Merge pull request #8120 from devisions/8088-oidc-proxy

Add quarkus.oidc.proxy config
quarkusio · Mar 25, 2020 · 19e0122 · 19e0122
2 parents ee185d8 + ae20df8
commit 19e0122
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 0 deletions.
diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java
@@ -2,6 +2,7 @@
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Optional;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.CompletionException;
 import java.util.function.Function;
@@ -19,6 +20,8 @@
 import io.vertx.core.AsyncResult;
 import io.vertx.core.Handler;
 import io.vertx.core.Vertx;
+import io.vertx.core.json.JsonObject;
+import io.vertx.core.net.ProxyOptions;
 import io.vertx.ext.auth.PubSecKeyOptions;
 import io.vertx.ext.auth.oauth2.OAuth2Auth;
 import io.vertx.ext.auth.oauth2.OAuth2ClientOptions;
@@ -132,6 +135,11 @@ private TenantConfigContext createTenantContext(Vertx vertx, OidcTenantConfig oi
             options.setClientSecretParameterName(null);
         }
 
+        Optional<ProxyOptions> proxyOpt = toProxyOptions(oidcConfig.getProxy());
+        if (proxyOpt.isPresent()) {
+            options.setProxyOptions(proxyOpt.get());
+        }
+
         final long connectionDelayInSecs = oidcConfig.getConnectionDelay().isPresent()
                 ? oidcConfig.getConnectionDelay().get().toMillis() / 1000
                 : 0;
@@ -187,4 +195,21 @@ protected static OIDCException toOidcException(Throwable cause) {
         return new OIDCException(message, cause);
     }
 
+    protected static Optional<ProxyOptions> toProxyOptions(OidcTenantConfig.Proxy proxyConfig) {
+        // Proxy is enabled if (at least) "host" is configured.
+        if (!proxyConfig.host.isPresent()) {
+            return Optional.empty();
+        }
+        JsonObject jsonOptions = new JsonObject();
+        jsonOptions.put("host", proxyConfig.host.get());
+        jsonOptions.put("port", proxyConfig.port);
+        if (proxyConfig.username.isPresent()) {
+            jsonOptions.put("username", proxyConfig.username.get());
+        }
+        if (proxyConfig.password.isPresent()) {
+            jsonOptions.put("password", proxyConfig.password.get());
+        }
+        return Optional.of(new ProxyOptions(jsonOptions));
+    }
+
 }
diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcTenantConfig.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcTenantConfig.java
@@ -81,6 +81,11 @@ public class OidcTenantConfig {
      */
     @ConfigItem
     Credentials credentials = new Credentials();
+    /**
+     * Options to configure a proxy that OIDC adapter will use for talking with OIDC server.
+     */
+    @ConfigItem
+    Proxy proxy = new Proxy();
     /**
      * Different options to configure authorization requests
      */
@@ -174,6 +179,14 @@ public void setTenantId(String tenantId) {
         this.tenantId = Optional.of(tenantId);
     }
 
+    public Proxy getProxy() {
+        return proxy;
+    }
+
+    public void setProxy(Proxy proxy) {
+        this.proxy = proxy;
+    }
+
     @ConfigGroup
     public static class Credentials {
 
@@ -467,6 +480,37 @@ public void setPrincipalClaim(String principalClaim) {
         }
     }
 
+    @ConfigGroup
+    public static class Proxy {
+
+        /**
+         * The host (name or IP address) of the Proxy.<br/>
+         * Note: If OIDC adapter needs to use a Proxy to talk with OIDC server (Provider),
+         * then at least the "host" config item must be configured to enable the usage of a Proxy.
+         */
+        @ConfigItem
+        public Optional<String> host = Optional.empty();
+
+        /**
+         * The port number of the Proxy. Default value is 80.
+         */
+        @ConfigItem(defaultValue = "80")
+        public int port = 80;
+
+        /**
+         * The username, if Proxy needs authentication.
+         */
+        @ConfigItem
+        public Optional<String> username = Optional.empty();
+
+        /**
+         * The password, if Proxy needs authentication.
+         */
+        @ConfigItem
+        public Optional<String> password = Optional.empty();
+
+    }
+
     public static enum ApplicationType {
         /**
          * A {@code WEB_APP} is a client that server pages, usually a frontend application. For this type of client the

diff --git a/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcRecorderTest.java b/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcRecorderTest.java
@@ -0,0 +1,24 @@
+package io.quarkus.oidc.runtime;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.util.Optional;
+
+import org.junit.jupiter.api.Test;
+
+public class OidcRecorderTest {
+
+    @Test
+    public void testtoProxyOptionsWithHostCheckPresent() {
+        OidcTenantConfig.Proxy proxy = new OidcTenantConfig.Proxy();
+        proxy.host = Optional.of("server.example.com");
+        assertTrue(OidcRecorder.toProxyOptions(proxy).isPresent());
+    }
+
+    @Test
+    public void testtoProxyOptionsWithoutHostCheckNonPresent() {
+        OidcTenantConfig.Proxy proxy = new OidcTenantConfig.Proxy();
+        assertFalse(OidcRecorder.toProxyOptions(proxy).isPresent());
+    }
+
+}