[helix] 38/44: Add support for HTTPS in CustomRestClient

Fri, 24 May 2019 18:19:51 -0700 

This is an automated email from the ASF dual-hosted git repository.

hulee pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/helix.git

commit 175d38821e93c8adc5e76951a9176b3c65c95126
Author: Hunter Lee <[email protected]>
AuthorDate: Sun May 19 18:10:31 2019 -0700

    Add support for HTTPS in CustomRestClient
    
    This diff configures SSLContext (Helix REST server's) into its HTTP client
    
    RB=1671108
    G=helix-reviewers
    R=cjerian,zpolicze
    A=ywang4
    
    Signed-off-by: Hunter Lee <[email protected]>
---
 .../helix/rest/client/CustomRestClientFactory.java | 18 +++++++++++++--
 .../helix/rest/client/CustomRestClientImpl.java    | 26 ++++++----------------
 .../apache/helix/rest/server/HelixRestServer.java  | 11 +++++++++
 3 files changed, 34 insertions(+), 21 deletions(-)

diff --git 
a/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientFactory.java
 
b/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientFactory.java
index 7a1c58f..40bc6f4 100644
--- 
a/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientFactory.java
+++ 
b/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientFactory.java
@@ -19,6 +19,11 @@ package org.apache.helix.rest.client;
  * under the License.
  */
 
+import org.apache.helix.rest.server.HelixRestServer;
+import org.apache.http.client.HttpClient;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.HttpClients;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -38,7 +43,17 @@ public class CustomRestClientFactory {
       synchronized (CustomRestClientFactory.class) {
         if (INSTANCE == null) {
           try {
-            INSTANCE = new CustomRestClientImpl();
+            HttpClient httpClient;
+            if (HelixRestServer.REST_SERVER_SSL_CONTEXT != null) {
+              httpClient =
+                  
HttpClients.custom().setSSLContext(HelixRestServer.REST_SERVER_SSL_CONTEXT)
+                      .setSSLSocketFactory(new SSLConnectionSocketFactory(
+                          HelixRestServer.REST_SERVER_SSL_CONTEXT, new 
NoopHostnameVerifier()))
+                      .build();
+            } else {
+              httpClient = HttpClients.createDefault();
+            }
+            INSTANCE = new CustomRestClientImpl(httpClient);
             return INSTANCE;
           } catch (Exception e) {
             LOG.error("Exception when initializing CustomRestClient", e);
@@ -46,7 +61,6 @@ public class CustomRestClientFactory {
         }
       }
     }
-
     return INSTANCE;
   }
 }
diff --git 
a/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientImpl.java
 
b/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientImpl.java
index 1a6af22..5d75f6a 100644
--- 
a/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientImpl.java
+++ 
b/helix-rest/src/main/java/org/apache/helix/rest/client/CustomRestClientImpl.java
@@ -19,12 +19,14 @@ package org.apache.helix.rest.client;
  * under the License.
  */
 
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.annotations.VisibleForTesting;
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
-
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
@@ -32,16 +34,11 @@ import org.apache.http.client.ClientProtocolException;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.HttpPost;
-import org.apache.http.impl.client.HttpClients;
 import org.apache.http.message.BasicNameValuePair;
 import org.apache.http.util.EntityUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.common.annotations.VisibleForTesting;
-
 class CustomRestClientImpl implements CustomRestClient {
   private static final Logger LOG = 
LoggerFactory.getLogger(CustomRestClient.class);
 
@@ -60,14 +57,6 @@ class CustomRestClientImpl implements CustomRestClient {
     Map<String, Boolean> convert(JsonNode jsonNode);
   }
 
-  /**
-   * TODO: create Config to initialize SSLContext for Https endpoint
-   * Override the constructor if https endpoint is expected
-   */
-  public CustomRestClientImpl() {
-    _httpClient = HttpClients.createDefault();
-  }
-
   public CustomRestClientImpl(HttpClient httpClient) {
     _httpClient = httpClient;
   }
@@ -80,8 +69,7 @@ class CustomRestClientImpl implements CustomRestClient {
     String url = baseUrl + INSTANCE_HEALTH_STATUS;
     JsonConverter jsonConverter = jsonNode -> {
       Map<String, Boolean> result = new HashMap<>();
-      jsonNode.fields()
-          .forEachRemaining(kv -> result.put(kv.getKey(), 
kv.getValue().asBoolean()));
+      jsonNode.fields().forEachRemaining(kv -> result.put(kv.getKey(), 
kv.getValue().asBoolean()));
       return result;
     };
     return handleResponse(post(url, customPayloads), jsonConverter);
@@ -104,8 +92,8 @@ class CustomRestClientImpl implements CustomRestClient {
     payLoads.put(PARTITIONS, partitions.toString());
     JsonConverter jsonConverter = jsonNode -> {
       Map<String, Boolean> result = new HashMap<>();
-      jsonNode.fields()
-          .forEachRemaining(kv -> result.put(kv.getKey(), 
kv.getValue().get(IS_HEALTHY_FIELD).asBoolean()));
+      jsonNode.fields().forEachRemaining(
+          kv -> result.put(kv.getKey(), 
kv.getValue().get(IS_HEALTHY_FIELD).asBoolean()));
       return result;
     };
     return handleResponse(post(url, payLoads), jsonConverter);
@@ -145,4 +133,4 @@ class CustomRestClientImpl implements CustomRestClient {
       throw e;
     }
   }
-}
\ No newline at end of file
+}
diff --git 
a/helix-rest/src/main/java/org/apache/helix/rest/server/HelixRestServer.java 
b/helix-rest/src/main/java/org/apache/helix/rest/server/HelixRestServer.java
index e0c1c4e..eea4501 100644
--- a/helix-rest/src/main/java/org/apache/helix/rest/server/HelixRestServer.java
+++ b/helix-rest/src/main/java/org/apache/helix/rest/server/HelixRestServer.java
@@ -24,6 +24,7 @@ import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import javax.net.ssl.SSLContext;
 import org.apache.helix.HelixException;
 import org.apache.helix.rest.common.ContextPropertyKeys;
 import org.apache.helix.rest.common.HelixRestNamespace;
@@ -48,6 +49,8 @@ import org.slf4j.LoggerFactory;
 
 public class HelixRestServer {
   private static Logger LOG = LoggerFactory.getLogger(HelixRestServer.class);
+  // TODO: consider moving the following static context to ServerContext or 
any other place
+  public static SSLContext REST_SERVER_SSL_CONTEXT;
 
   private int _port;
   private String _urlPrefix;
@@ -219,4 +222,12 @@ public class HelixRestServer {
       }
     }
   }
+
+  /**
+   * Register a SSLContext so that it could be used to create HTTPS clients.
+   * @param sslContext
+   */
+  public void registerServerSSLContext(SSLContext sslContext) {
+    REST_SERVER_SSL_CONTEXT = sslContext;
+  }
 }

Reply via email to