf.append("://"); uriBuf.append(aHeaders.authority()); uriBuf.append(aHeaders.path()); final HttpURI uri = new HttpURI(uriBuf.toString()); uri.setPath(ctx.mappedPath()); // Convert HttpHeaders to HttpFields final HttpFields jHeaders = new HttpFields(aHeaders.size()); aHeaders.forEach(e -> { final AsciiString key = e.getKey(); if (!key.isEmpty() && key.byteAt(0) != ':') { jHeaders.add(key.toString(), e.getValue()); } }); return new MetaData.Request( aHeaders.method().name(), uri, HttpVersion.HTTP_1_1, jHeaders, aReq.content().length()); }
requestHeaders.scheme(sessionProtocol.isTls() ? "https" : "http");
@Override public HttpResponse serve(ServiceRequestContext ctx, HttpRequest req) throws Exception { final SamlServiceFunction func = serviceMap.get(req.path()); if (func == null) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } final CompletionStage<AggregatedHttpMessage> f; if (portConfigHolder.isDone()) { f = req.aggregate(); } else { f = portConfigHolder.future().thenCompose(unused -> req.aggregate()); } return HttpResponse.from(f.handle((msg, cause) -> { if (cause != null) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } final SamlPortConfig portConfig = portConfigHolder.config().get(); if (portConfig.scheme().isTls() != ctx.sessionProtocol().isTls()) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } // Use user-specified hostname if it exists. // If there's no hostname set by a user, the default virtual hostname will be used. final String defaultHostname = firstNonNull(sp.hostname(), ctx.virtualHost().defaultHostname()); return func.serve(ctx, msg, defaultHostname, portConfig); })); }
private static void fillRequest( ServiceRequestContext ctx, AggregatedHttpMessage aReq, Request jReq) { jReq.setDispatcherType(DispatcherType.REQUEST); jReq.setAsyncSupported(false, "armeria"); jReq.setSecure(ctx.sessionProtocol().isTls()); jReq.setMetaData(toRequestMetadata(ctx, aReq)); final HttpData content = aReq.content(); if (!content.isEmpty()) { jReq.getHttpInput().addContent(new Content(ByteBuffer.wrap( content.array(), content.offset(), content.length()))); } jReq.getHttpInput().eof(); }
@Nullable private static String getAuthority(RequestContext ctx, HttpHeaders headers) { String authority = headers.authority(); if (authority != null) { final Pattern portPattern = ctx.sessionProtocol().isTls() ? PORT_443 : PORT_80; final Matcher m = portPattern.matcher(authority); if (m.find()) { authority = authority.substring(0, m.start()); } return authority; } return null; }
@Nullable private static String getAuthority(RequestContext ctx, HttpHeaders headers) { String authority = headers.authority(); if (authority != null) { final Pattern portPattern = ctx.sessionProtocol().isTls() ? PORT_443 : PORT_80; final Matcher m = portPattern.matcher(authority); if (m.find()) { authority = authority.substring(0, m.start()); } return authority; } return null; }
@Override public HttpResponse serve(ServiceRequestContext ctx, HttpRequest req) throws Exception { final SamlServiceFunction func = serviceMap.get(req.path()); if (func == null) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } final CompletionStage<AggregatedHttpMessage> f; if (portConfigHolder.isDone()) { f = req.aggregate(); } else { f = portConfigHolder.future().thenCompose(unused -> req.aggregate()); } return HttpResponse.from(f.handle((msg, cause) -> { if (cause != null) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } final SamlPortConfig portConfig = portConfigHolder.config().get(); if (portConfig.scheme().isTls() != ctx.sessionProtocol().isTls()) { return HttpResponse.of(HttpStatus.BAD_REQUEST); } // Use user-specified hostname if it exists. // If there's no hostname set by a user, the default virtual hostname will be used. final String defaultHostname = firstNonNull(sp.hostname(), ctx.virtualHost().defaultHostname()); return func.serve(ctx, msg, defaultHostname, portConfig); })); }