From 7bec78b7439a809a8d9171a59c6b4f57fcef3a37 Mon Sep 17 00:00:00 2001 From: Vani Haripriya Mudadla Date: Wed, 23 Aug 2023 16:09:07 -0500 Subject: [PATCH 1/3] [KOGITO-9231] Configure RestWorkItemHandler SSL behaviour through properties --- kogito-workitems/kogito-rest-workitem/pom.xml | 6 +++ .../rest/RestWorkItemHandlerUtils.java | 39 +++++++++++++++++++ .../runtime/SSLWebClientOptionsProducer.java | 8 ++++ 3 files changed, 53 insertions(+) diff --git a/kogito-workitems/kogito-rest-workitem/pom.xml b/kogito-workitems/kogito-rest-workitem/pom.xml index 2ec2b3b1750..3e1af366662 100644 --- a/kogito-workitems/kogito-rest-workitem/pom.xml +++ b/kogito-workitems/kogito-rest-workitem/pom.xml @@ -59,5 +59,11 @@ org.kie.kogito kogito-jackson-utils + + org.eclipse.microprofile.config + microprofile-config-api + 2.0 + compile + diff --git a/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java b/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java index b98907857d8..483099382e9 100644 --- a/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java +++ b/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java @@ -21,12 +21,24 @@ import java.util.Objects; import java.util.stream.Collectors; +import org.eclipse.microprofile.config.ConfigProvider; + +import io.vertx.core.net.JksOptions; +import io.vertx.core.net.PemKeyCertOptions; +import io.vertx.core.net.PemTrustOptions; import io.vertx.ext.web.client.WebClientOptions; import static org.kie.kogito.internal.utils.ConversionUtils.convert; public class RestWorkItemHandlerUtils { + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_FILE = "quarkus.http.ssl.certificate.file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE = "quarkus.http.ssl.certificate.key-file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE = "quarkus.http.ssl.certificate.key-store-file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD = "quarkus.http.ssl.certificate.key-store-password"; + public static final String QUARKUS_HTTP_SSL_VERIFY_CLIENT = "quarkus.http.ssl.verify-client"; + public static final String QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE = "quarkus.http.ssl.trust-certificate-file"; + private RestWorkItemHandlerUtils() { } @@ -34,6 +46,33 @@ public static WebClientOptions sslWebClientOptions() { return new WebClientOptions().setSsl(true).setVerifyHost(false).setTrustAll(true); } + public static WebClientOptions sslQuarkusWebClientOptions() { + WebClientOptions webClientOptions = new WebClientOptions(); + + String certificateFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_FILE, String.class).orElse(null); + String keyFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE, String.class).orElse(null); + String keystorePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE, String.class).orElse(null); + String keystorePassword = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD, String.class).orElse(null); + Boolean verifyClient = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_VERIFY_CLIENT, Boolean.class).orElse(null); + String trustCertFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE, String.class).orElse(null); + + if (keystorePath != null && keystorePassword != null) { + webClientOptions.setSsl(true) + .setVerifyHost(verifyClient) + .setKeyStoreOptions(new JksOptions() + .setPath(keystorePath) + .setPassword(keystorePassword)); + } + if (certificateFilePath != null && keyFilePath != null) { + webClientOptions.setPemKeyCertOptions(new PemKeyCertOptions().setCertPath(certificateFilePath).setKeyPath(keyFilePath)); + } + if (trustCertFilePath != null) { + webClientOptions.setPemTrustOptions(new PemTrustOptions().addCertPath(trustCertFilePath)); + } + + return webClientOptions; + } + public static String getParam(Map parameters, String paramName) { return getParam(parameters, paramName, String.class, null); } diff --git a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java index e6d50f5e81e..627dd1e304a 100644 --- a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java +++ b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java @@ -18,10 +18,12 @@ import javax.enterprise.context.ApplicationScoped; import javax.enterprise.inject.Produces; +import javax.inject.Named; import io.quarkus.arc.DefaultBean; import io.vertx.ext.web.client.WebClientOptions; +import static org.kogito.workitem.rest.RestWorkItemHandlerUtils.sslQuarkusWebClientOptions; import static org.kogito.workitem.rest.RestWorkItemHandlerUtils.sslWebClientOptions; @ApplicationScoped @@ -32,4 +34,10 @@ public class SSLWebClientOptionsProducer { public WebClientOptions webClientOptions() { return sslWebClientOptions(); } + + @Produces + @Named("quarkusWebClientOptions") + public WebClientOptions quarkusWebClientOptions() { + return sslQuarkusWebClientOptions(); + } } From 28162532afbb76b8871d21d7ea2da424eda8b444 Mon Sep 17 00:00:00 2001 From: Vani Haripriya Mudadla Date: Wed, 30 Aug 2023 22:10:06 -0500 Subject: [PATCH 2/3] [KOGITO-9231] Updated as per comments --- .../rest/RestWorkItemHandlerUtils.java | 39 ------ .../runtime/SSLWebClientOptionsProducer.java | 2 +- .../runtime/SSLWebClientOptionsUtils.java | 84 ++++++++++++ .../pom.xml | 123 ++++++++++++++++++ .../integrationtests/GreetingService.java | 36 +++++ .../src/main/resources/application.properties | 7 + .../src/main/resources/ssl/keystore.jks | Bin 0 -> 2784 bytes .../src/main/resources/ssl/server.crt | 22 ++++ .../src/main/resources/ssl/server.key | 28 ++++ .../integrationtests/SecureResourceTest.java | 43 ++++++ .../src/test/resources/application.properties | 1 + quarkus/integration-tests/pom.xml | 1 + 12 files changed, 346 insertions(+), 40 deletions(-) create mode 100644 quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsUtils.java create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/pom.xml create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/java/org/kie/kogito/integrationtests/GreetingService.java create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/application.properties create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/keystore.jks create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.crt create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.key create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/java/org/kie/kogito/integrationtests/SecureResourceTest.java create mode 100644 quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/resources/application.properties diff --git a/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java b/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java index 483099382e9..b98907857d8 100644 --- a/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java +++ b/kogito-workitems/kogito-rest-workitem/src/main/java/org/kogito/workitem/rest/RestWorkItemHandlerUtils.java @@ -21,24 +21,12 @@ import java.util.Objects; import java.util.stream.Collectors; -import org.eclipse.microprofile.config.ConfigProvider; - -import io.vertx.core.net.JksOptions; -import io.vertx.core.net.PemKeyCertOptions; -import io.vertx.core.net.PemTrustOptions; import io.vertx.ext.web.client.WebClientOptions; import static org.kie.kogito.internal.utils.ConversionUtils.convert; public class RestWorkItemHandlerUtils { - public static final String QUARKUS_HTTP_SSL_CERTIFICATE_FILE = "quarkus.http.ssl.certificate.file"; - public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE = "quarkus.http.ssl.certificate.key-file"; - public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE = "quarkus.http.ssl.certificate.key-store-file"; - public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD = "quarkus.http.ssl.certificate.key-store-password"; - public static final String QUARKUS_HTTP_SSL_VERIFY_CLIENT = "quarkus.http.ssl.verify-client"; - public static final String QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE = "quarkus.http.ssl.trust-certificate-file"; - private RestWorkItemHandlerUtils() { } @@ -46,33 +34,6 @@ public static WebClientOptions sslWebClientOptions() { return new WebClientOptions().setSsl(true).setVerifyHost(false).setTrustAll(true); } - public static WebClientOptions sslQuarkusWebClientOptions() { - WebClientOptions webClientOptions = new WebClientOptions(); - - String certificateFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_FILE, String.class).orElse(null); - String keyFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE, String.class).orElse(null); - String keystorePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE, String.class).orElse(null); - String keystorePassword = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD, String.class).orElse(null); - Boolean verifyClient = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_VERIFY_CLIENT, Boolean.class).orElse(null); - String trustCertFilePath = ConfigProvider.getConfig().getOptionalValue(QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE, String.class).orElse(null); - - if (keystorePath != null && keystorePassword != null) { - webClientOptions.setSsl(true) - .setVerifyHost(verifyClient) - .setKeyStoreOptions(new JksOptions() - .setPath(keystorePath) - .setPassword(keystorePassword)); - } - if (certificateFilePath != null && keyFilePath != null) { - webClientOptions.setPemKeyCertOptions(new PemKeyCertOptions().setCertPath(certificateFilePath).setKeyPath(keyFilePath)); - } - if (trustCertFilePath != null) { - webClientOptions.setPemTrustOptions(new PemTrustOptions().addCertPath(trustCertFilePath)); - } - - return webClientOptions; - } - public static String getParam(Map parameters, String paramName) { return getParam(parameters, paramName, String.class, null); } diff --git a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java index 627dd1e304a..c4938e1f05b 100644 --- a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java +++ b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java @@ -23,7 +23,7 @@ import io.quarkus.arc.DefaultBean; import io.vertx.ext.web.client.WebClientOptions; -import static org.kogito.workitem.rest.RestWorkItemHandlerUtils.sslQuarkusWebClientOptions; +import static org.kie.kogito.quarkus.runtime.SSLWebClientOptionsUtils.sslQuarkusWebClientOptions; import static org.kogito.workitem.rest.RestWorkItemHandlerUtils.sslWebClientOptions; @ApplicationScoped diff --git a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsUtils.java b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsUtils.java new file mode 100644 index 00000000000..b40512cee9f --- /dev/null +++ b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsUtils.java @@ -0,0 +1,84 @@ +/* + * Copyright 2023 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.kie.kogito.quarkus.runtime; + +import java.util.Optional; + +import org.eclipse.microprofile.config.Config; +import org.eclipse.microprofile.config.ConfigProvider; + +import io.vertx.core.net.JksOptions; +import io.vertx.core.net.PemKeyCertOptions; +import io.vertx.core.net.PemTrustOptions; +import io.vertx.ext.web.client.WebClientOptions; + +public class SSLWebClientOptionsUtils { + + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_FILE = "quarkus.http.ssl.certificate.file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE = "quarkus.http.ssl.certificate.key-file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE = "quarkus.http.ssl.certificate.key-store-file"; + public static final String QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD = "quarkus.http.ssl.certificate.key-store-password"; + public static final String QUARKUS_HTTP_SSL_VERIFY_CLIENT = "quarkus.http.ssl.verify-client"; + public static final String QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE = "quarkus.http.ssl.trust-certificate-file"; + + public static WebClientOptions sslQuarkusWebClientOptions() { + WebClientOptions webClientOptions = new WebClientOptions(); + + Config config = ConfigProvider.getConfig(); + + getOptionalStringValue(config, QUARKUS_HTTP_SSL_CERTIFICATE_FILE) + .ifPresent(certificateFilePath -> { + getOptionalStringValue(config, QUARKUS_HTTP_SSL_CERTIFICATE_KEY_FILE) + .ifPresent(keyFilePath -> { + webClientOptions.setPemKeyCertOptions(new PemKeyCertOptions() + .setCertPath(certificateFilePath) + .setKeyPath(keyFilePath)); + }); + }); + + getOptionalStringValue(config, QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_FILE) + .ifPresent(keystorePath -> { + getOptionalStringValue(config, QUARKUS_HTTP_SSL_CERTIFICATE_KEY_STORE_PASSWORD) + .ifPresent(keystorePassword -> { + Boolean verifyClient = getOptionalBooleanValue(config, QUARKUS_HTTP_SSL_VERIFY_CLIENT).orElse(false); + + webClientOptions.setSsl(true) + .setTrustAll(false) + .setVerifyHost(verifyClient) + .setTrustStoreOptions(new JksOptions() + .setPath(keystorePath) + .setPassword(keystorePassword)); + }); + }); + + getOptionalStringValue(config, QUARKUS_HTTP_SSL_TRUST_CERTIFICATE_FILE) + .ifPresent(trustCertFilePath -> { + webClientOptions.setPemTrustOptions(new PemTrustOptions() + .addCertPath(trustCertFilePath)); + }); + + return webClientOptions; + } + + private static Optional getOptionalStringValue(Config config, String key) { + return config.getOptionalValue(key, String.class); + } + + private static Optional getOptionalBooleanValue(Config config, String key) { + return config.getOptionalValue(key, Boolean.class); + } +} diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/pom.xml b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/pom.xml new file mode 100644 index 00000000000..8aa2f83b30f --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/pom.xml @@ -0,0 +1,123 @@ + + + 4.0.0 + + org.kie.kogito + kogito-quarkus-integration-tests + 2.0.0-SNAPSHOT + + Kogito :: Integration Tests :: Quarkus :: SSL WebClient Options + integration-tests-quarkus-ssl-webclient-options + + + + + org.kie.kogito + kogito-quarkus-bom + ${project.version} + pom + import + + + + + + + org.kie.kogito + kogito-quarkus-serverless-workflow + + + + + org.kie.kogito + kogito-quarkus-serverless-workflow-deployment + ${project.version} + pom + test + + + * + * + + + + + io.quarkus + quarkus-resteasy + + + io.quarkus + quarkus-resteasy-jackson + + + io.quarkus + quarkus-smallrye-openapi + + + io.quarkus + quarkus-smallrye-health + + + io.quarkus + quarkus-junit5 + test + + + io.rest-assured + rest-assured + test + + + com.github.tomakehurst + wiremock-jre8 + test + + + org.kie.kogito + kogito-test-utils + test + + + + + + + + io.quarkus + quarkus-maven-plugin + + true + ${skipTests} + + + + + + + io.quarkus + quarkus-maven-plugin + + + + build + generate-code + generate-code-tests + + + + + + org.apache.maven.plugins + maven-surefire-plugin + + + org.jboss.logmanager.LogManager + + + + + + + diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/java/org/kie/kogito/integrationtests/GreetingService.java b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/java/org/kie/kogito/integrationtests/GreetingService.java new file mode 100644 index 00000000000..1bbee9421c0 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/java/org/kie/kogito/integrationtests/GreetingService.java @@ -0,0 +1,36 @@ +/* + * Copyright 2023 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.kie.kogito.integrationtests; + +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; + +import org.eclipse.microprofile.config.inject.ConfigProperty; + +@Path("/greeting") +public class GreetingService { + + @ConfigProperty(name = "greeting.message") + String greetingMessage; + + @GET + @Produces(MediaType.TEXT_PLAIN) + public String secureHello() { + return greetingMessage; + } +} diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/application.properties b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/application.properties new file mode 100644 index 00000000000..834a622b140 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/application.properties @@ -0,0 +1,7 @@ +# SSL Configuration +quarkus.http.ssl.certificate.file=classpath:ssl/server.crt +quarkus.http.ssl.certificate.key-file=classpath:ssl/server.key +quarkus.http.ssl.certificate.key-store-file=classpath:ssl/keystore.jks +quarkus.http.ssl.certificate.key-store-password=test +quarkus.http.ssl.verify-client=false +greeting.message=Hello, Quarkus! \ No newline at end of file diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/keystore.jks b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..ed8acc00deeef10e147b79473bf44d94480b9dc3 GIT binary patch literal 2784 zcma)8X*d*&7M>YnW*E!Jc8zVMvGrkwF_xMv6|xqlY(q?BO?FXXM9NYmDokT*EU8HL zWyroY#8^gl%9^wg%5|T6pT6h*y7$L9=Q;0t-t+Ig&%sc*CqO_B423%m!le{v9Jj>_ zgaT<4?ocp=JMaMZ!%#RY|BK?JgDISO2k_H_$b`WEqvGKPf@l;@y#w$##{G|ilNV!$ z(fYgP!5jq(#pc{Y>NG8;T(PERIXJJ7&78fvK_Gbq2#CV)Kw$sg2;$-dU?d@27vqe9 zZX95s5*RT&6qUbL+$7a!+cDMxH2F36J)x> z&tIrDsExMbuLdzvZg9NGQzR5+g_OiKar{^@u*o@_Te>>k(pfhQpI>K_Z;r0189#i! zjlbU&t8B?Xokti}M|4=5j@~LIJpTD;0b2@nI{ao}^672cIoTIl{)oOse1gx30>5VA5pQ- zA<4ASzJH`GvIPZJN5k`1#R!ykrzCw9)G2=)5ejdu@gz3QUV@ zHpYX1rh*!|)b`@!BwO{ZPKmtgN3N^hs?Vm;c0Tyn{sm7t3QaF}HHFdXf$1t7(`eMM z+IP0yXCz37oxj&S@hrU_STy(4^Py@UbDH-%mI}(;B5HIL zZ~o}nE$fnj<~tc6@zA%nhY2AoH73w8$mO$`FgQ3IQU9dYkeJm9F>4dYi<@KFeP2{f zGc8Irde2L2B%{50_Uxq;t3h8QzBa;ya_@BH_c|PsL|h1Nw5J~0ZCzOJ3&|;nAUCZ? zzFZ<#49iyWWwqpNXOYw|!eT-f-J5=J?QwTn5K(sm4Qq0sue!MwM%C?+2(3Jiob1^c zw_Nv=Bjx*okv!*sU%G4Xoc$Qu%=p!&_z~T21#ieo%XcpZPsIjR;Pf*^EN#x$TJDVZ zD;nvQ7t`Kzx0+r-YWTx@!ot4Q`i>Y1SlEZqTMM@$cZ{H~akC6LGDqsJFYB|mgtWIc zR^J3aR*{S+d@NQFl_C$C5)1eE^tB)FxwHl>$U_UE0-HDadXRH|8xaw26x#}uW% zpKjR7sqJfDr+OvarOrm!y_EeRoZ`b$p*9v$cm)EM#3POic8@Jc<&(p>$c?_!8TFxJ z5(MVEUkf&<0uNt`BrR=N{u|^3Qhsvs<+si#P~W0jkzG8!>)f$V=PRao?{FpZwjX)M zWSJGB_gYi{$P)u(2c_kq6MYI>ltQ@Xf5pcE5T#-ha=5bMZt)~^>A4g6+2AY`)V6T-_jO^>pnlD zrAb+TZ~0exQtUGx*B<*Sne%l0BP#DgR@o%;Za{!VOafd6IxPg0W`PSkPy4N9vYtkB za2C|;+{7AVWdGPDmk?G&N(gWb;0Fi>1OSu)E&v~Z=Rpp{$oxGdj1>YOvhnnFLt*jS z>NpK72CJ>9j=@mCWq*dC5E=!XdjL^EK)^xC_?rR#FS~|6$nzdbK|}O22BN>VGs#DJ zY%KpDyZ#l%a#Yo;>m-4ah^)F$zbFbArB<)0a%pVkW$G6Qsjyp9@of6f?61^}e@;p|<3RG$6Gks8D zRj$Kx;x`XqeF}{T5OCA-`ks=e?18?aM-SI(HVcKPYVuJF;Liha<$_r-PmaLdjW?_S z$5e$|GQM&fp$)wx`6TL1N0-wLhwnw}2XL)20OivWqUdtT7ZEtG{*1Q1$T*!K3iJ0h z5r?z#9~fQGOC~w!qN-E=0*F|tIscTe%F++_)`E4VvaVrboS?-E0IP(=*5)7YB39BA z)Z>K1+lgTgv-x7Z$0R;ER-BFo>S5;+$6im#VFd3D#*GKZkIKE6ed|}7vYABK7A(n< zKQ&_x+%LH_y&1Ofc!98?2E93h_#Ihh*D0uZ6k+69z{9>c_}JARvY z6u)>i4RTXj!+w`@u<0T{P4D@Lh6c@5%(4Wbm`rdlI>c-KL;KPWgqx z^AFCSJ2CPKsC-Aed1)Z~s~AoJ9OR;5Q1c64JTd4I;W}{vaW9B7qau255||e??(vtQ z|6~u~rl}PZ(KnsYY6>b<@);kzoCfPxI#mYj=4*v%K$SC}(PZ2mo!UeEpjgEI)}YFVRRMrnfxFczst=AIB_qp|_tF z$=EKfOF|uGf0vD;_dX|G+8eCvgzK9Me#S1rNNWvQ#;HTr59wj$yH?aN!qq&SwlQs6 zbNu@c7U`6WklPxfzqAg;p6;MXL}*yUeRCAn^A`F4^m$)&vse)$DNCP-jxf zNq>s|*t)mk*O2=U3hZPT${ZI1lKsOWnCF)3w)-6dV$m;n#pDA=e|Su~0Zd|ch*u~D z=XBhfExe|zy71W!9HIyVHuXY|D+FMA-~K#W$HqrsTXK^@3rJovvFSK@XY>nEC60zh zW$S&JHoi6fqC#U)U953xyz;J}_!;j{N^mBf9XwPLH(W6L@;K=dR(^ zGpc-d4tr&1*77-+(jBt4Uxy#!H5H8?$gDyA5(4+sP9Bkaiyg>oXeBA$?NRX(@|nLB z2H+bwdBaOz!AQa2A4H-NUVN2i?9j$DT0sc9t48l^HYj=pKN*JI6=PmHbY$v%{nO3) zgnQ)dQMP|KgtIm_)V3+ytZ?(K)7H|4yW^f*eyV6LE$Tzgt;|`BIR=a2{qyyKfSdp@ zYQkz~fkqt?J$H=MG<#NyvZv7)rkPs;J>BLIBEg(L1QuGc=QgVDks6rstPA93=DiIt KS^51hi~1+?cm3S} literal 0 HcmV?d00001 diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.crt b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.crt new file mode 100644 index 00000000000..2864fc7bc47 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDnzCCAocCFE1I2Ic8KGoy9Zrk75toWuS1LhVgMA0GCSqGSIb3DQEBCwUAMIGL +MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxDzANBgNVBAcMBkZyaXNjbzEQ +MA4GA1UECgwHUmVkIEhhdDETMBEGA1UECwwKTWlkZGxld2FyZTEQMA4GA1UEAwwH +b3BlbnNzbDEiMCAGCSqGSIb3DQEJARYTdm11ZGFkbGFAcmVkaGF0LmNvbTAeFw0y +MzA4MzEwMjU5NThaFw0yNDA4MzAwMjU5NThaMIGLMQswCQYDVQQGEwJVUzEOMAwG +A1UECAwFVGV4YXMxDzANBgNVBAcMBkZyaXNjbzEQMA4GA1UECgwHUmVkIEhhdDET +MBEGA1UECwwKTWlkZGxld2FyZTEQMA4GA1UEAwwHb3BlbnNzbDEiMCAGCSqGSIb3 +DQEJARYTdm11ZGFkbGFAcmVkaGF0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALGx5CmXoawQ/JGC8Si7YQ2TvIgpsv+Ci1dGhoWawL6IAbM6BaMh ++p7OaxyruUfz+HEvhkEdJ80fd7pi+IMImp+HXJpF7zrnu0E5dirodjSxuUKTNLVE +LooumiwblYuVRbQ0ut7Zs6jkxE9sryK8XXAbOGHeA/d2illwj1F2Uf/vN6DJdzmD +Ze3znLHP2MHfCkG71e5Pizna6H3Onax5rgNiD7A883QRvvv3Y9WKJqk2mYD+W7Zn ++zRtDcDAg8cFj4hb3qNM5nsOH4aaPEExhLWlsgKW0x8jlBYvJ7oaQTv8zCqn5J94 +TgtuFLKqRq65t3YfYir8l3dOf4LyWJUQueMCAwEAATANBgkqhkiG9w0BAQsFAAOC +AQEAJxz5TcflDXSbnAbrCF56CAdLYhY61LgTTwmpyZDkgCaAsFwaAPUoQrOapmDh +ciDVCb2sc18emWq0yhPo4lDxSpWFtkfj4he0ITivu1u0tOkHzNEUKvfqcHKeEApq +HlNLxH+DhSLE4nhWx9aKjCgNyJdv87gbhOGfpOT0Kt8KagtUc4YR5JdbtJRERZMS +5KCfC3wwVZ+U4V5Bemgt4EaZI/LxiCS79THEozfKjUNmHwMjOfbtXmzD5iJdfbBB +Rmx7ToUJ2ljBV+sAVFR+/DeFpz/hpaZ9QEDzYYpI5qnGDWJQtDDpmAxsk3bvYIfE +/FKIWqt0wBgaGRKI0UUysd/c+Q== +-----END CERTIFICATE----- diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.key b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.key new file mode 100644 index 00000000000..9c843aaa197 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/main/resources/ssl/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCxseQpl6GsEPyR +gvEou2ENk7yIKbL/gotXRoaFmsC+iAGzOgWjIfqezmscq7lH8/hxL4ZBHSfNH3e6 +YviDCJqfh1yaRe8657tBOXYq6HY0sblCkzS1RC6KLposG5WLlUW0NLre2bOo5MRP +bK8ivF1wGzhh3gP3dopZcI9RdlH/7zegyXc5g2Xt85yxz9jB3wpBu9XuT4s52uh9 +zp2sea4DYg+wPPN0Eb7792PViiapNpmA/lu2Z/s0bQ3AwIPHBY+IW96jTOZ7Dh+G +mjxBMYS1pbICltMfI5QWLye6GkE7/Mwqp+SfeE4LbhSyqkauubd2H2Iq/Jd3Tn+C +8liVELnjAgMBAAECggEAB0vZpYePYORVqpfo1RZUlt0hGao0ql8u34eK0IOZNHmb +MEPKpXcotkqdhVDby8ONyP/9kEDlOHv5S5Lyx1acGr7RI5iJiS6otrXoTzy6VdGS +XNR0jpjdHFlrhTIgwtl/QjYEElB4GxBBq004J8H6SDcl6obWPNwGNEP17o9gMJUN +esUfYd5tBuFo7ixbUU6J+9txULJGQBen6RW4y6db/pxmnQ9IZNyq50JmbZ5o3DLd +mc4/J/k9dj300GaNXd681hU/B/fDRtqQTeTi0o1Cn+b2N55pdxN0MXYgCN9LbC4W +IBNkAcfc7q1rUMif7UwzFUAaeSMV9U4a3EzoVJn5cQKBgQDbsyaOFBkelcVKTjtJ +3/1XAvYA4SEAZyWjDGQ2SMoG+sl69Bspz3puY+PMQXtmttsIVBDMDiTPXSIlBSyN +mkK5yeLNDBY5Af00V5dYOZCH4pMqtydlI48dWgO09WMJ0XSWn9ske0I7Dt9yNmRJ +SnmjP/p1+cSTYB1JCPCJSxhKyQKBgQDPDgTh0mIbdaFatIKgayuvZvkXiRUlqbcU +GB8qeB/xDI3PStb4h3mPlA1X1pH8fOVWUfLkZhuma5BBRD9pVuUD5muk7f5WFUmy +iV5W6FKVBSavYpZs/CiPAHG0H9IcWoBhGOC4a2Hctb7eBMsbXZQ8B2quPQ6f4Sa7 +hw/souPJSwKBgQDIeJOwx4QYVX++Ct6szVelQw1oxgTQEk7UleUHZ6n5bnPU3tO+ +dhT4j+t4ITRSCH6a/eKJ4EoUcZ5Le4oo9971GtP6WJIamMcMMPTnyzcn10aEjrXC +4wyfMtj5EYS6m8av/tP/WP2ZWDvqQtmFyxBtN176sdt+wxBV6XNbRAu5iQKBgHTZ +S4YJjZZDjxi6UBGqCZBGQ4K1uPp1Sb2MU2JLQnNti0YVzTWads7BVbphfCeKcH6D +ZtjgivAjOdirZEHVaQ8HZW5BZUw9XUblYRkYqSoyKv/FWnEM6PKy5HgrkQ6xQEwL +lx5cc3D0HE/9UoYSDIrIALtt96fgj1Q7R5Ba6MP7AoGBAKJ1EDPGI3Nma1+RpkwS +KHS1Ipp2AFnx+ziJ09hBTrARIBFEtcqavC9FUYIco2ZO1WQRv86XiUXJc358cOQM ++tsQoD2SzZwXsrhAg+jPHR02t4f0WY3fSO6xO3Xshh4iLBYC20RUWlWppJYQXTVm +0MovnTnbRJ7bMNKX3o0z881a +-----END PRIVATE KEY----- diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/java/org/kie/kogito/integrationtests/SecureResourceTest.java b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/java/org/kie/kogito/integrationtests/SecureResourceTest.java new file mode 100644 index 00000000000..9cc057eba0f --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/java/org/kie/kogito/integrationtests/SecureResourceTest.java @@ -0,0 +1,43 @@ +/* + * Copyright 2023 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.kie.kogito.integrationtests; + +import javax.inject.Inject; + +import org.junit.jupiter.api.Test; + +import io.quarkus.test.junit.QuarkusTest; +import io.restassured.RestAssured; + +import static org.hamcrest.Matchers.equalTo; + +@QuarkusTest +public class SecureResourceTest { + + @Inject + GreetingService greetingService; + + @Test + public void testSecureResource() { + RestAssured.given() + .relaxedHTTPSValidation() // Disable strict validation for testing + .when() + .get("/greeting") + .then() + .statusCode(200) + .body(equalTo("Hello, Quarkus!")); + } +} diff --git a/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/resources/application.properties b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/resources/application.properties new file mode 100644 index 00000000000..ea2478e5082 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-ssl-webclient-options/src/test/resources/application.properties @@ -0,0 +1 @@ +quarkus.http.test-port=0 \ No newline at end of file diff --git a/quarkus/integration-tests/pom.xml b/quarkus/integration-tests/pom.xml index 857d2ca04ee..1e8b425a0b6 100644 --- a/quarkus/integration-tests/pom.xml +++ b/quarkus/integration-tests/pom.xml @@ -41,6 +41,7 @@ integration-tests-quarkus-processes-persistence integration-tests-quarkus-source-files integration-tests-quarkus-gradle + integration-tests-quarkus-ssl-webclient-options From 1e3357e6e3f7ce39eb4ead2010f9f9e726c5f060 Mon Sep 17 00:00:00 2001 From: Vani Haripriya Mudadla Date: Thu, 31 Aug 2023 12:39:37 -0500 Subject: [PATCH 3/3] [KOGITO-9231] Updated Default bean --- kogito-workitems/kogito-rest-workitem/pom.xml | 6 ------ .../quarkus/runtime/SSLWebClientOptionsProducer.java | 8 -------- 2 files changed, 14 deletions(-) diff --git a/kogito-workitems/kogito-rest-workitem/pom.xml b/kogito-workitems/kogito-rest-workitem/pom.xml index 3e1af366662..2ec2b3b1750 100644 --- a/kogito-workitems/kogito-rest-workitem/pom.xml +++ b/kogito-workitems/kogito-rest-workitem/pom.xml @@ -59,11 +59,5 @@ org.kie.kogito kogito-jackson-utils - - org.eclipse.microprofile.config - microprofile-config-api - 2.0 - compile - diff --git a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java index c4938e1f05b..ab2fd4c1c88 100644 --- a/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java +++ b/quarkus/extensions/kogito-quarkus-extension-common/kogito-quarkus-common/src/main/java/org/kie/kogito/quarkus/runtime/SSLWebClientOptionsProducer.java @@ -18,25 +18,17 @@ import javax.enterprise.context.ApplicationScoped; import javax.enterprise.inject.Produces; -import javax.inject.Named; import io.quarkus.arc.DefaultBean; import io.vertx.ext.web.client.WebClientOptions; import static org.kie.kogito.quarkus.runtime.SSLWebClientOptionsUtils.sslQuarkusWebClientOptions; -import static org.kogito.workitem.rest.RestWorkItemHandlerUtils.sslWebClientOptions; @ApplicationScoped public class SSLWebClientOptionsProducer { @Produces @DefaultBean - public WebClientOptions webClientOptions() { - return sslWebClientOptions(); - } - - @Produces - @Named("quarkusWebClientOptions") public WebClientOptions quarkusWebClientOptions() { return sslQuarkusWebClientOptions(); }