diff --git a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java index 9699f9868..c1cd8e1ff 100644 --- a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java +++ b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java @@ -115,6 +115,9 @@ public static Certificate[] readChainFromKeystore(byte[] data) throws GeneralSec * @throws CertificateException if any of the certificates in the keystore could not be loaded */ public static Certificate[] readChainFromKeystore(KeyStore keystore) throws GeneralSecurityException { + if (keystore == null) { + return new Certificate[0]; + } Iterator iter = keystore.aliases().asIterator(); while (iter.hasNext()) { Certificate[] chain = keystore.getCertificateChain(iter.next()); diff --git a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java index 353821780..54348f71c 100644 --- a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java +++ b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java @@ -49,8 +49,9 @@ public SniMapper( ) { this.parent = parent; /* - * todo I don't think we actually need to store these data that should already be in the `parent`... - * sadly, this breaks reload of configuration after replacing the ConfigurationStore; + * todo: + * I don't think we actually need to store these data that should already be in the `parent`... + * sadly, this breaks the reload of the configuration after replacing the ConfigurationStore; * one problem at a time though, this should be a different GitHub issue! */ this.runtimeConfiguration = runtimeConfiguration; @@ -82,9 +83,10 @@ public SslContext computeContext(final String sniHostname) throws ConfigurationN final var defaultCertificate = listenerConfiguration.getDefaultCertificate(); var chosen = Listeners.chooseCertificate(runtimeConfiguration, sniHostname, defaultCertificate); if (chosen == null) { - throw new ConfigurationNotValidException("cannot find a certificate for snihostname " + sniHostname - + ", with default cert for listener as '" + defaultCertificate - + "', available " + runtimeConfiguration.getCertificates().keySet()); + throw new ConfigurationNotValidException( + "cannot find a certificate for snihostname " + sniHostname + + ", with default cert for listener as '" + defaultCertificate + + "', available " + runtimeConfiguration.getCertificates().keySet()); } int port = listenerConfiguration.getPort() + parent.getListenersOffsetPort(); try { @@ -156,6 +158,7 @@ private List getSslCiphers() { } return null; } + public Consumer sslContextSpecConsumer() { return this::configureSpec; } diff --git a/carapace-server/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java b/carapace-server/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java index 2a8360c63..14f418c49 100644 --- a/carapace-server/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java +++ b/carapace-server/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java @@ -22,6 +22,8 @@ import static java.util.function.Predicate.not; import static org.carapaceproxy.configstore.ConfigurationStoreUtils.base64DecodeCertificateChain; import static org.carapaceproxy.configstore.ConfigurationStoreUtils.base64EncodeCertificateChain; +import static org.carapaceproxy.core.ssl.CertificatesUtils.isCertificateExpired; +import static org.carapaceproxy.core.ssl.CertificatesUtils.readChainFromKeystore; import static org.carapaceproxy.server.certificates.DynamicCertificateState.AVAILABLE; import static org.carapaceproxy.server.certificates.DynamicCertificateState.DNS_CHALLENGE_WAIT; import static org.carapaceproxy.server.certificates.DynamicCertificateState.DOMAIN_UNREACHABLE; @@ -32,8 +34,6 @@ import static org.carapaceproxy.server.certificates.DynamicCertificateState.VERIFYING; import static org.carapaceproxy.server.certificates.DynamicCertificateState.WAITING; import static org.carapaceproxy.server.config.SSLCertificateConfiguration.CertificateMode.MANUAL; -import static org.carapaceproxy.core.ssl.CertificatesUtils.isCertificateExpired; -import static org.carapaceproxy.core.ssl.CertificatesUtils.readChainFromKeystore; import com.google.common.annotations.VisibleForTesting; import java.io.File; import java.io.FileOutputStream; @@ -608,7 +608,7 @@ private RuntimeServerConfiguration getConfig() { * @return PKCS12 Keystore content */ public byte[] getCertificateForDomain(String domain) { - CertificateData cert = certificates.get(domain); // certs always retrived from cache + CertificateData cert = certificates.get(domain); // certs always retrieved from cache if (cert == null || cert.getKeystoreData() == null || cert.getKeystoreData().length == 0) { LOG.log(Level.SEVERE, "No dynamic certificate available for domain {0}", domain); return null; diff --git a/carapace-server/src/test/java/org/carapaceproxy/ApplyConfigurationTest.java b/carapace-server/src/test/java/org/carapaceproxy/ApplyConfigurationTest.java index 5691ab1e9..978be4bc3 100644 --- a/carapace-server/src/test/java/org/carapaceproxy/ApplyConfigurationTest.java +++ b/carapace-server/src/test/java/org/carapaceproxy/ApplyConfigurationTest.java @@ -23,11 +23,26 @@ import static com.github.tomakehurst.wiremock.client.WireMock.get; import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.aMapWithSize; +import static org.hamcrest.Matchers.allOf; +import static org.hamcrest.Matchers.anEmptyMap; +import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.hasKey; +import static org.hamcrest.Matchers.hasSize; +import static org.hamcrest.Matchers.instanceOf; +import static org.hamcrest.Matchers.is; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.fail; import com.github.tomakehurst.wiremock.junit.WireMockRule; import java.io.IOException; +import java.net.URI; import java.net.URISyntaxException; -import java.net.URL; import java.nio.charset.StandardCharsets; +import java.util.Map; import java.util.Properties; import org.apache.commons.io.IOUtils; import org.carapaceproxy.configstore.PropertiesConfigurationStore; @@ -41,11 +56,6 @@ import org.carapaceproxy.user.UserRealm; import org.carapaceproxy.utils.TestEndpointMapper; import org.carapaceproxy.utils.TestUserRealm; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.Rule; @@ -90,198 +100,157 @@ public StaticEndpointMapper() { @Test public void testChangeListenersConfig() throws Exception { - try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder());) { - - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("aws.accesskey", "accesskey"); - configuration.put("aws.secretkey", "secretkey"); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); - } + try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { + server.configureAtBoot(new PropertiesConfigurationStore(propsWithMapper(Map.of( + "aws.accesskey", "accesskey", + "aws.secretkey", "secretkey" + )))); // start without listeners server.start(); // start two listeners - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1423"); - configuration.put("listener.2.host", "localhost"); - configuration.put("listener.2.port", "1426"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "listener.1.host", "localhost", + "listener.1.port", "1423", + "listener.2.host", "localhost", + "listener.2.port", "1426" + ))); testIt(1423, true); testIt(1426, true); // restart listener 1 - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1425"); - configuration.put("listener.2.host", "localhost"); - configuration.put("listener.2.port", "1426"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "listener.1.host", "localhost", + "listener.1.port", "1425", + "listener.2.host", "localhost", + "listener.2.port", "1426" + ))); testIt(1425, true); testIt(1426, true); // stop listener 2 - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1425"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "listener.1.host", "localhost", + "listener.1.port", "1425" + ))); testIt(1425, true); testIt(1426, false); // restart listerer 2 - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1425"); - configuration.put("listener.2.host", "localhost"); - configuration.put("listener.2.port", "1426"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "listener.1.host", "localhost", + "listener.1.port", "1425", + "listener.2.host", "localhost", + "listener.2.port", "1426" + ))); testIt(1425, true); testIt(1426, true); // no more listeners - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of())); testIt(1425, false); testIt(1426, false); // listener with correct tls version - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("certificate.1.hostname", "*"); - configuration.put("certificate.1.mode", "manual"); - - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1423"); - configuration.put("listener.1.ssl", "true"); - configuration.put("listener.1.sslprotocols", "TLSv1.2"); - - configuration.put("listener.2.host", "localhost"); - configuration.put("listener.2.port", "1426"); - configuration.put("listener.2.ssl", "true"); - configuration.put("listener.2.sslprotocols", "TLSv1.2,TLSv1.3"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "certificate.1.hostname", "*", + "certificate.1.mode", "manual", + "listener.1.host", "localhost", + "listener.1.port", "1423", + "listener.1.ssl", "true", + "listener.1.sslprotocols", "TLSv1.2", + "listener.2.host", "localhost", + "listener.2.port", "1426", + "listener.2.ssl", "true", + "listener.2.sslprotocols", "TLSv1.2,TLSv1.3" + ))); + // todo test it with HTTPS + // listener with default tls version - { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("certificate.1.hostname", "*"); - configuration.put("certificate.1.mode", "manual"); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1423"); - configuration.put("listener.1.ssl", "true"); - reloadConfiguration(configuration, server); - } + reloadConfiguration(server, propsWithMapper(Map.of( + "certificate.1.hostname", "*", + "certificate.1.mode", "manual", + "listener.1.host", "localhost", + "listener.1.port", "1423", + "listener.1.ssl", "true" + ))); + // todo test it with HTTPS + // listener with wrong tls version - try { - Properties configuration = new Properties(); - configuration.put("mapper.class", StaticEndpointMapper.class.getName()); - configuration.put("certificate.1.hostname", "*"); - configuration.put("certificate.1.mode", "manual"); - configuration.put("listener.1.host", "localhost"); - configuration.put("listener.1.port", "1423"); - configuration.put("listener.1.ssl", "true"); - configuration.put("listener.1.sslprotocols", "TLSUNKNOWN"); - reloadConfiguration(configuration, server); - } catch (IllegalStateException e) { - Throwable cause = e.getCause(); - assertTrue(cause instanceof ConfigurationNotValidException && cause.getMessage().contains("Unsupported SSL Protocols")); - } + final IllegalStateException e = assertThrows(IllegalStateException.class, () -> reloadConfiguration(server, propsWithMapper(Map.of( + "certificate.1.hostname", "*", + "certificate.1.mode", "manual", + "listener.1.host", "localhost", + "listener.1.port", "1423", + "listener.1.ssl", "true", + "listener.1.sslprotocols", "TLSUNKNOWN" + )))); + Throwable cause = e.getCause(); + assertThat(cause, instanceOf(ConfigurationNotValidException.class)); + assertThat(cause.getMessage(), containsString("Unsupported SSL Protocols")); } } @Test public void testReloadMapper() throws Exception { - - try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder());) { - - { - Properties configuration = new Properties(); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); - } + try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { + server.configureAtBoot(new PropertiesConfigurationStore(new Properties())); server.start(); - { - StandardEndpointMapper mapper = (StandardEndpointMapper) server.getMapper(); - assertEquals(0, mapper.getBackends().size()); - } + assertThat(server.getMapper(), instanceOf(StandardEndpointMapper.class)); + assertThat(server.getMapper().getBackends(), is(anEmptyMap())); // add backend - { - Properties configuration = new Properties(); - configuration.put("backend.1.id", "foo"); - configuration.put("backend.1.host", "my-host1"); - configuration.put("backend.1.port", "4213"); - configuration.put("backend.1.enabled", "true"); - reloadConfiguration(configuration, server); - - StandardEndpointMapper mapper = (StandardEndpointMapper) server.getMapper(); - assertEquals(1, mapper.getBackends().size()); - System.out.println("backends:" + mapper.getBackends()); - assertNotNull(mapper.getBackends().get("foo")); - } + reloadConfiguration(server, props(Map.of( + "backend.1.id", "foo", + "backend.1.host", "my-host1", + "backend.1.port", "4213", + "backend.1.enabled", "true" + ))); + assertThat(server.getMapper(), instanceOf(StandardEndpointMapper.class)); + assertThat(server.getMapper().getBackends(), allOf( + is(aMapWithSize(1)), + hasKey("foo") + )); // add second backend - { - Properties configuration = new Properties(); - configuration.put("backend.1.id", "foo"); - configuration.put("backend.1.host", "my-host1"); - configuration.put("backend.1.port", "4213"); - configuration.put("backend.1.enabled", "true"); - - configuration.put("backend.2.id", "bar"); - configuration.put("backend.2.host", "my-host2"); - configuration.put("backend.2.port", "4213"); - configuration.put("backend.2.enabled", "true"); - reloadConfiguration(configuration, server); - - StandardEndpointMapper mapper = (StandardEndpointMapper) server.getMapper(); - - assertEquals(2, mapper.getBackends().size()); - assertNotNull(mapper.getBackends().get("foo")); - assertNotNull(mapper.getBackends().get("bar")); - } + reloadConfiguration(server, props(Map.of( + "backend.1.id", "foo", + "backend.1.host", "my-host1", + "backend.1.port", "4213", + "backend.1.enabled", "true", + "backend.2.id", "bar", + "backend.2.host", "my-host2", + "backend.2.port", "4213", + "backend.2.enabled", "true" + ))); + + assertThat(server.getMapper(), instanceOf(StandardEndpointMapper.class)); + assertThat(server.getMapper().getBackends(), allOf( + is(aMapWithSize(2)), + hasKey("foo"), + hasKey("bar") + )); // remove first backend - { - Properties configuration = new Properties(); - - configuration.put("backend.2.id", "bar"); - configuration.put("backend.2.host", "my-host2"); - configuration.put("backend.2.port", "4213"); - configuration.put("backend.2.enabled", "true"); - reloadConfiguration(configuration, server); - - StandardEndpointMapper mapper = (StandardEndpointMapper) server.getMapper(); - assertEquals(1, mapper.getBackends().size()); - assertNull(mapper.getBackends().get("foo")); - assertNotNull(mapper.getBackends().get("bar")); - } - + reloadConfiguration(server, props(Map.of( + "backend.2.id", "bar", + "backend.2.host", "my-host2", + "backend.2.port", "4213", + "backend.2.enabled", "true" + ))); + + assertThat(server.getMapper(), instanceOf(StandardEndpointMapper.class)); + assertThat(server.getMapper().getBackends(), allOf( + is(aMapWithSize(1)), + hasKey("bar") + )); } } @@ -290,16 +259,15 @@ public void testUserRealm() throws Exception { // Default UserRealm try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { - Properties configuration = new Properties(); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); + server.configureAtBoot(new PropertiesConfigurationStore(new Properties())); server.start(); UserRealm realm = server.getRealm(); - assertTrue(realm instanceof SimpleUserRealm); + assertThat(realm, is(instanceOf(SimpleUserRealm.class))); // default user with auth always valid SimpleUserRealm userRealm = (SimpleUserRealm) server.getRealm(); - assertEquals(1, userRealm.listUsers().size()); + assertThat(userRealm.listUsers(), hasSize(1)); assertNotNull(userRealm.login("test_0", "anypass0")); assertNotNull(userRealm.login("test_1", "anypass1")); @@ -308,26 +276,32 @@ public void testUserRealm() throws Exception { // TestUserRealm try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { - Properties configuration = new Properties(); - configuration.put("userrealm.class", "org.carapaceproxy.utils.TestUserRealm"); - configuration.put("user.test1", "pass1"); - configuration.put("user.test2", "pass2"); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); + server.configureAtBoot(new PropertiesConfigurationStore(props(Map.of( + "userrealm.class", "org.carapaceproxy.utils.TestUserRealm", + "user.test1", "pass1", + "user.test2", "pass2" + )))); server.start(); UserRealm realm = server.getRealm(); - assertTrue(realm instanceof TestUserRealm); + assertThat(realm, is(instanceOf(TestUserRealm.class))); + TestUserRealm userRealm = (TestUserRealm) server.getRealm(); - assertEquals(2, userRealm.listUsers().size()); + assertThat(userRealm.listUsers(), hasSize(2)); assertNotNull(userRealm.login("test1", "pass1")); assertNotNull(userRealm.login("test2", "pass2")); assertNull(userRealm.login("test1", "pass3")); // wrong pass // Add new user - configuration.put("user.test3", "pass3"); - reloadConfiguration(configuration, server); + reloadConfiguration(server, props(Map.of( + "userrealm.class", "org.carapaceproxy.utils.TestUserRealm", + "user.test1", "pass1", + "user.test2", "pass2", + "user.test3", "pass3" + ))); + userRealm = (TestUserRealm) server.getRealm(); // realm re-created at each configuration reload - assertEquals(3, userRealm.listUsers().size()); + assertThat(userRealm.listUsers(), hasSize(3)); assertNotNull(userRealm.login("test3", "pass3")); } } @@ -335,77 +309,51 @@ public void testUserRealm() throws Exception { @SuppressWarnings("deprecation") @Test public void testChangeFiltersConfiguration() throws Exception { - - try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder());) { - - { - Properties configuration = new Properties(); - configuration.put("filter.1.type", "add-x-forwarded-for"); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); - } + try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { + server.configureAtBoot(new PropertiesConfigurationStore(props("filter.1.type", "add-x-forwarded-for"))); server.start(); - assertEquals(1, server.getFilters().size()); - assertTrue(server.getFilters().get(0) instanceof XForwardedForRequestFilter); + assertThat(server.getFilters(), hasSize(1)); + assertThat(server.getFilters().get(0), instanceOf(XForwardedForRequestFilter.class)); // add a filter - { - Properties configuration = new Properties(); - configuration.put("filter.1.type", "add-x-forwarded-for"); - configuration.put("filter.2.type", "match-user-regexp"); - reloadConfiguration(configuration, server); - - assertEquals(2, server.getFilters().size()); - assertTrue(server.getFilters().get(0) instanceof XForwardedForRequestFilter); - assertTrue(server.getFilters().get(1) instanceof RegexpMapUserIdFilter); - } + reloadConfiguration(server, props(Map.of( + "filter.1.type", "add-x-forwarded-for", + "filter.2.type", "match-user-regexp" + ))); - // remove a filter - { - Properties configuration = new Properties(); - configuration.put("filter.2.type", "match-user-regexp"); - reloadConfiguration(configuration, server); - - assertEquals(1, server.getFilters().size()); - assertTrue(server.getFilters().get(0) instanceof RegexpMapUserIdFilter); - } + assertThat(server.getFilters(), hasSize(2)); + assertThat(server.getFilters().get(0), is(instanceOf(XForwardedForRequestFilter.class))); + assertThat(server.getFilters().get(1), is(instanceOf(RegexpMapUserIdFilter.class))); + // remove a filter + reloadConfiguration(server, props("filter.2.type", "match-user-regexp")); + assertThat(server.getFilters(), hasSize(1)); + assertThat(server.getFilters().get(0), is(instanceOf(RegexpMapUserIdFilter.class))); } } @Test public void testChangeBackendHealthManagerConfiguration() throws Exception { - - try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder());) { - - { - Properties configuration = new Properties(); - configuration.put("healthmanager.connecttimeout", "9479"); - server.configureAtBoot(new PropertiesConfigurationStore(configuration)); - } + try (HttpProxyServer server = new HttpProxyServer(null, tmpDir.newFolder())) { + server.configureAtBoot(new PropertiesConfigurationStore(props("healthmanager.connecttimeout", "9479"))); server.start(); assertEquals(9479, server.getBackendHealthManager().getConnectTimeout()); // change configuration - { - Properties configuration = new Properties(); - configuration.put("healthmanager.connecttimeout", "9233"); - reloadConfiguration(configuration, server); - - assertEquals(9233, server.getBackendHealthManager().getConnectTimeout()); - } - + reloadConfiguration(server, props("healthmanager.connecttimeout", "9233")); + assertEquals(9233, server.getBackendHealthManager().getConnectTimeout()); } } - private void reloadConfiguration(Properties configuration, final HttpProxyServer server) throws ConfigurationNotValidException, ConfigurationChangeInProgressException, InterruptedException { + private void reloadConfiguration(final HttpProxyServer server, final Properties configuration) throws ConfigurationChangeInProgressException, InterruptedException { PropertiesConfigurationStore config = new PropertiesConfigurationStore(configuration); server.applyDynamicConfigurationFromAPI(config); } - private void testIt(int port, boolean ok) throws URISyntaxException, IOException { + private void testIt(int port, boolean ok) throws URISyntaxException { try { String url = "http://localhost:" + port + "/index.html?redir"; - String s = IOUtils.toString(new URL(url).toURI(), StandardCharsets.UTF_8); + String s = IOUtils.toString(new URI(url), StandardCharsets.UTF_8); System.out.println("RES FOR: " + url + " -> " + s); assertEquals("it works !!", s); if (!ok) { @@ -418,4 +366,20 @@ private void testIt(int port, boolean ok) throws URISyntaxException, IOException } } + private Properties props(final String key, final String value) { + return props(Map.of(key, value)); + } + + private Properties props(final Map props) { + final var configuration = new Properties(props.size() + 1); + configuration.putAll(props); + return configuration; + } + + private Properties propsWithMapper(final Map props) { + final var configuration = new Properties(props.size()); + configuration.put("mapper.class", StaticEndpointMapper.class.getName()); + configuration.putAll(props); + return configuration; + } } diff --git a/carapace-server/src/test/java/org/carapaceproxy/utils/ApacheHttpUtils.java b/carapace-server/src/test/java/org/carapaceproxy/utils/ApacheHttpUtils.java new file mode 100644 index 000000000..d94897172 --- /dev/null +++ b/carapace-server/src/test/java/org/carapaceproxy/utils/ApacheHttpUtils.java @@ -0,0 +1,18 @@ +package org.carapaceproxy.utils; + +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.ssl.SSLContextBuilder; + +public class ApacheHttpUtils { + + public static CloseableHttpClient createHttpClientWithDisabledSSLValidation() throws Exception { + return HttpClients.custom() + .setSSLContext(SSLContextBuilder.create() + .loadTrustMaterial((chain, authType) -> true) // Trust all certificates + .build()) + .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) // Disable hostname verification + .build(); + } +} diff --git a/carapace-server/src/test/java/org/carapaceproxy/utils/TestUtils.java b/carapace-server/src/test/java/org/carapaceproxy/utils/TestUtils.java index 95da38b91..966b40466 100644 --- a/carapace-server/src/test/java/org/carapaceproxy/utils/TestUtils.java +++ b/carapace-server/src/test/java/org/carapaceproxy/utils/TestUtils.java @@ -19,21 +19,21 @@ */ package org.carapaceproxy.utils; +import static org.junit.Assert.assertTrue; import java.io.File; import java.io.IOException; import java.io.InputStream; +import java.lang.reflect.Field; +import java.lang.reflect.Modifier; import java.net.ServerSocket; import java.nio.file.Files; import java.nio.file.Path; +import java.security.AccessController; import java.security.Key; +import java.security.PrivilegedAction; import java.util.Arrays; import java.util.concurrent.Callable; import org.junit.Assert; -import static org.junit.Assert.assertTrue; -import java.lang.reflect.Field; -import java.lang.reflect.Modifier; -import java.security.AccessController; -import java.security.PrivilegedAction; import sun.misc.Unsafe; /**