apache · suncairong163 · May 4, 2023 · May 7, 2023 · May 7, 2023 · May 7, 2023
diff --git a/...ting/dubbo-remoting-http/src/main/java/org/apache/dubbo/remoting/http/BaseRestClient.java b/...ting/dubbo-remoting-http/src/main/java/org/apache/dubbo/remoting/http/BaseRestClient.java
@@ -17,27 +17,70 @@
 package org.apache.dubbo.remoting.http;
 
 
+import org.apache.dubbo.common.URL;
+import org.apache.dubbo.common.ssl.Cert;
+import org.apache.dubbo.common.ssl.CertManager;
 import org.apache.dubbo.remoting.http.config.HttpClientConfig;
 
-public abstract class BaseRestClient<CLIENT> implements RestClient {
+import java.util.concurrent.CompletableFuture;
 
-    protected CLIENT client;
+public abstract class BaseRestClient implements RestClient {
+    protected final HttpClientConfig httpClientConfig;
+    protected final URL url;
 
-    protected HttpClientConfig clientConfig;
 
-    public BaseRestClient(HttpClientConfig clientConfig) {
-        this.clientConfig = clientConfig;
-        client = createHttpClient(clientConfig);
+    public BaseRestClient(HttpClientConfig httpClientConfig, URL url) {
+        this.httpClientConfig = httpClientConfig;
+        this.url = url;
     }
 
-    protected abstract CLIENT createHttpClient(HttpClientConfig clientConfig);
 
+    public URL getUrl() {
+        return url;
+    }
+
+    public HttpClientConfig getHttpClientConfig() {
+        return httpClientConfig;
+    }
+
+    /**
+     *  ssl config check
+     * @return
+     */
+    public boolean isEnableSSL() {
+        Cert consumerConnectionConfig = null;
+        try {
+            CertManager certManager = url.getOrDefaultFrameworkModel().getBeanFactory().getBean(CertManager.class);
+            consumerConnectionConfig = certManager.getConsumerConnectionConfig(url);
+        } catch (Exception e) {
+            return false;
+        }
 
-    public HttpClientConfig getClientConfig() {
-        return clientConfig;
+        if (consumerConnectionConfig == null) {
+            return false;
+        }
+        return true;
+
+    }
+
+    /**
+     * set protocol by sslConfig
+     *
+     * @param requestTemplate
+     */
+    private void preSend(RequestTemplate requestTemplate) {
+        if (isEnableSSL()) {
+            requestTemplate.setHttpsProtocol();
+        } else {
+            requestTemplate.setHttpProtocol();
+        }
     }
 
-    public CLIENT getClient() {
-        return client;
+    @Override
+    public CompletableFuture<RestResult> send(RequestTemplate message) {
+        preSend(message);
+        return doSend(message);
     }
+
+    protected abstract CompletableFuture<RestResult> doSend(RequestTemplate message);
 }
diff --git a/...ing/dubbo-remoting-http/src/main/java/org/apache/dubbo/remoting/http/RequestTemplate.java b/...ing/dubbo-remoting-http/src/main/java/org/apache/dubbo/remoting/http/RequestTemplate.java
@@ -45,6 +45,8 @@ public class RequestTemplate implements Serializable {
     private Object body;
     private byte[] byteBody = new byte[0];
     private String protocol = "http://";
+    private static final String HTTP_PROTOCOL = "http://";
+    private static final String HTTPS_PROTOCOL = "https://";
     private final Invocation invocation;
     private String contextPath = "";
     private Class<?> bodyType;
@@ -132,7 +134,7 @@ public boolean isBodyEmpty() {
         return getUnSerializedBody() == null;
     }
 
-    public RequestTemplate body(Object body,Class bodyType) {
+    public RequestTemplate body(Object body, Class bodyType) {
         this.body = body;
         setBodyType(bodyType);
         return this;
@@ -281,6 +283,13 @@ public void setProtocol(String protocol) {
         this.protocol = protocol;
     }
 
+    public void setHttpProtocol() {
+        this.protocol = HTTP_PROTOCOL;
+    }
+
+    public void setHttpsProtocol() {
+        this.protocol = HTTPS_PROTOCOL;
+    }
 
     public Invocation getInvocation() {
         return invocation;

diff --git a/...tp/src/main/java/org/apache/dubbo/remoting/http/factory/impl/ApacheHttpClientFactory.java b/...tp/src/main/java/org/apache/dubbo/remoting/http/factory/impl/ApacheHttpClientFactory.java
@@ -32,6 +32,6 @@ public class ApacheHttpClientFactory extends AbstractHttpClientFactory {
     protected RestClient doCreateRestClient(URL url) throws RpcException {
 
 
-        return new HttpClientRestClient(httpClientConfig);
+        return new HttpClientRestClient(httpClientConfig,url);
     }
 }
diff --git a/...g-http/src/main/java/org/apache/dubbo/remoting/http/factory/impl/OkHttpClientFactory.java b/...g-http/src/main/java/org/apache/dubbo/remoting/http/factory/impl/OkHttpClientFactory.java
@@ -31,6 +31,6 @@ public class OkHttpClientFactory extends AbstractHttpClientFactory {
     @Override
     protected RestClient doCreateRestClient(URL url) throws RpcException {
 
-        return new OKHttpRestClient(httpClientConfig);
+        return new OKHttpRestClient(httpClientConfig, url);
     }
 }
diff --git a/...src/main/java/org/apache/dubbo/remoting/http/factory/impl/URLConnectionClientFactory.java b/...src/main/java/org/apache/dubbo/remoting/http/factory/impl/URLConnectionClientFactory.java
@@ -31,6 +31,6 @@ public class URLConnectionClientFactory extends AbstractHttpClientFactory {
     @Override
     protected RestClient doCreateRestClient(URL url) throws RpcException {
 
-        return new URLConnectionRestClient(httpClientConfig);
+        return new URLConnectionRestClient(httpClientConfig,url);
     }
 }
diff --git a/...ng-http/src/main/java/org/apache/dubbo/remoting/http/restclient/HttpClientRestClient.java b/...ng-http/src/main/java/org/apache/dubbo/remoting/http/restclient/HttpClientRestClient.java
@@ -16,12 +16,15 @@
  */
 package org.apache.dubbo.remoting.http.restclient;
 
+import org.apache.dubbo.common.URL;
+import org.apache.dubbo.remoting.http.BaseRestClient;
 import org.apache.dubbo.remoting.http.RequestTemplate;
-import org.apache.dubbo.remoting.http.RestClient;
 import org.apache.dubbo.remoting.http.RestResult;
 import org.apache.dubbo.remoting.http.config.HttpClientConfig;
 
 import org.apache.commons.io.IOUtils;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLContexts;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLSetter;
 import org.apache.http.Header;
 import org.apache.http.HttpEntityEnclosingRequest;
 import org.apache.http.client.config.RequestConfig;
@@ -38,9 +41,12 @@
 import org.apache.http.client.methods.HttpTrace;
 import org.apache.http.entity.ByteArrayEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.impl.client.HttpClients;
-import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
 
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.Collection;
@@ -51,17 +57,21 @@
 import java.util.stream.Collectors;
 
 
-public class HttpClientRestClient implements RestClient {
+public class HttpClientRestClient extends BaseRestClient {
     private final CloseableHttpClient closeableHttpClient;
-    private final HttpClientConfig httpClientConfig;
 
-    public HttpClientRestClient(HttpClientConfig clientConfig) {
+    public HttpClientRestClient(HttpClientConfig clientConfig, URL url) {
+        super(clientConfig, url);
         closeableHttpClient = createHttpClient();
-        httpClientConfig = clientConfig;
+    }
+
+    public HttpClientRestClient(HttpClientConfig clientConfig) {
+
+        this(clientConfig, null);
     }
 
     @Override
-    public CompletableFuture<RestResult> send(RequestTemplate requestTemplate) {
+    public CompletableFuture<RestResult> doSend(RequestTemplate requestTemplate) {
 
         HttpRequestBase httpRequest = null;
         String httpMethod = requestTemplate.getHttpMethod();
@@ -158,8 +168,23 @@ public boolean isClosed() {
     }
 
     public CloseableHttpClient createHttpClient() {
-        PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
-        return HttpClients.custom().setConnectionManager(connectionManager).build();
+
+        HttpClientBuilder custom = HttpClients.custom();
+        HttpClientBuilder finalCustom = custom;
+        custom = RestClientSSLContexts.buildClientSslContext(getUrl(), new RestClientSSLSetter() {
+            @Override
+            public void initSSLContext(SSLContext sslContext, TrustManager[] trustAllCerts) {
+                finalCustom.setSSLContext(sslContext);
+            }
+
+            @Override
+            public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
+
+                finalCustom.setSSLHostnameVerifier(hostnameVerifier);
+            }
+        }, finalCustom);
+
+        return custom.build();
     }
 
     protected HttpRequestBase createHttpUriRequest(String httpMethod, RequestTemplate requestTemplate) {

diff --git a/...moting-http/src/main/java/org/apache/dubbo/remoting/http/restclient/OKHttpRestClient.java b/...moting-http/src/main/java/org/apache/dubbo/remoting/http/restclient/OKHttpRestClient.java
@@ -16,8 +16,9 @@
  */
 package org.apache.dubbo.remoting.http.restclient;
 
+import org.apache.dubbo.common.URL;
+import org.apache.dubbo.remoting.http.BaseRestClient;
 import org.apache.dubbo.remoting.http.RequestTemplate;
-import org.apache.dubbo.remoting.http.RestClient;
 import org.apache.dubbo.remoting.http.RestResult;
 import org.apache.dubbo.remoting.http.config.HttpClientConfig;
 
@@ -29,7 +30,13 @@
 import okhttp3.Response;
 import okhttp3.ResponseBody;
 import okhttp3.internal.http.HttpMethod;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLContexts;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLSetter;
 
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import java.io.IOException;
 import java.util.Collection;
 import java.util.List;
@@ -38,17 +45,21 @@
 import java.util.concurrent.TimeUnit;
 
 // TODO add version 4.0 implements ,and default version is < 4.0,for dependency conflict
-public class OKHttpRestClient implements RestClient {
+public class OKHttpRestClient extends BaseRestClient {
     private final OkHttpClient okHttpClient;
-    private final HttpClientConfig httpClientConfig;
 
-    public OKHttpRestClient(HttpClientConfig clientConfig) {
+    public OKHttpRestClient(HttpClientConfig clientConfig, URL url) {
+        super(clientConfig, url);
         this.okHttpClient = createHttpClient(clientConfig);
-        this.httpClientConfig = clientConfig;
+    }
+
+    public OKHttpRestClient(HttpClientConfig clientConfig) {
+
+        this(clientConfig, null);
     }
 
     @Override
-    public CompletableFuture<RestResult> send(RequestTemplate requestTemplate) {
+    public CompletableFuture<RestResult> doSend(RequestTemplate requestTemplate) {
 
         Request.Builder builder = new Request.Builder();
         // url
@@ -142,11 +153,29 @@ public boolean isClosed() {
     }
 
     public OkHttpClient createHttpClient(HttpClientConfig httpClientConfig) {
-        OkHttpClient client = new OkHttpClient.Builder().
-            readTimeout(httpClientConfig.getReadTimeout(), TimeUnit.SECONDS).
-            writeTimeout(httpClientConfig.getWriteTimeout(), TimeUnit.SECONDS).
-            connectTimeout(httpClientConfig.getConnectTimeout(), TimeUnit.SECONDS).
-            build();
+        OkHttpClient.Builder builder = new OkHttpClient.Builder();
+
+        OkHttpClient.Builder finalBuilder = builder;
+        builder = RestClientSSLContexts.buildClientSslContext(getUrl(), new RestClientSSLSetter() {
+            @Override
+            public void initSSLContext(SSLContext sslContext, TrustManager[] trustAllCerts) {
+                finalBuilder.sslSocketFactory(sslContext.getSocketFactory(),(X509TrustManager)trustAllCerts[0]);
+            }
+
+            @Override
+            public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
+
+                finalBuilder.hostnameVerifier(hostnameVerifier);
+            }
+        }, builder);
+
+        OkHttpClient client =
+            builder.readTimeout(httpClientConfig.getReadTimeout(), TimeUnit.SECONDS).
+                writeTimeout(httpClientConfig.getWriteTimeout(), TimeUnit.SECONDS).
+                connectTimeout(httpClientConfig.getConnectTimeout(), TimeUnit.SECONDS).
+                build();
         return client;
     }
+
+
 }
diff --git a/...http/src/main/java/org/apache/dubbo/remoting/http/restclient/URLConnectionRestClient.java b/...http/src/main/java/org/apache/dubbo/remoting/http/restclient/URLConnectionRestClient.java
@@ -16,13 +16,19 @@
  */
 package org.apache.dubbo.remoting.http.restclient;
 
+import org.apache.dubbo.remoting.http.BaseRestClient;
 import org.apache.dubbo.remoting.http.RequestTemplate;
-import org.apache.dubbo.remoting.http.RestClient;
 import org.apache.dubbo.remoting.http.RestResult;
 import org.apache.dubbo.remoting.http.config.HttpClientConfig;
 
 import org.apache.commons.io.IOUtils;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLContexts;
+import org.apache.dubbo.remoting.http.ssl.RestClientSSLSetter;
 
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.net.HttpURLConnection;
@@ -34,20 +40,44 @@
 import java.util.zip.GZIPOutputStream;
 
 
-public class URLConnectionRestClient implements RestClient {
+public class URLConnectionRestClient extends BaseRestClient {
     private final HttpClientConfig clientConfig;
 
     public URLConnectionRestClient(HttpClientConfig clientConfig) {
+
+        this(clientConfig, null);
+    }
+
+    public URLConnectionRestClient(HttpClientConfig clientConfig, org.apache.dubbo.common.URL url) {
+        super(clientConfig, url);
         this.clientConfig = clientConfig;
     }
 
     @Override
-    public CompletableFuture<RestResult> send(RequestTemplate requestTemplate) {
+    public CompletableFuture<RestResult> doSend(RequestTemplate requestTemplate) {
 
         CompletableFuture<RestResult> future = new CompletableFuture<>();
 
         try {
-            HttpURLConnection connection = (HttpURLConnection) new URL(requestTemplate.getURL()).openConnection();
+            HttpURLConnection connection = null;
+            if (isEnableSSL()) {
+                HttpsURLConnection tmp = (HttpsURLConnection) new URL(requestTemplate.getURL()).openConnection();
+
+                connection = RestClientSSLContexts.buildClientSslContext(getUrl(), new RestClientSSLSetter() {
+                    @Override
+                    public void initSSLContext(SSLContext sslContext, TrustManager[] trustAllCerts) {
+                        tmp.setSSLSocketFactory(sslContext.getSocketFactory());
+                    }
+
+                    @Override
+                    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
+
+                        tmp.setHostnameVerifier(hostnameVerifier);
+                    }
+                }, tmp);
+            } else {
+                connection = (HttpURLConnection) new URL(requestTemplate.getURL()).openConnection();
+            }
             connection.setConnectTimeout(clientConfig.getConnectTimeout());
             connection.setReadTimeout(clientConfig.getReadTimeout());
             connection.setRequestMethod(requestTemplate.getHttpMethod());