Potential solution to avoid cpprestsdk patch

Author: JohnMcPMS

src/AppInstallerCommonCore/HttpClientHelper.cpp

@@ -9,6 +9,29 @@
 
 namespace AppInstaller::Http
 {
+    namespace details
+    {
+        void InvocationContext::CaptureRequestContext(web::http::client::native_handle handle)
+        {
+            HINTERNET requestHandle = reinterpret_cast<HINTERNET>(handle);
+            std::weak_ptr<void>* contextValue = nullptr;
+            DWORD valueSize = sizeof(contextValue);
+
+            if (LOG_IF_WIN32_BOOL_FALSE(WinHttpQueryOption(requestHandle, WINHTTP_OPTION_CONTEXT_VALUE, &contextValue, &valueSize)))
+            {
+                if (contextValue && valueSize == sizeof(contextValue))
+                {
+                    std::shared_ptr<void> lockedContextValue = contextValue->lock();
+                    if (lockedContextValue)
+                    {
+                        RequestHandle = requestHandle;
+                        RequestContextLifetime = std::move(lockedContextValue);
+                    }
+                }
+            }
+        }
+    }
+
     namespace
     {
         // If the caller does not pass in a user agent header, put the default one on the request.
@@ -25,6 +48,7 @@ namespace AppInstaller::Http
         void NativeHandleServerCertificateValidation(web::http::client::native_handle handle, const Certificates::PinningConfiguration& pinningConfiguration)
         {
             HINTERNET requestHandle = reinterpret_cast<HINTERNET>(handle);
+            THROW_HR_IF(E_POINTER, requestHandle == NULL || requestHandle == INVALID_HANDLE_VALUE);
 
             // Get certificate and pass along to pinning config
             wil::unique_cert_context certContext;
@@ -44,6 +68,33 @@ namespace AppInstaller::Http
 
             return 0s;
         }
+
+        details::InvocationContext GetClient(
+            const utility::string_t& uri,
+            web::http::client::http_client_config clientConfig,
+            const std::shared_ptr<web::http::http_pipeline_stage>& defaultRequestHandlerStage,
+            bool captureRequestContext)
+        {
+            details::InvocationContext result;
+
+            if (captureRequestContext)
+            {
+                clientConfig.set_nativehandle_options([&result](web::http::client::native_handle handle)
+                    {
+                        result.CaptureRequestContext(handle);
+                    });
+            }
+
+            result.HttpClient = std::make_unique<web::http::client::http_client>(uri, clientConfig);
+
+            // Add default custom handlers if any.
+            if (defaultRequestHandlerStage)
+            {
+                result.HttpClient->add_handler(defaultRequestHandlerStage);
+            }
+
+            return result;
+        }
     }
 
     HttpClientHelper::HttpClientHelper(std::shared_ptr<web::http::http_pipeline_stage> stage)
@@ -61,14 +112,14 @@ namespace AppInstaller::Http
         }
     }
 
-    pplx::task<web::http::http_response> HttpClientHelper::Post(
+    details::InvocationContext HttpClientHelper::Post(
         const utility::string_t& uri,
         const web::json::value& body,
         const HttpClientHelper::HttpRequestHeaders& headers,
         const HttpClientHelper::HttpRequestHeaders& authHeaders) const
     {
         AICLI_LOG(Repo, Info, << "Sending http POST request to: " << utility::conversions::to_utf8string(uri));
-        web::http::client::http_client client = GetClient(uri);
+        details::InvocationContext result = GetClient(uri, m_clientConfig, m_defaultRequestHandlerStage, m_pinningConfiguration.has_value());
         web::http::http_request request{ web::http::methods::POST };
         request.headers().set_content_type(web::http::details::mime_types::application_json);
         request.set_body(body.serialize());
@@ -88,7 +139,8 @@ namespace AppInstaller::Http
             request.headers().add(pair.first, pair.second);
         }
 
-        return client.request(request);
+        result.ResponseTask = result.HttpClient->request(request);
+        return result;
     }
 
     std::optional<web::json::value> HttpClientHelper::HandlePost(
@@ -99,11 +151,17 @@ namespace AppInstaller::Http
         const HttpResponseHandler& customHandler) const try
     {
         web::http::http_response httpResponse;
-        Post(uri, body, headers, authHeaders).then([&httpResponse](const web::http::http_response& response)
+        details::InvocationContext context = Post(uri, body, headers, authHeaders);
+        context.ResponseTask.then([&httpResponse](const web::http::http_response& response)
             {
                 httpResponse = response;
             }).wait();
 
+        if (m_pinningConfiguration)
+        {
+            NativeHandleServerCertificateValidation(context.RequestHandle, m_pinningConfiguration.value());
+        }
+
         if (customHandler)
         {
             auto handlerResult = customHandler(httpResponse);
@@ -120,13 +178,13 @@ namespace AppInstaller::Http
         RethrowAsWilException(exception);
     }
 
-    pplx::task<web::http::http_response> HttpClientHelper::Get(
+    details::InvocationContext HttpClientHelper::Get(
         const utility::string_t& uri,
         const HttpClientHelper::HttpRequestHeaders& headers,
         const HttpClientHelper::HttpRequestHeaders& authHeaders) const
     {
         AICLI_LOG(Repo, Info, << "Sending http GET request to: " << utility::conversions::to_utf8string(uri));
-        web::http::client::http_client client = GetClient(uri);
+        details::InvocationContext result = GetClient(uri, m_clientConfig, m_defaultRequestHandlerStage, m_pinningConfiguration.has_value());
         web::http::http_request request{ web::http::methods::GET };
         request.headers().set_content_type(web::http::details::mime_types::application_json);
 
@@ -145,7 +203,8 @@ namespace AppInstaller::Http
             request.headers().add(pair.first, pair.second);
         }
 
-        return client.request(request);
+        result.ResponseTask = result.HttpClient->request(request);
+        return result;
     }
 
     std::optional<web::json::value> HttpClientHelper::HandleGet(
@@ -155,11 +214,17 @@ namespace AppInstaller::Http
         const HttpResponseHandler& customHandler) const try
     {
         web::http::http_response httpResponse;
-        Get(uri, headers, authHeaders).then([&httpResponse](const web::http::http_response& response)
+        details::InvocationContext context = Get(uri, headers, authHeaders);
+        context.ResponseTask.then([&httpResponse](const web::http::http_response& response)
             {
                 httpResponse = response;
             }).wait();
 
+        if (m_pinningConfiguration)
+        {
+            NativeHandleServerCertificateValidation(context.RequestHandle, m_pinningConfiguration.value());
+        }
+
         if (customHandler)
         {
             auto handlerResult = customHandler(httpResponse);
@@ -178,23 +243,7 @@ namespace AppInstaller::Http
 
     void HttpClientHelper::SetPinningConfiguration(const Certificates::PinningConfiguration& configuration)
     {
-        m_clientConfig.set_nativehandle_servercertificate_validation([pinConfig = configuration](web::http::client::native_handle handle)
-            {
-                NativeHandleServerCertificateValidation(handle, pinConfig);
-            });
-    }
-
-    web::http::client::http_client HttpClientHelper::GetClient(const utility::string_t& uri) const
-    {
-        web::http::client::http_client client{ uri, m_clientConfig };
-
-        // Add default custom handlers if any.
-        if (m_defaultRequestHandlerStage)
-        {
-            client.add_handler(m_defaultRequestHandlerStage);
-        }
-
-        return client;
+        m_pinningConfiguration = configuration;
     }
 
     std::optional<web::json::value> HttpClientHelper::ValidateAndExtractResponse(const web::http::http_response& response) const

src/AppInstallerCommonCore/Public/winget/HttpClientHelper.h

@@ -4,11 +4,25 @@
 #include <winget/Certificates.h>
 #include <cpprest/http_client.h>
 #include <cpprest/json.h>
+#include <memory>
 #include <optional>
 #include <vector>
 
 namespace AppInstaller::Http
 {
+    namespace details
+    {
+        struct InvocationContext
+        {
+            std::unique_ptr<web::http::client::http_client> HttpClient;
+            pplx::task<web::http::http_response> ResponseTask;
+            web::http::client::native_handle RequestHandle = INVALID_HANDLE_VALUE;
+            std::shared_ptr<void> RequestContextLifetime;
+
+            void CaptureRequestContext(web::http::client::native_handle handle);
+        };
+    }
+
     struct HttpClientHelper
     {
         using HttpRequestHeaders = std::unordered_map<utility::string_t, utility::string_t>;
@@ -26,11 +40,11 @@ namespace AppInstaller::Http
 
         HttpClientHelper(std::shared_ptr<web::http::http_pipeline_stage> = {});
 
-        pplx::task<web::http::http_response> Post(const utility::string_t& uri, const web::json::value& body, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}) const;
+        details::InvocationContext Post(const utility::string_t& uri, const web::json::value& body, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}) const;
 
         std::optional<web::json::value> HandlePost(const utility::string_t& uri, const web::json::value& body, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}, const HttpResponseHandler& customHandler = {}) const;
 
-        pplx::task<web::http::http_response> Get(const utility::string_t& uri, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}) const;
+        details::InvocationContext Get(const utility::string_t& uri, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}) const;
 
         std::optional<web::json::value> HandleGet(const utility::string_t& uri, const HttpRequestHeaders& headers = {}, const HttpRequestHeaders& authHeaders = {}, const HttpResponseHandler& customHandler = {}) const;
 
@@ -42,12 +56,11 @@ namespace AppInstaller::Http
         std::optional<web::json::value> ExtractJsonResponse(const web::http::http_response& response) const;
 
     private:
-        web::http::client::http_client GetClient(const utility::string_t& uri) const;
-
         // Translates a cpprestsdk http_exception to a WIL exception.
         static void RethrowAsWilException(const web::http::http_exception& exception);
 
         std::shared_ptr<web::http::http_pipeline_stage> m_defaultRequestHandlerStage;
         web::http::client::http_client_config m_clientConfig;
+        std::optional<Certificates::PinningConfiguration> m_pinningConfiguration;
     };
 }