[jira] [Commented] (CALCITE-2285) Support client cert keystore for Avatica Client

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CALCITE-2285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16511518#comment-16511518
 ] 

ASF GitHub Bot commented on CALCITE-2285:
-----------------------------------------

Github user joshelser commented on a diff in the pull request:

    https://github.com/apache/calcite-avatica/pull/57#discussion_r195190242
  
    --- Diff: 
core/src/test/java/org/apache/calcite/avatica/remote/AvaticaCommonsHttpClientImplSocketFactoryTest.java
 ---
    @@ -74,25 +60,51 @@
       }
     
       @Test public void testTrustStoreLoadedInFactory() throws Exception {
    +    configureHttpsClient();
         client.setTrustStore(storeFile, password);
         assertTrue("Https socket should be configured"
                 + " with truststore", client.configureHttpsSocket);
    +    verifyFactoryInstance(client, HTTP_REGISTRY, null);
         verifyFactoryInstance(client, HTTPS_REGISTRY, 
SSLConnectionSocketFactory.class);
         verify(client, times(1)).configureSocketFactories();
         verify(client, times(1)).loadTrustStore(any(SSLContextBuilder.class));
         verify(client, times(0)).loadKeyStore(any(SSLContextBuilder.class));
       }
     
       @Test public void testKeyStoreLoadedInFactory() throws Exception {
    +    configureHttpsClient();
         client.setKeyStore(storeFile, password, password);
         assertTrue("Https socket should be configured"
                 + " with keystore", client.configureHttpsSocket);
    +    verifyFactoryInstance(client, HTTP_REGISTRY, null);
         verifyFactoryInstance(client, HTTPS_REGISTRY, 
SSLConnectionSocketFactory.class);
         verify(client, times(1)).configureSocketFactories();
         verify(client, times(0)).loadTrustStore(any(SSLContextBuilder.class));
         verify(client, times(1)).loadKeyStore(any(SSLContextBuilder.class));
       }
     
    +  private void configureHttpClient() throws Exception {
    +    url = new URL("http://fake_url.com";);
    +    configureClient();
    +  }
    +
    +  private void configureHttpsClient() throws Exception {
    +    url = new URL("https://fake_url.com";);
    +    configureClient();
    +  }
    +
    +  private void configureClient() throws Exception {
    +    client = spy(new AvaticaCommonsHttpClientImpl(url));
    +    // storeFile can be used as either Keystore/Truststore
    +    storeFile = mock(File.class);
    +    when(storeFile.exists()).thenReturn(true);
    +    when(storeFile.isFile()).thenReturn(true);
    +    password = new String("");
    --- End diff --
    
    Just `""` :)


> Support client cert keystore for Avatica Client
> -----------------------------------------------
>
>                 Key: CALCITE-2285
>                 URL: https://issues.apache.org/jira/browse/CALCITE-2285
>             Project: Calcite
>          Issue Type: Improvement
>          Components: avatica
>            Reporter: Karan Mehta
>            Assignee: Karan Mehta
>            Priority: Major
>             Fix For: avatica-1.12.0
>
>
> Currently Avatica only supports adding trust-store in {{SSLContext}} in all 
> {{AvaticaHttpClient}} implementations. If keystore support it added, MTLS 
> connections can be established as well.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)