AmazonQ: Netty client (#4150)

ppiliaev · web-flow · commit 9e3d9341e92c · 2024-03-20T14:18:08.000-07:00
AmazonQ client was changed to netty client to add proxy settings support
diff --git a/.changes/next-release/bugfix-e737d87c-f84a-44f0-b403-5c692051e9d3.json b/.changes/next-release/bugfix-e737d87c-f84a-44f0-b403-5c692051e9d3.json
@@ -0,0 +1,4 @@
+{
+  "type" : "bugfix",
+  "description" : "Respect IDE HTTP proxy server settings when using Amazon Q"
+}
diff --git a/buildSrc/src/main/kotlin/toolkit-intellij-subplugin.gradle.kts b/buildSrc/src/main/kotlin/toolkit-intellij-subplugin.gradle.kts
@@ -50,14 +50,6 @@ configurations {
         exclude(group = "org.slf4j")
         exclude(group = "org.jetbrains.kotlin")
         exclude(group = "org.jetbrains.kotlinx")
-
-        // Exclude dependencies we don't use to make plugin smaller
-        exclude(group = "software.amazon.awssdk", module = "netty-nio-client")
-    }
-
-    testRuntimeClasspath {
-        // Conflicts with CRT in test classpath
-        exclude(group = "software.amazon.awssdk", module = "netty-nio-client")
     }
 
     all {
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -50,6 +50,7 @@ aws-ecs = { module = "software.amazon.awssdk:ecs", version.ref = "awsSdk" }
 aws-iam = { module = "software.amazon.awssdk:iam", version.ref = "awsSdk" }
 aws-jsonProtocol = { module = "software.amazon.awssdk:aws-json-protocol", version.ref = "awsSdk" }
 aws-lambda = { module = "software.amazon.awssdk:lambda", version.ref = "awsSdk" }
+aws-nettyClient = { module = "software.amazon.awssdk:netty-nio-client", version.ref = "awsSdk" }
 aws-queryProtocol = { module = "software.amazon.awssdk:aws-query-protocol", version.ref = "awsSdk" }
 aws-rds = { module = "software.amazon.awssdk:rds", version.ref = "awsSdk" }
 aws-redshift = { module = "software.amazon.awssdk:redshift", version.ref = "awsSdk" }
diff --git a/plugins/toolkit/intellij/build.gradle.kts b/plugins/toolkit/intellij/build.gradle.kts
@@ -93,7 +93,6 @@ configurations {
         exclude(group = "org.slf4j")
         exclude(group = "org.jetbrains.kotlin")
         exclude(group = "org.jetbrains.kotlinx")
-        exclude(group = "software.amazon.awssdk", module = "netty-nio-client")
     }
 }
 
diff --git a/plugins/toolkit/jetbrains-core/build.gradle.kts b/plugins/toolkit/jetbrains-core/build.gradle.kts
@@ -132,6 +132,7 @@ dependencies {
     api(libs.aws.ecs)
     api(libs.aws.iam)
     api(libs.aws.lambda)
+    api(libs.aws.nettyClient)
     api(libs.aws.rds)
     api(libs.aws.redshift)
     api(libs.aws.s3)
@@ -148,7 +149,6 @@ dependencies {
     testImplementation(project(":plugin-core:sdk-codegen"))
 
     implementation(project(":plugin-amazonq:mynah-ui"))
-    implementation(libs.aws.crt)
     implementation(libs.bundles.jackson)
     implementation(libs.zjsonpatch)
     implementation(libs.commonmark)
diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererEndpointCustomizer.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererEndpointCustomizer.kt
@@ -4,6 +4,9 @@
 package software.aws.toolkits.jetbrains.services.codewhisperer.util
 
 import com.intellij.openapi.application.ApplicationManager
+import com.intellij.util.net.HttpConfigurable
+import com.intellij.util.net.ssl.CertificateManager
+import com.intellij.util.proxy.CommonProxy
 import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider
 import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
 import software.amazon.awssdk.auth.token.credentials.SdkTokenProvider
@@ -14,6 +17,8 @@ import software.amazon.awssdk.core.interceptor.ExecutionAttributes
 import software.amazon.awssdk.core.interceptor.ExecutionInterceptor
 import software.amazon.awssdk.core.retry.RetryPolicy
 import software.amazon.awssdk.http.SdkHttpRequest
+import software.amazon.awssdk.http.nio.netty.NettyNioAsyncHttpClient
+import software.amazon.awssdk.http.nio.netty.ProxyConfiguration
 import software.amazon.awssdk.services.codewhisperer.CodeWhispererClientBuilder
 import software.amazon.awssdk.services.codewhispererruntime.CodeWhispererRuntimeClientBuilder
 import software.amazon.awssdk.services.codewhispererstreaming.CodeWhispererStreamingAsyncClientBuilder
@@ -23,7 +28,9 @@ import software.aws.toolkits.jetbrains.core.AwsSdkClient
 import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.CodeWhispererExplorerActionManager
 import software.aws.toolkits.jetbrains.services.codewhisperer.settings.CodeWhispererSettings
 import software.aws.toolkits.jetbrains.services.telemetry.AwsCognitoCredentialsProvider
+import java.net.Proxy
 import java.net.URI
+import javax.net.ssl.TrustManager
 
 // TODO: move this file to package /client
 class CodeWhispererEndpointCustomizer : ToolkitClientCustomizer {
@@ -36,8 +43,9 @@ class CodeWhispererEndpointCustomizer : ToolkitClientCustomizer {
         clientOverrideConfiguration: ClientOverrideConfiguration.Builder
     ) {
         if (builder is CodeWhispererRuntimeClientBuilder || builder is CodeWhispererStreamingAsyncClientBuilder) {
+            val endpoint = URI.create(CodeWhispererConstants.Config.CODEWHISPERER_ENDPOINT)
             builder
-                .endpointOverride(URI.create(CodeWhispererConstants.Config.CODEWHISPERER_ENDPOINT))
+                .endpointOverride(endpoint)
                 .region(CodeWhispererConstants.Config.BearerClientRegion)
             clientOverrideConfiguration.retryPolicy(RetryPolicy.none())
             clientOverrideConfiguration.addExecutionInterceptor(
@@ -56,6 +64,41 @@ class CodeWhispererEndpointCustomizer : ToolkitClientCustomizer {
                     }
                 }
             )
+            if (builder is CodeWhispererStreamingAsyncClientBuilder) {
+                val proxy = CommonProxy.getInstance().select(endpoint).first()
+                val address = proxy.address()
+                val clientBuilder = NettyNioAsyncHttpClient.builder()
+
+                // proxy.type is one of {DIRECT, HTTP, SOCKS}, and is definitely a InetSocketAddress in the HTTP/SOCKS case
+                // and is null in DIRECT case
+                if (proxy.type() == Proxy.Type.SOCKS) {
+                    error("Q Chat HTTP client does not support SOCKS proxies")
+                } else if (address is java.net.InetSocketAddress) {
+                    val proxyConfiguration = ProxyConfiguration.builder()
+                        .host(address.getHostName())
+                        .port(address.getPort())
+                        .apply {
+                            val configurable = HttpConfigurable.getInstance()
+                            val proxyExceptions = configurable.PROXY_EXCEPTIONS
+                            if (!proxyExceptions.isNullOrBlank()) {
+                                // should be handled by CommonProxy, but also should be no harm in passing this along if something more complicated is happening
+                                nonProxyHosts(proxyExceptions.split(',').toSet())
+                            }
+
+                            val login = HttpConfigurable.getInstance().proxyLogin
+                            if (login != null) {
+                                username(login)
+                                password(HttpConfigurable.getInstance().plainProxyPassword)
+                            }
+                        }
+                        .useSystemPropertyValues(false)
+
+                    clientBuilder.proxyConfiguration(proxyConfiguration.build())
+                        .tlsTrustManagersProvider { arrayOf<TrustManager>(CertificateManager.getInstance().trustManager) }
+                }
+
+                builder.httpClientBuilder(clientBuilder)
+            }
         } else if (builder is CodeWhispererClientBuilder) {
             clientOverrideConfiguration.addExecutionInterceptor(
                 object : ExecutionInterceptor {
diff --git a/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/CodeWhispererEndpointCustomizerTest.kt b/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/CodeWhispererEndpointCustomizerTest.kt
@@ -0,0 +1,121 @@
+// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.services.codewhisperer
+
+import com.intellij.openapi.application.ApplicationManager
+import com.intellij.testFramework.ApplicationRule
+import com.intellij.testFramework.DisposableRule
+import com.intellij.util.net.HttpConfigurable
+import org.eclipse.jetty.proxy.ConnectHandler
+import org.eclipse.jetty.proxy.ProxyServlet
+import org.eclipse.jetty.server.Server
+import org.eclipse.jetty.server.ServerConnector
+import org.eclipse.jetty.servlet.ServletContextHandler
+import org.eclipse.jetty.servlet.ServletHolder
+import org.junit.After
+import org.junit.Before
+import org.junit.Rule
+import org.junit.Test
+import org.mockito.Mockito.times
+import org.mockito.kotlin.any
+import org.mockito.kotlin.spy
+import org.mockito.kotlin.verify
+import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider
+import software.amazon.awssdk.auth.token.credentials.SdkToken
+import software.amazon.awssdk.auth.token.credentials.StaticTokenProvider
+import software.amazon.awssdk.regions.Region
+import software.amazon.awssdk.services.codewhispererstreaming.CodeWhispererStreamingAsyncClient
+import software.amazon.awssdk.services.codewhispererstreaming.CodeWhispererStreamingAsyncClientBuilder
+import software.amazon.awssdk.services.codewhispererstreaming.model.GenerateAssistantResponseResponseHandler
+import software.aws.toolkits.jetbrains.core.AwsClientManager
+import software.aws.toolkits.jetbrains.core.MockClientManager.Companion.useRealImplementations
+import java.util.concurrent.CountDownLatch
+
+class CodeWhispererEndpointCustomizerTest {
+    @Rule
+    @JvmField
+    val application = ApplicationRule()
+
+    @Rule
+    @JvmField
+    val disposableRule = DisposableRule()
+
+    private val proxyServletSpy = spy(ConnectHandler())
+
+    private val proxyServer = Server().also {
+        it.addConnector(ServerConnector(it))
+        it.handler = proxyServletSpy
+
+        val context = ServletContextHandler(proxyServletSpy, "/", ServletContextHandler.SESSIONS)
+
+        context.addServlet(ServletHolder(ProxyServlet()), "/*")
+        it.start()
+    }
+
+    @Before
+    fun setUp() {
+        useRealImplementations(disposableRule.disposable)
+        val httpConfigurable = HttpConfigurable.getInstance()
+        httpConfigurable.USE_HTTP_PROXY = true
+        httpConfigurable.PROXY_HOST = "localhost"
+        httpConfigurable.PROXY_PORT = proxyServer.uri.port
+    }
+
+    @After
+    fun tearDown() {
+        HttpConfigurable.getInstance().USE_HTTP_PROXY = false
+
+        proxyServer.stop()
+        proxyServer.join()
+    }
+
+    @Test
+    fun proxyIsBypassed() {
+        HttpConfigurable.getInstance().USE_HTTP_PROXY = false
+
+        makeAwsCall()
+
+        verify(proxyServletSpy, times(0)).handle(any(), any(), any(), any())
+    }
+
+    @Test
+    fun proxyCallIsMade() {
+        makeAwsCall()
+
+        verify(proxyServletSpy).handle(any(), any(), any(), any())
+    }
+
+    private fun makeAwsCall() {
+        val latch = CountDownLatch(1)
+
+        ApplicationManager.getApplication().executeOnPooledThread {
+            AwsClientManager.getInstance().createUnmanagedClient<CodeWhispererStreamingAsyncClient>(
+                AnonymousCredentialsProvider.create(),
+                Region.AWS_GLOBAL,
+                clientCustomizer = { _, _, _, builder, _ ->
+                    (builder as CodeWhispererStreamingAsyncClientBuilder).tokenProvider(
+                        StaticTokenProvider.create(
+                            object : SdkToken {
+                                override fun token() = "testToken"
+                                override fun expirationTime() = null
+                            }
+                        )
+                    )
+                }
+            )
+                .use {
+                    it.generateAssistantResponse(
+                        {},
+                        GenerateAssistantResponseResponseHandler.builder()
+                            .onEventStream {}
+                            .onError { latch.countDown() }
+                            .onComplete { latch.countDown() }
+                            .build()
+                    )
+                }
+        }
+
+        latch.await()
+    }
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +  "type" : "bugfix",
 +  "description" : "Respect IDE HTTP proxy server settings when using Amazon Q"
 +}
Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,6 @@ configurations {`
`93`	`93`	`exclude(group = "org.slf4j")`
`94`	`94`	`exclude(group = "org.jetbrains.kotlin")`
`95`	`95`	`exclude(group = "org.jetbrains.kotlinx")`
`96`		`- exclude(group = "software.amazon.awssdk", module = "netty-nio-client")`
`97`	`96`	`}`
`98`	`97`	`}`
`99`	`98`