Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix #682: Allow to define if dev-server is HTTPS / TLS (Again) #692

Merged
merged 2 commits into from
Jun 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,8 @@ public ForwardedDevServerBuildItem prepareDevService(
devServerConfig.host(),
devServerConfig.port().get(),
checkPath);
return new ForwardedDevServerBuildItem(resolvedDevServerHost, devServerConfig.port().get());
return new ForwardedDevServerBuildItem(devServerConfig.tls(), devServerConfig.tlsAllowInsecure(),
resolvedDevServerHost, devServerConfig.port().get());
}
shutdownDevService();
}
Expand All @@ -125,7 +126,7 @@ public ForwardedDevServerBuildItem prepareDevService(
final String resolvedHostIPAddress = PackageManagerRunner.isDevServerUp(configuredTls, configuredTlsAllowInsecure,
configuredDevServerHost, port, checkPath);
if (resolvedHostIPAddress != null) {
return new ForwardedDevServerBuildItem(resolvedHostIPAddress, port);
return new ForwardedDevServerBuildItem(configuredTls, configuredTlsAllowInsecure, resolvedHostIPAddress, port);
} else {
throw new IllegalStateException(
"The Web UI dev server (configured as not managed by Quinoa) is not started on port: " + port);
Expand Down Expand Up @@ -161,7 +162,7 @@ public ForwardedDevServerBuildItem prepareDevService(
devService = new DevServicesResultBuildItem.RunningDevService(
DEV_SERVICE_NAME, null, onClose, devServerConfigMap);
devServices.produce(devService.toBuildItem());
return new ForwardedDevServerBuildItem(devServer.hostIPAddress(), port);
return new ForwardedDevServerBuildItem(configuredTls, configuredTlsAllowInsecure, devServer.hostIPAddress(), port);
} catch (Throwable t) {
packageManagerRunner.stopDev(dev.get());
if (devServer != null) {
Expand Down Expand Up @@ -206,7 +207,8 @@ public void runtimeInit(
LOG.infof("Quinoa is forwarding unhandled requests to port: %d", devProxy.get().getPort());
final QuinoaDevProxyHandlerConfig handlerConfig = toDevProxyHandlerConfig(quinoaConfig, httpBuildTimeConfig);
routes.produce(RouteBuildItem.builder().orderedRoute("/*", QUINOA_ROUTE_ORDER)
.handler(recorder.quinoaProxyDevHandler(handlerConfig, vertx.getVertx(), devProxy.get().getHost(),
.handler(recorder.quinoaProxyDevHandler(handlerConfig, vertx.getVertx(), devProxy.get().isTls(),
devProxy.get().isTlsAllowInsecure(), devProxy.get().getHost(),
devProxy.get().getPort(),
quinoaConfig.devServer().websocket()))
.build());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,13 +41,13 @@ public interface DevServerConfig {
String host();

/**
* Protocol of the server to forward requests to.
* When set to true, Quinoa requests will be forwarded with tls enabled.
*/
@WithDefault("false")
boolean tls();

/**
* Protocol of the server to forward requests to.
* When set to true, Quinoa will accept any certificate with any hostname.
*/
@WithDefault("false")
boolean tlsAllowInsecure();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,26 @@

public final class ForwardedDevServerBuildItem extends SimpleBuildItem {

private final boolean tls;
private final boolean tlsAllowInsecure;
private final String host;
private final Integer port;

public ForwardedDevServerBuildItem(String host, Integer port) {
public ForwardedDevServerBuildItem(boolean tls, boolean tlsAllowInsecure, String host, Integer port) {
this.tls = tls;
this.tlsAllowInsecure = tlsAllowInsecure;
this.host = host;
this.port = port;
}

public boolean isTls() {
return tls;
}

public boolean isTlsAllowInsecure() {
return tlsAllowInsecure;
}

public String getHost() {
return host;
}
Expand Down
33 changes: 32 additions & 1 deletion docs/modules/ROOT/pages/includes/quarkus-quinoa.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -519,6 +519,37 @@ endif::add-copy-button-to-env-var[]
--|boolean
|`true`

a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-tls]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-tls[quarkus.quinoa.dev-server.tls]`


[.description]
--
When set to true, Quinoa requests will be forwarded with tls enabled.

ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_QUINOA_DEV_SERVER_TLS+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
Environment variable: `+++QUARKUS_QUINOA_DEV_SERVER_TLS+++`
endif::add-copy-button-to-env-var[]
--|boolean
|`false`

a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-tls-allow-insecure]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-tls-allow-insecure[quarkus.quinoa.dev-server.tls.allow-insecure]`


[.description]
--
When set to true, Quinoa will accept any certificate with any hostname.

ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_QUINOA_DEV_SERVER_TLS_ALLOW_INSECURE+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
Environment variable: `+++QUARKUS_QUINOA_DEV_SERVER_TLS_ALLOW_INSECURE+++`
endif::add-copy-button-to-env-var[]
--|boolean
|`false`

a|icon:lock[title=Fixed at build time] [[quarkus-quinoa_quarkus-quinoa-dev-server-port]]`link:#quarkus-quinoa_quarkus-quinoa-dev-server-port[quarkus.quinoa.dev-server.port]`

Expand Down Expand Up @@ -745,4 +776,4 @@ endif::add-copy-button-to-env-var[]

|

|===
|===
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@

import java.util.List;

import io.vertx.ext.web.client.WebClientOptions;
import org.jboss.logging.Logger;

import io.vertx.core.AsyncResult;
Expand Down Expand Up @@ -36,11 +37,20 @@ class QuinoaDevProxyHandler implements Handler<RoutingContext> {
private final ClassLoader currentClassLoader;
private final QuinoaDevProxyHandlerConfig config;

QuinoaDevProxyHandler(final QuinoaDevProxyHandlerConfig config, final Vertx vertx, String host, int port,
QuinoaDevProxyHandler(final QuinoaDevProxyHandlerConfig config, final Vertx vertx, boolean tls, boolean tlsAllowInsecure,
String host, int port,
boolean websocket) {
this.host = host;
this.port = port;
this.client = WebClient.create(vertx);
WebClientOptions options = new WebClientOptions();
if (tls) {
options.setSsl(true);
if (tlsAllowInsecure) {
options.setTrustAll(true);
options.setVerifyHost(false);
}
}
this.client = WebClient.create(vertx, options);
this.wsUpgradeHandler = websocket ? new QuinoaDevWebSocketProxyHandler(vertx, host, port) : null;
this.config = config;
currentClassLoader = Thread.currentThread().getContextClassLoader();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,12 @@ public class QuinoaRecorder {
public static final Set<HttpMethod> HANDLED_METHODS = Set.of(HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.GET);

public Handler<RoutingContext> quinoaProxyDevHandler(final QuinoaDevProxyHandlerConfig handlerConfig, Supplier<Vertx> vertx,
String host, int port, boolean websocket) {
boolean tls, boolean tlsAllowInsecure, String host, int port, boolean websocket) {
if (LOG.isDebugEnabled()) {
LOG.debugf("Quinoa dev proxy-handler is ignoring paths starting with: "
+ String.join(", ", handlerConfig.ignoredPathPrefixes));
}
return new QuinoaDevProxyHandler(handlerConfig, vertx.get(), host, port, websocket);
return new QuinoaDevProxyHandler(handlerConfig, vertx.get(), tls, tlsAllowInsecure, host, port, websocket);
}

public Handler<RoutingContext> quinoaSPARoutingHandler(List<String> ignoredPathPrefixes) throws IOException {
Expand Down