org.apache.pulsar.client.impl.HttpClient Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.pulsar.client.impl;
import org.apache.pulsar.shade.io.netty.channel.EventLoopGroup;
import org.apache.pulsar.shade.io.netty.handler.codec.http.HttpRequest;
import org.apache.pulsar.shade.io.netty.handler.codec.http.HttpResponse;
import org.apache.pulsar.shade.io.netty.handler.ssl.SslContext;
import org.apache.pulsar.shade.io.netty.handler.ssl.SslProvider;
import java.io.Closeable;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import javax.net.ssl.SSLContext;
import lombok.extern.slf4j.Slf4j;
import org.apache.pulsar.PulsarVersion;
import org.apache.pulsar.client.api.Authentication;
import org.apache.pulsar.client.api.AuthenticationDataProvider;
import org.apache.pulsar.client.api.KeyStoreParams;
import org.apache.pulsar.client.api.PulsarClientException;
import org.apache.pulsar.client.api.PulsarClientException.NotFoundException;
import org.apache.pulsar.client.impl.conf.ClientConfigurationData;
import org.apache.pulsar.client.util.WithSNISslEngineFactory;
import org.apache.pulsar.common.util.ObjectMapperFactory;
import org.apache.pulsar.common.util.SecurityUtility;
import org.apache.pulsar.common.util.keystoretls.KeyStoreSSLContext;
import org.apache.pulsar.shade.org.asynchttpclient.AsyncHttpClient;
import org.apache.pulsar.shade.org.asynchttpclient.AsyncHttpClientConfig;
import org.apache.pulsar.shade.org.asynchttpclient.BoundRequestBuilder;
import org.apache.pulsar.shade.org.asynchttpclient.DefaultAsyncHttpClient;
import org.apache.pulsar.shade.org.asynchttpclient.DefaultAsyncHttpClientConfig;
import org.apache.pulsar.shade.org.asynchttpclient.Request;
import org.apache.pulsar.shade.org.asynchttpclient.channel.DefaultKeepAliveStrategy;
import org.apache.pulsar.shade.org.asynchttpclient.netty.ssl.JsseSslEngineFactory;
@Slf4j
public class HttpClient implements Closeable {
protected static final int DEFAULT_CONNECT_TIMEOUT_IN_SECONDS = 10;
protected static final int DEFAULT_READ_TIMEOUT_IN_SECONDS = 30;
protected final AsyncHttpClient httpClient;
protected final ServiceNameResolver serviceNameResolver;
protected final Authentication authentication;
protected HttpClient(ClientConfigurationData conf, EventLoopGroup eventLoopGroup) throws PulsarClientException {
this.authentication = conf.getAuthentication();
this.serviceNameResolver = new PulsarServiceNameResolver();
this.serviceNameResolver.updateServiceUrl(conf.getServiceUrl());
DefaultAsyncHttpClientConfig.Builder confBuilder = new DefaultAsyncHttpClientConfig.Builder();
confBuilder.setUseProxyProperties(true);
confBuilder.setFollowRedirect(true);
confBuilder.setMaxRedirects(conf.getMaxLookupRedirects());
confBuilder.setConnectTimeout(DEFAULT_CONNECT_TIMEOUT_IN_SECONDS * 1000);
confBuilder.setReadTimeout(DEFAULT_READ_TIMEOUT_IN_SECONDS * 1000);
confBuilder.setUserAgent(String.format("Pulsar-Java-v%s", PulsarVersion.getVersion()));
confBuilder.setKeepAliveStrategy(new DefaultKeepAliveStrategy() {
@Override
public boolean keepAlive(InetSocketAddress remoteAddress, Request ahcRequest,
HttpRequest request, HttpResponse response) {
// Close connection upon a server error or per HTTP spec
return (response.status().code() / 100 != 5)
&& super.keepAlive(remoteAddress, ahcRequest, request, response);
}
});
if ("https".equals(serviceNameResolver.getServiceUri().getServiceName())) {
try {
// Set client key and certificate if available
AuthenticationDataProvider authData = authentication.getAuthData();
if (conf.isUseKeyStoreTls()) {
SSLContext sslCtx = null;
KeyStoreParams params = authData.hasDataForTls() ? authData.getTlsKeyStoreParams() :
new KeyStoreParams(conf.getTlsKeyStoreType(), conf.getTlsKeyStorePath(),
conf.getTlsKeyStorePassword());
sslCtx = KeyStoreSSLContext.createClientSslContext(
conf.getSslProvider(),
params.getKeyStoreType(),
params.getKeyStorePath(),
params.getKeyStorePassword(),
conf.isTlsAllowInsecureConnection(),
conf.getTlsTrustStoreType(),
conf.getTlsTrustStorePath(),
conf.getTlsTrustStorePassword(),
conf.getTlsCiphers(),
conf.getTlsProtocols());
JsseSslEngineFactory sslEngineFactory = new JsseSslEngineFactory(sslCtx);
confBuilder.setSslEngineFactory(sslEngineFactory);
} else {
SslProvider sslProvider = null;
if (conf.getSslProvider() != null) {
sslProvider = SslProvider.valueOf(conf.getSslProvider());
}
SslContext sslCtx = null;
if (authData.hasDataForTls()) {
sslCtx = authData.getTlsTrustStoreStream() == null
? SecurityUtility.createNettySslContextForClient(sslProvider,
conf.isTlsAllowInsecureConnection(),
conf.getTlsTrustCertsFilePath(), authData.getTlsCertificates(),
authData.getTlsPrivateKey(), conf.getTlsCiphers(), conf.getTlsProtocols())
: SecurityUtility.createNettySslContextForClient(sslProvider,
conf.isTlsAllowInsecureConnection(),
authData.getTlsTrustStoreStream(), authData.getTlsCertificates(),
authData.getTlsPrivateKey(), conf.getTlsCiphers(), conf.getTlsProtocols());
} else {
sslCtx = SecurityUtility.createNettySslContextForClient(
sslProvider,
conf.isTlsAllowInsecureConnection(),
conf.getTlsTrustCertsFilePath(),
conf.getTlsCertificateFilePath(),
conf.getTlsKeyFilePath(),
conf.getTlsCiphers(),
conf.getTlsProtocols());
}
confBuilder.setSslContext(sslCtx);
if (!conf.isTlsHostnameVerificationEnable()) {
confBuilder.setSslEngineFactory(new WithSNISslEngineFactory(serviceNameResolver
.resolveHostUri().getHost()));
}
}
confBuilder.setUseInsecureTrustManager(conf.isTlsAllowInsecureConnection());
confBuilder.setDisableHttpsEndpointIdentificationAlgorithm(!conf.isTlsHostnameVerificationEnable());
} catch (GeneralSecurityException e) {
throw new PulsarClientException.InvalidConfigurationException(e);
} catch (Exception e) {
throw new PulsarClientException.InvalidConfigurationException(e);
}
}
confBuilder.setEventLoopGroup(eventLoopGroup);
AsyncHttpClientConfig config = confBuilder.build();
httpClient = new DefaultAsyncHttpClient(config);
log.debug("Using HTTP url: {}", conf.getServiceUrl());
}
String getServiceUrl() {
return this.serviceNameResolver.getServiceUrl();
}
public InetSocketAddress resolveHost() {
return serviceNameResolver.resolveHost();
}
void setServiceUrl(String serviceUrl) throws PulsarClientException {
this.serviceNameResolver.updateServiceUrl(serviceUrl);
}
@Override
public void close() throws IOException {
httpClient.close();
}
public CompletableFuture get(String path, Class clazz) {
final CompletableFuture future = new CompletableFuture<>();
try {
URI hostUri = serviceNameResolver.resolveHostUri();
String requestUrl = new URL(hostUri.toURL(), path).toString();
String remoteHostName = hostUri.getHost();
AuthenticationDataProvider authData = authentication.getAuthData(remoteHostName);
CompletableFuture
© 2015 - 2025 Weber Informatics LLC | Privacy Policy