From c3d0c18af5c5d3c4fe226d2ef998d71e64d873c1 Mon Sep 17 00:00:00 2001 From: Julian Schlichtholz Date: Fri, 16 Sep 2016 16:10:11 +0200 Subject: [PATCH] make HttpClient configurable, closes #1071 --- .../IntrospectingTokenService.java | 13 +++++++--- .../client/OIDCAuthenticationFilter.java | 18 +++++++------ .../connect/client/UserInfoFetcher.java | 17 ++++++++----- ...egistrationClientConfigurationService.java | 20 ++++++++++----- .../DynamicServerConfigurationService.java | 15 +++++++---- .../service/impl/WebfingerIssuerService.java | 15 +++++++---- .../service/impl/JWKSetCacheService.java | 25 +++++++++++++------ ...faultOAuth2ClientDetailsEntityService.java | 12 ++++++--- .../InMemoryClientLogoLoadingService.java | 22 +++++++++++----- 9 files changed, 105 insertions(+), 52 deletions(-) diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java index 606102d07..5f86419a1 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java @@ -73,10 +73,15 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { private boolean cacheNonExpiringTokens = false; private boolean cacheTokens = true; - private HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .build(); - private HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); + private HttpComponentsClientHttpRequestFactory factory; + + public IntrospectingTokenService() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public IntrospectingTokenService(HttpClient httpClient) { + this.factory = new HttpComponentsClientHttpRequestFactory(httpClient); + } // Inner class to store in the hash map private class TokenCacheObject { diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java index c8b28e86c..5059f7036 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java @@ -119,6 +119,8 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi @Autowired(required=false) private JWTSigningAndValidationService authenticationSignerService; + @Autowired(required=false) + private HttpClient httpClient; /* * Modular services to build out client filter. @@ -341,14 +343,14 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi // Handle Token Endpoint interaction - HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .setDefaultRequestConfig( - RequestConfig.custom() - .setSocketTimeout(httpSocketTimeout) - .build() - ) - .build(); + if(httpClient == null) { + httpClient = HttpClientBuilder.create() + .useSystemProperties() + .setDefaultRequestConfig(RequestConfig.custom() + .setSocketTimeout(httpSocketTimeout) + .build()) + .build(); + } HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java index cbaaf4fd0..f1142d970 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java @@ -61,10 +61,14 @@ public class UserInfoFetcher { private LoadingCache cache; public UserInfoFetcher() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public UserInfoFetcher(HttpClient httpClient) { cache = CacheBuilder.newBuilder() .expireAfterWrite(1, TimeUnit.HOURS) // expires 1 hour after fetch .maximumSize(100) - .build(new UserInfoLoader()); + .build(new UserInfoLoader(httpClient)); } public UserInfo loadUserInfo(final PendingOIDCAuthenticationToken token) { @@ -79,11 +83,12 @@ public class UserInfoFetcher { private class UserInfoLoader extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .build(); - private HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); - + private HttpComponentsClientHttpRequestFactory factory; + + UserInfoLoader(HttpClient httpClient) { + this.factory = new HttpComponentsClientHttpRequestFactory(httpClient); + } + public UserInfo load(final PendingOIDCAuthenticationToken token) { ServerConfiguration serverConfiguration = token.getServerConfiguration(); diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java index 8a820923c..266d55479 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java @@ -72,7 +72,11 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf private Set blacklist = new HashSet<>(); public DynamicRegistrationClientConfigurationService() { - clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader()); + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public DynamicRegistrationClientConfigurationService(HttpClient httpClient) { + clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader(httpClient)); } @Override @@ -168,13 +172,17 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf * */ public class DynamicClientRegistrationLoader extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .build(); - - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + private HttpComponentsClientHttpRequestFactory httpFactory; private Gson gson = new Gson(); // note that this doesn't serialize nulls by default + public DynamicClientRegistrationLoader() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public DynamicClientRegistrationLoader(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + } + @Override public RegisteredClient load(ServerConfiguration serverConfig) throws Exception { RestTemplate restTemplate = new RestTemplate(httpFactory); diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java index 1ddc6aa7b..d26713d3c 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java @@ -69,8 +69,12 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer private Set blacklist = new HashSet<>(); public DynamicServerConfigurationService() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public DynamicServerConfigurationService(HttpClient httpClient) { // initialize the cache - servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher()); + servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher(httpClient)); } /** @@ -126,12 +130,13 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer * */ private class OpenIDConnectServiceConfigurationFetcher extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + private HttpComponentsClientHttpRequestFactory httpFactory; private JsonParser parser = new JsonParser(); + OpenIDConnectServiceConfigurationFetcher(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + } + @Override public ServerConfiguration load(String issuer) throws Exception { RestTemplate restTemplate = new RestTemplate(httpFactory); diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java index 0eedb0ffb..87a03ef9d 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java @@ -94,7 +94,11 @@ public class WebfingerIssuerService implements IssuerService { private boolean forceHttps = true; public WebfingerIssuerService() { - issuers = CacheBuilder.newBuilder().build(new WebfingerIssuerFetcher()); + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public WebfingerIssuerService(HttpClient httpClient) { + issuers = CacheBuilder.newBuilder().build(new WebfingerIssuerFetcher(httpClient)); } /* (non-Javadoc) @@ -203,12 +207,13 @@ public class WebfingerIssuerService implements IssuerService { * */ private class WebfingerIssuerFetcher extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create() - .useSystemProperties() - .build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + private HttpComponentsClientHttpRequestFactory httpFactory; private JsonParser parser = new JsonParser(); + WebfingerIssuerFetcher(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + } + @Override public LoadingResult load(String identifier) throws Exception { diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java index e07890529..766615186 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java @@ -68,11 +68,11 @@ public class JWKSetCacheService { this.validators = CacheBuilder.newBuilder() .expireAfterWrite(1, TimeUnit.HOURS) // expires 1 hour after fetch .maximumSize(100) - .build(new JWKSetVerifierFetcher()); + .build(new JWKSetVerifierFetcher(HttpClientBuilder.create().useSystemProperties().build())); this.encrypters = CacheBuilder.newBuilder() .expireAfterWrite(1, TimeUnit.HOURS) // expires 1 hour after fetch .maximumSize(100) - .build(new JWKSetEncryptorFetcher()); + .build(new JWKSetEncryptorFetcher(HttpClientBuilder.create().useSystemProperties().build())); } /** @@ -104,9 +104,13 @@ public class JWKSetCacheService { * */ private class JWKSetVerifierFetcher extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); - private RestTemplate restTemplate = new RestTemplate(httpFactory); + private HttpComponentsClientHttpRequestFactory httpFactory; + private RestTemplate restTemplate; + + JWKSetVerifierFetcher(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + this.restTemplate = new RestTemplate(httpFactory); + } /** * Load the JWK Set and build the appropriate signing service. @@ -130,9 +134,14 @@ public class JWKSetCacheService { * */ private class JWKSetEncryptorFetcher extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); - private RestTemplate restTemplate = new RestTemplate(httpFactory); + private HttpComponentsClientHttpRequestFactory httpFactory; + private RestTemplate restTemplate; + + public JWKSetEncryptorFetcher(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + this.restTemplate = new RestTemplate(httpFactory); + } + /* (non-Javadoc) * @see com.google.common.cache.CacheLoader#load(java.lang.Object) */ diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java index d1da007fd..19e46b581 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java @@ -103,7 +103,7 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt private LoadingCache> sectorRedirects = CacheBuilder.newBuilder() .expireAfterAccess(1, TimeUnit.HOURS) .maximumSize(100) - .build(new SectorIdentifierLoader()); + .build(new SectorIdentifierLoader(HttpClientBuilder.create().useSystemProperties().build())); @Override public ClientDetailsEntity saveNewClient(ClientDetailsEntity client) { @@ -465,11 +465,15 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt * */ private class SectorIdentifierLoader extends CacheLoader> { - private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); - private RestTemplate restTemplate = new RestTemplate(httpFactory); + private HttpComponentsClientHttpRequestFactory httpFactory; + private RestTemplate restTemplate; private JsonParser parser = new JsonParser(); + SectorIdentifierLoader(HttpClient httpClient) { + this.httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + this.restTemplate = new RestTemplate(httpFactory); + } + @Override public List load(String key) throws Exception { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java index 314b1a831..5039cd79e 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java @@ -48,17 +48,20 @@ import com.google.common.util.concurrent.UncheckedExecutionException; public class InMemoryClientLogoLoadingService implements ClientLogoLoadingService { private LoadingCache cache; - - + + public InMemoryClientLogoLoadingService() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + /** * */ - public InMemoryClientLogoLoadingService() { + public InMemoryClientLogoLoadingService(HttpClient httpClient) { cache = CacheBuilder.newBuilder() .maximumSize(100) .expireAfterAccess(14, TimeUnit.DAYS) - .build(new ClientLogoFetcher()); + .build(new ClientLogoFetcher(httpClient)); } @@ -84,8 +87,15 @@ public class InMemoryClientLogoLoadingService implements ClientLogoLoadingServic * */ public class ClientLogoFetcher extends CacheLoader { - private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build(); - private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient); + private HttpClient httpClient; + + public ClientLogoFetcher() { + this(HttpClientBuilder.create().useSystemProperties().build()); + } + + public ClientLogoFetcher(HttpClient httpClient) { + this.httpClient = httpClient; + } /* (non-Javadoc) * @see com.google.common.cache.CacheLoader#load(java.lang.Object)