mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31571 Commits
59 Branches
Tree: 63cfc46626
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '63cfc46626'
${ noResults }
sonarqube/sonar-ws/src/main/java/org/sonarqube/ws/client/HttpConnector.java

HttpConnector.java 13KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonarqube.ws.client;

  21. 

  22. import java.io.IOException;

  23. import java.net.Proxy;

  24. import java.util.Map;

  25. import java.util.concurrent.TimeUnit;

  26. import javax.annotation.Nullable;

  27. import javax.net.ssl.SSLSocketFactory;

  28. import javax.net.ssl.X509TrustManager;

  29. import okhttp3.Call;

  30. import okhttp3.Credentials;

  31. import okhttp3.FormBody;

  32. import okhttp3.HttpUrl;

  33. import okhttp3.MediaType;

  34. import okhttp3.MultipartBody;

  35. import okhttp3.OkHttpClient;

  36. import okhttp3.Request;

  37. import okhttp3.RequestBody;

  38. import okhttp3.Response;

  39. 

  40. import static java.lang.String.format;

  41. import static java.net.HttpURLConnection.HTTP_MOVED_PERM;

  42. import static java.net.HttpURLConnection.HTTP_MOVED_TEMP;

  43. import static java.nio.charset.StandardCharsets.UTF_8;

  44. import static okhttp3.internal.http.StatusLine.HTTP_PERM_REDIRECT;

  45. import static okhttp3.internal.http.StatusLine.HTTP_TEMP_REDIRECT;

  46. import static org.sonarqube.ws.WsUtils.checkArgument;

  47. import static org.sonarqube.ws.WsUtils.isNullOrEmpty;

  48. import static org.sonarqube.ws.WsUtils.nullToEmpty;

  49. 

  50. /**

  51.  * Connect to any SonarQube server available through HTTP or HTTPS.

  52.  * <p>The JVM system proxies are used.</p>

  53.  */

  54. public class HttpConnector implements WsConnector {

  55. 

  56.   public static final int DEFAULT_CONNECT_TIMEOUT_MILLISECONDS = 30_000;

  57.   public static final int DEFAULT_READ_TIMEOUT_MILLISECONDS = 60_000;

  58. 

  59.   /**

  60.    * Base URL with trailing slash, for instance "https://localhost/sonarqube/".

  61.    * It is required for further usage of {@link HttpUrl#resolve(String)}.

  62.    */

  63.   private final HttpUrl baseUrl;

  64.   private final String systemPassCode;

  65.   private final OkHttpClient okHttpClient;

  66.   private final OkHttpClient noRedirectOkHttpClient;

  67. 

  68.   private HttpConnector(Builder builder) {

  69.     this.baseUrl = HttpUrl.parse(builder.url.endsWith("/") ? builder.url : format("%s/", builder.url));

  70.     checkArgument(this.baseUrl != null, "Malformed URL: '%s'", builder.url);

  71. 

  72.     OkHttpClientBuilder okHttpClientBuilder = new OkHttpClientBuilder();

  73.     okHttpClientBuilder.setUserAgent(builder.userAgent);

  74. 

  75.     if (!isNullOrEmpty(builder.login)) {

  76.       // password is null when login represents an access token. In this case

  77.       // the Basic credentials consider an empty password.

  78.       okHttpClientBuilder.setCredentials(Credentials.basic(builder.login, nullToEmpty(builder.password), UTF_8));

  79.     }

  80.     this.systemPassCode = builder.systemPassCode;

  81.     okHttpClientBuilder.setProxy(builder.proxy);

  82.     okHttpClientBuilder.setProxyLogin(builder.proxyLogin);

  83.     okHttpClientBuilder.setProxyPassword(builder.proxyPassword);

  84.     okHttpClientBuilder.setConnectTimeoutMs(builder.connectTimeoutMs);

  85.     okHttpClientBuilder.setReadTimeoutMs(builder.readTimeoutMs);

  86.     okHttpClientBuilder.setSSLSocketFactory(builder.sslSocketFactory);

  87.     okHttpClientBuilder.setTrustManager(builder.sslTrustManager);

  88.     this.okHttpClient = okHttpClientBuilder.build();

  89.     this.noRedirectOkHttpClient = newClientWithoutRedirect(this.okHttpClient);

  90.   }

  91. 

  92.   private static OkHttpClient newClientWithoutRedirect(OkHttpClient client) {

  93.     return client.newBuilder()

  94.       .followRedirects(false)

  95.       .followSslRedirects(false)

  96.       .build();

  97.   }

  98. 

  99.   @Override

  100.   public String baseUrl() {

  101.     return baseUrl.url().toExternalForm();

  102.   }

  103. 

  104.   public OkHttpClient okHttpClient() {

  105.     return okHttpClient;

  106.   }

  107. 

  108.   @Override

  109.   public WsResponse call(WsRequest httpRequest) {

  110.     if (httpRequest instanceof GetRequest) {

  111.       return get((GetRequest) httpRequest);

  112.     }

  113.     if (httpRequest instanceof PostRequest) {

  114.       return post((PostRequest) httpRequest);

  115.     }

  116.     throw new IllegalArgumentException(format("Unsupported implementation: %s", httpRequest.getClass()));

  117.   }

  118. 

  119.   private WsResponse get(GetRequest getRequest) {

  120.     HttpUrl.Builder urlBuilder = prepareUrlBuilder(getRequest);

  121.     completeUrlQueryParameters(getRequest, urlBuilder);

  122. 

  123.     Request.Builder okRequestBuilder = prepareOkRequestBuilder(getRequest, urlBuilder).get();

  124.     return new OkHttpResponse(doCall(prepareOkHttpClient(okHttpClient, getRequest), okRequestBuilder.build()));

  125.   }

  126. 

  127.   private WsResponse post(PostRequest postRequest) {

  128.     HttpUrl.Builder urlBuilder = prepareUrlBuilder(postRequest);

  129. 

  130.     RequestBody body;

  131.     Map<String, PostRequest.Part> parts = postRequest.getParts();

  132.     if (parts.isEmpty()) {

  133.       // parameters are defined in the body (application/x-www-form-urlencoded)

  134.       FormBody.Builder formBody = new FormBody.Builder();

  135.       postRequest.getParameters().getKeys()

  136.         .forEach(key -> postRequest.getParameters().getValues(key)

  137.           .forEach(value -> formBody.add(key, value)));

  138.       body = formBody.build();

  139. 

  140.     } else {

  141.       // parameters are defined in the URL (as GET)

  142.       completeUrlQueryParameters(postRequest, urlBuilder);

  143. 

  144.       MultipartBody.Builder bodyBuilder = new MultipartBody.Builder().setType(MultipartBody.FORM);

  145.       parts.entrySet().forEach(param -> {

  146.         PostRequest.Part part = param.getValue();

  147.         bodyBuilder.addFormDataPart(

  148.           param.getKey(),

  149.           part.getFile().getName(),

  150.           RequestBody.create(MediaType.parse(part.getMediaType()), part.getFile()));

  151.       });

  152.       body = bodyBuilder.build();

  153.     }

  154.     Request.Builder okRequestBuilder = prepareOkRequestBuilder(postRequest, urlBuilder).post(body);

  155.     Response response = doCall(prepareOkHttpClient(noRedirectOkHttpClient, postRequest), okRequestBuilder.build());

  156.     response = checkRedirect(response, postRequest);

  157.     return new OkHttpResponse(response);

  158.   }

  159. 

  160.   private HttpUrl.Builder prepareUrlBuilder(WsRequest wsRequest) {

  161.     String path = wsRequest.getPath();

  162.     return baseUrl

  163.       .resolve(path.startsWith("/") ? path.replaceAll("^(/)+", "") : path)

  164.       .newBuilder();

  165.   }

  166. 

  167.   static OkHttpClient prepareOkHttpClient(OkHttpClient okHttpClient, WsRequest wsRequest) {

  168.     if (!wsRequest.getTimeOutInMs().isPresent() && !wsRequest.getWriteTimeOutInMs().isPresent()) {

  169.       return okHttpClient;

  170.     }

  171.     OkHttpClient.Builder builder = okHttpClient.newBuilder();

  172.     if (wsRequest.getTimeOutInMs().isPresent()) {

  173.       builder.readTimeout(wsRequest.getTimeOutInMs().getAsInt(), TimeUnit.MILLISECONDS);

  174.     }

  175.     if (wsRequest.getWriteTimeOutInMs().isPresent()) {

  176.       builder.writeTimeout(wsRequest.getWriteTimeOutInMs().getAsInt(), TimeUnit.MILLISECONDS);

  177.     }

  178. 

  179.     return builder.build();

  180.   }

  181. 

  182.   private static void completeUrlQueryParameters(BaseRequest<?> request, HttpUrl.Builder urlBuilder) {

  183.     request.getParameters().getKeys()

  184.       .forEach(key -> request.getParameters().getValues(key)

  185.         .forEach(value -> urlBuilder.addQueryParameter(key, value)));

  186.   }

  187. 

  188.   private Request.Builder prepareOkRequestBuilder(WsRequest getRequest, HttpUrl.Builder urlBuilder) {

  189.     Request.Builder okHttpRequestBuilder = new Request.Builder()

  190.       .url(urlBuilder.build())

  191.       .header("Accept", getRequest.getMediaType())

  192.       .header("Accept-Charset", "UTF-8");

  193.     if (systemPassCode != null) {

  194.       okHttpRequestBuilder.header("X-Sonar-Passcode", systemPassCode);

  195.     }

  196.     getRequest.getHeaders().getNames().forEach(name -> okHttpRequestBuilder.header(name, getRequest.getHeaders().getValue(name).get()));

  197.     return okHttpRequestBuilder;

  198.   }

  199. 

  200.   private static Response doCall(OkHttpClient client, Request okRequest) {

  201.     Call call = client.newCall(okRequest);

  202.     try {

  203.       return call.execute();

  204.     } catch (IOException e) {

  205.       throw new IllegalStateException("Fail to request url: " + okRequest.url(), e);

  206.     }

  207.   }

  208. 

  209.   private Response checkRedirect(Response response, PostRequest postRequest) {

  210.     switch (response.code()) {

  211.       case HTTP_MOVED_PERM:

  212.       case HTTP_MOVED_TEMP:

  213.       case HTTP_TEMP_REDIRECT:

  214.       case HTTP_PERM_REDIRECT:

  215.         // OkHttpClient does not follow the redirect with the same HTTP method. A POST is

  216.         // redirected to a GET. Because of that the redirect must be manually implemented.

  217.         // See:

  218.         // https://github.com/square/okhttp/blob/07309c1c7d9e296014268ebd155ebf7ef8679f6c/okhttp/src/main/java/okhttp3/internal/http/RetryAndFollowUpInterceptor.java#L316

  219.         // https://github.com/square/okhttp/issues/936#issuecomment-266430151

  220.         return followPostRedirect(response, postRequest);

  221.       default:

  222.         return response;

  223.     }

  224.   }

  225. 

  226.   private Response followPostRedirect(Response response, PostRequest postRequest) {

  227.     String location = response.header("Location");

  228.     if (location == null) {

  229.       throw new IllegalStateException(format("Missing HTTP header 'Location' in redirect of %s", response.request().url()));

  230.     }

  231.     HttpUrl url = response.request().url().resolve(location);

  232. 

  233.     // Don't follow redirects to unsupported protocols.

  234.     if (url == null) {

  235.       throw new IllegalStateException(format("Unsupported protocol in redirect of %s to %s", response.request().url(), location));

  236.     }

  237. 

  238.     Request.Builder redirectRequest = response.request().newBuilder();

  239.     redirectRequest.post(response.request().body());

  240.     response.body().close();

  241.     return doCall(prepareOkHttpClient(noRedirectOkHttpClient, postRequest), redirectRequest.url(url).build());

  242.   }

  243. 

  244.   /**

  245.    * @since 5.5

  246.    */

  247.   public static Builder newBuilder() {

  248.     return new Builder();

  249.   }

  250. 

  251.   public static class Builder {

  252.     private String url;

  253.     private String userAgent;

  254.     private String login;

  255.     private String password;

  256.     private Proxy proxy;

  257.     private String proxyLogin;

  258.     private String proxyPassword;

  259.     private String systemPassCode;

  260.     private int connectTimeoutMs = DEFAULT_CONNECT_TIMEOUT_MILLISECONDS;

  261.     private int readTimeoutMs = DEFAULT_READ_TIMEOUT_MILLISECONDS;

  262.     private SSLSocketFactory sslSocketFactory = null;

  263.     private X509TrustManager sslTrustManager = null;

  264. 

  265.     /**

  266.      * Private since 5.5.

  267.      *

  268.      * @see HttpConnector#newBuilder()

  269.      */

  270.     private Builder() {

  271.     }

  272. 

  273.     /**

  274.      * Optional User  Agent

  275.      */

  276.     public Builder userAgent(@Nullable String userAgent) {

  277.       this.userAgent = userAgent;

  278.       return this;

  279.     }

  280. 

  281.     /**

  282.      * Mandatory HTTP server URL, eg "http://localhost:9000"

  283.      */

  284.     public Builder url(String url) {

  285.       this.url = url;

  286.       return this;

  287.     }

  288. 

  289.     /**

  290.      * Optional login/password, for example "admin"

  291.      */

  292.     public Builder credentials(@Nullable String login, @Nullable String password) {

  293.       this.login = login;

  294.       this.password = password;

  295.       return this;

  296.     }

  297. 

  298.     /**

  299.      * Optional access token, for example {@code "ABCDE"}. Alternative to {@link #credentials(String, String)}

  300.      */

  301.     public Builder token(@Nullable String token) {

  302.       this.login = token;

  303.       this.password = null;

  304.       return this;

  305.     }

  306. 

  307.     /**

  308.      * Sets a specified timeout value, in milliseconds, to be used when opening HTTP connection.

  309.      * A timeout of zero is interpreted as an infinite timeout. Default value is {@link #DEFAULT_CONNECT_TIMEOUT_MILLISECONDS}

  310.      */

  311.     public Builder connectTimeoutMilliseconds(int i) {

  312.       this.connectTimeoutMs = i;

  313.       return this;

  314.     }

  315. 

  316.     /**

  317.      * Optional SSL socket factory with which SSL sockets will be created to establish SSL connections.

  318.      * If not set, a default SSL socket factory will be used, base d on the JVM's default key store.

  319.      */

  320.     public Builder setSSLSocketFactory(@Nullable SSLSocketFactory sslSocketFactory) {

  321.       this.sslSocketFactory = sslSocketFactory;

  322.       return this;

  323.     }

  324. 

  325.     /**

  326.      * Optional SSL trust manager used to validate certificates.

  327.      * If not set, a default system trust manager will be used, based on the JVM's default truststore.

  328.      */

  329.     public Builder setTrustManager(@Nullable X509TrustManager sslTrustManager) {

  330.       this.sslTrustManager = sslTrustManager;

  331.       return this;

  332.     }

  333. 

  334.     /**

  335.      * Sets the read timeout to a specified timeout, in milliseconds.

  336.      * A timeout of zero is interpreted as an infinite timeout. Default value is {@link #DEFAULT_READ_TIMEOUT_MILLISECONDS}

  337.      */

  338.     public Builder readTimeoutMilliseconds(int i) {

  339.       this.readTimeoutMs = i;

  340.       return this;

  341.     }

  342. 

  343.     public Builder proxy(@Nullable Proxy proxy) {

  344.       this.proxy = proxy;

  345.       return this;

  346.     }

  347. 

  348.     public Builder proxyCredentials(@Nullable String proxyLogin, @Nullable String proxyPassword) {

  349.       this.proxyLogin = proxyLogin;

  350.       this.proxyPassword = proxyPassword;

  351.       return this;

  352.     }

  353. 

  354.     public Builder systemPassCode(@Nullable String systemPassCode) {

  355.       this.systemPassCode = systemPassCode;

  356.       return this;

  357.     }

  358. 

  359.     public HttpConnector build() {

  360.       checkArgument(!isNullOrEmpty(url), "Server URL is not defined");

  361.       return new HttpConnector(this);

  362.     }

  363.   }

  364. 

  365. }