From 58cd2d6a8f262bc2453725ba22c75bfb2e4bbd37 Mon Sep 17 00:00:00 2001 From: Aurora Lahtela <24460436+AuroraLS3@users.noreply.github.com> Date: Thu, 23 Jun 2022 15:37:24 +0300 Subject: [PATCH] Fix webserver 'proxy'-mode with Jetty --- .../configuration/WebserverConfiguration.java | 4 ++ .../webserver/http/JettyWebserver.java | 13 ++-- .../webserver/ProxyModeHttpsTest.java | 65 +++++++++++++++++++ 3 files changed, 77 insertions(+), 5 deletions(-) create mode 100644 Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/ProxyModeHttpsTest.java diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/configuration/WebserverConfiguration.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/configuration/WebserverConfiguration.java index cf5884485..ed6c00d34 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/configuration/WebserverConfiguration.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/configuration/WebserverConfiguration.java @@ -107,4 +107,8 @@ public class WebserverConfiguration { public String getAlias() { return config.get(WebserverSettings.CERTIFICATE_ALIAS); } + + public boolean isProxyModeHttps() { + return "proxy".equals(config.get(WebserverSettings.CERTIFICATE_PATH)); + } } diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/http/JettyWebserver.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/http/JettyWebserver.java index ce59ee6ee..6244e17e9 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/http/JettyWebserver.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/http/JettyWebserver.java @@ -100,7 +100,11 @@ public class JettyWebserver implements WebServer { return new ServerConnector(webserver, sslContextFactory, alpn, httpConnector, http2Connector, http2CConnector); }) .orElseGet(() -> { - webserverLogMessages.authenticationNotPossible(); + if (webserverConfiguration.isProxyModeHttps()) { + webserverLogMessages.authenticationUsingProxy(); + } else { + webserverLogMessages.authenticationNotPossible(); + } return new ServerConnector(webserver, httpConnector, http2CConnector); }); @@ -146,12 +150,11 @@ public class JettyWebserver implements WebServer { } private Optional getSslContextFactory() { - String keyStorePath = webserverConfiguration.getKeyStorePath(); - if ("proxy".equals(keyStorePath)) { - webserverLogMessages.authenticationUsingProxy(); + if (webserverConfiguration.isProxyModeHttps()) { return Optional.empty(); } + String keyStorePath = webserverConfiguration.getKeyStorePath(); if (!new File(keyStorePath).exists()) { webserverLogMessages.keystoreFileNotFound(); return Optional.empty(); @@ -207,7 +210,7 @@ public class JettyWebserver implements WebServer { @Override public boolean isUsingHTTPS() { - return usingHttps; + return usingHttps || webserverConfiguration.isProxyModeHttps(); } @Override diff --git a/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/ProxyModeHttpsTest.java b/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/ProxyModeHttpsTest.java new file mode 100644 index 000000000..600f03164 --- /dev/null +++ b/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/ProxyModeHttpsTest.java @@ -0,0 +1,65 @@ +/* + * This file is part of Player Analytics (Plan). + * + * Plan is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License v3 as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Plan is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Plan. If not, see . + */ +package com.djrapitops.plan.delivery.webserver; + +import com.djrapitops.plan.PlanSystem; +import com.djrapitops.plan.settings.config.PlanConfig; +import com.djrapitops.plan.settings.config.paths.WebserverSettings; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.io.TempDir; +import utilities.RandomData; +import utilities.mocks.PluginMockComponent; + +import java.nio.file.Path; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +class ProxyModeHttpsTest { + private static final int TEST_PORT_NUMBER = RandomData.randomInt(9005, 9500); + + private static PlanSystem system; + + @BeforeAll + static void setUpClass(@TempDir Path tempDir) throws Exception { + PluginMockComponent component = new PluginMockComponent(tempDir); + system = component.getPlanSystem(); + + PlanConfig config = system.getConfigSystem().getConfig(); + + config.set(WebserverSettings.CERTIFICATE_PATH, "proxy"); + + config.set(WebserverSettings.PORT, TEST_PORT_NUMBER); + + system.enable(); + } + + @AfterAll + static void tearDownClass() { + if (system != null) { + system.disable(); + } + } + + @Test + @DisplayName("Webserver with 'proxy' keystore path assumes proxy server is handling https") + void proxyModeAddressIsHttps() { + assertEquals("https", system.getWebServerSystem().getWebServer().getProtocol()); + } +}