Allow direct proxy configuration

[leeavital]

This allows users to bypass the proxy settings set at the JVM with -Dhttps.proxyHost/-Dhttps.proxyPort. This can be useful if you are using a third-party library which needs to make proxied http calls, but the library does not allow you to set an external proxy.

Previously okhttp would default to using a direct connection if the proxy failed, but that changed in 3.5.0 (https://github.com/square/okhttp/blob/master/CHANGELOG.md)

---

This change is 

[ash211]

I think going direct instead of using a proxy is specified by passing an absent into the optional proxy configuration higher up in the API, on the ClientConfig.

Is leaving ClientConfig#proxy() empty not going direct?

[ash211]

this is an API break that would affect consumers

[leeavital]

true. I can add a (deprecated) method that returns a non-optional String and throws when the type is direct. That should not break any existing consumers.

[leeavital]

@ash211 ommiting the proxy setting will use ProxySelect.getDefault().select(uri), which will respect settings like http.proxyHost. I'm forced to use those flags because I'm using a third-party library which needs to be proxied, but doesn't let me set the proxy at the library level

[markelliot]

If you’re using a third-party library, why are http-remoting settings involved? From: Lee Avital <notifications@github.com> Reply-To: palantir/http-remoting <reply@reply.github.com> Date: Wednesday, May 24, 2017 at 11:22 AM To: palantir/http-remoting <http-remoting@noreply.github.com> Cc: Subscribed <subscribed@noreply.github.com> Subject: Re: [palantir/http-remoting] Allow direct proxy configuration (#435) @ash211[github.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ash211&d=DwMFaQ&c=izlc9mHr637UR4lpLEZLFFS3Vn2UXBrZ4tFb6oOnmz8&r=Vp81aOxWZvuVgVK_wp-VF3pIYG92B19LcCw6XKeYC0U&m=VKtXO7jYINXqQ362B_ClWyqZrmPIVSx8XZjv2hxxvIg&s=N01mIc76PQacdSmMD_9dpa4mh8wBmBbFzRMLcds287Q&e=> ommiting the proxy setting will use ProxySelect.getDefault().select(uri), which will respect settings like http.proxyHost. I'm forced to use those flags because I'm using a third-party library which needs to be proxied, but doesn't let me set the proxy at the library level — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub[github.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_palantir_http-2Dremoting_pull_435-23issuecomment-2D303809568&d=DwMFaQ&c=izlc9mHr637UR4lpLEZLFFS3Vn2UXBrZ4tFb6oOnmz8&r=Vp81aOxWZvuVgVK_wp-VF3pIYG92B19LcCw6XKeYC0U&m=VKtXO7jYINXqQ362B_ClWyqZrmPIVSx8XZjv2hxxvIg&s=vA5rlkHD3I-qMI6egpaUEy7Issl5HKM7HYMJ7G--UW8&e=>, or mute the thread[github.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AAp3Q1pu7Ax-5FMoNYu8y9QF-2D7y4pRcgP9ks5r9HVKgaJpZM4Nlahy&d=DwMFaQ&c=izlc9mHr637UR4lpLEZLFFS3Vn2UXBrZ4tFb6oOnmz8&r=Vp81aOxWZvuVgVK_wp-VF3pIYG92B19LcCw6XKeYC0U&m=VKtXO7jYINXqQ362B_ClWyqZrmPIVSx8XZjv2hxxvIg&s=07nXI-QCMWaM2Uxt1dH2MWcWB-dYm2-qF60KUSkYmUo&e=>.

[leeavital]

The third party library is forcing me to configure proxy settings globally. I need to tell service created by http-remoting to explicitly ignore those global settings.

[uschi2000]

I'd like to make this explicit by having users configure one of three things: NO_PROXY, SYSTEM_PROXY, PROXY. Default is probably SYSTEM_PROXY. We need to do this in a way that doesn't break existing config.

…

On Wed, May 24, 2017 at 11:29 AM Lee Avital ***@***.***> wrote: The third party library is forcing me to configure proxy settings globally. I need to tell service created by http-remoting to explicitly ignore those global settings. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#435 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AGOdwZ_c_FEbnAcZvJzs9rxNmBNeGInUks5r9HbmgaJpZM4Nlahy> .

[leeavital]

Ok, could I can change/add to the names of the Type enum so it reads:

enum Type {
    noProxy, systemProxy, proxy
}

and leave the rest of my PR the same? I don't think that breaks any existing config

[leeavital]

Actually, I think my current approach does this exactly what you want. the default is the system proxy, you can configure directly use of a special proxy or a direct proxy

[uschi2000]

but the config space is a little weird, for instance i could say proxy=direct and still specify a hostAndIPort.

[leeavital]

There are preconditions that prevent you from doing that

[uschi2000]

let me summarize what i understand the possible valid configurations are:

usesSystemProxy:
  uris: 
    - https://foo

usesExplicitProxy:
  uris: 
    - https://foo
  proxy:
    hostAndPort: myProxy:8080

# same as above
usesExplicitProxy2:
  uris: 
    - https://foo
  proxy:
    type: http
    hostAndPort: myProxy:8080

usesNoProxyEvenIfSystemProxyIsSet:
  uris: 
    - https://foo
  proxy:
    type: direct

and these configurations are invalid:

invalidDirect:
  uris: 
    - https://foo
  proxy:
    type: direct
    hostAndPort: myProxy:8080

there are still undefined cases, e.g., type=http, but no hostAndPort given

[leeavital]

You're right, that's a mistake on my part. Is the ask that I fix that (it should trigger a failure) or that I change the configuration further?

[leeavital]

@uschi2000 the case you mentioned is handled correctly now

@ash211 I had to do some interesting naming because of erasure issues, but I managed to get it so the existing source API is unbroken

[uschi2000]

other enums in this project are UPPER_CASE, please do the same here.

[leeavital]

These leak into the configuration, which usually doesn't contain upper case values. Glad to change, but that's why I had made this particular enum lowercase

[uschi2000]

SslConfiguration uses UPPER_CASE, i think. What are example of lower-case configs?

[ash211]

these are snake case host-and-port usually, but might also need to support hostAndPort for backcompat

[leeavital]

See the builder specified below. This supports deserializing in snake-case and serializing in camel

[leeavital]

do you mean deserializing the camel-cased hostAndPort? I don't think that was ever supported because of the annotation @JsonDeserialize(builder = ProxyConfiguration.Builder.class)

[uschi2000]

please update the ServiceConfiguration#proxyConfiguration docs: if absent, uses system proxy configuration.

[uschi2000]

document default.

[uschi2000]

doesn't this NPE when type=http and no host is specified?

[leeavital]

Nice catch yes

[leeavital]

enum is now upper cased

[uschi2000]

nit: "for HTTP proxies"

[uschi2000]

HTTP

[uschi2000]

one last nit, sorry. otherwise looks good to me.

[uschi2000]

@ash211 anything left regarding the serialization format?

[ash211]

@uschi2000 I'm good as long as it's not a backcompat break! Doesn't look like it, but I'm not familiar with Jackson intricacies