Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add https support #47

Merged
merged 16 commits into from
Jun 11, 2020
Merged

add https support #47

merged 16 commits into from
Jun 11, 2020

Conversation

shzcore
Copy link
Contributor

@shzcore shzcore commented Jun 8, 2020
edited by javeme
Loading

@CLAassistant
Copy link

CLAassistant commented Jun 8, 2020
edited
Loading

CLA assistant check
All committers have signed the CLA.

javeme
javeme requested changes Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.config(user, password)
.config(maxTotal, maxPerRoute)
.config(protocol, trustStoreFile, trustStorePassword)
.build());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.config(protocol, trustStoreFile, trustStorePassword)
.build());
}
private TrustManager[] getTrustManager() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add empty line

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
}
private TrustManager[] getTrustManager() {
return new TrustManager[]{
new X509TrustManager() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add class define NonCheckTrustManager

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
try {
SslConfigurator sslConfig = SslConfigurator.newInstance();
sslConfig.trustStoreFile(config.getProperties().get("trustStoreFile").toString())
.trustStorePassword(config.getProperties().get("trustStorePassword").toString());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.build();
} catch (Exception e) {
e.printStackTrace();
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add a method

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

address it

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.sslContext(sc)
.build();
} catch (Exception e) {
e.printStackTrace();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't swallow exception

src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java Outdated
int timeout, int maxTotal, int maxPerRoute,
String protocol, String trustStoreFile,
String trustStorePassword,int status) {
super(url, user, password, timeout, maxTotal, maxPerRoute,protocol,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add space before protocol

src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java Outdated
String protocol, String trustStoreFile,
String trustStorePassword,int status) {
super(url, user, password, timeout, maxTotal, maxPerRoute,protocol,
trustStoreFile,trustStorePassword);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add space before trustStorePassword

src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java Show resolved Hide resolved
javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Show resolved Hide resolved
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;

import static org.glassfish.jersey.apache.connector.ApacheClientProperties.CONNECTION_MANAGER;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

keep origin order

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

address it

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.build();
} catch (Exception e) {
e.printStackTrace();
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

address it

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
} catch (Exception e) {
e.printStackTrace();
} catch (KeyManagementException e) {
throw new ClientException("security key management exception", e);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

improve message

javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
TrustManager[] trustAllCerts = NoCheckTrustManager();
sc.init(null, trustAllCerts, new java.security.SecureRandom());
client = ClientBuilder.newBuilder()
.hostnameVerifier(new HostNameVerifier(url))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align with .newBuilder

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
private static class X509TrustManager implements javax.net.ssl.X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align with X509Certificate

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
private TrustManager[] NoCheckTrustManager() {
return new TrustManager[]{
new X509TrustManager()
};
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

put in one line

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
return hv.verify(hostname, session);
}
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove it

@codecov
Copy link

codecov bot commented Jun 8, 2020
edited
Loading

Codecov Report

Merging #47 into master will increase coverage by 0.01%.
The diff coverage is 82.60%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master      #47      +/-   ##
============================================
+ Coverage     81.58%   81.60%   +0.01%     
- Complexity      671      675       +4     
============================================
  Files            56       56              
  Lines          2004     2049      +45     
  Branches        297      300       +3     
============================================
+ Hits           1635     1672      +37     
- Misses          244      249       +5     
- Partials        125      128       +3
Impacted Files Coverage Δ Complexity Δ
...ava/com/baidu/hugegraph/version/CommonVersion.java 50.00% <ø> (ø) 1.00 <0.00> (ø)
...main/java/com/baidu/hugegraph/rest/RestClient.java 87.57% <82.60%> (-1.95%) 38.00 <3.00> (+4.00) ⬇️
.../main/java/com/baidu/hugegraph/event/EventHub.java 80.55% <0.00%> (-1.39%) 26.00% <0.00%> (-1.00%)
.../main/java/com/baidu/hugegraph/perf/Stopwatch.java 87.75% <0.00%> (+2.04%) 21.00% <0.00%> (+1.00%)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0d90ae4...ca326a6. Read the comment docs.

javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (KeyManagementException e) {
throw new ClientException("security key init management exception", e);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Failed to init security key management"

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
} catch (KeyManagementException e) {
throw new ClientException("security key management exception", e);
}
client = TrustConfig(url, config);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wrapTrustConfig()

@shzcore shzcore requested a review from javeme June 8, 2020 13:41
javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
}

private Client wrapTrustConfig(String url, ClientConfig config) {
Client client = null;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

move to line 142

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;

import static org.glassfish.jersey.apache.connector.ApacheClientProperties.CONNECTION_MANAGER;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

address it

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
SSLContext sc = sslConfig.createSSLContext();
TrustManager[] trustAllCerts = NoCheckTrustManager();
try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

import java.security.SecureRandom

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
return new TrustManager[]{new X509TrustManager()};
}

private static class X509TrustManager implements javax.net.ssl.X509TrustManager {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename to NoCheckTrustManager

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
.build());
}

private TrustManager[] NoCheckTrustManager() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

method name must be started with lower case, rename to createNoCheckTrustManager

javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java Outdated
String protocol, String trustStoreFile,
String trustStorePassword, int status) {
super(url, user, password, timeout, maxTotal, maxPerRoute, protocol,
trustStoreFile, trustStorePassword);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align

javeme
javeme reviewed Jun 8, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
private Client wrapTrustConfig(String url, ClientConfig config) {
Client client = null;
SslConfigurator sslConfig = SslConfigurator.newInstance();
sslConfig.trustStoreFile(config.getProperties().get("trustStoreFile").toString())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use config.getProperty("trustStoreFile") instead

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
Client client = null;
SslConfigurator sslConfig = SslConfigurator.newInstance();
sslConfig.trustStoreFile(config.getProperties().get("trustStoreFile").toString())
.trustStorePassword(config.getProperties().get("trustStorePassword").toString());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
public RestClient(String url, ClientConfig config) {
this.client = ClientBuilder.newClient(config);
Client client = null;
Object protocol = config.getProperties().get("protocol");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ditto

Linary
Linary requested changes Jun 9, 2020
View reviewed changes
src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
this(url, new ConfigBuilder().config(timeout)
.config(user, password)
.config(maxTotal, maxPerRoute)
.config(protocol, trustStoreFile, trustStorePassword)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

line 109 seems exceed 80 chars, wrap line like

.config(protocol, trustStoreFile, 
        trustStorePassword)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also pay attention to other places

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
} catch (KeyManagementException e) {
throw new ClientException("Failed to init security key management", e);
}
client = ClientBuilder.newBuilder()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just return ClientBuilder.newBuilder().... is ok, no need client

javeme
javeme previously approved these changes Jun 9, 2020
View reviewed changes
Linary
Linary previously approved these changes Jun 10, 2020
View reviewed changes
javeme
javeme reviewed Jun 10, 2020
View reviewed changes
src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java
this.headers = ImmutableMultivaluedMap.empty();
this.content = "";
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just add a test case: testHttpsGet:

    public void testHttpsGet() {
        RestClient client = new RestClientImpl(...);
        RestResult restResult = client.get("path", "id1");
        Assert.assertEquals(200, restResult.status());
    }

@shzcore shzcore dismissed stale reviews from Linary and javeme via 648cefb June 11, 2020 01:00
javeme
javeme requested changes Jun 11, 2020
View reviewed changes
src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java Outdated
String trustStorePassword = "changeit";
RestClient client = new RestClientImpl("/test", "user", "", 1000,
10, 5, "https", trustStoreFile,
trustStorePassword, 200);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

align

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
if (!this.url.equals("") && this.url.contains(hostname)) {
return true;
} else {
HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename hv to verifier

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated

@Override
public boolean verify(String hostname, SSLSession session) {
if (!this.url.equals("") && this.url.contains(hostname)) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use this.url.isEmpty() instead of this.url.equals("")

src/main/java/com/baidu/hugegraph/rest/RestClient.java Outdated
@@ -284,6 +356,25 @@ private static String encode(String raw) {
return UriComponent.encode(raw, UriComponent.Type.PATH_SEGMENT);
}

private static class HostNameVerifier implements HostnameVerifier {

private String url;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

set final

src/test/java/com/baidu/hugegraph/unit/rest/RestClientTest.java
RestResult restResult = client.post("path", "body");
Assert.assertEquals(200, restResult.status());
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add test for HostNameVerifier

@Linary Linary merged commit c2c5ba4 into apache:master Jun 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javeme javeme javeme approved these changes

@Linary Linary Linary approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@shzcore @CLAassistant @Linary @javeme