Skip to content

Commit dcaaaf6

Browse files
committed
handled PR comments
1 parent a94cd3e commit dcaaaf6

File tree

3 files changed

+31
-41
lines changed

3 files changed

+31
-41
lines changed

http-clients/apache5-client/src/main/java/software/amazon/awssdk/http/apache5/Apache5HttpClient.java

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -454,7 +454,8 @@ public interface Builder extends SdkHttpClient.Builder<Apache5HttpClient.Builder
454454
Builder dnsResolver(DnsResolver dnsResolver);
455455

456456
/**
457-
* @deprecated this has been replaced with {{@link #tlsSocketStrategy(TlsSocketStrategy)}}
457+
* @deprecated this has been replaced with {@link #tlsSocketStrategy(TlsSocketStrategy)}.
458+
* This method is retained for backwards compatibility to ease migration from Apache HttpClient 4.5.x.
458459
* Configuration that defines a custom Socket factory. If set to a null value, a default factory is used.
459460
* <p>
460461
* When set to a non-null value, the use of a custom factory implies the configuration options TRUST_ALL_CERTIFICATES,
@@ -463,7 +464,6 @@ public interface Builder extends SdkHttpClient.Builder<Apache5HttpClient.Builder
463464
@Deprecated
464465
Builder socketFactory(ConnectionSocketFactory socketFactory);
465466

466-
467467
/**
468468
* Configure a custom TLS strategy for SSL/TLS connections.
469469
* This is the preferred method over the deprecated {@link #socketFactory(ConnectionSocketFactory)}.
@@ -532,7 +532,7 @@ private static final class DefaultBuilder implements Builder {
532532
private HttpRoutePlanner httpRoutePlanner;
533533
private CredentialsProvider credentialsProvider;
534534
private DnsResolver dnsResolver;
535-
private ConnectionSocketFactory legacySocketFactory;
535+
private ConnectionSocketFactory legacyConnectionSocketFactory;
536536
private TlsSocketStrategy tlsStrategy;
537537

538538
private DefaultBuilder() {
@@ -656,8 +656,7 @@ public void setDnsResolver(DnsResolver dnsResolver) {
656656

657657
@Override
658658
public Builder socketFactory(ConnectionSocketFactory socketFactory) {
659-
this.legacySocketFactory = socketFactory;
660-
this.tlsStrategy = null; // Clear any previously set strategy
659+
this.legacyConnectionSocketFactory = socketFactory;
661660
return this;
662661
}
663662

@@ -668,7 +667,6 @@ public void setSocketFactory(ConnectionSocketFactory socketFactory) {
668667
@Override
669668
public Builder tlsSocketStrategy(TlsSocketStrategy tlsSocketStrategy) {
670669
this.tlsStrategy = tlsSocketStrategy;
671-
this.legacySocketFactory = null; // Clear any legacy factory
672670
return this;
673671
}
674672

@@ -746,8 +744,8 @@ TlsSocketStrategy getEffectiveTlsStrategy() {
746744
if (tlsStrategy != null) {
747745
return tlsStrategy;
748746
}
749-
if (legacySocketFactory != null) {
750-
return new ConnectionSocketFactoryToTlsStrategyAdapter(legacySocketFactory);
747+
if (legacyConnectionSocketFactory != null) {
748+
return new ConnectionSocketFactoryToTlsStrategyAdapter(legacyConnectionSocketFactory);
751749
}
752750
return null;
753751
}
@@ -758,6 +756,10 @@ private static class ApacheConnectionManagerFactory {
758756
public PoolingHttpClientConnectionManager create(Apache5HttpClient.DefaultBuilder configuration,
759757
AttributeMap standardOptions) {
760758

759+
Validate.isTrue(configuration.tlsStrategy == null || configuration.legacyConnectionSocketFactory == null,
760+
"Cannot configure both tlsSocketStrategy and socketFactory. "
761+
+ "The connectionSocketFactory is deprecated; use tlsSocketStrategy for new implementations.");
762+
761763
TlsSocketStrategy tlsStrategy = getPreferredTlsStrategy(configuration, standardOptions);
762764

763765
PoolingHttpClientConnectionManagerBuilder builder =

http-clients/apache5-client/src/main/java/software/amazon/awssdk/http/apache5/internal/conn/ConnectionSocketFactoryToTlsStrategyAdapter.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
import org.apache.hc.client5.http.ssl.TlsSocketStrategy;
2424
import org.apache.hc.core5.http.protocol.HttpContext;
2525
import software.amazon.awssdk.annotations.SdkInternalApi;
26+
import software.amazon.awssdk.utils.Validate;
2627

2728
/**
2829
* Adapter to wrap ConnectionSocketFactory as TlsSocketStrategy.
@@ -34,7 +35,7 @@ public class ConnectionSocketFactoryToTlsStrategyAdapter implements TlsSocketStr
3435
private final ConnectionSocketFactory socketFactory;
3536

3637
public ConnectionSocketFactoryToTlsStrategyAdapter(ConnectionSocketFactory socketFactory) {
37-
this.socketFactory = socketFactory;
38+
this.socketFactory = Validate.paramNotNull(socketFactory, "socketFactory");
3839
}
3940

4041
@Override

http-clients/apache5-client/src/test/java/software/amazon/awssdk/http/apache5/Apache5ClientTlsAuthTest.java

Lines changed: 19 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ public void methodTeardown() {
116116
}
117117

118118
@Test
119-
public void canMakeHttpsRequestWhenKeyProviderConfigured() throws IOException {
119+
public void prepareRequest_whenKeyProviderConfigured_successfullyMakesHttpsRequest() throws IOException {
120120
client = Apache5HttpClient.builder()
121121
.tlsKeyManagersProvider(keyManagersProvider)
122122
.build();
@@ -125,13 +125,13 @@ public void canMakeHttpsRequestWhenKeyProviderConfigured() throws IOException {
125125
}
126126

127127
@Test
128-
public void requestFailsWhenKeyProviderNotConfigured() throws IOException {
128+
public void prepareRequest_whenKeyProviderNotConfigured_throwsSslException() throws IOException {
129129
client = Apache5HttpClient.builder().tlsKeyManagersProvider(NoneTlsKeyManagersProvider.getInstance()).build();
130130
assertThatThrownBy(() -> makeRequestWithHttpClient(client)).isInstanceOfAny(SSLException.class, SocketException.class);
131131
}
132132

133133
@Test
134-
public void authenticatesWithTlsProxy() throws IOException {
134+
public void prepareRequest_whenTlsProxyConfigured_authenticatesSuccessfully() throws IOException {
135135
ProxyConfiguration proxyConfig = ProxyConfiguration.builder()
136136
.endpoint(URI.create("https://localhost:" + wireMockServer.httpsPort()))
137137
.build();
@@ -148,7 +148,7 @@ public void authenticatesWithTlsProxy() throws IOException {
148148
}
149149

150150
@Test
151-
public void defaultTlsKeyManagersProviderIsSystemPropertyProvider() throws IOException {
151+
public void build_whenNoTlsKeyManagersProviderSet_usesSystemPropertyProvider() throws IOException {
152152
System.setProperty(SSL_KEY_STORE.property(), clientKeyStore.toAbsolutePath().toString());
153153
System.setProperty(SSL_KEY_STORE_TYPE.property(), CLIENT_STORE_TYPE);
154154
System.setProperty(SSL_KEY_STORE_PASSWORD.property(), STORE_PASSWORD);
@@ -164,7 +164,7 @@ public void defaultTlsKeyManagersProviderIsSystemPropertyProvider() throws IOExc
164164
}
165165

166166
@Test
167-
public void defaultTlsKeyManagersProviderIsSystemPropertyProvider_explicitlySetToNull() throws IOException {
167+
public void build_whenTlsKeyManagersProviderExplicitlySetToNull_usesSystemPropertyProvider() throws IOException {
168168
System.setProperty(SSL_KEY_STORE.property(), clientKeyStore.toAbsolutePath().toString());
169169
System.setProperty(SSL_KEY_STORE_TYPE.property(), CLIENT_STORE_TYPE);
170170
System.setProperty(SSL_KEY_STORE_PASSWORD.property(), STORE_PASSWORD);
@@ -180,7 +180,7 @@ public void defaultTlsKeyManagersProviderIsSystemPropertyProvider_explicitlySetT
180180
}
181181

182182
@Test
183-
public void build_notSettingSocketFactory_configuresClientWithDefaultSocketFactory() throws Exception {
183+
public void build_whenSocketFactoryNotSet_configuresDefaultSocketFactory() throws Exception {
184184
System.setProperty(SSL_KEY_STORE.property(), clientKeyStore.toAbsolutePath().toString());
185185
System.setProperty(SSL_KEY_STORE_TYPE.property(), CLIENT_STORE_TYPE);
186186
System.setProperty(SSL_KEY_STORE_PASSWORD.property(), STORE_PASSWORD);
@@ -212,7 +212,7 @@ public void build_notSettingSocketFactory_configuresClientWithDefaultSocketFacto
212212
}
213213

214214
@Test
215-
public void build_settingCustomSocketFactory_configuresClientWithGivenSocketFactory() throws IOException,
215+
public void build_whenCustomSocketFactorySet_usesProvidedSocketFactory() throws IOException,
216216
NoSuchAlgorithmException,
217217
KeyManagementException {
218218
TlsKeyManagersProvider provider = FileStoreTlsKeyManagersProvider.create(clientKeyStore,
@@ -259,7 +259,7 @@ private HttpExecuteResponse makeRequestWithHttpClient(SdkHttpClient httpClient)
259259
}
260260

261261
@Test
262-
public void tls_strategy_configuration() throws Exception {
262+
public void build_whenTlsSocketStrategyConfigured_usesProvidedStrategy() throws Exception {
263263
// Setup TLS context
264264
KeyManager[] keyManagers = keyManagersProvider.keyManagers();
265265
SSLContext sslContext = SSLContext.getInstance("TLS");
@@ -289,45 +289,32 @@ public void tls_strategy_configuration() throws Exception {
289289
}
290290

291291
@Test
292-
public void tls_strategy_overrides_legacy_factory() throws Exception {
292+
public void build_whenBothTlsStrategyAndLegacyFactorySet_throwsIllegalArgumentException() throws Exception {
293293
// Setup TLS context
294294
KeyManager[] keyManagers = keyManagersProvider.keyManagers();
295295
SSLContext sslContext = SSLContext.getInstance("TLS");
296296
sslContext.init(keyManagers, null, null);
297297

298-
// Create spies for both approaches
298+
// Create both socket factory and TLS strategy
299299
SSLConnectionSocketFactory legacyFactory = new SSLConnectionSocketFactory(
300300
sslContext,
301301
NoopHostnameVerifier.INSTANCE
302302
);
303-
SSLConnectionSocketFactory legacyFactorySpy = Mockito.spy(legacyFactory);
304303

305304
TlsSocketStrategy tlsStrategy = new SdkTlsSocketFactory(
306305
sslContext,
307306
NoopHostnameVerifier.INSTANCE
308307
);
309-
TlsSocketStrategy tlsStrategySpy = Mockito.spy(tlsStrategy);
310-
311-
// Build client with both - TLS strategy should take precedence
312-
client = Apache5HttpClient.builder()
313-
.socketFactory(legacyFactorySpy)
314-
.tlsSocketStrategy(tlsStrategySpy) // This should override
315-
.build();
316-
317-
// Make request
318-
HttpExecuteResponse response = makeRequestWithHttpClient(client);
319-
assertThat(response.httpResponse().isSuccessful()).isTrue();
320-
321-
// Verify only TLS strategy was used, not legacy
322-
Mockito.verify(tlsStrategySpy).upgrade(
323-
Mockito.any(Socket.class),
324-
Mockito.anyString(),
325-
Mockito.anyInt(),
326-
Mockito.any(),
327-
Mockito.any(HttpContext.class)
328-
);
329308

330-
Mockito.verifyNoInteractions(legacyFactorySpy);
309+
// Attempt to build client with both - should throw exception
310+
assertThatThrownBy(() -> Apache5HttpClient.builder()
311+
.socketFactory(legacyFactory)
312+
.tlsSocketStrategy(tlsStrategy)
313+
.build())
314+
.isInstanceOf(IllegalArgumentException.class)
315+
.hasMessageContaining("Cannot configure both tlsSocketStrategy and socketFactory")
316+
.hasMessageContaining("deprecated")
317+
.hasMessageContaining("use tlsSocketStrategy");
331318
}
332319

333320
}

0 commit comments

Comments
 (0)