Support for proxy settings (#228)

Author: vepanimas

src/main/com/intellij/lang/jsgraphql/ide/introspection/GraphQLIntrospectionSSLBuilder.java

@@ -1,6 +1,10 @@
 package com.intellij.lang.jsgraphql.ide.introspection;
 
 import com.intellij.lang.jsgraphql.ide.project.graphqlconfig.model.GraphQLConfigCertificate;
+import com.intellij.lang.jsgraphql.ide.project.graphqlconfig.model.GraphQLConfigSecurity;
+import org.apache.http.conn.ssl.TrustAllStrategy;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.ssl.SSLContextBuilder;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
@@ -10,6 +14,7 @@
 import java.nio.charset.Charset;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.security.*;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
@@ -19,7 +24,11 @@
 import java.util.Base64;
 import java.util.Collection;
 
-public class GraphQLIntrospectionSSLBuilder {
+public final class GraphQLIntrospectionSSLBuilder {
+
+    private GraphQLIntrospectionSSLBuilder() {
+    }
+
     @NotNull
     public static KeyStore makeKeyStore(final Path certPath, final Path keyPath, final GraphQLConfigCertificate.Encoding format)
         throws UnsupportedEncodingException {
@@ -91,4 +100,25 @@ private static PrivateKey generatePEMPrivateKey(final Path keyPath) throws IOExc
 
         return privateKey;
     }
+
+    public static void loadCustomSSLConfiguration(@Nullable GraphQLConfigSecurity sslConfig, @NotNull HttpClientBuilder builder)
+        throws UnsupportedEncodingException, NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
+        UnrecoverableKeyException {
+        if (sslConfig != null && sslConfig.clientCertificate != null && sslConfig.clientCertificateKey != null) {
+            if (sslConfig.clientCertificate.path == null || sslConfig.clientCertificateKey.path == null) {
+                throw new RuntimeException("Path needs to be specified for the key and certificate");
+            }
+            Path certPath = Paths.get(sslConfig.clientCertificate.path);
+            Path keyPath = Paths.get(sslConfig.clientCertificateKey.path);
+            GraphQLConfigCertificate.Encoding keyFormat = sslConfig.clientCertificateKey.format;
+
+            KeyStore store = makeKeyStore(certPath, keyPath, keyFormat);
+            builder.setSSLContext(
+                new SSLContextBuilder()
+                    .loadTrustMaterial(null, TrustAllStrategy.INSTANCE)
+                    .loadKeyMaterial(store, null)
+                    .build()
+            );
+        }
+    }
 }

src/main/com/intellij/lang/jsgraphql/ide/introspection/GraphQLIntrospectionService.java

@@ -60,26 +60,26 @@
 import com.intellij.util.ObjectUtils;
 import com.intellij.util.concurrency.annotations.RequiresWriteLock;
 import com.intellij.util.messages.MessageBusConnection;
+import com.intellij.util.net.IdeHttpClientHelpers;
+import com.intellij.util.net.ssl.CertificateManager;
 import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.conn.ssl.DefaultHostnameVerifier;
 import org.apache.http.conn.ssl.NoopHostnameVerifier;
-import org.apache.http.conn.ssl.TrustAllStrategy;
+import org.apache.http.conn.util.PublicSuffixMatcherLoader;
 import org.apache.http.entity.ContentType;
 import org.apache.http.entity.StringEntity;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.impl.client.LaxRedirectStrategy;
-import org.apache.http.ssl.SSLContextBuilder;
+import org.apache.http.impl.client.*;
 import org.apache.http.util.EntityUtils;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
+import javax.net.ssl.HostnameVerifier;
 import java.io.IOException;
-import java.nio.file.Path;
-import java.nio.file.Paths;
 import java.security.*;
 import java.security.cert.CertificateException;
 import java.util.Collection;
@@ -227,40 +227,39 @@ public GraphQLConfigSecurity getSecurityConfig(@Nullable VirtualFile configFile)
         return null;
     }
 
-    @NotNull
-    public CloseableHttpClient createHttpClient(@Nullable GraphQLConfigSecurity sslConfig) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, IOException, UnrecoverableKeyException, CertificateException {
-        HttpClientBuilder builder = HttpClients.custom();
-        builder.setRedirectStrategy(LaxRedirectStrategy.INSTANCE);
-
-        if (PropertiesComponent.getInstance(myProject).isTrueValue(GRAPHQL_TRUST_ALL_HOSTS)) {
-            if (sslConfig != null && sslConfig.clientCertificate != null && sslConfig.clientCertificateKey != null) {
-                if (sslConfig.clientCertificate.path == null || sslConfig.clientCertificateKey.path == null) {
-                    throw new RuntimeException("Path needs to be specified for the key and certificate");
-                }
-                Path certPath = Paths.get(sslConfig.clientCertificate.path);
-                Path keyPath = Paths.get(sslConfig.clientCertificateKey.path);
-                GraphQLConfigCertificate.Encoding keyFormat = sslConfig.clientCertificateKey.format;
-
-                KeyStore store = GraphQLIntrospectionSSLBuilder.makeKeyStore(certPath, keyPath, keyFormat);
-                builder
-                    .setSSLContext(
-                        new SSLContextBuilder()
-                            .loadTrustMaterial(null, TrustAllStrategy.INSTANCE)
-                            .loadKeyMaterial(store, null)
-                            .build())
-                    .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE);
-            } else {
-                builder
-                    .setSSLContext(
-                        new SSLContextBuilder()
-                            .loadTrustMaterial(null, TrustAllStrategy.INSTANCE)
-                            .build())
-                    .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE);
-            }
-        }
+    public @NotNull CloseableHttpClient createHttpClient(@NotNull String url, @Nullable GraphQLConfigSecurity sslConfig)
+        throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, IOException, UnrecoverableKeyException,
+        CertificateException {
+        HttpClientBuilder builder = HttpClients.custom()
+            .setDefaultRequestConfig(createRequestConfig(url))
+            .setSSLContext(CertificateManager.getInstance().getSslContext())
+            .setDefaultCredentialsProvider(createCredentialsProvider(url))
+            .setRedirectStrategy(LaxRedirectStrategy.INSTANCE)
+            .setSSLHostnameVerifier(createHostnameVerifier());
+        GraphQLIntrospectionSSLBuilder.loadCustomSSLConfiguration(sslConfig, builder);
+        return builder.build();
+    }
+
+    private @NotNull RequestConfig createRequestConfig(@NotNull String url) {
+        RequestConfig.Builder builder = RequestConfig.custom()
+            .setConnectTimeout(3000)
+            .setSocketTimeout(5000);
+        IdeHttpClientHelpers.ApacheHttpClient4.setProxyForUrlIfEnabled(builder, url);
         return builder.build();
     }
 
+    private @NotNull CredentialsProvider createCredentialsProvider(@NotNull String url) {
+        CredentialsProvider provider = new BasicCredentialsProvider();
+        IdeHttpClientHelpers.ApacheHttpClient4.setProxyCredentialsForUrlIfEnabled(provider, url);
+        return provider;
+    }
+
+    private @NotNull HostnameVerifier createHostnameVerifier() {
+        return PropertiesComponent.getInstance(myProject).isTrueValue(GRAPHQL_TRUST_ALL_HOSTS)
+            ? NoopHostnameVerifier.INSTANCE
+            : new DefaultHostnameVerifier(PublicSuffixMatcherLoader.getDefault());
+    }
+
     @Nullable
     public NotificationAction createTrustAllHostsAction() {
         final PropertiesComponent propertiesComponent = PropertiesComponent.getInstance(myProject);
@@ -550,7 +549,7 @@ public void run(@NotNull ProgressIndicator indicator) {
             indicator.setIndeterminate(true);
             String responseJson;
             GraphQLConfigSecurity sslConfig = getSecurityConfig(introspectionSourceFile);
-            try (final CloseableHttpClient httpClient = createHttpClient(sslConfig);
+            try (final CloseableHttpClient httpClient = createHttpClient(url, sslConfig);
                  final CloseableHttpResponse response = httpClient.execute(request)) {
                 responseJson = ObjectUtils.coalesce(EntityUtils.toString(response.getEntity()), "");
             } catch (IOException | GeneralSecurityException e) {

src/main/com/intellij/lang/jsgraphql/ide/project/GraphQLUIProjectService.java

@@ -364,7 +364,7 @@ private void runQuery(Editor editor, VirtualFile virtualFile, GraphQLQueryContex
         try {
             VirtualFile configFile = ReadAction.compute(() -> GraphQLConfigManager.getService(myProject).getClosestConfigFile(virtualFile));
             GraphQLConfigSecurity sslConfig = introspectionService.getSecurityConfig(configFile);
-            try (final CloseableHttpClient httpClient = introspectionService.createHttpClient(sslConfig)) {
+            try (final CloseableHttpClient httpClient = introspectionService.createHttpClient(url, sslConfig)) {
                 editor.putUserData(GRAPH_QL_EDITOR_QUERYING, true);
 
                 String responseJson;