Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ELY-2753] Add connection-timeout-millis, connection-ttl-millis and socket-timeout-millis to OidcJsonConfiguration to allow oidc.json configuration to parse these attributes #2139

Open
wants to merge 1 commit into
base: 2.x
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,15 @@ public HttpClient build(OidcJsonConfiguration oidcClientConfig) {
if (oidcClientConfig.getConnectionPoolSize() > 0) {
size = oidcClientConfig.getConnectionPoolSize();
}
if (oidcClientConfig.getConnectionTimeoutMillis() > 0) {
setEstablishConnectionTimeout(oidcClientConfig.getConnectionTimeoutMillis(), establishConnectionTimeoutUnits);
}
if (oidcClientConfig.getConnectionTtlMillis() > 0) {
setConnectionTimeToLive(oidcClientConfig.getConnectionTtlMillis(), connectionTimeToLiveUnit);
}
if (oidcClientConfig.getSocketTimeoutMillis() > 0) {
setSocketTimeout(oidcClientConfig.getSocketTimeoutMillis(), socketTimeoutUnits);
}
HttpClientBuilder.HostnameVerificationPolicy policy = HttpClientBuilder.HostnameVerificationPolicy.WILDCARD;
if (oidcClientConfig.isAllowAnyHostname()) {
policy = HttpClientBuilder.HostnameVerificationPolicy.ANY;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ public class Oidc {
public static final String CORS_ALLOWED_METHODS = "cors-allowed-methods";
public static final String CORS_EXPOSED_HEADERS = "cors-exposed-headers";
public static final String CONNECTION_POOL_SIZE = "connection-pool-size";
public static final String CONNECTION_TIMEOUT_MILLIS = "connection-timeout-millis";
public static final String CONNECTION_TTL_MILLIS = "connection-ttl-millis";
public static final String SOCKET_TIMEOUT_MILLIS = "socket-timeout-millis";
public static final String CLIENTS_MANAGEMENT_REGISTER_NODE_PATH = "clients-managements/register-node";
public static final String CLIENTS_MANAGEMENT_UNREGISTER_NODE_PATH = "clients-managements/unregister-node";
public static final String CREDENTIALS = "credentials";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@

package org.wildfly.security.http.oidc;

import static org.wildfly.security.http.oidc.Oidc.CONNECTION_TIMEOUT_MILLIS;
import static org.wildfly.security.http.oidc.Oidc.CONNECTION_TTL_MILLIS;
import static org.wildfly.security.http.oidc.Oidc.DEFAULT_TOKEN_SIGNATURE_ALGORITHM;
import static org.wildfly.security.http.oidc.Oidc.ADAPTER_STATE_COOKIE_PATH;
import static org.wildfly.security.http.oidc.Oidc.ALLOW_ANY_HOSTNAME;
Expand Down Expand Up @@ -64,6 +66,7 @@
import static org.wildfly.security.http.oidc.Oidc.REQUEST_OBJECT_SIGNING_KEYSTORE_PASSWORD;
import static org.wildfly.security.http.oidc.Oidc.REQUEST_OBJECT_SIGNING_KEYSTORE_TYPE;
import static org.wildfly.security.http.oidc.Oidc.SCOPE;
import static org.wildfly.security.http.oidc.Oidc.SOCKET_TIMEOUT_MILLIS;
import static org.wildfly.security.http.oidc.Oidc.SSL_REQUIRED;
import static org.wildfly.security.http.oidc.Oidc.TOKEN_MINIMUM_TIME_TO_LIVE;
import static org.wildfly.security.http.oidc.Oidc.TOKEN_SIGNATURE_ALGORITHM;
Expand Down Expand Up @@ -94,6 +97,7 @@
USE_RESOURCE_ROLE_MAPPINGS, USE_REALM_ROLE_MAPPINGS,
ENABLE_CORS, CORS_MAX_AGE, CORS_ALLOWED_METHODS, CORS_EXPOSED_HEADERS,
EXPOSE_TOKEN, BEARER_ONLY, AUTODETECT_BEARER_ONLY, CONNECTION_POOL_SIZE,
CONNECTION_TIMEOUT_MILLIS, CONNECTION_TTL_MILLIS, SOCKET_TIMEOUT_MILLIS,
ALLOW_ANY_HOSTNAME, DISABLE_TRUST_MANAGER, TRUSTSTORE, TRUSTSTORE_PASSWORD,
CLIENT_KEYSTORE, CLIENT_KEYSTORE_PASSWORD, CLIENT_KEY_PASSWORD,
ALWAYS_REFRESH_TOKEN,
Expand Down Expand Up @@ -134,6 +138,12 @@ public class OidcJsonConfiguration {
protected String requestObjectSigningKeyStoreType;
@JsonProperty(CONNECTION_POOL_SIZE)
protected int connectionPoolSize = 20;
@JsonProperty(CONNECTION_TIMEOUT_MILLIS)
protected int connectionTimeoutMillis = -1;
@JsonProperty(CONNECTION_TTL_MILLIS)
protected int connectionTtlMillis = -1;
@JsonProperty(SOCKET_TIMEOUT_MILLIS)
protected int socketTimeoutMillis = -1;
@JsonProperty(ALWAYS_REFRESH_TOKEN)
protected boolean alwaysRefreshToken = false;
@JsonProperty(REGISTER_NODE_AT_STARTUP)
Expand Down Expand Up @@ -331,6 +341,30 @@ public void setConnectionPoolSize(int connectionPoolSize) {
this.connectionPoolSize = connectionPoolSize;
}

public int getConnectionTimeoutMillis() {
return connectionTimeoutMillis;
}

public void setConnectionTimeoutMillis(int connectionTimeoutMillis) {
this.connectionTimeoutMillis = connectionTimeoutMillis;
}

public int getConnectionTtlMillis() {
return connectionTtlMillis;
}

public void setConnectionTtlMillis(int connectionTtlMillis) {
this.connectionTtlMillis = connectionTtlMillis;
}

public int getSocketTimeoutMillis() {
return socketTimeoutMillis;
}

public void setSocketTimeoutMillis(int socketTimeoutMillis) {
this.socketTimeoutMillis = socketTimeoutMillis;
}

public boolean isAlwaysRefreshToken() {
return alwaysRefreshToken;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,11 @@ public void testMissingRequiredConfigurationOption() {
OidcClientConfigurationBuilder.build(getOidcConfigurationMissingRequiredOption());
}

@Test
public void testTimeoutConfigurationOptions() throws Exception {
OidcClientConfigurationBuilder.build(getOidcConfigurationInputStreamWithTimeoutOptions(5000, 5000, 5000));
}

@Test
public void testSucessfulAuthenticationWithAuthServerUrl() throws Exception {
performAuthentication(getOidcConfigurationInputStream(), KeycloakConfiguration.ALICE, KeycloakConfiguration.ALICE_PASSWORD,
Expand Down Expand Up @@ -696,6 +701,23 @@ private InputStream getOidcConfigurationInputStream(String clientSecret, String
return new ByteArrayInputStream(oidcConfig.getBytes(StandardCharsets.UTF_8));
}

private InputStream getOidcConfigurationInputStreamWithTimeoutOptions(int connectionTimeoutMillis, int connectionTtlMillis, int socketTimeoutMillis) {
String oidcConfig = "{\n" +
" \"realm\" : \"" + TEST_REALM + "\",\n" +
" \"resource\" : \"" + CLIENT_ID + "\",\n" +
" \"public-client\" : \"false\",\n" +
" \"connection-timeout-millis\" : \"" + connectionTimeoutMillis + "\",\n" +
" \"connection-ttl-millis\" : \"" + connectionTtlMillis + "\",\n" +
" \"socket-timeout-millis\" : \"" + socketTimeoutMillis + "\",\n" +
" \"auth-server-url\" : \"" + KEYCLOAK_CONTAINER.getAuthServerUrl() + "\",\n" +
" \"ssl-required\" : \"EXTERNAL\",\n" +
" \"credentials\" : {\n" +
" \"secret\" : \"" + CLIENT_SECRET + "\"\n" +
" }\n" +
"}";
return new ByteArrayInputStream(oidcConfig.getBytes(StandardCharsets.UTF_8));
}

private InputStream getOidcConfigurationInputStreamWithEnvironmentVariableExpression() {
String oidcConfig = "{\n" +
" \"" + RESOURCE + "\" : \"" + CLIENT_ID + "\",\n" +
Expand Down
Loading