openblocks-dev · neon-balcony · Mar 3, 2023 · Mar 3, 2023 · Mar 3, 2023
diff --git a/...locks-plugins/elasticSearchPlugin/src/main/java/com/openblocks/plugin/es/EsConnector.java b/...locks-plugins/elasticSearchPlugin/src/main/java/com/openblocks/plugin/es/EsConnector.java
@@ -34,6 +34,7 @@
 import com.google.common.base.Joiner;
 import com.openblocks.plugin.es.model.EsConnection;
 import com.openblocks.plugin.es.model.EsDatasourceConfig;
+import com.openblocks.sdk.config.CommonConfig;
 import com.openblocks.sdk.config.dynamic.Conf;
 import com.openblocks.sdk.config.dynamic.ConfigCenter;
 import com.openblocks.sdk.exception.BizError;
@@ -44,7 +45,6 @@
 import com.openblocks.sdk.util.ExceptionUtils;
 import com.openblocks.sdk.util.JsonUtils;
 import com.openblocks.sdk.util.Preconditions;
-import com.openblocks.sdk.webclient.NameResolver;
 
 import lombok.extern.slf4j.Slf4j;
 import reactor.core.publisher.Mono;
@@ -61,10 +61,12 @@ public class EsConnector implements DatasourceConnector<EsConnection, EsDatasour
     private static final Joiner JOINER = Joiner.on("/");
 
     private final Conf<Duration> datasourceValidateTimeout;
+    private final CommonConfig commonConfig;
 
-    public EsConnector(ConfigCenter configCenter) {
+    public EsConnector(ConfigCenter configCenter, CommonConfig commonConfig) {
         datasourceValidateTimeout = configCenter.mongoPlugin().ofInteger("datasourceValidateTimeoutMillis", 6000)
                 .then(Duration::ofMillis);
+        this.commonConfig = commonConfig;
     }
 
     @Nonnull
@@ -100,7 +102,7 @@ public Mono<EsConnection> createConnection(EsDatasourceConfig connectionConfig)
      */
     private RestClient buildRestClient(EsDatasourceConfig esDatasourceConfig) {
         ConnectionStringParseResult parseResult = parseConnectionString(esDatasourceConfig.getConnectionString());
-        if (NameResolver.DISALLOWED_HOSTS.contains(parseResult.getHost())) {
+        if (commonConfig.getDisallowedHosts().contains(parseResult.getHost())) {
             throw new BizException(BizError.INVALID_DATASOURCE_CONFIG_TYPE, "INVALID_CONNECTION_STRING");
         }
         HttpHost httpHost = new HttpHost(parseResult.getHost(), parseResult.getPort(), parseResult.getSchema());

diff --git a/...ks-plugins/graphqlPlugin/src/main/java/com/openblocks/plugin/graphql/GraphQLExecutor.java b/...ks-plugins/graphqlPlugin/src/main/java/com/openblocks/plugin/graphql/GraphQLExecutor.java
@@ -13,8 +13,6 @@
 import static com.openblocks.sdk.util.MustacheHelper.renderMustacheString;
 import static com.openblocks.sdk.util.StreamUtils.collectList;
 import static com.openblocks.sdk.util.StreamUtils.distinctByKey;
-import static com.openblocks.sdk.webclient.WebClients.builder;
-import static com.openblocks.sdk.webclient.WebClients.withSafeHost;
 import static org.apache.commons.lang3.StringUtils.firstNonBlank;
 import static org.apache.commons.lang3.StringUtils.trimToEmpty;
 
@@ -61,6 +59,7 @@
 import com.openblocks.plugin.graphql.helpers.BufferingFilter;
 import com.openblocks.plugin.graphql.model.GraphQLQueryConfig;
 import com.openblocks.plugin.graphql.model.GraphQLQueryExecutionContext;
+import com.openblocks.sdk.config.CommonConfig;
 import com.openblocks.sdk.exception.PluginException;
 import com.openblocks.sdk.models.Property;
 import com.openblocks.sdk.models.QueryExecutionResult;
@@ -76,6 +75,7 @@
 import com.openblocks.sdk.util.JsonUtils;
 import com.openblocks.sdk.util.MoreMapUtils;
 import com.openblocks.sdk.util.MustacheHelper;
+import com.openblocks.sdk.webclient.WebClientBuildHelper;
 
 import lombok.Builder;
 import lombok.Getter;
@@ -100,6 +100,12 @@ public class GraphQLExecutor implements QueryExecutor<GraphQLDatasourceConfig, O
     private final DataUtils dataUtils = DataUtils.getInstance();
     Consumer<HttpHeaders> DEFAULT_HEADERS_CONSUMER = httpHeaders -> {};
 
+    private final CommonConfig commonConfig;
+
+    public GraphQLExecutor(CommonConfig commonConfig) {
+        this.commonConfig = commonConfig;
+    }
+
     private static List<Property> renderMustacheValueInProperties(List<Property> properties, Map<String, Object> paramMap) {
         return properties.stream()
                 .map(it -> {
@@ -244,7 +250,9 @@ private List<Property> buildBodyParams(List<Property> datasourceBodyFormData, Li
     public Mono<QueryExecutionResult> executeQuery(Object o, GraphQLQueryExecutionContext context) {
         return Mono.defer(() -> {
             URI uri = RestApiUriBuilder.buildUri(context.getUrl(), new HashMap<>(), context.getUrlParams());
-            WebClient.Builder webClientBuilder = withSafeHost(builder());
+            WebClient.Builder webClientBuilder = WebClientBuildHelper.builder()
+                    .disallowedHosts(commonConfig.getDisallowedHosts())
+                    .toWebClientBuilder();
 
             Map<String, String> allHeaders = context.getHeaders();
             String contentType = context.getContentType();

diff --git a/...ks-plugins/restApiPlugin/src/main/java/com/openblocks/plugin/restapi/RestApiExecutor.java b/...ks-plugins/restApiPlugin/src/main/java/com/openblocks/plugin/restapi/RestApiExecutor.java
@@ -41,7 +41,6 @@
 import static com.openblocks.sdk.util.StreamUtils.collectList;
 import static org.apache.commons.collections4.MapUtils.emptyIfNull;
 import static org.apache.commons.lang3.StringUtils.trimToEmpty;
-import static org.springframework.web.reactive.function.client.WebClient.builder;
 
 import java.io.IOException;
 import java.net.URI;
@@ -103,7 +102,7 @@
 import com.openblocks.sdk.plugin.restapi.auth.BasicAuthConfig;
 import com.openblocks.sdk.plugin.restapi.auth.RestApiAuthType;
 import com.openblocks.sdk.query.QueryVisitorContext;
-import com.openblocks.sdk.webclient.WebClients;
+import com.openblocks.sdk.webclient.WebClientBuildHelper;
 
 import lombok.Builder;
 import lombok.Getter;
@@ -238,7 +237,10 @@ public Mono<QueryExecutionResult> executeQuery(Object webClientFilter, RestApiQu
 
         return Mono.defer(() -> authByOauth2InheritFromLogin(context))
                 .then(Mono.defer(() -> {
-                    WebClient.Builder webClientBuilder = WebClients.withSafeHostAndSecure(builder(), context.getSslConfig());
+                    WebClient.Builder webClientBuilder = WebClientBuildHelper.builder()
+                            .disallowedHosts(commonConfig.getDisallowedHosts())
+                            .sslConfig(context.getSslConfig())
+                            .toWebClientBuilder();
 
                     Map<String, String> allHeaders = context.getHeaders();
                     String contentType = context.getContentType();

diff --git a/...-plugins/restApiPlugin/src/test/java/com/openblocks/plugin/restapi/RestApiEngineTest.java b/...-plugins/restApiPlugin/src/test/java/com/openblocks/plugin/restapi/RestApiEngineTest.java
@@ -38,7 +38,7 @@ public class RestApiEngineTest {
     private static final RestApiConnector connector = new RestApiConnector();
 
     private final QueryVisitorContext queryVisitorContext = new QueryVisitorContext("userId1",
-            "workspace1", 8080, null, null);
+            "workspace1", 8080, null, null, null);
 
     @Test
     public void testUrlConcatenationWithUriBuilder() {

diff --git a/server/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/config/CommonConfig.java b/server/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/config/CommonConfig.java
@@ -3,7 +3,9 @@
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -34,6 +36,7 @@ public class CommonConfig {
     private int maxQueryResponseSizeInMb = 10;
     private Cookie cookie = new Cookie();
     private JsExecutor jsExecutor = new JsExecutor();
+    private Set<String> disallowedHosts = new HashSet<>();
 
     public boolean isSelfHost() {
         return !isCloud();

diff --git a/...pi-service/openblocks-sdk/src/main/java/com/openblocks/sdk/query/QueryVisitorContext.java b/...pi-service/openblocks-sdk/src/main/java/com/openblocks/sdk/query/QueryVisitorContext.java
@@ -1,6 +1,7 @@
 package com.openblocks.sdk.query;
 
 import java.util.List;
+import java.util.Set;
 
 import org.springframework.http.HttpCookie;
 import org.springframework.util.MultiValueMap;
@@ -20,13 +21,15 @@ public class QueryVisitorContext {
     private final int systemPort;
 
     private final Mono<List<Property>> authTokenMono;
+    private final Set<String> disallowedHosts;
 
     public QueryVisitorContext(String visitorId, String applicationOrgId, int systemPort,
-            MultiValueMap<String, HttpCookie> cookies, Mono<List<Property>> authTokenMono) {
+            MultiValueMap<String, HttpCookie> cookies, Mono<List<Property>> authTokenMono, Set<String> disallowedHosts) {
         this.visitorId = visitorId;
         this.applicationOrgId = applicationOrgId;
         this.systemPort = systemPort;
         this.cookies = cookies;
         this.authTokenMono = authTokenMono;
+        this.disallowedHosts = disallowedHosts;
     }
 }
diff --git a/...er/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/HttpClients.java b/...er/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/HttpClients.java
diff --git a/...r/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/NameResolver.java b/...r/api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/NameResolver.java
diff --git a/.../api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/ResolverGroup.java b/.../api-service/openblocks-sdk/src/main/java/com/openblocks/sdk/webclient/ResolverGroup.java