summaryrefslogtreecommitdiffstats
path: root/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
diff options
context:
space:
mode:
Diffstat (limited to 'dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java')
-rw-r--r--dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java134
1 files changed, 76 insertions, 58 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
index 8011eaec..a6dede1c 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java
@@ -7,25 +7,27 @@ import java.net.Socket;
import java.text.MessageFormat;
import java.util.concurrent.atomic.AtomicReference;
-import org.apache.http.HttpException;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
-import org.apache.http.client.config.RequestConfig;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.config.Registry;
-import org.apache.http.config.RegistryBuilder;
-import org.apache.http.config.SocketConfig;
-import org.apache.http.conn.routing.HttpRoute;
-import org.apache.http.conn.socket.ConnectionSocketFactory;
-import org.apache.http.conn.socket.PlainConnectionSocketFactory;
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
-import org.apache.http.impl.conn.SystemDefaultRoutePlanner;
-import org.apache.http.protocol.HttpContext;
-import org.apache.http.ssl.SSLContexts;
+import org.apache.hc.client5.http.HttpRoute;
+import org.apache.hc.client5.http.classic.methods.HttpGet;
+import org.apache.hc.client5.http.config.ConnectionConfig;
+import org.apache.hc.client5.http.config.RequestConfig;
+import org.apache.hc.client5.http.config.TlsConfig;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner;
+import org.apache.hc.client5.http.socket.ConnectionSocketFactory;
+import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
+import org.apache.hc.core5.http.HttpException;
+import org.apache.hc.core5.http.HttpHost;
+import org.apache.hc.core5.http.HttpResponse;
+import org.apache.hc.core5.http.URIScheme;
+import org.apache.hc.core5.http.config.RegistryBuilder;
+import org.apache.hc.core5.http.protocol.HttpContext;
+import org.apache.hc.core5.http.ssl.TLS;
+import org.apache.hc.core5.util.Timeout;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -55,6 +57,12 @@ public class ProxyConfigurator {
private static AtomicReference<CloseableHttpClient> apacheClient = new AtomicReference<>();
+ private static final TLS[] SUPPORTED_TLS_VERSIONS = { TLS.V_1_3, TLS.V_1_2, TLS.V_1_1 };
+
+ private static final Timeout TIMEOUT_CONNECT = Timeout.ofSeconds(8);
+ private static final Timeout TIMEOUT_SOCKET = Timeout.ofSeconds(8);
+ private static final Timeout TIMEOUT_REQUEST = Timeout.ofSeconds(3);
+
/**
* Initialization method.
*/
@@ -148,46 +156,49 @@ public class ProxyConfigurator {
return inst;
}
- private static SSLConnectionSocketFactory createSslFactory() {
- // TODO: Geht nich
- for (String proto : new String[] { "TLSv1.2", "TLSv1.1", "TLS" }) {
- try {
- return new SSLConnectionSocketFactory(SSLContexts.custom().setProtocol(proto).build());
- } catch (Exception e) {
- LOGGER.warn(proto + " not available", e);
- }
- }
- return SSLConnectionSocketFactory.getSystemSocketFactory();
- }
-
private static HttpClientBuilder createShortTimeoutBuilder() {
- HttpClientBuilder builder = HttpClientBuilder.create().setSSLSocketFactory(createSslFactory());
- builder.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(8000).build());
- PoolingHttpClientConnectionManager pm = new PoolingHttpClientConnectionManager();
- pm.setDefaultMaxPerRoute(4);
- builder.setConnectionManager(pm);
- return builder;
+ return HttpClientBuilder.create()
+ .setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create()
+ .setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
+ .setTlsVersions(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+ .build())
+ .setDefaultTlsConfig(TlsConfig.custom()
+ .setSupportedProtocols(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+ .build())
+ .setDefaultConnectionConfig(ConnectionConfig.custom()
+ .setConnectTimeout(ProxyConfigurator.TIMEOUT_CONNECT)
+ .setSocketTimeout(ProxyConfigurator.TIMEOUT_SOCKET)
+ .build())
+ .setMaxConnPerRoute(4)
+ .build());
}
private static HttpClientBuilder createSlxBuilder() {
- HttpClientBuilder builder = HttpClientBuilder.create();
- builder.setRoutePlanner(new SlxRoutePlanner(null));
- builder.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(8000).build());
- Registry<ConnectionSocketFactory> csf = RegistryBuilder.<ConnectionSocketFactory> create()
- .register("http", new SlxSocketFactory())
- .register("https", createSslFactory())
- .build();
- PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(csf);
- cm.setDefaultMaxPerRoute(4);
- builder.setConnectionManager(cm);
- return builder;
+
+ final RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory>create()
+ .register(URIScheme.HTTP.id, SlxSocketFactory.getSocketFactory())
+ .register(URIScheme.HTTPS.id, SSLConnectionSocketFactoryBuilder.create()
+ .setTlsVersions(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+ .build());
+
+ final PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registryBuilder.build());
+ connectionManager.setDefaultTlsConfig(TlsConfig.custom()
+ .setSupportedProtocols(ProxyConfigurator.SUPPORTED_TLS_VERSIONS)
+ .build());
+ connectionManager.setDefaultConnectionConfig(ConnectionConfig.custom()
+ .setConnectTimeout(ProxyConfigurator.TIMEOUT_CONNECT)
+ .setSocketTimeout(ProxyConfigurator.TIMEOUT_SOCKET)
+ .build());
+ connectionManager.setDefaultMaxPerRoute(4);
+
+ return HttpClientBuilder.create()
+ .setRoutePlanner(new SlxRoutePlanner(null))
+ .setConnectionManager(connectionManager);
}
private static boolean testHttpsMaster() {
- RequestConfig requestConfig = RequestConfig.custom()
- .setConnectionRequestTimeout(3000)
- .setConnectTimeout(3000)
- .setSocketTimeout(3000)
+ final RequestConfig requestConfig = RequestConfig.custom()
+ .setConnectionRequestTimeout(ProxyConfigurator.TIMEOUT_REQUEST)
.build();
HttpGet httpGet = new HttpGet(ShibbolethEcp.BWLP_SP.toString());
httpGet.setConfig(requestConfig);
@@ -196,8 +207,8 @@ public class ProxyConfigurator {
"ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"");
try {
HttpResponse response = getClient().execute(httpGet);
- LOGGER.debug("Master server replies with " + response.getStatusLine().getStatusCode());
- return response.getStatusLine().getStatusCode() == 200;
+ LOGGER.debug("Master server replies with " + response.getCode());
+ return response.getCode() == 200;
} catch (Exception e) {
LOGGER.debug("Cannot reach master server via HTTPS", e);
return false;
@@ -205,6 +216,13 @@ public class ProxyConfigurator {
}
private static class SlxSocketFactory extends PlainConnectionSocketFactory {
+
+ public static final SlxSocketFactory INSTANCE = new SlxSocketFactory();
+
+ public static SlxSocketFactory getSocketFactory() {
+ return INSTANCE;
+ }
+
@Override
public Socket createSocket(HttpContext context) throws IOException {
Object obj = context.getAttribute("openslx.l7proxy");
@@ -224,11 +242,11 @@ public class ProxyConfigurator {
}
@Override
- public HttpRoute determineRoute(HttpHost host, HttpRequest request, HttpContext context)
+ public HttpHost determineProxy(final HttpHost target, final HttpContext context)
throws HttpException {
- HttpRoute route = super.determineRoute(host, request, context);
- context.setAttribute("openslx.l7proxy", route);
- return route;
+ HttpHost host = super.determineProxy(target, context);
+ context.setAttribute("openslx.l7proxy", host);
+ return host;
}
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-15 12:43:43 +0200