Add disable-SSL-verification option to WebClient #279

2021-08-17 18:49:16 +08:00
parent 3f8f2ff644
commit ab6c7712a1
1 changed files with 32 additions and 7 deletions
--- a/fizz-common/src/main/java/we/config/WebClientConfig.java
+++ b/fizz-common/src/main/java/we/config/WebClientConfig.java
@@ -18,6 +18,9 @@
 package we.config;

 import io.netty.channel.ChannelOption;
+import io.netty.handler.ssl.SslContext;
+import io.netty.handler.ssl.SslContextBuilder;
+import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.handler.timeout.ReadTimeoutHandler;
 import io.netty.handler.timeout.WriteTimeoutHandler;
 import org.slf4j.Logger;
@@ -29,6 +32,7 @@ import reactor.netty.http.client.HttpClient;
 import reactor.netty.tcp.TcpClient;

 import javax.annotation.Resource;
+import javax.net.ssl.SSLException;
 import java.time.Duration;
 import java.util.concurrent.TimeUnit;

@@ -54,6 +58,16 @@ public abstract class WebClientConfig {

    private Boolean       compress                = null; // true

+    private Boolean       disableSSLverification  = null; // false
+
+    public Boolean getDisableSSLverification() {
+        return disableSSLverification;
+    }
+
+    public void setDisableSSLverification(Boolean disableSSLverification) {
+        this.disableSSLverification = disableSSLverification;
+    }
+
    public Long getConnReadTimeout() {
        return connReadTimeout;
    }
@@ -117,6 +131,7 @@ public abstract class WebClientConfig {
    WebClient.Builder webClientBuilder;

    public WebClient webClient() {
+
        HttpClient httpClient = HttpClient.create()
                                          .tcpConfiguration(
                                              tcpClient -> {
@@ -150,6 +165,16 @@ public abstract class WebClientConfig {
        //     httpClient = httpClient.responseTimeout(Duration.ofMillis(responseTimeout));
        // }

+        if (disableSSLverification != null && disableSSLverification) {
+            try {
+                SslContext sslContext = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
+                httpClient = httpClient.secure(t -> t.sslContext(sslContext));
+                log.warn("disable SSL verification");
+            } catch (SSLException e) {
+                throw new RuntimeException(e);
+            }
+        }
+
        return   webClientBuilder.exchangeStrategies(
                                      ExchangeStrategies.builder().codecs(configurer -> configurer.defaultCodecs().maxInMemorySize(-1))
                                                                  .build()