From 054c1b5349c7a999bfedfc33d3654aa0c572248d Mon Sep 17 00:00:00 2001 From: lvydra Date: Thu, 8 Aug 2024 10:25:57 +0200 Subject: [PATCH] [ELY-2753] Add connection-timeout-millis, connection-ttl-millis and socket-timeout-millis to OidcJsonConfiguration to allow oidc.json configuration to parse these attributes --- .../security/http/oidc/HttpClientBuilder.java | 9 +++++ .../http/oidc/OidcJsonConfiguration.java | 34 +++++++++++++++++-- .../wildfly/security/http/oidc/OidcTest.java | 22 ++++++++++++ 3 files changed, 63 insertions(+), 2 deletions(-) diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/HttpClientBuilder.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/HttpClientBuilder.java index c8b9458778b..f9767d0fa02 100644 --- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/HttpClientBuilder.java +++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/HttpClientBuilder.java @@ -275,6 +275,15 @@ public HttpClient build(OidcJsonConfiguration oidcClientConfig) { if (oidcClientConfig.getConnectionPoolSize() > 0) { size = oidcClientConfig.getConnectionPoolSize(); } + if (oidcClientConfig.getConnectionTimeoutMillis() > 0) { + setEstablishConnectionTimeout(oidcClientConfig.getConnectionTimeoutMillis(), establishConnectionTimeoutUnits); + } + if (oidcClientConfig.getConnectionTtlMillis() > 0) { + setConnectionTimeToLive(oidcClientConfig.getConnectionTtlMillis(), connectionTimeToLiveUnit); + } + if (oidcClientConfig.getSocketTimeoutMillis() > 0) { + setSocketTimeout(oidcClientConfig.getSocketTimeoutMillis(), socketTimeoutUnits); + } HttpClientBuilder.HostnameVerificationPolicy policy = HttpClientBuilder.HostnameVerificationPolicy.WILDCARD; if (oidcClientConfig.isAllowAnyHostname()) { policy = HttpClientBuilder.HostnameVerificationPolicy.ANY; diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcJsonConfiguration.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcJsonConfiguration.java index 29d2d785e3c..067602339e2 100644 --- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcJsonConfiguration.java +++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcJsonConfiguration.java @@ -38,11 +38,11 @@ "resource", "public-client", "credentials", "use-resource-role-mappings", "use-realm-role-mappings", "enable-cors", "cors-max-age", "cors-allowed-methods", "cors-exposed-headers", - "expose-token", "bearer-only", "autodetect-bearer-only", "connection-pool-size", + "expose-token", "bearer-only", "autodetect-bearer-only", "connection-pool-size", "connection-timeout-millis", "connection-ttl-millis", "allow-any-hostname", "disable-trust-manager", "truststore", "truststore-password", "client-keystore", "client-keystore-password", "client-key-password", "always-refresh-token", - "register-node-at-startup", "register-node-period", "token-store", "adapter-state-cookie-path", "principal-attribute", + "register-node-at-startup", "register-node-period", "socket-timeout-millis", "token-store", "adapter-state-cookie-path", "principal-attribute", "proxy-url", "turn-off-change-session-id-on-login", "token-minimum-time-to-live", "min-time-between-jwks-requests", "public-key-cache-ttl", "ignore-oauth-query-parameter", "verify-token-audience", "token-signature-algorithm", "scope", @@ -79,6 +79,12 @@ public class OidcJsonConfiguration { protected String requestObjectSigningKeyStoreType; @JsonProperty("connection-pool-size") protected int connectionPoolSize = 20; + @JsonProperty("connection-timeout-millis") + protected int connectionTimeoutMillis = -1; + @JsonProperty("connection-ttl-millis") + protected int connectionTtlMillis = -1; + @JsonProperty("socket-timeout-millis") + protected int socketTimeoutMillis = -1; @JsonProperty("always-refresh-token") protected boolean alwaysRefreshToken = false; @JsonProperty("register-node-at-startup") @@ -276,6 +282,30 @@ public void setConnectionPoolSize(int connectionPoolSize) { this.connectionPoolSize = connectionPoolSize; } + public int getConnectionTimeoutMillis() { + return connectionTimeoutMillis; + } + + public void setConnectionTimeoutMillis(int connectionTimeoutMillis) { + this.connectionTimeoutMillis = connectionTimeoutMillis; + } + + public int getConnectionTtlMillis() { + return connectionTtlMillis; + } + + public void setConnectionTtlMillis(int connectionTtlMillis) { + this.connectionTtlMillis = connectionTtlMillis; + } + + public int getSocketTimeoutMillis() { + return socketTimeoutMillis; + } + + public void setSocketTimeoutMillis(int socketTimeoutMillis) { + this.socketTimeoutMillis = socketTimeoutMillis; + } + public boolean isAlwaysRefreshToken() { return alwaysRefreshToken; } diff --git a/http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java b/http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java index fdda1aac447..052426c18ea 100644 --- a/http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java +++ b/http/oidc/src/test/java/org/wildfly/security/http/oidc/OidcTest.java @@ -172,6 +172,11 @@ public void testMissingRequiredConfigurationOption() { OidcClientConfigurationBuilder.build(getOidcConfigurationMissingRequiredOption()); } + @Test + public void testTimeoutConfigurationOptions() throws Exception { + OidcClientConfigurationBuilder.build(getOidcConfigurationInputStreamWithTimeoutOptions(5000, 5000, 5000)); + } + @Test public void testSucessfulAuthenticationWithAuthServerUrl() throws Exception { performAuthentication(getOidcConfigurationInputStream(), KeycloakConfiguration.ALICE, KeycloakConfiguration.ALICE_PASSWORD, @@ -676,6 +681,23 @@ private InputStream getOidcConfigurationInputStream(String clientSecret, String return new ByteArrayInputStream(oidcConfig.getBytes(StandardCharsets.UTF_8)); } + private InputStream getOidcConfigurationInputStreamWithTimeoutOptions(int connectionTimeoutMillis, int connectionTtlMillis, int socketTimeoutMillis) { + String oidcConfig = "{\n" + + " \"realm\" : \"" + TEST_REALM + "\",\n" + + " \"resource\" : \"" + CLIENT_ID + "\",\n" + + " \"public-client\" : \"false\",\n" + + " \"connection-timeout-millis\" : \"" + connectionTimeoutMillis + "\",\n" + + " \"connection-ttl-millis\" : \"" + connectionTtlMillis + "\",\n" + + " \"socket-timeout-millis\" : \"" + socketTimeoutMillis + "\",\n" + + " \"auth-server-url\" : \"" + KEYCLOAK_CONTAINER.getAuthServerUrl() + "\",\n" + + " \"ssl-required\" : \"EXTERNAL\",\n" + + " \"credentials\" : {\n" + + " \"secret\" : \"" + CLIENT_SECRET + "\"\n" + + " }\n" + + "}"; + return new ByteArrayInputStream(oidcConfig.getBytes(StandardCharsets.UTF_8)); + } + private InputStream getOidcConfigurationInputStreamWithEnvironmentVariableExpression() { String oidcConfig = "{\n" + " \"resource\" : \"" + CLIENT_ID + "\",\n" +