Skip to content

Commit

Permalink
SWARM-1087: Adjust to handle product config-api (thorntail#411)
Browse files Browse the repository at this point in the history
Motivation
----------
Our productized wildfly-config-api doesn't include a means to generate a self signed certificate so we need to handle cases where that method isn't present.

Modifications
-------------
Throw an error when generate self signed cert requested and it's not available. Switch to calling the method through reflection to handle when it isn't there.

Result
------
No direct impact.
  • Loading branch information
kenfinnigan authored Mar 7, 2017
1 parent 6cbe54d commit eb81dff
Show file tree
Hide file tree
Showing 5 changed files with 49 additions and 10 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,13 @@ public interface SwarmMessages extends BasicLogger {
"OpenSSL usage with WildFly Swarm on HP-UX is NOT supported.")
void http2NotSupported();

@Message(id = 40, value = "This version of WildFly Swarm does not support generating self signed certificates.")
RuntimeException generateSelfSignedCertificateNotSupported();

@LogMessage(level = Logger.Level.ERROR)
@Message(id = 41, value = "Error invoking SslServerIdentity.generateSelfSignedCertificateHost(String) in HTTPSCustomizer.")
void failToInvokeGenerateSelfSignedCertificateHost(@Cause Throwable cause);


// ------------------------------------------------------------------------
// ------------------------------------------------------------------------
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,9 @@

import org.jboss.modules.Module;
import org.jboss.modules.ModuleIdentifier;
import org.wildfly.swarm.SwarmInfo;
import org.wildfly.swarm.bootstrap.util.TempFileManager;
import org.wildfly.swarm.internal.SwarmMessages;
import org.wildfly.swarm.spi.api.Defaultable;
import org.wildfly.swarm.spi.api.annotations.Configurable;
import org.wildfly.swarm.undertow.UndertowFraction;
Expand Down Expand Up @@ -47,6 +49,9 @@ public class CertInfoProducer {
@Singleton
public CertInfo produceCertInfo() {
if (generateSelfCertificate.get()) {
if (SwarmInfo.isProduct()) {
throw SwarmMessages.MESSAGES.generateSelfSignedCertificateNotSupported();
}
checkDataDir();
return new CertInfo(selfCertificateHost.get(), JBOSS_DATA_DIR);
} else {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,16 @@
*/
package org.wildfly.swarm.undertow.runtime;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;

import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Any;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;

import org.wildfly.swarm.config.ManagementCoreService;
import org.wildfly.swarm.config.management.security_realm.SslServerIdentity;
import org.wildfly.swarm.config.undertow.Server;
import org.wildfly.swarm.internal.SwarmMessages;
import org.wildfly.swarm.spi.api.Customizer;
Expand Down Expand Up @@ -73,10 +77,23 @@ public void customize() {
.keystorePassword(certInfo.keystorePassword())
.keyPassword(certInfo.keyPassword())
.alias(certInfo.keystoreAlias())
.generateSelfSignedCertificateHost(certInfo.generateSelfSignedCertificateHost());
.alias(certInfo.keystoreAlias());

handleSelfSignedCertificateHost(identity);
});
});
}
}
}

private void handleSelfSignedCertificateHost(SslServerIdentity identity) {
try {
Method genMethod = identity.getClass().getMethod("generateSelfSignedCertificateHost", String.class);
genMethod.invoke(identity, certInfo.generateSelfSignedCertificateHost());
} catch (NoSuchMethodException e) {
// Do Nothing. Just means the method doesn't exist on the Config API.
} catch (InvocationTargetException | IllegalAccessException e) {
SwarmMessages.MESSAGES.failToInvokeGenerateSelfSignedCertificateHost(e);
}
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package org.wildfly.swarm.undertow.runtime;

import category.CommunityOnly;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.wildfly.swarm.undertow.UndertowFraction;
import org.wildfly.swarm.undertow.descriptors.CertInfo;

Expand All @@ -24,6 +26,7 @@ public void testDefaults() {
}

@Test
@Category(CommunityOnly.class)
public void testGenerateWithDefaults() {
CertInfoProducer producer = new CertInfoProducer();
producer.undertow = new UndertowFraction();
Expand All @@ -37,6 +40,7 @@ public void testGenerateWithDefaults() {
}

@Test
@Category(CommunityOnly.class)
public void testGenerateWithExplicitHost() {
CertInfoProducer producer = new CertInfoProducer();
producer.undertow = new UndertowFraction();
Expand Down
Original file line number Diff line number Diff line change
@@ -1,17 +1,13 @@
package org.wildfly.swarm.undertow.runtime;

import java.lang.annotation.Annotation;
import java.util.Iterator;
import java.util.List;

import javax.enterprise.inject.Instance;
import javax.enterprise.util.TypeLiteral;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;

import org.junit.Test;
import org.wildfly.swarm.config.ManagementCoreService;
import org.wildfly.swarm.config.management.SecurityRealm;
import org.wildfly.swarm.config.management.security_realm.SslServerIdentity;
import org.wildfly.swarm.config.undertow.Server;
import org.wildfly.swarm.config.undertow.server.HTTPListener;
import org.wildfly.swarm.undertow.UndertowFraction;
import org.wildfly.swarm.undertow.descriptors.CertInfo;

Expand Down Expand Up @@ -42,7 +38,7 @@ public void testWithoutManagementFraction() {
}

@Test
public void testWithManagementFraction() {
public void testWithManagementFraction() throws Exception {
HTTPSCustomizer customizer = new HTTPSCustomizer();
customizer.undertow = new UndertowFraction();
customizer.undertow.applyDefaults();
Expand All @@ -65,6 +61,16 @@ public void testWithManagementFraction() {
assertThat( realm ).isNotNull();

assertThat( realm.subresources().sslServerIdentity().keystoreRelativeTo() ).isEqualTo( "./my/path" );
assertThat( realm.subresources().sslServerIdentity().generateSelfSignedCertificateHost() ).isEqualTo( "myhost.com" );
assertSelfSignedCertificate(realm.subresources().sslServerIdentity(), "myhost.com");
}

private void assertSelfSignedCertificate(SslServerIdentity identity, String expectedResult) throws InvocationTargetException, IllegalAccessException {
try {
Method genMethod = identity.getClass().getMethod("generateSelfSignedCertificateHost");

assertThat( genMethod.invoke(identity) ).isEqualTo( expectedResult );
} catch (NoSuchMethodException e) {
// Do Nothing. Just means the method doesn't exist on the Config API.
}
}
}

0 comments on commit eb81dff

Please sign in to comment.