-
-
Notifications
You must be signed in to change notification settings - Fork 121
/
ClientConfig.java
350 lines (306 loc) 路 13.8 KB
/
ClientConfig.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
/*
* Copyright 2018 Thunderberry.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package nl.altindag.client;
import akka.actor.ActorSystem;
import akka.http.javadsl.ConnectionContext;
import com.github.mizosoft.methanol.Methanol;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.gson.GsonBuilder;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
import com.twitter.finagle.Http;
import com.twitter.finagle.Service;
import com.twitter.finagle.http.Request;
import com.twitter.finagle.http.Response;
import com.typesafe.config.ConfigFactory;
import feign.Feign;
import feign.googlehttpclient.GoogleHttpClient;
import feign.hc5.ApacheHttp5Client;
import feign.http2client.Http2Client;
import feign.httpclient.ApacheHttpClient;
import io.vertx.core.Vertx;
import io.vertx.core.net.KeyCertOptions;
import io.vertx.core.net.TrustOptions;
import io.vertx.ext.web.client.WebClientOptions;
import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.client.ClientBuilder;
import kong.unirest.Unirest;
import nl.altindag.ssl.SSLFactory;
import nl.altindag.ssl.apache4.util.Apache4SslUtils;
import nl.altindag.ssl.apache5.util.Apache5SslUtils;
import nl.altindag.ssl.jetty.util.JettySslUtils;
import nl.altindag.ssl.netty.util.NettySslUtils;
import okhttp3.OkHttpClient;
import org.apache.cxf.bus.CXFBusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.transport.http.HTTPConduitConfigurer;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.impl.client.HttpClients;
import org.asynchttpclient.AsyncHttpClient;
import org.asynchttpclient.Dsl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Scope;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.client.reactive.JettyClientHttpConnector;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.reactive.function.client.WebClient;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;
import javax.net.ssl.SSLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.http.HttpClient;
@Component
public class ClientConfig {
@Bean
@Scope("prototype")
public org.apache.http.impl.client.CloseableHttpClient apacheHttpClient(SSLFactory sslFactory) {
LayeredConnectionSocketFactory socketFactory = Apache4SslUtils.toSocketFactory(sslFactory);
return HttpClients.custom()
.setSSLSocketFactory(socketFactory)
.build();
}
@Bean
public org.apache.http.impl.nio.client.CloseableHttpAsyncClient apacheHttpAsyncClient(SSLFactory sslFactory) {
var client = org.apache.http.impl.nio.client.HttpAsyncClients.custom()
.setSSLContext(sslFactory.getSslContext())
.setSSLHostnameVerifier(sslFactory.getHostnameVerifier())
.build();
client.start();
return client;
}
@Bean
public org.apache.hc.client5.http.impl.classic.CloseableHttpClient apache5HttpClient(SSLFactory sslFactory) {
var connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
.setSSLSocketFactory(Apache5SslUtils.toSocketFactory(sslFactory))
.build();
return org.apache.hc.client5.http.impl.classic.HttpClients.custom()
.setConnectionManager(connectionManager)
.build();
}
@Bean
public org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient apache5HttpAsyncClient(SSLFactory sslFactory) {
var connectionManager = PoolingAsyncClientConnectionManagerBuilder.create()
.setTlsStrategy(Apache5SslUtils.toTlsStrategy(sslFactory))
.build();
var client = org.apache.hc.client5.http.impl.async.HttpAsyncClients.custom()
.setConnectionManager(connectionManager)
.build();
client.start();
return client;
}
@Bean
public HttpClient jdkHttpClient(SSLFactory sslFactory) {
return HttpClient.newBuilder()
.sslParameters(sslFactory.getSslParameters())
.sslContext(sslFactory.getSslContext())
.build();
}
@Bean
public RestTemplate restTemplate(org.apache.http.impl.client.CloseableHttpClient httpClient) {
return new RestTemplate(new HttpComponentsClientHttpRequestFactory(httpClient));
}
@Bean
@Scope("prototype")
public OkHttpClient okHttpClient(SSLFactory sslFactory) {
return new OkHttpClient.Builder()
.sslSocketFactory(sslFactory.getSslSocketFactory(), sslFactory.getTrustManager().orElseThrow())
.hostnameVerifier(sslFactory.getHostnameVerifier())
.build();
}
@Bean
@Scope("prototype")
public reactor.netty.http.client.HttpClient nettyHttpClient(SSLFactory sslFactory) throws SSLException {
var sslContext = NettySslUtils.forClient(sslFactory).build();
return reactor.netty.http.client.HttpClient.create()
.secure(sslSpec -> sslSpec.sslContext(sslContext));
}
@Bean
@Scope("prototype")
public org.eclipse.jetty.client.HttpClient jettyHttpClient(SSLFactory sslFactory) {
var sslContextFactory = JettySslUtils.forClient(sslFactory);
return new org.eclipse.jetty.client.HttpClient(sslContextFactory);
}
@Bean
public WebClient webClientWithNetty(reactor.netty.http.client.HttpClient httpClient) {
return WebClient.builder()
.clientConnector(new ReactorClientHttpConnector(httpClient))
.build();
}
@Bean
public WebClient webClientWithJetty(org.eclipse.jetty.client.HttpClient httpClient) {
return WebClient.builder()
.clientConnector(new JettyClientHttpConnector(httpClient))
.build();
}
@Bean
public Client jerseyClient(SSLFactory sslFactory) {
return ClientBuilder.newBuilder()
.sslContext(sslFactory.getSslContext())
.hostnameVerifier(sslFactory.getHostnameVerifier())
.build();
}
@Bean
public com.sun.jersey.api.client.Client oldJerseyClient(SSLFactory sslFactory) {
var clientConfig = new DefaultClientConfig();
clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(sslFactory.getHostnameVerifier(), sslFactory.getSslContext()));
return com.sun.jersey.api.client.Client.create(clientConfig);
}
/**
* JAX-RS configuration should be identical to {@link #jerseyClient(SSLFactory)} once CXF update to version 3.5.0
* But this function is still necessary to create CXF version of client that does not depend on Java SPI (/META-INF/services/javax.ws.rs.client.ClientBuilder)
*/
@Bean
@Qualifier("cxf")
public javax.ws.rs.client.Client cxfJaxRsClient(SSLFactory sslFactory) {
// One can just use ClientBuilder.newBuilder(), Explicit use here is due to multiple JAX-RS implementations in classpath
return new org.apache.cxf.jaxrs.client.spec.ClientBuilderImpl()
.sslContext(sslFactory.getSslContext())
.hostnameVerifier(sslFactory.getHostnameVerifier())
.build();
}
@Bean
public org.apache.cxf.jaxrs.client.WebClient cxfWebClient(SSLFactory sslFactory) {
var factory = new JAXRSClientFactoryBean();
factory.setAddress(Constants.getServerUrl());
// One can also get conduit from WebClient.getConfig(webClient).getHttpConduit() and change it directly
factory.setBus(new CXFBusFactory().createBus());
factory.getBus().setExtension((name, address, httpConduit) -> {
var tls = new TLSClientParameters();
tls.setSSLSocketFactory(sslFactory.getSslSocketFactory());
tls.setHostnameVerifier(sslFactory.getHostnameVerifier());
httpConduit.setTlsClientParameters(tls);
}, HTTPConduitConfigurer.class);
return factory.createWebClient();
}
@Bean
public HttpTransport googleHttpClient(SSLFactory sslFactory) {
return new NetHttpTransport.Builder()
.setSslSocketFactory(sslFactory.getSslSocketFactory())
.setHostnameVerifier(sslFactory.getHostnameVerifier())
.build();
}
@Autowired
public void unirest(SSLFactory sslFactory) {
Unirest.primaryInstance()
.config()
.sslContext(sslFactory.getSslContext())
.protocols(sslFactory.getSslParameters().getProtocols())
.ciphers(sslFactory.getSslParameters().getCipherSuites())
.hostnameVerifier(sslFactory.getHostnameVerifier());
}
@Bean
public Retrofit retrofit(OkHttpClient okHttpClient) {
return new Retrofit.Builder()
.client(okHttpClient)
.baseUrl(Constants.getServerUrl())
.addConverterFactory(GsonConverterFactory.create(new GsonBuilder().setLenient().create()))
.build();
}
@Bean
public Service<Request, Response> finagle(SSLFactory sslFactory) throws URISyntaxException {
var uri = new URI(Constants.getServerUrl());
var client = Http.client().withNoHttp2();
if (uri.getScheme().equals("https")) {
client = client.withTransport()
.tls(sslFactory.getSslContext());
}
return client.newService(uri.getHost() + ":" + uri.getPort());
}
@Bean
public ActorSystem actorSystem() {
return ActorSystem.create(
ClientConfig.class.getSimpleName(),
ConfigFactory.defaultApplication(ClientConfig.class.getClassLoader())
);
}
@Bean
public akka.http.javadsl.Http akkaHttpClient(SSLFactory sslFactory,
ActorSystem actorSystem) {
var http = akka.http.javadsl.Http.get(actorSystem);
var httpsContext = ConnectionContext.httpsClient(sslFactory.getSslContext());
http.setDefaultClientHttpsContext(httpsContext);
return http;
}
@Bean
public AsyncHttpClient asyncHttpClient(SSLFactory sslFactory) throws SSLException {
var sslContext = NettySslUtils.forClient(sslFactory).build();
var clientConfigBuilder = dispatch.Http.defaultClientBuilder()
.setSslContext(sslContext);
return Dsl.asyncHttpClient(clientConfigBuilder);
}
@Bean
public Feign.Builder feignWithOldJdkHttpClient(SSLFactory sslFactory) {
return Feign.builder()
.client(new feign.Client.Default(sslFactory.getSslSocketFactory(), sslFactory.getHostnameVerifier()));
}
@Bean
public Feign.Builder feignWithOkHttpClient(OkHttpClient okHttpClient) {
return Feign.builder()
.client(new feign.okhttp.OkHttpClient(okHttpClient));
}
@Bean
public Feign.Builder feignWithApacheHttpClient(org.apache.http.impl.client.CloseableHttpClient httpClient) {
return Feign.builder()
.client(new ApacheHttpClient(httpClient));
}
@Bean
public Feign.Builder feignWithApache5HttpClient(org.apache.hc.client5.http.impl.classic.CloseableHttpClient httpClient) {
return Feign.builder()
.client(new ApacheHttp5Client(httpClient));
}
@Bean
public Feign.Builder feignWithGoogleHttpClient(HttpTransport httpTransport) {
return Feign.builder()
.client(new GoogleHttpClient(httpTransport));
}
@Bean
public Feign.Builder feignWithJdkHttpClient(@Qualifier("jdkHttpClient") HttpClient httpClient) {
return Feign.builder()
.client(new Http2Client(httpClient));
}
@Bean
public Methanol methanol(SSLFactory sslFactory) {
return Methanol.newBuilder()
.sslContext(sslFactory.getSslContext())
.sslParameters(sslFactory.getSslParameters())
.build();
}
@Bean
public io.vertx.ext.web.client.WebClient vertxWebClient(SSLFactory sslFactory) {
var clientOptions = new WebClientOptions();
if (Constants.getServerUrl().contains("https")) {
clientOptions.setSsl(true);
sslFactory.getKeyManager()
.map(KeyCertOptions::wrap)
.ifPresent(clientOptions::setKeyCertOptions);
sslFactory.getTrustManager()
.map(TrustOptions::wrap)
.ifPresent(clientOptions::setTrustOptions);
sslFactory.getCiphers().forEach(clientOptions::addEnabledCipherSuite);
sslFactory.getProtocols().forEach(clientOptions::addEnabledSecureTransportProtocol);
}
return io.vertx.ext.web.client.WebClient.create(Vertx.vertx(), clientOptions);
}
}