From 8e8a25e09ea50711e2377bdb7119d198643a67df Mon Sep 17 00:00:00 2001 From: Melloware Date: Sat, 15 Jun 2024 09:17:13 -0400 Subject: [PATCH] Fix #682: 2.3.x Allow to define if dev-server is HTTPS / TLS (#694) --- .../deployment/ForwardedDevProcessor.java | 10 +++--- .../deployment/config/DevServerConfig.java | 4 +-- .../items/ForwardedDevServerBuildItem.java | 14 +++++++- .../ROOT/pages/includes/attributes.adoc | 2 +- .../ROOT/pages/includes/quarkus-quinoa.adoc | 34 +++++++++++++++++++ .../quinoa/QuinoaDevProxyHandler.java | 14 ++++++-- .../io/quarkiverse/quinoa/QuinoaRecorder.java | 6 ++-- 7 files changed, 71 insertions(+), 13 deletions(-) diff --git a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/ForwardedDevProcessor.java b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/ForwardedDevProcessor.java index 9dec3de6..6231533b 100644 --- a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/ForwardedDevProcessor.java +++ b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/ForwardedDevProcessor.java @@ -99,7 +99,8 @@ public ForwardedDevServerBuildItem prepareDevService( devServerConfig.host(), devServerConfig.port().get(), checkPath); - return new ForwardedDevServerBuildItem(resolvedDevServerHost, devServerConfig.port().get()); + return new ForwardedDevServerBuildItem(devServerConfig.tls(), devServerConfig.tlsAllowInsecure(), + resolvedDevServerHost, devServerConfig.port().get()); } shutdownDevService(); } @@ -125,7 +126,7 @@ public ForwardedDevServerBuildItem prepareDevService( final String resolvedHostIPAddress = PackageManagerRunner.isDevServerUp(configuredTls, configuredTlsAllowInsecure, configuredDevServerHost, port, checkPath); if (resolvedHostIPAddress != null) { - return new ForwardedDevServerBuildItem(resolvedHostIPAddress, port); + return new ForwardedDevServerBuildItem(configuredTls, configuredTlsAllowInsecure, resolvedHostIPAddress, port); } else { throw new IllegalStateException( "The Web UI dev server (configured as not managed by Quinoa) is not started on port: " + port); @@ -161,7 +162,7 @@ public ForwardedDevServerBuildItem prepareDevService( devService = new DevServicesResultBuildItem.RunningDevService( DEV_SERVICE_NAME, null, onClose, devServerConfigMap); devServices.produce(devService.toBuildItem()); - return new ForwardedDevServerBuildItem(devServer.hostIPAddress(), port); + return new ForwardedDevServerBuildItem(configuredTls, configuredTlsAllowInsecure, devServer.hostIPAddress(), port); } catch (Throwable t) { packageManagerRunner.stopDev(dev.get()); if (devServer != null) { @@ -206,7 +207,8 @@ public void runtimeInit( LOG.infof("Quinoa is forwarding unhandled requests to port: %d", devProxy.get().getPort()); final QuinoaHandlerConfig handlerConfig = toHandlerConfig(quinoaConfig, true, httpBuildTimeConfig); routes.produce(RouteBuildItem.builder().orderedRoute("/*", QUINOA_ROUTE_ORDER) - .handler(recorder.quinoaProxyDevHandler(handlerConfig, vertx.getVertx(), devProxy.get().getHost(), + .handler(recorder.quinoaProxyDevHandler(handlerConfig, vertx.getVertx(), devProxy.get().isTls(), + devProxy.get().isTlsAllowInsecure(), devProxy.get().getHost(), devProxy.get().getPort(), quinoaConfig.devServer().websocket())) .build()); diff --git a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/config/DevServerConfig.java b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/config/DevServerConfig.java index 1bb75901..96a07a35 100644 --- a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/config/DevServerConfig.java +++ b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/config/DevServerConfig.java @@ -41,13 +41,13 @@ public interface DevServerConfig { String host(); /** - * Protocol of the server to forward requests to. + * When set to true, Quinoa requests will be forwarded with tls enabled. */ @WithDefault("false") boolean tls(); /** - * Protocol of the server to forward requests to. + * When set to true, Quinoa will accept any certificate with any hostname. */ @WithDefault("false") boolean tlsAllowInsecure(); diff --git a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/items/ForwardedDevServerBuildItem.java b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/items/ForwardedDevServerBuildItem.java index 71ea8458..a202cb3d 100644 --- a/deployment/src/main/java/io/quarkiverse/quinoa/deployment/items/ForwardedDevServerBuildItem.java +++ b/deployment/src/main/java/io/quarkiverse/quinoa/deployment/items/ForwardedDevServerBuildItem.java @@ -4,14 +4,26 @@ public final class ForwardedDevServerBuildItem extends SimpleBuildItem { + private final boolean tls; + private final boolean tlsAllowInsecure; private final String host; private final Integer port; - public ForwardedDevServerBuildItem(String host, Integer port) { + public ForwardedDevServerBuildItem(boolean tls, boolean tlsAllowInsecure, String host, Integer port) { + this.tls = tls; + this.tlsAllowInsecure = tlsAllowInsecure; this.host = host; this.port = port; } + public boolean isTls() { + return tls; + } + + public boolean isTlsAllowInsecure() { + return tlsAllowInsecure; + } + public String getHost() { return host; } diff --git a/docs/modules/ROOT/pages/includes/attributes.adoc b/docs/modules/ROOT/pages/includes/attributes.adoc index 6cafb6c8..843c5613 100644 --- a/docs/modules/ROOT/pages/includes/attributes.adoc +++ b/docs/modules/ROOT/pages/includes/attributes.adoc @@ -1,5 +1,5 @@ :quarkus-version: 3.8.2 -:quarkus-quinoa-version: 2.3.7 +:quarkus-quinoa-version: 2.3.8 :maven-version: 3.8.1+ :extension-status: stable diff --git a/docs/modules/ROOT/pages/includes/quarkus-quinoa.adoc b/docs/modules/ROOT/pages/includes/quarkus-quinoa.adoc index 07c0a910..7a5262e3 100644 --- a/docs/modules/ROOT/pages/includes/quarkus-quinoa.adoc +++ b/docs/modules/ROOT/pages/includes/quarkus-quinoa.adoc @@ -571,6 +571,40 @@ endif::add-copy-button-to-env-var[] |`localhost` +a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-tls]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-tls[quarkus.quinoa.dev-server.tls]` + + +[.description] +-- +When set to true, Quinoa requests will be forwarded with tls enabled. + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_QUINOA_DEV_SERVER_TLS+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_QUINOA_DEV_SERVER_TLS+++` +endif::add-copy-button-to-env-var[] +--|boolean +|`false` + + +a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-tls-allow-insecure]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-tls-allow-insecure[quarkus.quinoa.dev-server.tls-allow-insecure]` + + +[.description] +-- +When set to true, Quinoa will accept any certificate with any hostname. + +ifdef::add-copy-button-to-env-var[] +Environment variable: env_var_with_copy_button:+++QUARKUS_QUINOA_DEV_SERVER_TLS_ALLOW_INSECURE+++[] +endif::add-copy-button-to-env-var[] +ifndef::add-copy-button-to-env-var[] +Environment variable: `+++QUARKUS_QUINOA_DEV_SERVER_TLS_ALLOW_INSECURE+++` +endif::add-copy-button-to-env-var[] +--|boolean +|`false` + + a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-check-path]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-check-path[quarkus.quinoa.dev-server.check-path]` diff --git a/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaDevProxyHandler.java b/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaDevProxyHandler.java index 268be9bd..ab2fc385 100644 --- a/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaDevProxyHandler.java +++ b/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaDevProxyHandler.java @@ -20,6 +20,7 @@ import io.vertx.ext.web.RoutingContext; import io.vertx.ext.web.client.HttpResponse; import io.vertx.ext.web.client.WebClient; +import io.vertx.ext.web.client.WebClientOptions; class QuinoaDevProxyHandler implements Handler { private static final Logger LOG = Logger.getLogger(QuinoaDevProxyHandler.class); @@ -36,11 +37,20 @@ class QuinoaDevProxyHandler implements Handler { private final ClassLoader currentClassLoader; private final QuinoaHandlerConfig config; - QuinoaDevProxyHandler(final QuinoaHandlerConfig config, final Vertx vertx, String host, int port, + QuinoaDevProxyHandler(final QuinoaHandlerConfig config, final Vertx vertx, boolean tls, boolean tlsAllowInsecure, + String host, int port, boolean websocket) { this.host = host; this.port = port; - this.client = WebClient.create(vertx); + WebClientOptions options = new WebClientOptions(); + if (tls) { + options.setSsl(true); + if (tlsAllowInsecure) { + options.setTrustAll(true); + options.setVerifyHost(false); + } + } + this.client = WebClient.create(vertx, options); this.wsUpgradeHandler = websocket ? new QuinoaDevWebSocketProxyHandler(vertx, host, port) : null; this.config = config; currentClassLoader = Thread.currentThread().getContextClassLoader(); diff --git a/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaRecorder.java b/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaRecorder.java index c57ffa32..d1a626a1 100644 --- a/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaRecorder.java +++ b/runtime/src/main/java/io/quarkiverse/quinoa/QuinoaRecorder.java @@ -26,9 +26,9 @@ public class QuinoaRecorder { public static final Set HANDLED_METHODS = Set.of(HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.GET); public Handler quinoaProxyDevHandler(final QuinoaHandlerConfig handlerConfig, Supplier vertx, - String host, int port, boolean websocket) { + boolean tls, boolean tlsAllowInsecure, String host, int port, boolean websocket) { logIgnoredPathPrefixes(handlerConfig.ignoredPathPrefixes); - return new QuinoaDevProxyHandler(handlerConfig, vertx.get(), host, port, websocket); + return new QuinoaDevProxyHandler(handlerConfig, vertx.get(), tls, tlsAllowInsecure, host, port, websocket); } public Handler quinoaSPARoutingHandler(final QuinoaHandlerConfig handlerConfig) throws IOException { @@ -91,4 +91,4 @@ static void next(ClassLoader cl, RoutingContext ctx) { ctx.next(); } -} +} \ No newline at end of file