Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Append the scheme part of the HTTP client URL based on the client configurations #2816

Closed
ldclakmal opened this issue Mar 28, 2022 · 1 comment
Closed

Append the scheme part of the HTTP client URL based on the client configurations #2816

ldclakmal opened this issue Mar 28, 2022 · 1 comment
Assignees
@ldclakmal
Labels
Area/Security Issues related to stdlib security module/http module/jwt module/oauth2 Points/5 Team/PCM Protocol connector packages related issues Type/Improvement

Comments

@ldclakmal
Copy link
Member

ldclakmal commented Mar 28, 2022
edited
Loading

Description:
This issue is created to track the improvement of appending the scheme part to HTTP client URL based on the client configurations.

Scenario - 1: Should append http:// to the URL

http:Client usersEP = check new("localhost:9090");

Scenario - 2: Should append https:// to the URL

http:Client usersEP = check new("localhost:9090",
    secureSocket = {
        cert: "./resources/public.crt"
    }
);

Scenario - 3: Should append https:// to the URL

http:Client usersEP = check new("localhost:9090",
    auth = {
        username: "alice",
        password: "123"
    }
);

Scenario - 4: Should append https:// to the URL

http:Client usersEP = check new("localhost:9090",
    auth = {
        username: "alice",
        password: "123"
    },
    secureSocket = {
        cert: "./resources/public.crt"
    }
);

Scenario - 5: Should be able to override the URL protocol as http:// for any of the above scenarios.

NOTE: But there will be a runtime warning if the protocol is overridden as http:// for scenario 2, 3 & 4.

http:Client usersEP = check new("http://localhost:9090",
    auth = {
        username: "alice",
        password: "123"
    },
    secureSocket = {
        cert: "./resources/public.crt"
    }
);
warning: [ballerina/http] HTTPS is recommended but using HTTP

In summary:

  • If the scheme part is not provided & no security related configurations added, http:// scheme will be added.
  • If the scheme part is not provided & one or more security related configurations are added, https:// scheme will be added.
  • If the scheme part is added as http:// & one or more security related configurations are also added, there will be a warning.

Furthermore, this support should be extended to the client configurations of JWT and OAuth2 modules as well.
@ldclakmal ldclakmal self-assigned this Mar 28, 2022
@ldclakmal ldclakmal added Type/Improvement module/http module/jwt module/oauth2 Team/PCM Protocol connector packages related issues Area/Security Issues related to stdlib security labels Mar 28, 2022
@ldclakmal ldclakmal changed the title Append the protocol part of the HTTP client URL based on the client configurations Append the scheme part of the HTTP client URL based on the client configurations Mar 29, 2022
This was referenced Apr 7, 2022
Closed
Merged
Merged
Merged
@ldclakmal
Copy link
Member Author

Fixed with the above PRs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ldclakmal ldclakmal

Labels
Area/Security Issues related to stdlib security module/http module/jwt module/oauth2 Points/5 Team/PCM Protocol connector packages related issues Type/Improvement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ldclakmal