From 6f323ad939b6f16bfb0e9c8e9b604a7c1d1da67f Mon Sep 17 00:00:00 2001 From: Roberto Cortez Date: Fri, 13 Dec 2024 22:56:31 +0000 Subject: [PATCH] Move http configuration to @ConfigMapping --- .../bindings/http/FunqyHttpBuildStep.java | 4 +- .../events/FunqyKnativeEventsBuildStep.java | 2 +- .../runtime/devui/GrpcJsonRPCService.java | 12 +- .../DefaultPolicyEnforcerResolver.java | 2 +- .../runtime/ManagementRequestPrioritizer.java | 10 +- .../oidc/deployment/OidcBuildStep.java | 2 +- .../runtime/devui/OidcDevJsonRpcService.java | 2 +- .../deployment/ReactiveRoutesProcessor.java | 2 +- .../vertx/web/runtime/VertxWebRecorder.java | 4 +- .../ResteasyStandaloneBuildStep.java | 4 +- .../security/AbstractSecurityEventTest.java | 2 +- .../ResteasyStandaloneRecorder.java | 8 +- .../server/deployment/CompressionScanner.java | 4 +- .../deployment/ResteasyReactiveProcessor.java | 4 +- .../security/AbstractSecurityEventTest.java | 2 +- .../runtime/ResteasyReactiveRecorder.java | 2 +- .../ResteasyReactiveRuntimeRecorder.java | 14 +- .../security/EagerSecurityContext.java | 2 +- .../security/webauthn/WebAuthnRecorder.java | 4 +- .../deployment/SmallRyeGraphQLProcessor.java | 2 +- .../deployment/SmallRyeHealthProcessor.java | 4 +- .../deployment/SmallRyeOpenApiProcessor.java | 4 +- .../openapi/runtime/OpenApiRecorder.java | 2 +- .../deployment/UndertowBuildStep.java | 2 +- .../runtime/UndertowDeploymentRecorder.java | 8 +- .../deployment/HttpSecurityProcessor.java | 31 +-- .../ManagementInterfaceSecurityProcessor.java | 6 +- .../NonApplicationRootPathBuildItem.java | 2 +- .../http/deployment/VertxHttpProcessor.java | 22 +- .../devmode/ConfiguredPathInfo.java | 2 +- .../NonApplicationRootPathBuildItemTest.java | 94 +++++--- .../vertx/http/devmode/ArcEndpointTest.java | 2 +- extensions/vertx-http/runtime/pom.xml | 3 - .../devui/runtime/DevUICORSFilter.java | 39 +++- .../vertx/http/runtime/AccessLogConfig.java | 56 +++-- .../vertx/http/runtime/AuthConfig.java | 24 +-- .../vertx/http/runtime/AuthRuntimeConfig.java | 32 ++- .../vertx/http/runtime/BodyConfig.java | 30 ++- .../vertx/http/runtime/CertificateConfig.java | 95 +++----- .../vertx/http/runtime/FilterConfig.java | 17 +- .../vertx/http/runtime/FormAuthConfig.java | 16 +- .../http/runtime/FormAuthRuntimeConfig.java | 73 +++---- .../http/runtime/ForwardingProxyOptions.java | 24 +-- .../GeneratedStaticResourcesRecorder.java | 12 +- .../vertx/http/runtime/HeaderConfig.java | 17 +- .../http/runtime/HttpBuildTimeConfig.java | 62 +++--- .../vertx/http/runtime/HttpConfiguration.java | 155 +++++++------- .../vertx/http/runtime/MultiPartConfig.java | 18 +- .../vertx/http/runtime/PolicyConfig.java | 26 +-- .../http/runtime/PolicyMappingConfig.java | 49 ++--- .../vertx/http/runtime/ProxyConfig.java | 60 +++--- .../http/runtime/SameSiteCookieConfig.java | 24 +-- .../http/runtime/ServerLimitsConfig.java | 60 +++--- .../vertx/http/runtime/ServerSslConfig.java | 21 +- .../http/runtime/StaticResourcesConfig.java | 40 ++-- .../http/runtime/StaticResourcesRecorder.java | 36 ++-- .../http/runtime/TrafficShapingConfig.java | 27 +-- .../vertx/http/runtime/VertxHttpRecorder.java | 186 ++++++++-------- .../http/runtime/WebsocketServerConfig.java | 20 +- .../vertx/http/runtime/cors/CORSConfig.java | 62 ++---- .../vertx/http/runtime/cors/CORSFilter.java | 28 +-- .../vertx/http/runtime/cors/CORSRecorder.java | 4 +- .../management/ManagementAuthConfig.java | 21 +- .../ManagementInterfaceBuildTimeConfig.java | 38 ++-- .../ManagementInterfaceConfiguration.java | 73 +++---- .../ManagementInterfaceSecurityRecorder.java | 2 +- .../ManagementRuntimeAuthConfig.java | 18 +- .../options/HttpServerCommonHandlers.java | 26 +-- .../options/HttpServerOptionsUtils.java | 202 +++++++++--------- .../options/TlsCertificateReloader.java | 18 +- .../vertx/http/runtime/options/TlsUtils.java | 43 ++-- ...bstractPathMatchingHttpSecurityPolicy.java | 30 +-- .../BasicAuthenticationMechanism.java | 2 +- .../security/FormAuthenticationMechanism.java | 34 +-- .../runtime/security/HttpAuthenticator.java | 8 +- .../security/HttpSecurityRecorder.java | 8 +- .../JaxRsPathMatchingHttpSecurityPolicy.java | 4 +- ...agementPathMatchingHttpSecurityPolicy.java | 7 +- .../PathMatchingHttpSecurityPolicy.java | 7 +- .../WebDependencyLocatorProcessor.java | 2 +- ...bDependencyLocatorDevModeApiProcessor.java | 2 +- .../devui/WebSocketNextJsonRPCService.java | 4 +- .../io/quarkus/extest/UnknownConfigTest.java | 4 +- 83 files changed, 1015 insertions(+), 1121 deletions(-) diff --git a/extensions/funqy/funqy-http/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/http/FunqyHttpBuildStep.java b/extensions/funqy/funqy-http/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/http/FunqyHttpBuildStep.java index a2fa752ecfcf1..a03ca9d206e7b 100644 --- a/extensions/funqy/funqy-http/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/http/FunqyHttpBuildStep.java +++ b/extensions/funqy/funqy-http/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/http/FunqyHttpBuildStep.java @@ -60,7 +60,7 @@ public void staticInit(FunqyHttpBindingRecorder binding, return; // The context path + the resources path - String rootPath = httpConfig.rootPath; + String rootPath = httpConfig.rootPath(); binding.init(); } @@ -81,7 +81,7 @@ public void boot(ShutdownContextBuildItem shutdown, return; feature.produce(new FeatureBuildItem(FUNQY_HTTP_FEATURE)); - String rootPath = httpConfig.rootPath; + String rootPath = httpConfig.rootPath(); Handler handler = binding.start(rootPath, vertx.getVertx(), shutdown, diff --git a/extensions/funqy/funqy-knative-events/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/knative/events/FunqyKnativeEventsBuildStep.java b/extensions/funqy/funqy-knative-events/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/knative/events/FunqyKnativeEventsBuildStep.java index b8ba7d678b49d..28bbcd9c97431 100644 --- a/extensions/funqy/funqy-knative-events/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/knative/events/FunqyKnativeEventsBuildStep.java +++ b/extensions/funqy/funqy-knative-events/deployment/src/main/java/io/quarkus/funqy/deployment/bindings/knative/events/FunqyKnativeEventsBuildStep.java @@ -82,7 +82,7 @@ public void boot(ShutdownContextBuildItem shutdown, feature.produce(new FeatureBuildItem(FUNQY_KNATIVE_FEATURE)); - String rootPath = httpConfig.rootPath; + String rootPath = httpConfig.rootPath(); if (rootPath == null) { rootPath = "/"; } else if (!rootPath.endsWith("/")) { diff --git a/extensions/grpc/runtime/src/main/java/io/quarkus/grpc/runtime/devui/GrpcJsonRPCService.java b/extensions/grpc/runtime/src/main/java/io/quarkus/grpc/runtime/devui/GrpcJsonRPCService.java index 7d367e3d43710..1241fd96e1dca 100644 --- a/extensions/grpc/runtime/src/main/java/io/quarkus/grpc/runtime/devui/GrpcJsonRPCService.java +++ b/extensions/grpc/runtime/src/main/java/io/quarkus/grpc/runtime/devui/GrpcJsonRPCService.java @@ -69,18 +69,18 @@ public void init() { this.port = serverConfig.port; this.ssl = serverConfig.ssl.certificate.isPresent() || serverConfig.ssl.keyStore.isPresent(); } else { - this.host = httpConfiguration.host; - this.port = httpConfiguration.port; - this.ssl = isTLSConfigured(httpConfiguration.ssl.certificate); + this.host = httpConfiguration.host(); + this.port = httpConfiguration.port(); + this.ssl = isTLSConfigured(httpConfiguration.ssl().certificate()); } this.grpcServiceClassInfos = getGrpcServiceClassInfos(); this.callsInProgress = new HashMap<>(); } private boolean isTLSConfigured(CertificateConfig certificate) { - return certificate.files.isPresent() - || certificate.keyFiles.isPresent() - || certificate.keyStoreFile.isPresent(); + return certificate.files().isPresent() + || certificate.keyFiles().isPresent() + || certificate.keyStoreFile().isPresent(); } public JsonArray getServices() { diff --git a/extensions/keycloak-authorization/runtime/src/main/java/io/quarkus/keycloak/pep/runtime/DefaultPolicyEnforcerResolver.java b/extensions/keycloak-authorization/runtime/src/main/java/io/quarkus/keycloak/pep/runtime/DefaultPolicyEnforcerResolver.java index fdc01c61b6543..e2527080dc0da 100644 --- a/extensions/keycloak-authorization/runtime/src/main/java/io/quarkus/keycloak/pep/runtime/DefaultPolicyEnforcerResolver.java +++ b/extensions/keycloak-authorization/runtime/src/main/java/io/quarkus/keycloak/pep/runtime/DefaultPolicyEnforcerResolver.java @@ -40,7 +40,7 @@ public class DefaultPolicyEnforcerResolver implements PolicyEnforcerResolver { HttpConfiguration httpConfiguration, BlockingSecurityExecutor blockingSecurityExecutor, Instance configResolver, InjectableInstance tlsConfigRegistryInstance) { - this.readTimeout = httpConfiguration.readTimeout.toMillis(); + this.readTimeout = httpConfiguration.readTimeout().toMillis(); if (tlsConfigRegistryInstance.isResolvable()) { this.tlsSupport = OidcTlsSupport.of(tlsConfigRegistryInstance.get()); diff --git a/extensions/load-shedding/runtime/src/main/java/io/quarkus/load/shedding/runtime/ManagementRequestPrioritizer.java b/extensions/load-shedding/runtime/src/main/java/io/quarkus/load/shedding/runtime/ManagementRequestPrioritizer.java index ee011ccd35f31..136dbee4800af 100644 --- a/extensions/load-shedding/runtime/src/main/java/io/quarkus/load/shedding/runtime/ManagementRequestPrioritizer.java +++ b/extensions/load-shedding/runtime/src/main/java/io/quarkus/load/shedding/runtime/ManagementRequestPrioritizer.java @@ -16,19 +16,19 @@ public class ManagementRequestPrioritizer implements RequestPrioritizer bindingProducer, BuildProducer systemPropertyProducer) { - if (!buildTimeConfig.auth.proactive + if (!buildTimeConfig.auth().proactive() && (capabilities.isPresent(Capability.RESTEASY_REACTIVE) || capabilities.isPresent(Capability.RESTEASY))) { boolean foundTenantResolver = combinedIndexBuildItem .getIndex() diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/devui/OidcDevJsonRpcService.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/devui/OidcDevJsonRpcService.java index 2ab60d98f32fd..a05cc0746f60c 100644 --- a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/devui/OidcDevJsonRpcService.java +++ b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/devui/OidcDevJsonRpcService.java @@ -31,7 +31,7 @@ public void shutdown() { @NonBlocking public OidcDevUiRuntimePropertiesDTO getProperties() { return new OidcDevUiRuntimePropertiesDTO(props.getAuthorizationUrl(), props.getTokenUrl(), props.getLogoutUrl(), - ConfigProvider.getConfig(), httpConfiguration.port, + ConfigProvider.getConfig(), httpConfiguration.port(), props.getOidcProviderName(), props.getOidcApplicationType(), props.getOidcGrantType(), props.isIntrospectionIsAvailable(), props.getKeycloakAdminUrl(), props.getKeycloakRealms(), props.isSwaggerIsAvailable(), props.isGraphqlIsAvailable(), props.getSwaggerUiPath(), diff --git a/extensions/reactive-routes/deployment/src/main/java/io/quarkus/vertx/web/deployment/ReactiveRoutesProcessor.java b/extensions/reactive-routes/deployment/src/main/java/io/quarkus/vertx/web/deployment/ReactiveRoutesProcessor.java index daa0e059e8d5f..eba9250313f19 100644 --- a/extensions/reactive-routes/deployment/src/main/java/io/quarkus/vertx/web/deployment/ReactiveRoutesProcessor.java +++ b/extensions/reactive-routes/deployment/src/main/java/io/quarkus/vertx/web/deployment/ReactiveRoutesProcessor.java @@ -219,7 +219,7 @@ void validateBeanDeployment( // access the SecurityIdentity in a synchronous manner final boolean blocking = annotationStore.hasAnnotation(method, DotNames.BLOCKING); final boolean alwaysAuthenticateRoute; - if (!httpBuildTimeConfig.auth.proactive && !blocking) { + if (!httpBuildTimeConfig.auth().proactive() && !blocking) { final DotName returnTypeName = method.returnType().name(); // method either returns 'something' in a synchronous manner or void (in which case we can't tell) final boolean possiblySynchronousResponse = !returnTypeName.equals(DotNames.UNI) diff --git a/extensions/reactive-routes/runtime/src/main/java/io/quarkus/vertx/web/runtime/VertxWebRecorder.java b/extensions/reactive-routes/runtime/src/main/java/io/quarkus/vertx/web/runtime/VertxWebRecorder.java index e87bf25a4a50e..a9f56e70fafd3 100644 --- a/extensions/reactive-routes/runtime/src/main/java/io/quarkus/vertx/web/runtime/VertxWebRecorder.java +++ b/extensions/reactive-routes/runtime/src/main/java/io/quarkus/vertx/web/runtime/VertxWebRecorder.java @@ -56,10 +56,10 @@ public Handler runOnVirtualThread(Handler routeH } public Handler compressRouteHandler(Handler routeHandler, HttpCompression compression) { - if (httpBuildTimeConfig.enableCompression) { + if (httpBuildTimeConfig.enableCompression()) { return new HttpCompressionHandler(routeHandler, compression, compression == HttpCompression.UNDEFINED - ? Set.copyOf(httpBuildTimeConfig.compressMediaTypes.orElse(List.of())) + ? Set.copyOf(httpBuildTimeConfig.compressMediaTypes().orElse(List.of())) : Set.of()); } else { return routeHandler; diff --git a/extensions/resteasy-classic/resteasy/deployment/src/main/java/io/quarkus/resteasy/deployment/ResteasyStandaloneBuildStep.java b/extensions/resteasy-classic/resteasy/deployment/src/main/java/io/quarkus/resteasy/deployment/ResteasyStandaloneBuildStep.java index 5889caba572a5..2485a19359c23 100644 --- a/extensions/resteasy-classic/resteasy/deployment/src/main/java/io/quarkus/resteasy/deployment/ResteasyStandaloneBuildStep.java +++ b/extensions/resteasy-classic/resteasy/deployment/src/main/java/io/quarkus/resteasy/deployment/ResteasyStandaloneBuildStep.java @@ -117,7 +117,7 @@ public void boot(ShutdownContextBuildItem shutdown, final boolean noCustomAuthCompletionExMapper; final boolean noCustomAuthFailureExMapper; final boolean noCustomAuthRedirectExMapper; - if (vertxConfig.auth.proactive) { + if (vertxConfig.auth().proactive()) { noCustomAuthCompletionExMapper = notFoundCustomExMapper(AuthenticationCompletionException.class.getName(), AuthenticationCompletionExceptionMapper.class.getName(), combinedIndexBuildItem.getIndex()); noCustomAuthFailureExMapper = notFoundCustomExMapper(AuthenticationFailedException.class.getName(), @@ -135,7 +135,7 @@ public void boot(ShutdownContextBuildItem shutdown, // so that user can define failure handlers that precede exception mappers final Handler failureHandler = recorder.vertxFailureHandler(vertx.getVertx(), executorBuildItem.getExecutorProxy(), resteasyVertxConfig, noCustomAuthCompletionExMapper, - noCustomAuthFailureExMapper, noCustomAuthRedirectExMapper, vertxConfig.auth.proactive); + noCustomAuthFailureExMapper, noCustomAuthRedirectExMapper, vertxConfig.auth().proactive()); filterBuildItemBuildProducer.produce(FilterBuildItem.ofAuthenticationFailureHandler(failureHandler)); // Exact match for resources matched to the root path diff --git a/extensions/resteasy-classic/resteasy/deployment/src/test/java/io/quarkus/resteasy/test/security/AbstractSecurityEventTest.java b/extensions/resteasy-classic/resteasy/deployment/src/test/java/io/quarkus/resteasy/test/security/AbstractSecurityEventTest.java index 87b13fd62d288..fa378d4dc2731 100644 --- a/extensions/resteasy-classic/resteasy/deployment/src/test/java/io/quarkus/resteasy/test/security/AbstractSecurityEventTest.java +++ b/extensions/resteasy-classic/resteasy/deployment/src/test/java/io/quarkus/resteasy/test/security/AbstractSecurityEventTest.java @@ -64,7 +64,7 @@ public static void setupUsers() { } private boolean isProactiveAuth() { - return httpBuildTimeConfig.auth.proactive; + return httpBuildTimeConfig.auth().proactive(); } @Test diff --git a/extensions/resteasy-classic/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/standalone/ResteasyStandaloneRecorder.java b/extensions/resteasy-classic/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/standalone/ResteasyStandaloneRecorder.java index 8511466a0500c..5cbe51b818268 100644 --- a/extensions/resteasy-classic/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/standalone/ResteasyStandaloneRecorder.java +++ b/extensions/resteasy-classic/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/standalone/ResteasyStandaloneRecorder.java @@ -100,10 +100,10 @@ public Handler vertxRequestHandler(Supplier vertx, Execut if (deployment != null) { Handler handler = new VertxRequestHandler(vertx.get(), deployment, contextPath, new ResteasyVertxAllocator(config.responseBufferSize), executor, - readTimeout.getValue().readTimeout.toMillis()); + readTimeout.getValue().readTimeout().toMillis()); - Set compressMediaTypes = httpBuildTimeConfig.compressMediaTypes.map(Set::copyOf).orElse(Set.of()); - if (httpBuildTimeConfig.enableCompression && !compressMediaTypes.isEmpty()) { + Set compressMediaTypes = httpBuildTimeConfig.compressMediaTypes().map(Set::copyOf).orElse(Set.of()); + if (httpBuildTimeConfig.enableCompression() && !compressMediaTypes.isEmpty()) { // If compression is enabled and the set of compressed media types is not empty then wrap the standalone handler handler = new HttpCompressionHandler(handler, compressMediaTypes); } @@ -129,7 +129,7 @@ public Handler vertxFailureHandler(Supplier vertx, Execut // used when auth failed before RESTEasy Classic began processing the request return new VertxRequestHandler(vertx.get(), deployment, contextPath, new ResteasyVertxAllocator(config.responseBufferSize), executor, - readTimeout.getValue().readTimeout.toMillis()) { + readTimeout.getValue().readTimeout().toMillis()) { @Override public void handle(RoutingContext request) { diff --git a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/CompressionScanner.java b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/CompressionScanner.java index 2d23b70a6250d..68517881770ad 100644 --- a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/CompressionScanner.java +++ b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/CompressionScanner.java @@ -34,7 +34,7 @@ public CompressionScanner(HttpBuildTimeConfig httpBuildTimeConfig) { @Override public List scan(MethodInfo method, ClassInfo actualEndpointClass, Map methodContext) { - if (!httpBuildTimeConfig.enableCompression) { + if (!httpBuildTimeConfig.enableCompression()) { return Collections.emptyList(); } @@ -58,7 +58,7 @@ public List scan(MethodInfo method, ClassInfo actualEndp return Collections.emptyList(); } ResteasyReactiveCompressionHandler handler = new ResteasyReactiveCompressionHandler( - Set.copyOf(httpBuildTimeConfig.compressMediaTypes.orElse(Collections.emptyList()))); + Set.copyOf(httpBuildTimeConfig.compressMediaTypes().orElse(Collections.emptyList()))); handler.setCompression(compression); String[] produces = (String[]) methodContext.get(EndpointIndexer.METHOD_PRODUCES); if ((produces != null) && (produces.length > 0)) { diff --git a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java index 35ce4ab24bdde..c9ee9596bcbe4 100644 --- a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java +++ b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java @@ -1393,7 +1393,7 @@ public void setupDeployment(BeanContainerBuildItem beanContainerBuildItem, final boolean noCustomAuthCompletionExMapper; final boolean noCustomAuthFailureExMapper; final boolean noCustomAuthRedirectExMapper; - if (vertxConfig.auth.proactive) { + if (vertxConfig.auth().proactive()) { noCustomAuthCompletionExMapper = notFoundCustomExMapper(AuthenticationCompletionException.class.getName(), AuthenticationCompletionExceptionMapper.class.getName(), exceptionMapping); noCustomAuthFailureExMapper = notFoundCustomExMapper(AuthenticationFailedException.class.getName(), @@ -1408,7 +1408,7 @@ public void setupDeployment(BeanContainerBuildItem beanContainerBuildItem, } Handler failureHandler = recorder.failureHandler(restInitialHandler, noCustomAuthCompletionExMapper, - noCustomAuthFailureExMapper, noCustomAuthRedirectExMapper, vertxConfig.auth.proactive); + noCustomAuthFailureExMapper, noCustomAuthRedirectExMapper, vertxConfig.auth().proactive()); // we add failure handler right before QuarkusErrorHandler // so that user can define failure handlers that precede exception mappers diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/AbstractSecurityEventTest.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/AbstractSecurityEventTest.java index b88c862e5f85b..6c363a7f2e3e2 100644 --- a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/AbstractSecurityEventTest.java +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/AbstractSecurityEventTest.java @@ -65,7 +65,7 @@ public static void setupUsers() { } private boolean isProactiveAuth() { - return httpBuildTimeConfig.auth.proactive; + return httpBuildTimeConfig.auth().proactive(); } @Test diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRecorder.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRecorder.java index 9b438d2452ccd..85b770d30c70a 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRecorder.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRecorder.java @@ -154,7 +154,7 @@ public ResteasyReactiveRequestContext createContext(Deployment deployment, RuntimeDeploymentManager runtimeDeploymentManager = new RuntimeDeploymentManager(info, EXECUTOR_SUPPLIER, VTHREAD_EXECUTOR_SUPPLIER, closeTaskHandler, contextFactory, new ArcThreadSetupAction(beanContainer.requestContext()), - vertxConfig.rootPath); + vertxConfig.rootPath()); Deployment deployment = runtimeDeploymentManager.deploy(); DisabledRestEndpoints.set(deployment.getDisabledEndpoints()); initClassFactory.createInstance().getInstance().init(deployment); diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRuntimeRecorder.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRuntimeRecorder.java index 4722dcceccaab..f9f73901393c9 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRuntimeRecorder.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/ResteasyReactiveRuntimeRecorder.java @@ -27,18 +27,18 @@ public Supplier runtimeConfiguration(RuntimeValue maxBodySize; - if (httpConf.limits.maxBodySize.isPresent()) { - maxBodySize = Optional.of(httpConf.limits.maxBodySize.get().asLongValue()); + if (httpConf.limits().maxBodySize().isPresent()) { + maxBodySize = Optional.of(httpConf.limits().maxBodySize().get().asLongValue()); } else { maxBodySize = Optional.empty(); } - RuntimeConfiguration runtimeConfiguration = new DefaultRuntimeConfiguration(httpConf.readTimeout, - httpConf.body.deleteUploadedFilesOnEnd, httpConf.body.uploadsDirectory, - httpConf.body.multipart.fileContentTypes.orElse(null), + RuntimeConfiguration runtimeConfiguration = new DefaultRuntimeConfiguration(httpConf.readTimeout(), + httpConf.body().deleteUploadedFilesOnEnd(), httpConf.body().uploadsDirectory(), + httpConf.body().multipart().fileContentTypes().orElse(null), runtimeConf.multipart().inputPart().defaultCharset(), maxBodySize, - httpConf.limits.maxFormAttributeSize.asLongValue(), - httpConf.limits.maxParameters); + httpConf.limits().maxFormAttributeSize().asLongValue(), + httpConf.limits().maxParameters()); deployment.getValue().setRuntimeConfiguration(runtimeConfiguration); diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java index f151242574152..febcda2db2a72 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java @@ -52,7 +52,7 @@ public class EagerSecurityContext { InjectableInstance identityAssociation, AuthorizationController authorizationController, HttpBuildTimeConfig buildTimeConfig, JaxRsPathMatchingHttpSecurityPolicy jaxRsPathMatchingPolicy) { - this.isProactiveAuthDisabled = !buildTimeConfig.auth.proactive; + this.isProactiveAuthDisabled = !buildTimeConfig.auth().proactive(); this.identityAssociation = identityAssociation; this.authorizationController = authorizationController; this.eventHelper = new SecurityEventHelper<>(authorizationSuccessEvent, authorizationFailureEvent, diff --git a/extensions/security-webauthn/runtime/src/main/java/io/quarkus/security/webauthn/WebAuthnRecorder.java b/extensions/security-webauthn/runtime/src/main/java/io/quarkus/security/webauthn/WebAuthnRecorder.java index f23f509f74dd0..f338ae044bd58 100644 --- a/extensions/security-webauthn/runtime/src/main/java/io/quarkus/security/webauthn/WebAuthnRecorder.java +++ b/extensions/security-webauthn/runtime/src/main/java/io/quarkus/security/webauthn/WebAuthnRecorder.java @@ -59,7 +59,7 @@ public Supplier setupWebAuthnAuthenticationMech @Override public WebAuthnAuthenticationMechanism get() { String key; - if (!httpConfiguration.getValue().encryptionKey.isPresent()) { + if (!httpConfiguration.getValue().encryptionKey().isPresent()) { if (encryptionKey != null) { //persist across dev mode restarts key = encryptionKey; @@ -72,7 +72,7 @@ public WebAuthnAuthenticationMechanism get() { + key); } } else { - key = httpConfiguration.getValue().encryptionKey.get(); + key = httpConfiguration.getValue().encryptionKey().get(); } WebAuthnRunTimeConfig config = WebAuthnRecorder.this.config.getValue(); PersistentLoginManager loginManager = new PersistentLoginManager(key, config.cookieName(), diff --git a/extensions/smallrye-graphql/deployment/src/main/java/io/quarkus/smallrye/graphql/deployment/SmallRyeGraphQLProcessor.java b/extensions/smallrye-graphql/deployment/src/main/java/io/quarkus/smallrye/graphql/deployment/SmallRyeGraphQLProcessor.java index f63ee7467a648..4e8b55eea326c 100644 --- a/extensions/smallrye-graphql/deployment/src/main/java/io/quarkus/smallrye/graphql/deployment/SmallRyeGraphQLProcessor.java +++ b/extensions/smallrye-graphql/deployment/src/main/java/io/quarkus/smallrye/graphql/deployment/SmallRyeGraphQLProcessor.java @@ -472,7 +472,7 @@ void buildExecutionEndpoint( // Queries and Mutations boolean allowGet = getBooleanConfigValue(ConfigKey.ALLOW_GET, false); boolean allowQueryParametersOnPost = getBooleanConfigValue(ConfigKey.ALLOW_POST_WITH_QUERY_PARAMETERS, false); - boolean allowCompression = httpBuildTimeConfig.enableCompression && httpBuildTimeConfig.compressMediaTypes + boolean allowCompression = httpBuildTimeConfig.enableCompression() && httpBuildTimeConfig.compressMediaTypes() .map(mediaTypes -> mediaTypes.contains(GRAPHQL_MEDIA_TYPE)) .orElse(false); Handler executionHandler = recorder.executionHandler(graphQLInitializedBuildItem.getInitialized(), diff --git a/extensions/smallrye-health/deployment/src/main/java/io/quarkus/smallrye/health/deployment/SmallRyeHealthProcessor.java b/extensions/smallrye-health/deployment/src/main/java/io/quarkus/smallrye/health/deployment/SmallRyeHealthProcessor.java index 56e8c21c34b90..bcc0dc00c3aa7 100644 --- a/extensions/smallrye-health/deployment/src/main/java/io/quarkus/smallrye/health/deployment/SmallRyeHealthProcessor.java +++ b/extensions/smallrye-health/deployment/src/main/java/io/quarkus/smallrye/health/deployment/SmallRyeHealthProcessor.java @@ -296,7 +296,7 @@ public void includeInOpenAPIEndpoint(BuildProducer startupPathItemProducer, BuildProducer port) { - if (managementInterfaceBuildTimeConfig.enabled) { + if (managementInterfaceBuildTimeConfig.enabled()) { // Switch to the "management" port port.produce(new KubernetesProbePortNameBuildItem("management", selectSchemeForManagement())); } diff --git a/extensions/smallrye-openapi/deployment/src/main/java/io/quarkus/smallrye/openapi/deployment/SmallRyeOpenApiProcessor.java b/extensions/smallrye-openapi/deployment/src/main/java/io/quarkus/smallrye/openapi/deployment/SmallRyeOpenApiProcessor.java index 00d2a9ad6c697..592cb589a2bca 100644 --- a/extensions/smallrye-openapi/deployment/src/main/java/io/quarkus/smallrye/openapi/deployment/SmallRyeOpenApiProcessor.java +++ b/extensions/smallrye-openapi/deployment/src/main/java/io/quarkus/smallrye/openapi/deployment/SmallRyeOpenApiProcessor.java @@ -346,7 +346,7 @@ private String getManagementRoot(LaunchModeBuildItem launch, String managementRoot = nonApplicationRootPathBuildItem.resolveManagementPath("/", managementInterfaceBuildTimeConfig, launch, openApiConfig.managementEnabled); - return managementRoot.split(managementInterfaceBuildTimeConfig.rootPath)[0]; + return managementRoot.split(managementInterfaceBuildTimeConfig.rootPath())[0]; } @@ -454,7 +454,7 @@ private List getUserDefinedFilters(IndexView index, OpenApiFilter.RunSta private boolean isManagement(ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig, SmallRyeOpenApiConfig smallRyeOpenApiConfig, LaunchModeBuildItem launchModeBuildItem) { - return managementInterfaceBuildTimeConfig.enabled && smallRyeOpenApiConfig.managementEnabled + return managementInterfaceBuildTimeConfig.enabled() && smallRyeOpenApiConfig.managementEnabled && launchModeBuildItem.getLaunchMode().equals(LaunchMode.DEVELOPMENT); } diff --git a/extensions/smallrye-openapi/runtime/src/main/java/io/quarkus/smallrye/openapi/runtime/OpenApiRecorder.java b/extensions/smallrye-openapi/runtime/src/main/java/io/quarkus/smallrye/openapi/runtime/OpenApiRecorder.java index 49b3563ff4e7f..3ae9e8f4f2bc5 100644 --- a/extensions/smallrye-openapi/runtime/src/main/java/io/quarkus/smallrye/openapi/runtime/OpenApiRecorder.java +++ b/extensions/smallrye-openapi/runtime/src/main/java/io/quarkus/smallrye/openapi/runtime/OpenApiRecorder.java @@ -26,7 +26,7 @@ public OpenApiRecorder(RuntimeValue configuration) { } public Consumer corsFilter(Filter filter) { - if (configuration.getValue().corsEnabled && filter.getHandler() != null) { + if (configuration.getValue().corsEnabled() && filter.getHandler() != null) { return new Consumer() { @Override public void accept(Route route) { diff --git a/extensions/undertow/deployment/src/main/java/io/quarkus/undertow/deployment/UndertowBuildStep.java b/extensions/undertow/deployment/src/main/java/io/quarkus/undertow/deployment/UndertowBuildStep.java index 46cd9632e00f0..3cebefc0fa7ec 100644 --- a/extensions/undertow/deployment/src/main/java/io/quarkus/undertow/deployment/UndertowBuildStep.java +++ b/extensions/undertow/deployment/src/main/java/io/quarkus/undertow/deployment/UndertowBuildStep.java @@ -417,7 +417,7 @@ public ServletDeploymentManagerBuildItem build(List servlets, knownPaths.knownDirectories, launchMode.getLaunchMode(), shutdownContext, httpRootPath.relativePath(contextPath), servletConfig.defaultCharset, webMetaData.getRequestCharacterEncoding(), - webMetaData.getResponseCharacterEncoding(), httpBuildTimeConfig.auth.proactive, + webMetaData.getResponseCharacterEncoding(), httpBuildTimeConfig.auth().proactive(), webMetaData.getWelcomeFileList() != null ? webMetaData.getWelcomeFileList().getWelcomeFiles() : null, hasSecurityCapability(capabilities)); diff --git a/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/UndertowDeploymentRecorder.java b/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/UndertowDeploymentRecorder.java index 6e8fed2b0d7f0..e576d091561be 100644 --- a/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/UndertowDeploymentRecorder.java +++ b/extensions/undertow/runtime/src/main/java/io/quarkus/undertow/runtime/UndertowDeploymentRecorder.java @@ -390,8 +390,8 @@ public void run() { undertowOptions.set(UndertowOptions.MAX_PARAMETERS, servletRuntimeConfig.maxParameters); UndertowOptionMap undertowOptionMap = undertowOptions.getMap(); - Set compressMediaTypes = httpBuildTimeConfig.enableCompression - ? Set.copyOf(httpBuildTimeConfig.compressMediaTypes.get()) + Set compressMediaTypes = httpBuildTimeConfig.enableCompression() + ? Set.copyOf(httpBuildTimeConfig.compressMediaTypes().get()) : Collections.emptySet(); return new Handler() { @@ -422,11 +422,11 @@ public void handle(AsyncResult result) { }); } - Optional maxBodySize = httpConfiguration.getValue().limits.maxBodySize; + Optional maxBodySize = httpConfiguration.getValue().limits().maxBodySize(); if (maxBodySize.isPresent()) { exchange.setMaxEntitySize(maxBodySize.get().asLongValue()); } - Duration readTimeout = httpConfiguration.getValue().readTimeout; + Duration readTimeout = httpConfiguration.getValue().readTimeout(); exchange.setReadTimeout(readTimeout.toMillis()); exchange.setUndertowOptions(undertowOptionMap); diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java index 51829fb5db14e..89879c89176f9 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java @@ -121,10 +121,11 @@ AdditionalBeanBuildItem initFormAuth( HttpSecurityRecorder recorder, HttpBuildTimeConfig buildTimeConfig, BuildProducer filterBuildItemBuildProducer) { - if (buildTimeConfig.auth.form.enabled) { - if (!buildTimeConfig.auth.proactive) { - filterBuildItemBuildProducer.produce(RouteBuildItem.builder().route(buildTimeConfig.auth.form.postLocation) - .handler(recorder.formAuthPostHandler()).build()); + if (buildTimeConfig.auth().form().enabled()) { + if (!buildTimeConfig.auth().proactive()) { + filterBuildItemBuildProducer + .produce(RouteBuildItem.builder().route(buildTimeConfig.auth().form().postLocation()) + .handler(recorder.formAuthPostHandler()).build()); } return AdditionalBeanBuildItem.builder().setUnremovable().addBeanClass(FormAuthenticationMechanism.class) .setDefaultScope(SINGLETON).build(); @@ -199,7 +200,7 @@ AdditionalBeanBuildItem initBasicAuth(HttpBuildTimeConfig buildTimeConfig, .transform(ctx -> ctx.add(DefaultBean.class)))); } - if (buildTimeConfig.auth.basic.isPresent() && buildTimeConfig.auth.basic.get()) { + if (buildTimeConfig.auth().basic().isPresent() && buildTimeConfig.auth().basic().get()) { securityInformationProducer.produce(SecurityInformationBuildItem.BASIC()); } @@ -207,19 +208,19 @@ AdditionalBeanBuildItem initBasicAuth(HttpBuildTimeConfig buildTimeConfig, } private static boolean makeBasicAuthMechDefaultBean(HttpBuildTimeConfig buildTimeConfig) { - return !buildTimeConfig.auth.form.enabled && !isMtlsClientAuthenticationEnabled(buildTimeConfig) - && !buildTimeConfig.auth.basic.orElse(false); + return !buildTimeConfig.auth().form().enabled() && !isMtlsClientAuthenticationEnabled(buildTimeConfig) + && !buildTimeConfig.auth().basic().orElse(false); } private static boolean applicationBasicAuthRequired(HttpBuildTimeConfig buildTimeConfig, ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig) { //basic auth explicitly disabled - if (buildTimeConfig.auth.basic.isPresent() && !buildTimeConfig.auth.basic.get()) { + if (buildTimeConfig.auth().basic().isPresent() && !buildTimeConfig.auth().basic().get()) { return false; } - if (!buildTimeConfig.auth.basic.orElse(false)) { - if ((buildTimeConfig.auth.form.enabled || isMtlsClientAuthenticationEnabled(buildTimeConfig)) - || managementInterfaceBuildTimeConfig.auth.basic.orElse(false)) { + if (!buildTimeConfig.auth().basic().orElse(false)) { + if ((buildTimeConfig.auth().form().enabled() || isMtlsClientAuthenticationEnabled(buildTimeConfig)) + || managementInterfaceBuildTimeConfig.auth().basic().orElse(false)) { //if form auth is enabled and we are not then we don't install return false; } @@ -238,7 +239,7 @@ void setupAuthenticationMechanisms( Capabilities capabilities, HttpBuildTimeConfig buildTimeConfig, BuildProducer securityInformationProducer) { - if (!buildTimeConfig.auth.form.enabled && buildTimeConfig.auth.basic.orElse(false)) { + if (!buildTimeConfig.auth().form().enabled() && buildTimeConfig.auth().basic().orElse(false)) { securityInformationProducer.produce(SecurityInformationBuildItem.BASIC()); } @@ -267,7 +268,7 @@ void createHttpAuthenticationHandler(HttpSecurityRecorder recorder, Capabilities if (capabilities.isPresent(Capability.SECURITY)) { authenticationHandlerProducer.produce( new HttpAuthenticationHandlerBuildItem( - recorder.authenticationMechanismHandler(buildTimeConfig.auth.proactive))); + recorder.authenticationMechanismHandler(buildTimeConfig.auth().proactive()))); } } @@ -597,7 +598,7 @@ private static Stream getPolicyTargetEndpointCandidates(AnnotationTa private static void validateAuthMechanismAnnotationUsage(Capabilities capabilities, HttpBuildTimeConfig buildTimeConfig, DotName[] annotationNames) { - if (buildTimeConfig.auth.proactive + if (buildTimeConfig.auth().proactive() || (!capabilities.isPresent(Capability.RESTEASY_REACTIVE) && !capabilities.isPresent(Capability.RESTEASY))) { throw new ConfigurationException("Annotations '" + Arrays.toString(annotationNames) + "' can only be used when" + " proactive authentication is disabled and either RESTEasy Reactive or RESTEasy Classic" @@ -606,7 +607,7 @@ private static void validateAuthMechanismAnnotationUsage(Capabilities capabiliti } private static boolean isMtlsClientAuthenticationEnabled(HttpBuildTimeConfig buildTimeConfig) { - return !ClientAuth.NONE.equals(buildTimeConfig.tlsClientAuth); + return !ClientAuth.NONE.equals(buildTimeConfig.tlsClientAuth()); } private static Set collectClassMethodsWithoutRbacAnnotation(Collection classes) { diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/ManagementInterfaceSecurityProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/ManagementInterfaceSecurityProcessor.java index cf32849fcc2d6..4f1e94c70fd56 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/ManagementInterfaceSecurityProcessor.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/ManagementInterfaceSecurityProcessor.java @@ -34,7 +34,7 @@ public class ManagementInterfaceSecurityProcessor { SyntheticBeanBuildItem initBasicAuth( ManagementInterfaceSecurityRecorder recorder, ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig) { - if (managementInterfaceBuildTimeConfig.auth.basic.orElse(false)) { + if (managementInterfaceBuildTimeConfig.auth().basic().orElse(false)) { SyntheticBeanBuildItem.ExtendedBeanConfigurator configurator = SyntheticBeanBuildItem .configure(BasicAuthenticationMechanism.class) .types(HttpAuthenticationMechanism.class) @@ -74,9 +74,9 @@ void setupAuthenticationMechanisms( void createManagementAuthMechHandler(ManagementInterfaceSecurityRecorder recorder, Capabilities capabilities, ManagementInterfaceBuildTimeConfig buildTimeConfig, BuildProducer managementAuthMechHandlerProducer) { - if (buildTimeConfig.auth.enabled && capabilities.isPresent(Capability.SECURITY)) { + if (buildTimeConfig.auth().enabled() && capabilities.isPresent(Capability.SECURITY)) { managementAuthMechHandlerProducer.produce(new ManagementAuthenticationHandlerBuildItem( - recorder.managementAuthenticationHandler(buildTimeConfig.auth.proactive))); + recorder.managementAuthenticationHandler(buildTimeConfig.auth().proactive()))); } } diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItem.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItem.java index 0dc4b5e1f280c..f42a44664d6e0 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItem.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItem.java @@ -175,7 +175,7 @@ public String resolveManagementPath(String path, ManagementInterfaceBuildTimeCon if (path == null || path.trim().isEmpty()) { throw new IllegalArgumentException("Specified path can not be empty"); } - if (managementInterfaceBuildTimeConfig.enabled && extensionOverride) { + if (managementInterfaceBuildTimeConfig.enabled() && extensionOverride) { // Best effort String prefix = getManagementUrlPrefix(mode); if (managementRootPath != null) { diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/VertxHttpProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/VertxHttpProcessor.java index 0b6349b91db9a..50f70dabafcde 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/VertxHttpProcessor.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/VertxHttpProcessor.java @@ -100,7 +100,7 @@ LogCategoryBuildItem logging() { @BuildStep HttpRootPathBuildItem httpRoot(HttpBuildTimeConfig httpBuildTimeConfig) { - return new HttpRootPathBuildItem(httpBuildTimeConfig.rootPath); + return new HttpRootPathBuildItem(httpBuildTimeConfig.rootPath()); } @BuildStep @@ -120,10 +120,10 @@ List convertRoutes( NonApplicationRootPathBuildItem frameworkRoot(HttpBuildTimeConfig httpBuildTimeConfig, ManagementInterfaceBuildTimeConfig managementBuildTimeConfig) { String mrp = null; - if (managementBuildTimeConfig.enabled) { - mrp = managementBuildTimeConfig.rootPath; + if (managementBuildTimeConfig.enabled()) { + mrp = managementBuildTimeConfig.rootPath(); } - return new NonApplicationRootPathBuildItem(httpBuildTimeConfig.rootPath, httpBuildTimeConfig.nonApplicationRootPath, + return new NonApplicationRootPathBuildItem(httpBuildTimeConfig.rootPath(), httpBuildTimeConfig.nonApplicationRootPath(), mrp); } @@ -183,7 +183,7 @@ UnremovableBeanBuildItem shouldNotRemoveHttpServerOptionsCustomizers() { @BuildStep UseManagementInterfaceBuildItem useManagementInterfaceBuildItem(ManagementInterfaceBuildTimeConfig config) { - if (config.enabled) { + if (config.enabled()) { return new UseManagementInterfaceBuildItem(); } return null; @@ -213,7 +213,7 @@ public void kubernetes(BuildProducer kubernetesPorts) { public KubernetesPortBuildItem kubernetesForManagement( ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig) { return KubernetesPortBuildItem.fromRuntimeConfiguration("management", "quarkus.management.port", 9000, - managementInterfaceBuildTimeConfig.enabled); + managementInterfaceBuildTimeConfig.enabled()); } @BuildStep @@ -268,7 +268,7 @@ VertxWebRouterBuildItem initializeRouter(VertxHttpRecorder recorder, boolean frameworkRouterCreated = false; boolean mainRouterCreated = false; - boolean isManagementInterfaceEnabled = managementBuildTimeConfig.enabled; + boolean isManagementInterfaceEnabled = managementBuildTimeConfig.enabled(); if (isManagementInterfaceEnabled) { managementRouter = recorder.initializeRouter(vertx.getVertx()); } @@ -300,7 +300,7 @@ VertxWebRouterBuildItem initializeRouter(VertxHttpRecorder recorder, * To create mainrouter when `${quarkus.http.root-path}` is not {@literal /} * Refer https://github.com/quarkusio/quarkus/issues/34261 */ - if (!httpBuildTimeConfig.rootPath.equals("/") && !mainRouterCreated) { + if (!httpBuildTimeConfig.rootPath().equals("/") && !mainRouterCreated) { mainRouter = recorder.initializeRouter(vertx.getVertx()); } @@ -462,7 +462,7 @@ void openSocket(ApplicationStartBuildItem start, List websocketSubProtocols, Capabilities capabilities, VertxHttpRecorder recorder) throws IOException { - boolean startVirtual = requireVirtual.isPresent() || httpBuildTimeConfig.virtual; + boolean startVirtual = requireVirtual.isPresent() || httpBuildTimeConfig.virtual(); if (startVirtual) { reflectiveClass .produce(ReflectiveClassBuildItem.builder(VirtualServerChannel.class).reason(getClass().getName()).build()); @@ -555,8 +555,8 @@ private static boolean isSslConfigured() { @BuildStep NativeImageFeatureBuildItem Brotli4jFeature(HttpBuildTimeConfig httpBuildTimeConfig) { - if (httpBuildTimeConfig.compressors.isPresent() - && httpBuildTimeConfig.compressors.get().stream().anyMatch(s -> s.equalsIgnoreCase("br"))) { + if (httpBuildTimeConfig.compressors().isPresent() + && httpBuildTimeConfig.compressors().get().stream().anyMatch(s -> s.equalsIgnoreCase("br"))) { return new NativeImageFeatureBuildItem(Brotli4jFeature.class.getName()); } return null; diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/devmode/ConfiguredPathInfo.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/devmode/ConfiguredPathInfo.java index a2cceab2f5cee..99c62a76dbda7 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/devmode/ConfiguredPathInfo.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/devmode/ConfiguredPathInfo.java @@ -33,7 +33,7 @@ public String getEndpointPath(HttpRootPathBuildItem httpRoot) { public String getEndpointPath(NonApplicationRootPathBuildItem nonAppRoot, ManagementInterfaceBuildTimeConfig mibt, LaunchModeBuildItem mode) { - if (management && mibt.enabled) { + if (management && mibt.enabled()) { var prefix = NonApplicationRootPathBuildItem.getManagementUrlPrefix(mode); return prefix + endpointPath; } diff --git a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItemTest.java b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItemTest.java index 7cf91d24a5264..37ac7bffe61bc 100644 --- a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItemTest.java +++ b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/deployment/NonApplicationRootPathBuildItemTest.java @@ -1,13 +1,16 @@ package io.quarkus.vertx.http.deployment; import java.util.Optional; +import java.util.OptionalInt; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; import io.quarkus.deployment.builditem.LaunchModeBuildItem; import io.quarkus.runtime.LaunchMode; +import io.quarkus.vertx.http.runtime.management.ManagementAuthConfig; import io.quarkus.vertx.http.runtime.management.ManagementInterfaceBuildTimeConfig; +import io.vertx.core.http.ClientAuth; public class NonApplicationRootPathBuildItemTest { @@ -108,15 +111,13 @@ void testResolvePathWithSlashWithSlashQWithWildcards() { @Test void testResolveManagementPathWithRelativeRootPath() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = true; - managementInterfaceBuildTimeConfig.rootPath = "management"; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl(true, + "management"); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), false); NonApplicationRootPathBuildItem buildItem = new NonApplicationRootPathBuildItem("/", "q", - managementInterfaceBuildTimeConfig.rootPath); + managementInterfaceBuildTimeConfig.rootPath()); Assertions.assertEquals("/management/", buildItem.getManagementRootPath()); Assertions.assertEquals("http://localhost:9000/management/foo", buildItem.resolveManagementPath("foo", managementInterfaceBuildTimeConfig, launchModeBuildItem)); @@ -134,15 +135,13 @@ void testResolveManagementPathWithRelativeRootPath() { @Test void testResolveManagementPathWithRelativeRootPathInTestMode() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = true; - managementInterfaceBuildTimeConfig.rootPath = "management"; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl(true, + "management"); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), true); NonApplicationRootPathBuildItem buildItem = new NonApplicationRootPathBuildItem("/", "q", - managementInterfaceBuildTimeConfig.rootPath); + managementInterfaceBuildTimeConfig.rootPath()); Assertions.assertEquals("/management/", buildItem.getManagementRootPath()); Assertions.assertEquals("http://localhost:9001/management/foo", buildItem.resolveManagementPath("foo", managementInterfaceBuildTimeConfig, launchModeBuildItem)); @@ -160,10 +159,8 @@ void testResolveManagementPathWithRelativeRootPathInTestMode() { @Test void testResolveManagementPathWithRelativeRootPathAndWithManagementDisabled() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = false; - managementInterfaceBuildTimeConfig.rootPath = "management"; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl( + false, "management"); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), false); @@ -186,15 +183,13 @@ void testResolveManagementPathWithRelativeRootPathAndWithManagementDisabled() { @Test void testResolveManagementPathWithAbsoluteRootPath() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = true; - managementInterfaceBuildTimeConfig.rootPath = "/management"; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl(true, + "/management"); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), false); NonApplicationRootPathBuildItem buildItem = new NonApplicationRootPathBuildItem("/", "/q", - managementInterfaceBuildTimeConfig.rootPath); + managementInterfaceBuildTimeConfig.rootPath()); Assertions.assertEquals("/management/", buildItem.getManagementRootPath()); Assertions.assertEquals("http://localhost:9000/management/foo", buildItem.resolveManagementPath("foo", managementInterfaceBuildTimeConfig, launchModeBuildItem)); @@ -212,15 +207,13 @@ void testResolveManagementPathWithAbsoluteRootPath() { @Test void testResolveManagementPathWithEmptyRootPath() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = true; - managementInterfaceBuildTimeConfig.rootPath = ""; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl(true, + ""); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), false); NonApplicationRootPathBuildItem buildItem = new NonApplicationRootPathBuildItem("/", "/q", - managementInterfaceBuildTimeConfig.rootPath); + managementInterfaceBuildTimeConfig.rootPath()); Assertions.assertEquals("/", buildItem.getManagementRootPath()); Assertions.assertEquals("http://localhost:9000/foo", buildItem.resolveManagementPath("foo", managementInterfaceBuildTimeConfig, launchModeBuildItem)); @@ -238,18 +231,61 @@ void testResolveManagementPathWithEmptyRootPath() { @Test void testResolveManagementPathWithWithWildcards() { - ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - managementInterfaceBuildTimeConfig.enabled = true; - managementInterfaceBuildTimeConfig.rootPath = "/management"; - + ManagementInterfaceBuildTimeConfig managementInterfaceBuildTimeConfig = new ManagementInterfaceBuildTimeConfigImpl(true, + "/management"); LaunchModeBuildItem launchModeBuildItem = new LaunchModeBuildItem(LaunchMode.NORMAL, Optional.empty(), false, Optional.empty(), false); NonApplicationRootPathBuildItem buildItem = new NonApplicationRootPathBuildItem("/", "/q", - managementInterfaceBuildTimeConfig.rootPath); + managementInterfaceBuildTimeConfig.rootPath()); Assertions.assertEquals("http://localhost:9000/management/foo/*", buildItem.resolveManagementPath("foo/*", managementInterfaceBuildTimeConfig, launchModeBuildItem)); Assertions.assertEquals("http://localhost:9000/foo/*", buildItem.resolveManagementPath("/foo/*", managementInterfaceBuildTimeConfig, launchModeBuildItem)); } + + private static final class ManagementInterfaceBuildTimeConfigImpl implements ManagementInterfaceBuildTimeConfig { + private final boolean enabled; + private final String rootPath; + + public ManagementInterfaceBuildTimeConfigImpl(final boolean enabled, final String rootPath) { + this.enabled = enabled; + this.rootPath = rootPath; + } + + @Override + public boolean enabled() { + return enabled; + } + + @Override + public ManagementAuthConfig auth() { + return null; + } + + @Override + public ClientAuth tlsClientAuth() { + return null; + } + + @Override + public String rootPath() { + return rootPath; + } + + @Override + public boolean enableCompression() { + return false; + } + + @Override + public boolean enableDecompression() { + return false; + } + + @Override + public OptionalInt compressionLevel() { + return OptionalInt.empty(); + } + } } diff --git a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/devmode/ArcEndpointTest.java b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/devmode/ArcEndpointTest.java index a2644f677996e..6b7c1c99fde86 100644 --- a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/devmode/ArcEndpointTest.java +++ b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/devmode/ArcEndpointTest.java @@ -68,7 +68,7 @@ void onStart(@Observes StartupEvent event) { } void addConfigRoute(@Observes Router router) { - router.route("/console-path").handler(rc -> rc.response().end(httpConfig.nonApplicationRootPath)); + router.route("/console-path").handler(rc -> rc.response().end(httpConfig.nonApplicationRootPath())); } } diff --git a/extensions/vertx-http/runtime/pom.xml b/extensions/vertx-http/runtime/pom.xml index db881c31fbd86..9efc97e217552 100644 --- a/extensions/vertx-http/runtime/pom.xml +++ b/extensions/vertx-http/runtime/pom.xml @@ -131,9 +131,6 @@ ${project.version} - - -AlegacyConfigRoot=true - diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/devui/runtime/DevUICORSFilter.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/devui/runtime/DevUICORSFilter.java index ff8fd0c167f1e..1e41984606bfd 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/devui/runtime/DevUICORSFilter.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/devui/runtime/DevUICORSFilter.java @@ -1,5 +1,6 @@ package io.quarkus.devui.runtime; +import java.time.Duration; import java.util.List; import java.util.Optional; @@ -32,12 +33,38 @@ public DevUICORSFilter() { private static CORSFilter corsFilter() { int httpPort = ConfigProvider.getConfig().getValue(HTTP_PORT_CONFIG_PROP, int.class); int httpsPort = ConfigProvider.getConfig().getValue(HTTPS_PORT_CONFIG_PROP, int.class); - CORSConfig config = new CORSConfig(); - config.origins = Optional.of(List.of( - HTTP_LOCAL_HOST + ":" + httpPort, - HTTP_LOCAL_HOST_IP + ":" + httpPort, - HTTPS_LOCAL_HOST + ":" + httpsPort, - HTTPS_LOCAL_HOST_IP + ":" + httpsPort)); + CORSConfig config = new CORSConfig() { + @Override + public Optional> origins() { + return Optional.of(List.of(HTTP_LOCAL_HOST + ":" + httpPort, HTTP_LOCAL_HOST_IP + ":" + httpPort, + HTTPS_LOCAL_HOST + ":" + httpsPort, HTTPS_LOCAL_HOST_IP + ":" + httpsPort)); + } + + @Override + public Optional> methods() { + return Optional.empty(); + } + + @Override + public Optional> headers() { + return Optional.empty(); + } + + @Override + public Optional> exposedHeaders() { + return Optional.empty(); + } + + @Override + public Optional accessControlMaxAge() { + return Optional.empty(); + } + + @Override + public Optional accessControlAllowCredentials() { + return Optional.empty(); + } + }; return new CORSFilter(config); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AccessLogConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AccessLogConfig.java index 3f6a512f324ac..5b293245a21f1 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AccessLogConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AccessLogConfig.java @@ -2,85 +2,77 @@ import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; - -@ConfigGroup -public class AccessLogConfig { +import io.smallrye.config.WithDefault; +public interface AccessLogConfig { /** * If access logging is enabled. By default this will log via the standard logging facility */ - @ConfigItem(defaultValue = "false") - public boolean enabled; + @WithDefault("false") + boolean enabled(); /** * A regular expression that can be used to exclude some paths from logging. */ - @ConfigItem - Optional excludePattern; + Optional excludePattern(); /** * The access log pattern. - * + *

* If this is the string `common`, `combined` or `long` then this will use one of the specified named formats: - * + *

* - common: `%h %l %u %t "%r" %s %b` * - combined: `%h %l %u %t "%r" %s %b "%{i,Referer}" "%{i,User-Agent}"` * - long: `%r\n%{ALL_REQUEST_HEADERS}` - * + *

* Otherwise, consult the Quarkus documentation for the full list of variables that can be used. - * - * @asciidoclet */ - @ConfigItem(defaultValue = "common") - public String pattern; + @WithDefault("common") + String pattern(); /** * If logging should be done to a separate file. */ - @ConfigItem(defaultValue = "false") - public boolean logToFile; + @WithDefault("false") + boolean logToFile(); /** * The access log file base name, defaults to 'quarkus' which will give a log file * name of 'quarkus.log'. * */ - @ConfigItem(defaultValue = "quarkus") - public String baseFileName; + @WithDefault("quarkus") + String baseFileName(); /** * The log directory to use when logging access to a file - * + *

* If this is not set then the current working directory is used. */ - @ConfigItem - public Optional logDirectory; + Optional logDirectory(); /** * The log file suffix */ - @ConfigItem(defaultValue = ".log") - public String logSuffix; + @WithDefault(".log") + String logSuffix(); /** * The log category to use if logging is being done via the standard log mechanism (i.e. if base-file-name is empty). * */ - @ConfigItem(defaultValue = "io.quarkus.http.access-log") - public String category; + @WithDefault("io.quarkus.http.access-log") + String category(); /** * If the log should be rotated daily */ - @ConfigItem(defaultValue = "true") - public boolean rotate; + @WithDefault("true") + boolean rotate(); /** * If rerouted requests should be consolidated into one log entry */ - @ConfigItem(defaultValue = "false") - public boolean consolidateReroutedRequests; - + @WithDefault("false") + boolean consolidateReroutedRequests(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthConfig.java index d251a34e732b7..91f25185c0c0c 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthConfig.java @@ -2,39 +2,35 @@ import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * Authentication mechanism and SecurityRealm name information used for configuring HTTP auth * instance for the deployment. */ -@ConfigGroup -public class AuthConfig { +public interface AuthConfig { /** * If basic auth should be enabled. If both basic and form auth is enabled then basic auth will be enabled in silent mode. - * + *

* The basic auth is enabled by default if no authentication mechanisms are configured or Quarkus can safely * determine that basic authentication is required. */ - @ConfigItem - public Optional basic; + Optional basic(); /** * Form Auth config */ - @ConfigItem - public FormAuthConfig form; + FormAuthConfig form(); /** * If this is true and credentials are present then a user will always be authenticated * before the request progresses. - * + *

* If this is false then an attempt will only be made to authenticate the user if a permission * check is performed or the current user is required for some other reason. */ - @ConfigItem(defaultValue = "true") - public boolean proactive; + @WithDefault("true") + boolean proactive(); /** * Require that all registered HTTP authentication mechanisms must complete the authentication. @@ -58,6 +54,6 @@ public class AuthConfig { *

* This property will be ignored if the path specific authentication is enabled. */ - @ConfigItem(defaultValue = "false") - public boolean inclusive; + @WithDefault("false") + boolean inclusive(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthRuntimeConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthRuntimeConfig.java index d7dc62123aa0d..9d378a9acee73 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthRuntimeConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/AuthRuntimeConfig.java @@ -6,26 +6,24 @@ import java.util.Optional; import io.quarkus.runtime.annotations.ConfigDocMapKey; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; +import io.smallrye.config.WithName; /** * Authentication mechanism information used for configuring HTTP auth instance for the deployment. */ -@ConfigGroup -public class AuthRuntimeConfig { - +public interface AuthRuntimeConfig { /** * The HTTP permissions */ - @ConfigItem(name = "permission") - public Map permissions; + @WithName("permission") + Map permissions(); /** * The HTTP role based policies */ - @ConfigItem(name = "policy") - public Map rolePolicy; + @WithName("policy") + Map rolePolicy(); /** * Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`. @@ -34,9 +32,8 @@ public class AuthRuntimeConfig { * use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have * both `user` and `UserRole` roles. */ - @ConfigItem @ConfigDocMapKey("role-name") - public Map> rolesMapping; + Map> rolesMapping(); /** * Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles @@ -58,8 +55,8 @@ public class AuthRuntimeConfig { * * */ - @ConfigItem(defaultValue = "CN") - public String certificateRoleAttribute; + @WithDefault("CN") + String certificateRoleAttribute(); /** * Properties file containing the client certificate attribute value to role mappings. @@ -68,18 +65,15 @@ public class AuthRuntimeConfig { *

* Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8. */ - @ConfigItem - public Optional certificateRoleProperties; + Optional certificateRoleProperties(); /** * The authentication realm */ - @ConfigItem - public Optional realm; + Optional realm(); /** * Form Auth config */ - @ConfigItem - public FormAuthRuntimeConfig form; + FormAuthRuntimeConfig form(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/BodyConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/BodyConfig.java index 1c8723f7f33e4..b404a052b0111 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/BodyConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/BodyConfig.java @@ -1,14 +1,11 @@ package io.quarkus.vertx.http.runtime; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * Request body related settings */ -@ConfigGroup -public class BodyConfig { - +public interface BodyConfig { /** * Whether the files sent using {@code multipart/form-data} will be stored locally. *

@@ -18,16 +15,16 @@ public class BodyConfig { * will always return an empty collection. Note that even with this option being set to {@code false}, the * {@code multipart/form-data} requests will be accepted. */ - @ConfigItem(defaultValue = "true") - public boolean handleFileUploads; + @WithDefault("true") + boolean handleFileUploads(); /** * The directory where the files sent using {@code multipart/form-data} should be stored. *

* Either an absolute path or a path relative to the current directory of the application process. */ - @ConfigItem(defaultValue = "${java.io.tmpdir}/uploads") - public String uploadsDirectory; + @WithDefault("${java.io.tmpdir}/uploads") + String uploadsDirectory(); /** * Whether the form attributes should be added to the request parameters. @@ -35,8 +32,8 @@ public class BodyConfig { * If {@code true}, the form attributes will be added to the request parameters; otherwise the form parameters will * not be added to the request parameters */ - @ConfigItem(defaultValue = "true") - public boolean mergeFormAttributes; + @WithDefault("true") + boolean mergeFormAttributes(); /** * Whether the uploaded files should be removed after serving the request. @@ -44,8 +41,8 @@ public class BodyConfig { * If {@code true} the uploaded files stored in {@code quarkus.http.body-handler.uploads-directory} will be removed * after handling the request. Otherwise, the files will be left there forever. */ - @ConfigItem(defaultValue = "true") - public boolean deleteUploadedFilesOnEnd; + @WithDefault("true") + boolean deleteUploadedFilesOnEnd(); /** * Whether the body buffer should pre-allocated based on the {@code Content-Length} header value. @@ -53,12 +50,11 @@ public class BodyConfig { * If {@code true} the body buffer is pre-allocated according to the size read from the {@code Content-Length} * header. Otherwise, the body buffer is pre-allocated to 1KB, and is resized dynamically */ - @ConfigItem - public boolean preallocateBodyBuffer; + @WithDefault("false") + boolean preallocateBodyBuffer(); /** * HTTP multipart request related settings */ - @ConfigItem - public MultiPartConfig multipart; + MultiPartConfig multipart(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/CertificateConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/CertificateConfig.java index f2d2685d0db86..13c97b887a2a2 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/CertificateConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/CertificateConfig.java @@ -8,18 +8,14 @@ import org.eclipse.microprofile.config.spi.ConfigSource; import io.quarkus.credentials.CredentialsProvider; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.ConvertWith; import io.quarkus.runtime.configuration.TrimmedStringConverter; +import io.smallrye.config.WithConverter; /** * A certificate configuration. * Provide either the certificate and key files or a keystore. */ -@ConfigGroup -public class CertificateConfig { - +public interface CertificateConfig { /** * The {@linkplain CredentialsProvider}. * If this property is configured, then a matching 'CredentialsProvider' will be used @@ -28,9 +24,7 @@ public class CertificateConfig { * Please note that using MicroProfile {@linkplain ConfigSource} which is directly supported by Quarkus Configuration * should be preferred unless using `CredentialsProvider` provides for some additional security and dynamism. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional credentialsProvider = Optional.empty(); + Optional<@WithConverter(TrimmedStringConverter.class) String> credentialsProvider(); /** * The credentials provider bean name. @@ -41,16 +35,13 @@ public class CertificateConfig { *

* For Vault, the credentials provider bean name is {@code vault-credentials-provider}. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional credentialsProviderName = Optional.empty(); + Optional<@WithConverter(TrimmedStringConverter.class) String> credentialsProviderName(); /** * The list of path to server certificates using the PEM format. * Specifying multiple files requires SNI to be enabled. */ - @ConfigItem - public Optional> files; + Optional> files(); /** * The list of path to server certificates private key files using the PEM format. @@ -58,47 +49,41 @@ public class CertificateConfig { *

* The order of the key files must match the order of the certificates. */ - @ConfigItem - public Optional> keyFiles; + Optional> keyFiles(); /** * An optional keystore that holds the certificate information instead of specifying separate files. */ - @ConfigItem - public Optional keyStoreFile; + Optional keyStoreFile(); /** * An optional parameter to specify the type of the keystore file. * If not given, the type is automatically detected based on the file name. */ - @ConfigItem - public Optional keyStoreFileType; + Optional keyStoreFileType(); /** * An optional parameter to specify a provider of the keystore file. * If not given, the provider is automatically detected based on the keystore file type. */ - @ConfigItem - public Optional keyStoreProvider; + Optional keyStoreProvider(); /** * A parameter to specify the password of the keystore file. * If not given, and if it can not be retrieved from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider} + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem(defaultValueDocumentation = "password") - public Optional keyStorePassword; + Optional keyStorePassword(); /** * A parameter to specify a {@linkplain CredentialsProvider} property key, * which can be used to get the password of the key * store file from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider} + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem - public Optional keyStorePasswordKey; + Optional keyStorePasswordKey(); /** * An optional parameter to select a specific key in the keystore. @@ -107,111 +92,98 @@ public class CertificateConfig { * * @deprecated Use {@link #keyStoreAlias} instead. */ - @ConfigItem @Deprecated - public Optional keyStoreKeyAlias; + Optional keyStoreKeyAlias(); /** * An optional parameter to select a specific key in the keystore. * When SNI is disabled, and the keystore contains multiple * keys and no alias is specified; the behavior is undefined. */ - @ConfigItem - public Optional keyStoreAlias; + Optional keyStoreAlias(); /** * An optional parameter to define the password for the key, * in case it is different from {@link #keyStorePassword} * If not given, it might be retrieved from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider}. + * @see CertificateConfig#credentialsProvider() * @deprecated Use {@link #keyStoreAliasPassword} instead. */ @Deprecated - @ConfigItem - public Optional keyStoreKeyPassword; + Optional keyStoreKeyPassword(); /** * An optional parameter to define the password for the key, * in case it is different from {@link #keyStorePassword} * If not given, it might be retrieved from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider}. + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem - public Optional keyStoreAliasPassword; + Optional keyStoreAliasPassword(); /** * A parameter to specify a {@linkplain CredentialsProvider} property key, * which can be used to get the password for the alias from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider} + * @see CertificateConfig#credentialsProvider() * @deprecated Use {@link #keyStoreAliasPasswordKey} instead. */ - @ConfigItem @Deprecated - public Optional keyStoreKeyPasswordKey; + Optional keyStoreKeyPasswordKey(); /** * A parameter to specify a {@linkplain CredentialsProvider} property key, * which can be used to get the password for the alias from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider} + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem - public Optional keyStoreAliasPasswordKey; + Optional keyStoreAliasPasswordKey(); /** * An optional trust store that holds the certificate information of the trusted certificates. */ - @ConfigItem - public Optional trustStoreFile; + Optional trustStoreFile(); /** * An optional list of trusted certificates using the PEM format. * If you pass multiple files, you must use the PEM format. */ - @ConfigItem - public Optional> trustStoreFiles; + Optional> trustStoreFiles(); /** * An optional parameter to specify the type of the trust store file. * If not given, the type is automatically detected based on the file name. */ - @ConfigItem - public Optional trustStoreFileType; + Optional trustStoreFileType(); /** * An optional parameter to specify a provider of the trust store file. * If not given, the provider is automatically detected based on the trust store file type. */ - @ConfigItem - public Optional trustStoreProvider; + Optional trustStoreProvider(); /** * A parameter to specify the password of the trust store file. * If not given, it might be retrieved from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider}. + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem - public Optional trustStorePassword; + Optional trustStorePassword(); /** * A parameter to specify a {@linkplain CredentialsProvider} property key, * which can be used to get the password of the trust store file from {@linkplain CredentialsProvider}. * - * @see {@link #credentialsProvider} + * @see CertificateConfig#credentialsProvider() */ - @ConfigItem - public Optional trustStorePasswordKey; + Optional trustStorePasswordKey(); /** * An optional parameter to trust a single certificate from the trust store rather than trusting all certificates in the * store. */ - @ConfigItem - public Optional trustStoreCertAlias; + Optional trustStoreCertAlias(); /** * When set, the configured certificate will be reloaded after the given period. @@ -224,6 +196,5 @@ public class CertificateConfig { * IMPORTANT: It's recommended to use the TLS registry to handle the certificate reloading. *

*/ - @ConfigItem - public Optional reloadPeriod; + Optional reloadPeriod(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FilterConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FilterConfig.java index e7cfbf4aa50cc..4a01bd4e4c472 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FilterConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FilterConfig.java @@ -6,33 +6,26 @@ import java.util.OptionalInt; import io.quarkus.runtime.annotations.ConfigDocMapKey; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; - -@ConfigGroup -public class FilterConfig { +public interface FilterConfig { /** * A regular expression for the paths matching this configuration */ - @ConfigItem - public String matches; + String matches(); /** * Additional HTTP Headers always sent in the response */ - @ConfigItem @ConfigDocMapKey("header-name") - public Map header; + Map header(); /** * The HTTP methods for this path configuration */ - @ConfigItem - public Optional> methods; + Optional> methods(); /** * Order in which this path config is applied. Higher priority takes precedence */ - public OptionalInt order; + OptionalInt order(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthConfig.java index 2e6d38250c8da..781f91702bc21 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthConfig.java @@ -1,24 +1,20 @@ package io.quarkus.vertx.http.runtime; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * config for the form authentication mechanism */ -@ConfigGroup -public class FormAuthConfig { - +public interface FormAuthConfig { /** * If form authentication is enabled. */ - @ConfigItem - public boolean enabled; + @WithDefault("false") + boolean enabled(); /** * The post location. */ - @ConfigItem(defaultValue = "/j_security_check") - public String postLocation; - + @WithDefault("/j_security_check") + String postLocation(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java index b1e17b2e93cca..04093faa86f0d 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java @@ -3,18 +3,16 @@ import java.time.Duration; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * config for the form authentication mechanism */ -@ConfigGroup -public class FormAuthRuntimeConfig { +public interface FormAuthRuntimeConfig { /** * SameSite attribute values for the session and location cookies. */ - public enum CookieSameSite { + enum CookieSameSite { STRICT, LAX, NONE @@ -23,33 +21,33 @@ public enum CookieSameSite { /** * The login page. Redirect to login page can be disabled by setting `quarkus.http.auth.form.login-page=`. */ - @ConfigItem(defaultValue = "/login.html") - public Optional loginPage; + @WithDefault("/login.html") + Optional loginPage(); /** * The username field name. */ - @ConfigItem(defaultValue = "j_username") - public String usernameParameter; + @WithDefault("j_username") + String usernameParameter(); /** * The password field name. */ - @ConfigItem(defaultValue = "j_password") - public String passwordParameter; + @WithDefault("j_password") + String passwordParameter(); /** * The error page. Redirect to error page can be disabled by setting `quarkus.http.auth.form.error-page=`. */ - @ConfigItem(defaultValue = "/error.html") - public Optional errorPage; + @WithDefault("/error.html") + Optional errorPage(); /** * The landing page to redirect to if there is no saved page to redirect back to. * Redirect to landing page can be disabled by setting `quarkus.http.auth.form.landing-page=`. */ - @ConfigItem(defaultValue = "/index.html") - public Optional landingPage; + @WithDefault("/index.html") + Optional landingPage(); /** * Option to disable redirect to landingPage if there is no saved page to redirect back to. Form Auth POST is followed @@ -59,72 +57,71 @@ public enum CookieSameSite { * (via `quarkus.http.auth.form.landing-page=`). Quarkus will ignore this configuration property * if there is no landing page. */ - @ConfigItem(defaultValue = "true") + @WithDefault("true") @Deprecated - public boolean redirectAfterLogin; + boolean redirectAfterLogin(); /** * Option to control the name of the cookie used to redirect the user back * to the location they want to access. */ - @ConfigItem(defaultValue = "quarkus-redirect-location") - public String locationCookie; + @WithDefault("quarkus-redirect-location") + String locationCookie(); /** * The inactivity (idle) timeout - * + *

* When inactivity timeout is reached, cookie is not renewed and a new login is enforced. */ - @ConfigItem(defaultValue = "PT30M") - public Duration timeout; + @WithDefault("PT30M") + Duration timeout(); /** * How old a cookie can get before it will be replaced with a new cookie with an updated timeout, also * referred to as "renewal-timeout". - * + *

* Note that smaller values will result in slightly more server load (as new encrypted cookies will be * generated more often); however, larger values affect the inactivity timeout because the timeout is set * when a cookie is generated. - * + *

* For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a user's last request * is when the cookie is 9m old then the actual timeout will happen 21m after the last request because the timeout * is only refreshed when a new cookie is generated. - * + *

* That is, no timeout is tracked on the server side; the timestamp is encoded and encrypted in the cookie * itself, and it is decrypted and parsed with each request. */ - @ConfigItem(defaultValue = "PT1M") - public Duration newCookieInterval; + @WithDefault("PT1M") + Duration newCookieInterval(); /** * The cookie that is used to store the persistent session */ - @ConfigItem(defaultValue = "quarkus-credential") - public String cookieName; + @WithDefault("quarkus-credential") + String cookieName(); /** * The cookie path for the session and location cookies. */ - @ConfigItem(defaultValue = "/") - public Optional cookiePath = Optional.of("/"); + @WithDefault("/") + Optional cookiePath(); /** * Set the HttpOnly attribute to prevent access to the cookie via JavaScript. */ - @ConfigItem(defaultValue = "false") - public boolean httpOnlyCookie; + @WithDefault("false") + boolean httpOnlyCookie(); /** * SameSite attribute for the session and location cookies. */ - @ConfigItem(defaultValue = "strict") - public CookieSameSite cookieSameSite = CookieSameSite.STRICT; + @WithDefault("strict") + CookieSameSite cookieSameSite(); /** * Max-Age attribute for the session cookie. This is the amount of time the browser will keep the cookie. - * + *

* The default value is empty, which means the cookie will be kept until the browser is closed. */ - @ConfigItem - public Optional cookieMaxAge; + Optional cookieMaxAge(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardingProxyOptions.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardingProxyOptions.java index 0e9c30dae6894..511513f3e5e09 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardingProxyOptions.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardingProxyOptions.java @@ -45,19 +45,19 @@ public ForwardingProxyOptions(final boolean proxyAddressForwarding, } public static ForwardingProxyOptions from(ProxyConfig proxy) { - final boolean proxyAddressForwarding = proxy.proxyAddressForwarding; - final boolean allowForwarded = proxy.allowForwarded; - final boolean allowXForwarded = proxy.allowXForwarded.orElse(!allowForwarded); - final boolean enableForwardedHost = proxy.enableForwardedHost; - final boolean enableForwardedPrefix = proxy.enableForwardedPrefix; - final boolean enableTrustedProxyHeader = proxy.enableTrustedProxyHeader; - final boolean strictForwardedControl = proxy.strictForwardedControl; - final ForwardedPrecedence forwardedPrecedence = proxy.forwardedPrecedence; - final AsciiString forwardedPrefixHeader = AsciiString.cached(proxy.forwardedPrefixHeader); - final AsciiString forwardedHostHeader = AsciiString.cached(proxy.forwardedHostHeader); + final boolean proxyAddressForwarding = proxy.proxyAddressForwarding(); + final boolean allowForwarded = proxy.allowForwarded(); + final boolean allowXForwarded = proxy.allowXForwarded().orElse(!allowForwarded); + final boolean enableForwardedHost = proxy.enableForwardedHost(); + final boolean enableForwardedPrefix = proxy.enableForwardedPrefix(); + final boolean enableTrustedProxyHeader = proxy.enableTrustedProxyHeader(); + final boolean strictForwardedControl = proxy.strictForwardedControl(); + final ForwardedPrecedence forwardedPrecedence = proxy.forwardedPrecedence(); + final AsciiString forwardedPrefixHeader = AsciiString.cached(proxy.forwardedPrefixHeader()); + final AsciiString forwardedHostHeader = AsciiString.cached(proxy.forwardedHostHeader()); - final List parts = proxy.trustedProxies - .isPresent() ? List.copyOf(proxy.trustedProxies.get()) : List.of(); + final List parts = proxy.trustedProxies() + .isPresent() ? List.copyOf(proxy.trustedProxies().get()) : List.of(); final var proxyCheckBuilder = (!allowXForwarded && !allowForwarded) || parts.isEmpty() ? null : TrustedProxyCheckBuilder.builder(parts); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/GeneratedStaticResourcesRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/GeneratedStaticResourcesRecorder.java index 394657aa62211..9d9234d4f7621 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/GeneratedStaticResourcesRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/GeneratedStaticResourcesRecorder.java @@ -30,16 +30,16 @@ public GeneratedStaticResourcesRecorder(RuntimeValue httpConf public Handler createHandler(Set generatedClasspathResources, Map generatedFilesResources) { - if (httpBuildTimeConfig.enableCompression && httpBuildTimeConfig.compressMediaTypes.isPresent()) { - this.compressMediaTypes = Set.copyOf(httpBuildTimeConfig.compressMediaTypes.get()); + if (httpBuildTimeConfig.enableCompression() && httpBuildTimeConfig.compressMediaTypes().isPresent()) { + this.compressMediaTypes = Set.copyOf(httpBuildTimeConfig.compressMediaTypes().get()); } - StaticResourcesConfig config = httpConfiguration.getValue().staticResources; + StaticResourcesConfig config = httpConfiguration.getValue().staticResources(); DevClasspathStaticHandlerOptions options = new DevClasspathStaticHandlerOptions.Builder() - .indexPage(config.indexPage) - .enableCompression(httpBuildTimeConfig.enableCompression) + .indexPage(config.indexPage()) + .enableCompression(httpBuildTimeConfig.enableCompression()) .compressMediaTypes(compressMediaTypes) - .defaultEncoding(config.contentEncoding).build(); + .defaultEncoding(config.contentEncoding()).build(); return new DevStaticHandler(generatedClasspathResources, generatedFilesResources, options); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HeaderConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HeaderConfig.java index 98a247bf2f0cd..4257d4d419135 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HeaderConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HeaderConfig.java @@ -3,30 +3,25 @@ import java.util.List; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * Configuration that allows for setting an HTTP header */ -@ConfigGroup -public class HeaderConfig { - +public interface HeaderConfig { /** * The path this header should be applied */ - @ConfigItem(defaultValue = "/*") - public String path; + @WithDefault("/*") + String path(); /** * The value for this header configuration */ - @ConfigItem - public String value; + String value(); /** * The HTTP methods for this header configuration */ - @ConfigItem - public Optional> methods; + Optional> methods(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpBuildTimeConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpBuildTimeConfig.java index cf2be64b57883..c5492062573ef 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpBuildTimeConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpBuildTimeConfig.java @@ -5,26 +5,32 @@ import java.util.Optional; import java.util.OptionalInt; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.annotations.ConfigPhase; import io.quarkus.runtime.annotations.ConfigRoot; -import io.quarkus.runtime.annotations.ConvertWith; import io.quarkus.runtime.configuration.NormalizeRootHttpPathConverter; import io.quarkus.vertx.http.Compressed; import io.quarkus.vertx.http.Uncompressed; +import io.smallrye.config.ConfigMapping; +import io.smallrye.config.WithConverter; +import io.smallrye.config.WithDefault; +import io.smallrye.config.WithName; import io.vertx.core.http.ClientAuth; -@ConfigRoot(name = "http", phase = ConfigPhase.BUILD_AND_RUN_TIME_FIXED) -public class HttpBuildTimeConfig { - +@ConfigMapping(prefix = "quarkus.http") +@ConfigRoot(phase = ConfigPhase.BUILD_AND_RUN_TIME_FIXED) +public interface HttpBuildTimeConfig { /** * The HTTP root path. All web content will be served relative to this root path. */ - @ConfigItem(defaultValue = "/") - @ConvertWith(NormalizeRootHttpPathConverter.class) - public String rootPath; + @WithDefault("/") + @WithConverter(NormalizeRootHttpPathConverter.class) + String rootPath(); - public AuthConfig auth; + /** + * Authentication mechanism and SecurityRealm name information used for configuring HTTP auth instance for the + * deployment. + */ + AuthConfig auth(); /** * Configures the engine to require/request client authentication. @@ -34,15 +40,16 @@ public class HttpBuildTimeConfig { * plain HTTP port. If `quarkus.http.insecure-requests` is not set, but this parameter is set to {@code REQUIRED}, then, * `quarkus.http.insecure-requests` is automatically set to `disabled`. */ - @ConfigItem(name = "ssl.client-auth", defaultValue = "NONE") - public ClientAuth tlsClientAuth; + @WithName("ssl.client-auth") + @WithDefault("NONE") + ClientAuth tlsClientAuth(); /** * If this is true then only a virtual channel will be set up for vertx web. * We have this switch for testing purposes. */ - @ConfigItem - public boolean virtual; + @WithDefault("false") + boolean virtual(); /** * A common root path for non-application endpoints. Various extension-provided endpoints such as metrics, health, @@ -58,17 +65,15 @@ public class HttpBuildTimeConfig { *

* If the management interface is enabled, the root path for the endpoints exposed on the management interface * is configured using the `quarkus.management.root-path` property instead of this property. - * - * @asciidoclet */ - @ConfigItem(defaultValue = "q") - public String nonApplicationRootPath; + @WithDefault("q") + String nonApplicationRootPath(); /** * The REST Assured client timeout for testing. */ - @ConfigItem(defaultValue = "30s") - public Duration testTimeout; + @WithDefault("30s") + Duration testTimeout(); /** * If enabled then the response body is compressed if the {@code Content-Type} header is set and the value is a compressed @@ -78,8 +83,8 @@ public class HttpBuildTimeConfig { * declaratively using the annotations {@link io.quarkus.vertx.http.Compressed} and * {@link io.quarkus.vertx.http.Uncompressed}. */ - @ConfigItem - public boolean enableCompression; + @WithDefault("false") + boolean enableCompression(); /** * When enabled, vert.x will decompress the request's body if it's compressed. @@ -87,8 +92,8 @@ public class HttpBuildTimeConfig { * Note that the compression format (e.g., gzip) must be specified in the Content-Encoding header * in the request. */ - @ConfigItem - public boolean enableDecompression; + @WithDefault("false") + boolean enableDecompression(); /** * If user adds br, then brotli will be added to the list of supported compression algorithms. @@ -103,19 +108,18 @@ public class HttpBuildTimeConfig { * content-encoding: gzip * */ - @ConfigItem(defaultValue = "gzip,deflate") - public Optional> compressors; + @WithDefault("gzip,deflate") + Optional> compressors(); /** * List of media types for which the compression should be enabled automatically, unless declared explicitly via * {@link Compressed} or {@link Uncompressed}. */ - @ConfigItem(defaultValue = "text/html,text/plain,text/xml,text/css,text/javascript,application/javascript,application/json,application/graphql+json,application/xhtml+xml") - public Optional> compressMediaTypes; + @WithDefault("text/html,text/plain,text/xml,text/css,text/javascript,application/javascript,application/json,application/graphql+json,application/xhtml+xml") + Optional> compressMediaTypes(); /** * The compression level used when compression support is enabled. */ - @ConfigItem - public OptionalInt compressionLevel; + OptionalInt compressionLevel(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpConfiguration.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpConfiguration.java index 1dc81ee6a927b..867d80de56824 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpConfiguration.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/HttpConfiguration.java @@ -7,37 +7,40 @@ import io.quarkus.runtime.LaunchMode; import io.quarkus.runtime.annotations.ConfigDocSection; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.annotations.ConfigPhase; import io.quarkus.runtime.annotations.ConfigRoot; import io.quarkus.vertx.http.runtime.cors.CORSConfig; +import io.smallrye.config.ConfigMapping; +import io.smallrye.config.WithDefault; +import io.smallrye.config.WithName; +@ConfigMapping(prefix = "quarkus.http") @ConfigRoot(phase = ConfigPhase.RUN_TIME) -public class HttpConfiguration { - +public interface HttpConfiguration { /** * Authentication configuration */ @ConfigDocSection(generated = true) - public AuthRuntimeConfig auth; + AuthRuntimeConfig auth(); /** * Enable the CORS filter. */ - @ConfigItem(name = "cors") - public boolean corsEnabled; + @WithName("cors") + @WithDefault("false") + boolean corsEnabled(); /** * The HTTP port */ - @ConfigItem(defaultValue = "8080") - public int port; + @WithDefault("8080") + int port(); /** * The HTTP port used to run tests */ - @ConfigItem(defaultValue = "8081") - public int testPort; + @WithDefault("8081") + int testPort(); /** * The HTTP host @@ -52,40 +55,37 @@ public class HttpConfiguration { * defaults to 0.0.0.0 even in dev/test mode since using localhost makes the application * inaccessible. */ - @ConfigItem - public String host; + String host(); /** * Used when {@code QuarkusIntegrationTest} is meant to execute against an application that is already running and * listening on the host specified by this property. */ - @ConfigItem - public Optional testHost; + Optional testHost(); /** * Enable listening to host:port */ - @ConfigItem(defaultValue = "true") - public boolean hostEnabled; + @WithDefault("true") + boolean hostEnabled(); /** * The HTTPS port */ - @ConfigItem(defaultValue = "8443") - public int sslPort; + @WithDefault("8443") + int sslPort(); /** * The HTTPS port used to run tests */ - @ConfigItem(defaultValue = "8444") - public int testSslPort; + @WithDefault("8444") + int testSslPort(); /** * Used when {@code QuarkusIntegrationTest} is meant to execute against an application that is already running * to configure the test to use SSL. */ - @ConfigItem - public Optional testSslEnabled; + Optional testSslEnabled(); /** * If insecure (i.e. http rather than https) requests are allowed. If this is {@code enabled} @@ -97,8 +97,7 @@ public class HttpConfiguration { * {@code quarkus.http.ssl.client-auth=required}). * In this case, the default is {@code disabled}. */ - @ConfigItem - public Optional insecureRequests; + Optional insecureRequests(); /** * If this is true (the default) then HTTP/2 will be enabled. @@ -107,27 +106,27 @@ public class HttpConfiguration { * and you must be running on JDK11 or above, as JDK8 does not support * ALPN. */ - @ConfigItem(defaultValue = "true") - public boolean http2; + @WithDefault("true") + boolean http2(); /** * Enables or Disable the HTTP/2 Push feature. * This setting can be used to disable server push. The server will not send a {@code PUSH_PROMISE} frame if it * receives this parameter set to @{code false}. */ - @ConfigItem(defaultValue = "true") - public boolean http2PushEnabled; + @WithDefault("true") + boolean http2PushEnabled(); /** * The CORS config */ @ConfigDocSection(generated = true) - public CORSConfig cors; + CORSConfig cors(); /** * The SSL config */ - public ServerSslConfig ssl; + ServerSslConfig ssl(); /** * The name of the TLS configuration to use. @@ -138,21 +137,21 @@ public class HttpConfiguration { *

* If no TLS configuration is set, and {@code quarkus.tls.*} is not configured, then, `quarkus.http.ssl` will be used. */ - @ConfigItem - public Optional tlsConfigurationName; + Optional tlsConfigurationName(); /** * Static Resources. */ @ConfigDocSection(generated = true) - public StaticResourcesConfig staticResources; + StaticResourcesConfig staticResources(); /** * When set to {@code true}, the HTTP server automatically sends `100 CONTINUE` * response when the request expects it (with the `Expect: 100-Continue` header). */ - @ConfigItem(defaultValue = "false", name = "handle-100-continue-automatically") - public boolean handle100ContinueAutomatically; + @WithName("handle-100-continue-automatically") + @WithDefault("false") + boolean handle100ContinueAutomatically(); /** * The number if IO threads used to perform IO. This will be automatically set to a reasonable value based on @@ -162,33 +161,32 @@ public class HttpConfiguration { * In general this should be controlled by setting quarkus.vertx.event-loops-pool-size, this setting should only * be used if you want to limit the number of HTTP io threads to a smaller number than the total number of IO threads. */ - @ConfigItem - public OptionalInt ioThreads; + OptionalInt ioThreads(); /** * Server limits. */ @ConfigDocSection(generated = true) - public ServerLimitsConfig limits; + ServerLimitsConfig limits(); /** * Http connection idle timeout */ - @ConfigItem(defaultValue = "30M", name = "idle-timeout") - public Duration idleTimeout; + @WithDefault("30M") + Duration idleTimeout(); /** * Http connection read timeout for blocking IO. This is the maximum amount of time * a thread will wait for data, before an IOException will be thrown and the connection * closed. */ - @ConfigItem(defaultValue = "60s", name = "read-timeout") - public Duration readTimeout; + @WithDefault("60s") + Duration readTimeout(); /** * Request body related settings */ - public BodyConfig body; + BodyConfig body(); /** * The encryption key that is used to store persistent logins (e.g. for form auth). Logins are stored in a persistent @@ -197,84 +195,82 @@ public class HttpConfiguration { * If no key is provided then an in-memory one will be generated, this will change on every restart though so it * is not suitable for production environments. This must be more than 16 characters long for security reasons */ - @ConfigItem(name = "auth.session.encryption-key") - public Optional encryptionKey; + @WithName("auth.session.encryption-key") + Optional encryptionKey(); /** * Enable socket reuse port (linux/macOs native transport only) */ - @ConfigItem - public boolean soReusePort; + @WithDefault("false") + boolean soReusePort(); /** * Enable tcp quick ack (linux native transport only) */ - @ConfigItem - public boolean tcpQuickAck; + @WithDefault("false") + boolean tcpQuickAck(); /** * Enable tcp cork (linux native transport only) */ - @ConfigItem - public boolean tcpCork; + @WithDefault("false") + boolean tcpCork(); /** * Enable tcp fast open (linux native transport only) */ - @ConfigItem - public boolean tcpFastOpen; + @WithDefault("false") + boolean tcpFastOpen(); /** * The accept backlog, this is how many connections can be waiting to be accepted before connections start being rejected */ - @ConfigItem(defaultValue = "-1") - public int acceptBacklog; + @WithDefault("-1") + int acceptBacklog(); /** * Set the SETTINGS_INITIAL_WINDOW_SIZE HTTP/2 setting. * Indicates the sender's initial window size (in octets) for stream-level flow control. * The initial value is {@code 2^16-1} (65,535) octets. */ - @ConfigItem - public OptionalInt initialWindowSize; + OptionalInt initialWindowSize(); /** * Path to a unix domain socket */ - @ConfigItem(defaultValue = "/var/run/io.quarkus.app.socket") - public String domainSocket; + @WithDefault("/var/run/io.quarkus.app.socket") + String domainSocket(); /** * Enable listening to host:port */ - @ConfigItem - public boolean domainSocketEnabled; + @WithDefault("false") + boolean domainSocketEnabled(); /** * If this is true then the request start time will be recorded to enable logging of total request time. *

* This has a small performance penalty, so is disabled by default. */ - @ConfigItem - public boolean recordRequestStartTime; + @WithDefault("false") + boolean recordRequestStartTime(); /** * Access logs. */ @ConfigDocSection(generated = true) - public AccessLogConfig accessLog; + AccessLogConfig accessLog(); /** * Traffic shaping. */ @ConfigDocSection - public TrafficShapingConfig trafficShaping; + TrafficShapingConfig trafficShaping(); /** * Configuration that allows setting the same site attributes for cookies. */ - @ConfigItem - public Map sameSiteCookie; + Map sameSiteCookie(); /** * Provides a hint (optional) for the default content type of responses generated for @@ -287,50 +283,47 @@ public class HttpConfiguration { * Otherwise, it will default to the content type configured here. *

*/ - @ConfigItem - public Optional unhandledErrorContentTypeDefault; + Optional unhandledErrorContentTypeDefault(); /** * Additional HTTP Headers always sent in the response */ - @ConfigItem @ConfigDocSection(generated = true) - public Map header; + Map header(); /** * Additional HTTP configuration per path */ - @ConfigItem @ConfigDocSection(generated = true) - public Map filter; + Map filter(); /** * Proxy. */ @ConfigDocSection - public ProxyConfig proxy; + ProxyConfig proxy(); /** * WebSocket Server configuration. */ @ConfigDocSection - public WebsocketServerConfig websocketServer; + WebsocketServerConfig websocketServer(); - public int determinePort(LaunchMode launchMode) { - return launchMode == LaunchMode.TEST ? testPort : port; + default int determinePort(LaunchMode launchMode) { + return launchMode == LaunchMode.TEST ? testPort() : port(); } - public int determineSslPort(LaunchMode launchMode) { - return launchMode == LaunchMode.TEST ? testSslPort : sslPort; + default int determineSslPort(LaunchMode launchMode) { + return launchMode == LaunchMode.TEST ? testSslPort() : sslPort(); } - public enum InsecureRequests { + enum InsecureRequests { ENABLED, REDIRECT, DISABLED; } - public enum PayloadHint { + enum PayloadHint { JSON, HTML, TEXT diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/MultiPartConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/MultiPartConfig.java index 43cfe26f7ed3a..9d54892ca745c 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/MultiPartConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/MultiPartConfig.java @@ -3,26 +3,20 @@ import java.util.List; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.ConvertWith; import io.quarkus.runtime.configuration.TrimmedStringConverter; +import io.smallrye.config.WithConverter; /** - * A {@link ConfigGroup} for the settings related to HTTP multipart request handling. + * A config for the settings related to HTTP multipart request handling. */ -@ConfigGroup -public class MultiPartConfig { - +public interface MultiPartConfig { /** * A comma-separated list of {@code ContentType} to indicate whether a given multipart field should be handled as a file * part. - * + *

* You can use this setting to force HTTP-based extensions to parse a message part as a file based on its content type. - * + *

* For now, this setting only works when using RESTEasy Reactive. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional> fileContentTypes; + Optional> fileContentTypes(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyConfig.java index 301be4ec35410..5de24ab20eafd 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyConfig.java @@ -4,31 +4,25 @@ import java.util.Map; import io.quarkus.runtime.annotations.ConfigDocMapKey; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.ConvertWith; import io.quarkus.runtime.configuration.TrimmedStringConverter; -import io.quarkus.security.StringPermission; - -@ConfigGroup -public class PolicyConfig { +import io.smallrye.config.WithConverter; +import io.smallrye.config.WithDefault; +public interface PolicyConfig { /** * The roles that are allowed to access resources protected by this policy. * By default, access is allowed to any authenticated user. */ - @ConfigItem(defaultValue = "**") - @ConvertWith(TrimmedStringConverter.class) - public List rolesAllowed; + @WithDefault("**") + List<@WithConverter(TrimmedStringConverter.class) String> rolesAllowed(); /** * Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. * For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want * to remap them to a deployment specific roles. */ - @ConfigItem @ConfigDocMapKey("role-name") - public Map> roles; + Map> roles(); /** * Permissions granted to the `SecurityIdentity` if this policy is applied successfully @@ -37,9 +31,8 @@ public class PolicyConfig { * `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. * Granted permissions are used for authorization with the `@PermissionsAllowed` annotation. */ - @ConfigItem @ConfigDocMapKey("role-name") - public Map> permissions; + Map> permissions(); /** * Permissions granted by this policy will be created with a `java.security.Permission` implementation @@ -47,7 +40,6 @@ public class PolicyConfig { * that accepts permission name (`String`) or permission name and actions (`String`, `String[]`). * Permission class must be registered for reflection if you run your application in a native mode. */ - @ConfigItem(defaultValue = "io.quarkus.security.StringPermission") - public String permissionClass = StringPermission.class.getName(); - + @WithDefault("io.quarkus.security.StringPermission") + String permissionClass(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyMappingConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyMappingConfig.java index a57753af3f8b7..6c9a3aaf0db58 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyMappingConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/PolicyMappingConfig.java @@ -3,81 +3,74 @@ import java.util.List; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; - -@ConfigGroup -public class PolicyMappingConfig { +import io.smallrye.config.WithDefault; +public interface PolicyMappingConfig { /** * Determines whether the entire permission set is enabled, or not. - * + *

* By default, if the permission set is defined, it is enabled. */ - @ConfigItem - public Optional enabled; + Optional enabled(); /** * The HTTP policy that this permission set is linked to. - * + *

* There are three built-in policies: permit, deny and authenticated. Role based * policies can be defined, and extensions can add their own policies. */ - @ConfigItem - public String policy; + String policy(); /** * The methods that this permission set applies to. If this is not set then they apply to all methods. - * + *

* Note that if a request matches any path from any permission set, but does not match the constraint * due to the method not being listed then the request will be denied. - * + *

* Method specific permissions take precedence over matches that do not have any methods set. - * + *

* This means that for example if Quarkus is configured to allow GET and POST requests to /admin to * and no other permissions are configured PUT requests to /admin will be denied. * */ - @ConfigItem - public Optional> methods; + Optional> methods(); /** * The paths that this permission check applies to. If the path ends in /* then this is treated * as a path prefix, otherwise it is treated as an exact match. - * + *

* Matches are done on a length basis, so the most specific path match takes precedence. - * + *

* If multiple permission sets match the same path then explicit methods matches take precedence * over matches without methods set, otherwise the most restrictive permissions are applied. * */ - @ConfigItem - public Optional> paths; + Optional> paths(); /** * Path specific authentication mechanism which must be used to authenticate a user. - * It needs to match {@link HttpCredentialTransport} authentication scheme such as 'basic', 'bearer', 'form', etc. + * It needs to match {@link io.quarkus.vertx.http.runtime.security.HttpCredentialTransport} authentication scheme + * such as 'basic', 'bearer', 'form', etc. */ - @ConfigItem - public Optional authMechanism; + Optional authMechanism(); /** * Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. * Avoid creating more than one shared policy to minimize the performance impact. */ - @ConfigItem(defaultValue = "false") - public boolean shared; + @WithDefault("false") + boolean shared(); /** * Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources. */ - @ConfigItem(defaultValue = "ALL") - public AppliesTo appliesTo; + @WithDefault("ALL") + AppliesTo appliesTo(); /** * Specifies additional criteria on paths that should be checked. */ - public enum AppliesTo { + enum AppliesTo { /** * Apply on all matching paths. */ diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ProxyConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ProxyConfig.java index eabd1c5928085..fc0be822e8531 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ProxyConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ProxyConfig.java @@ -3,31 +3,30 @@ import java.util.List; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.ConvertWith; +import io.quarkus.runtime.annotations.ConfigDocDefault; import io.quarkus.vertx.http.runtime.TrustedProxyCheck.TrustedProxyCheckPart; +import io.smallrye.config.WithConverter; +import io.smallrye.config.WithDefault; /** * Holds configuration related with proxy addressing forward. */ -@ConfigGroup -public class ProxyConfig { +public interface ProxyConfig { /** * Set whether the server should use the HA {@code PROXY} protocol when serving requests from behind a proxy. * (see the PROXY Protocol). * When set to {@code true}, the remote address returned will be the one from the actual connecting client. * If it is set to {@code false} (default), the remote address returned will be the one from the proxy. */ - @ConfigItem(defaultValue = "false") - public boolean useProxyProtocol; + @WithDefault("false") + boolean useProxyProtocol(); /** * If this is true then the address, scheme etc. will be set from headers forwarded by the proxy server, such as * {@code X-Forwarded-For}. This should only be set if you are behind a proxy that sets these headers. */ - @ConfigItem - public boolean proxyAddressForwarding; + @WithDefault("false") + boolean proxyAddressForwarding(); /** * If this is true and proxy address forwarding is enabled then the standard {@code Forwarded} header will be used. @@ -37,8 +36,8 @@ public class ProxyConfig { * requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected * `X-Forwarded` or `X-Forwarded-*` headers from the client. */ - @ConfigItem - public boolean allowForwarded; + @WithDefault("false") + boolean allowForwarded(); /** * If either this or {@code allow-forwarded} are true and proxy address forwarding is enabled then the not standard @@ -49,21 +48,20 @@ public class ProxyConfig { * requests with a forwarded header that is not overwritten by the proxy. Therefore, proxies should strip unexpected * `X-Forwarded` or `X-Forwarded-*` headers from the client. */ - @ConfigItem - public Optional allowXForwarded; + Optional allowXForwarded(); /** * When both Forwarded and X-Forwarded headers are enabled with {@link #allowForwarded} and {@link #allowXForwarded} * respectively, enforce that the identical headers must have equal values. */ - @ConfigItem(defaultValue = "true") - public boolean strictForwardedControl; + @WithDefault("true") + boolean strictForwardedControl(); /** * Precedence of Forwarded and X-Forwarded headers when both types of headers are enabled and no strict forwarded control is * enforced. */ - public enum ForwardedPrecedence { + enum ForwardedPrecedence { FORWARDED, X_FORWARDED } @@ -78,32 +76,32 @@ public enum ForwardedPrecedence { * `https`, * then the final scheme value is `http`. If X-Forwarded has a precedence, then the final scheme value is 'https'. */ - @ConfigItem(defaultValue = "forwarded") - public ForwardedPrecedence forwardedPrecedence; + @WithDefault("forwarded") + ForwardedPrecedence forwardedPrecedence(); /** * Enable override the received request's host through a forwarded host header. */ - @ConfigItem(defaultValue = "false") - public boolean enableForwardedHost; + @WithDefault("false") + boolean enableForwardedHost(); /** * Configure the forwarded host header to be used if override enabled. */ - @ConfigItem(defaultValue = "X-Forwarded-Host") - public String forwardedHostHeader; + @WithDefault("X-Forwarded-Host") + String forwardedHostHeader(); /** * Enable prefix the received request's path with a forwarded prefix header. */ - @ConfigItem(defaultValue = "false") - public boolean enableForwardedPrefix; + @WithDefault("false") + boolean enableForwardedPrefix(); /** * Configure the forwarded prefix header to be used if prefixing enabled. */ - @ConfigItem(defaultValue = "X-Forwarded-Prefix") - public String forwardedPrefixHeader; + @WithDefault("X-Forwarded-Prefix") + String forwardedPrefixHeader(); /** * Adds the header `X-Forwarded-Trusted-Proxy` if the request is forwarded by a trusted proxy. @@ -114,8 +112,8 @@ public enum ForwardedPrecedence { *

* The `X-Forwarded-Trusted-Proxy` header is a custom header, not part of the standard `Forwarded` header. */ - @ConfigItem(defaultValue = "false") - public boolean enableTrustedProxyHeader; + @WithDefault("false") + boolean enableTrustedProxyHeader(); /** * Configure the list of trusted proxy addresses. @@ -145,8 +143,6 @@ public enum ForwardedPrecedence { *

* Please bear in mind that IPv4 CIDR won't match request sent from the IPv6 address and the other way around. */ - @ConfigItem(defaultValueDocumentation = "All proxy addresses are trusted") - @ConvertWith(TrustedProxyCheckPartConverter.class) - public Optional> trustedProxies; - + @ConfigDocDefault("All proxy addresses are trusted") + Optional> trustedProxies(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/SameSiteCookieConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/SameSiteCookieConfig.java index cad1b8b44edb4..f26fcab547b2c 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/SameSiteCookieConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/SameSiteCookieConfig.java @@ -1,40 +1,36 @@ package io.quarkus.vertx.http.runtime; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; import io.vertx.core.http.CookieSameSite; /** * Configuration that allows for automatically setting the SameSite attribute on cookies - * + *

* As some API's (Servlet, JAX-RS) don't current support this attribute this config allows * it to be set based on the cookie name pattern. */ -@ConfigGroup -public class SameSiteCookieConfig { - +public interface SameSiteCookieConfig { /** * If the cookie pattern is case-sensitive */ - @ConfigItem - public boolean caseSensitive; + @WithDefault("false") + boolean caseSensitive(); /** * The value to set in the samesite attribute */ - @ConfigItem - public CookieSameSite value; + CookieSameSite value(); /** * Some User Agents break when sent SameSite=None, this will detect them and avoid sending the value */ - @ConfigItem(defaultValue = "true") - public boolean enableClientChecker; + @WithDefault("true") + boolean enableClientChecker(); /** * If this is true then the 'secure' attribute will automatically be sent on * cookies with a SameSite attribute of None. */ - @ConfigItem(defaultValue = "true") - public boolean addSecureForNone; + @WithDefault("true") + boolean addSecureForNone(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerLimitsConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerLimitsConfig.java index 78e6c8620bb7a..2cde064bcd7b7 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerLimitsConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerLimitsConfig.java @@ -5,69 +5,66 @@ import java.util.OptionalInt; import java.util.OptionalLong; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.configuration.MemorySize; +import io.smallrye.config.WithDefault; -@ConfigGroup -public class ServerLimitsConfig { +public interface ServerLimitsConfig { /** * The maximum length of all headers. */ - @ConfigItem(defaultValue = "20K") - public MemorySize maxHeaderSize; + @WithDefault("20K") + MemorySize maxHeaderSize(); /** * The maximum size of a request body. */ - @ConfigItem(defaultValue = "10240K") - public Optional maxBodySize; + @WithDefault("10240K") + Optional maxBodySize(); /** * The max HTTP chunk size */ - @ConfigItem(defaultValue = "8192") - public MemorySize maxChunkSize; + @WithDefault("8192") + MemorySize maxChunkSize(); /** * The maximum length of the initial line (e.g. {@code "GET / HTTP/1.0"}). */ - @ConfigItem(defaultValue = "4096") - public int maxInitialLineLength; + @WithDefault("4096") + int maxInitialLineLength(); /** * The maximum length of a form attribute. */ - @ConfigItem(defaultValue = "2048") - public MemorySize maxFormAttributeSize; + @WithDefault("2048") + MemorySize maxFormAttributeSize(); /** * Set the maximum number of fields of a form. Set to {@code -1} to allow unlimited number of attributes. */ - @ConfigItem(defaultValue = "256") - public int maxFormFields; + @WithDefault("256") + int maxFormFields(); /** * Set the maximum number of bytes a server can buffer when decoding a form. * Set to {@code -1} to allow unlimited length **/ - @ConfigItem(defaultValue = "1K") - public MemorySize maxFormBufferedBytes; + @WithDefault("1K") + MemorySize maxFormBufferedBytes(); /** * The maximum number of HTTP request parameters permitted for incoming requests. *

* If a client sends more than this number of parameters in a request, the connection is closed. */ - @ConfigItem(defaultValue = "1000") - public int maxParameters; + @WithDefault("1000") + int maxParameters(); /** * The maximum number of connections that are allowed at any one time. If this is set * it is recommended to set a short idle timeout. */ - @ConfigItem - public OptionalInt maxConnections; + OptionalInt maxConnections(); /** * Set the SETTINGS_HEADER_TABLE_SIZE HTTP/2 setting. @@ -77,8 +74,7 @@ public class ServerLimitsConfig { * specific to the header compression format inside a header block. * The initial value is {@code 4,096} octets. */ - @ConfigItem - public OptionalLong headerTableSize; + OptionalLong headerTableSize(); /** * Set SETTINGS_MAX_CONCURRENT_STREAMS HTTP/2 setting. @@ -87,16 +83,14 @@ public class ServerLimitsConfig { * applies to the number of streams that the sender permits the receiver to create. Initially, there is no limit to * this value. It is recommended that this value be no smaller than 100, to not unnecessarily limit parallelism. */ - @ConfigItem - public OptionalLong maxConcurrentStreams; + OptionalLong maxConcurrentStreams(); /** * Set the SETTINGS_MAX_FRAME_SIZE HTTP/2 setting. * Indicates the size of the largest frame payload that the sender is willing to receive, in octets. * The initial value is {@code 2^14} (16,384) octets. */ - @ConfigItem - public OptionalInt maxFrameSize; + OptionalInt maxFrameSize(); /** * Set the SETTINGS_MAX_HEADER_LIST_SIZE HTTP/2 setting. @@ -105,23 +99,19 @@ public class ServerLimitsConfig { * value in octets plus an overhead of 32 octets for each header field. * The default value is {@code 8192} */ - @ConfigItem - public OptionalLong maxHeaderListSize; + OptionalLong maxHeaderListSize(); /** * Set the max number of RST frame allowed per time window, this is used to prevent * HTTP/2 RST frame flood DDOS * attacks. The default value is {@code 200}, setting zero or a negative value, disables flood protection. */ - @ConfigItem - public OptionalInt rstFloodMaxRstFramePerWindow; + OptionalInt rstFloodMaxRstFramePerWindow(); /** * Set the duration of the time window when checking the max number of RST frames, this is used to prevent * HTTP/2 RST frame flood DDOS * attacks.. The default value is {@code 30 s}, setting zero or a negative value, disables flood protection. */ - @ConfigItem - public Optional rstFloodWindowDuration; - + Optional rstFloodWindowDuration(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerSslConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerSslConfig.java index bcab41197df6f..6296b150f8f9f 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerSslConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ServerSslConfig.java @@ -4,25 +4,21 @@ import java.util.Optional; import java.util.Set; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.DefaultConverter; +import io.smallrye.config.WithDefault; /** * Shared configuration for setting up server-side SSL. */ -@ConfigGroup -public class ServerSslConfig { +public interface ServerSslConfig { /** * The server certificate configuration. */ - public CertificateConfig certificate; + CertificateConfig certificate(); /** * The cipher suites to use. If none is given, a reasonable default is selected. */ - @ConfigItem - public Optional> cipherSuites; + Optional> cipherSuites(); /** * Sets the ordered list of enabled SSL/TLS protocols. @@ -34,15 +30,14 @@ public class ServerSslConfig { * Note that setting an empty list, and enabling SSL/TLS is invalid. * You must at least have one protocol. */ - @DefaultConverter - @ConfigItem(defaultValue = "TLSv1.3,TLSv1.2") - public Set protocols; + @WithDefault("TLSv1.3,TLSv1.2") + Set protocols(); /** * Enables Server Name Indication (SNI), an TLS extension allowing the server to use multiple certificates. * The client indicate the server name during the TLS handshake, allowing the server to select the right certificate. */ - @ConfigItem(defaultValue = "false") - public boolean sni; + @WithDefault("false") + boolean sni(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesConfig.java index a2c650a813966..9905118fa8b4a 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesConfig.java @@ -3,58 +3,54 @@ import java.nio.charset.Charset; import java.time.Duration; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; - -@ConfigGroup -public class StaticResourcesConfig { +import io.smallrye.config.WithDefault; +public interface StaticResourcesConfig { /** * Set the index page when serving static resources. */ - @ConfigItem(defaultValue = "index.html") - public String indexPage; + @WithDefault("index.html") + String indexPage(); /** * Set whether hidden files should be served. */ - @ConfigItem(defaultValue = "true") - public boolean includeHidden; + @WithDefault("true") + boolean includeHidden(); /** * Set whether range requests (resumable downloads; media streaming) should be enabled. */ - @ConfigItem(defaultValue = "true") - public boolean enableRangeSupport; + @WithDefault("true") + boolean enableRangeSupport(); /** * Set whether cache handling is enabled. */ - @ConfigItem(defaultValue = "true") - public boolean cachingEnabled; + @WithDefault("true") + boolean cachingEnabled(); /** * Set the cache entry timeout. The default is {@code 30} seconds. */ - @ConfigItem(defaultValue = "30S") - public Duration cacheEntryTimeout; + @WithDefault("30S") + Duration cacheEntryTimeout(); /** * Set value for max age in caching headers. The default is {@code 24} hours. */ - @ConfigItem(defaultValue = "24H") - public Duration maxAge; + @WithDefault("24H") + Duration maxAge(); /** * Set the max cache size. */ - @ConfigItem(defaultValue = "10000") - public int maxCacheSize; + @WithDefault("10000") + int maxCacheSize(); /** * Content encoding for text related files */ - @ConfigItem(defaultValue = "UTF-8") - public Charset contentEncoding; - + @WithDefault("UTF-8") + Charset contentEncoding(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesRecorder.java index e59423d572863..333ffad5d7875 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/StaticResourcesRecorder.java @@ -39,21 +39,21 @@ public static void setHotDeploymentResources(List resources) { } public Consumer start(Set knownPaths) { - if (httpBuildTimeConfig.enableCompression && httpBuildTimeConfig.compressMediaTypes.isPresent()) { - this.compressMediaTypes = Set.copyOf(httpBuildTimeConfig.compressMediaTypes.get()); + if (httpBuildTimeConfig.enableCompression() && httpBuildTimeConfig.compressMediaTypes().isPresent()) { + this.compressMediaTypes = Set.copyOf(httpBuildTimeConfig.compressMediaTypes().get()); } List> handlers = new ArrayList<>(); - StaticResourcesConfig config = httpConfiguration.getValue().staticResources; + StaticResourcesConfig config = httpConfiguration.getValue().staticResources(); if (hotDeploymentResourcePaths != null && !hotDeploymentResourcePaths.isEmpty()) { for (Path resourcePath : hotDeploymentResourcePaths) { String root = resourcePath.toAbsolutePath().toString(); StaticHandler staticHandler = StaticHandler.create(FileSystemAccess.ROOT, root) - .setDefaultContentEncoding(config.contentEncoding.name()) + .setDefaultContentEncoding(config.contentEncoding().name()) .setCachingEnabled(false) - .setIndexPage(config.indexPage) - .setIncludeHidden(config.includeHidden) - .setEnableRangeSupport(config.enableRangeSupport); + .setIndexPage(config.indexPage()) + .setIncludeHidden(config.includeHidden()) + .setEnableRangeSupport(config.enableRangeSupport()); handlers.add(new Handler<>() { @Override public void handle(RoutingContext ctx) { @@ -73,18 +73,18 @@ public void handle(RoutingContext ctx) { ClassLoader currentCl = Thread.currentThread().getContextClassLoader(); StaticHandler staticHandler = StaticHandler.create(META_INF_RESOURCES) .setDefaultContentEncoding("UTF-8") - .setCachingEnabled(config.cachingEnabled) - .setIndexPage(config.indexPage) - .setIncludeHidden(config.includeHidden) - .setEnableRangeSupport(config.enableRangeSupport) - .setMaxCacheSize(config.maxCacheSize) - .setCacheEntryTimeout(config.cacheEntryTimeout.toMillis()) - .setMaxAgeSeconds(config.maxAge.toSeconds()); + .setCachingEnabled(config.cachingEnabled()) + .setIndexPage(config.indexPage()) + .setIncludeHidden(config.includeHidden()) + .setEnableRangeSupport(config.enableRangeSupport()) + .setMaxCacheSize(config.maxCacheSize()) + .setCacheEntryTimeout(config.cacheEntryTimeout().toMillis()) + .setMaxAgeSeconds(config.maxAge().toSeconds()); // normalize index page like StaticHandler because its not expose // TODO: create a converter to normalize filename in config.indexPage? - final String indexPage = (config.indexPage.charAt(0) == '/') - ? config.indexPage.substring(1) - : config.indexPage; + final String indexPage = (config.indexPage().charAt(0) == '/') + ? config.indexPage().substring(1) + : config.indexPage(); handlers.add(new Handler<>() { @Override public void handle(RoutingContext ctx) { @@ -122,7 +122,7 @@ public void accept(Route route) { } private void compressIfNeeded(RoutingContext ctx, String path) { - if (httpBuildTimeConfig.enableCompression && isCompressed(path)) { + if (httpBuildTimeConfig.enableCompression() && isCompressed(path)) { // VertxHttpRecorder is adding "Content-Encoding: identity" to all requests if compression is enabled. // Handlers can remove the "Content-Encoding: identity" header to enable compression. ctx.response().headers().remove(HttpHeaders.CONTENT_ENCODING); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/TrafficShapingConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/TrafficShapingConfig.java index b9a0f8c4b80b9..610f88cf2f888 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/TrafficShapingConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/TrafficShapingConfig.java @@ -3,9 +3,8 @@ import java.time.Duration; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.configuration.MemorySize; +import io.smallrye.config.WithDefault; /** * Configure the global traffic shaping functionality. @@ -24,35 +23,30 @@ * Additionally, you can set the maximum time to wait, which specifies an upper bound for time shaping. * By default, it is set to 15 seconds. */ -@ConfigGroup -public class TrafficShapingConfig { - +public interface TrafficShapingConfig { /** * Enables the traffic shaping. */ - @ConfigItem(defaultValue = "false") - public boolean enabled; + @WithDefault("false") + boolean enabled(); /** * Set bandwidth limit in bytes per second for inbound connections. * If not set, no limits are applied. */ - @ConfigItem - public Optional inboundGlobalBandwidth; + Optional inboundGlobalBandwidth(); /** * Set bandwidth limit in bytes per second for outbound connections. * If not set, no limits are applied. */ - @ConfigItem - public Optional outboundGlobalBandwidth; + Optional outboundGlobalBandwidth(); /** * Set the maximum delay to wait in case of traffic excess. * Default is 15s. Must be less than the HTTP timeout. */ - @ConfigItem - public Optional maxDelay; + Optional maxDelay(); /** * Set the delay between two computations of performances for channels. @@ -63,15 +57,12 @@ public class TrafficShapingConfig { *

* If not default, it defaults to 1s. */ - @ConfigItem - public Optional checkInterval; + Optional checkInterval(); /** * Set the maximum global write size in bytes per second allowed in the buffer globally for all channels before write * are suspended. * The default value is 400 MB. */ - @ConfigItem - public Optional peakOutboundGlobalBandwidth; - + Optional peakOutboundGlobalBandwidth(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/VertxHttpRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/VertxHttpRecorder.java index 018b9f5a9e7bf..706d506f1d861 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/VertxHttpRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/VertxHttpRecorder.java @@ -64,7 +64,6 @@ import io.quarkus.runtime.ShutdownContext; import io.quarkus.runtime.ThreadPoolConfig; import io.quarkus.runtime.annotations.Recorder; -import io.quarkus.runtime.configuration.ConfigInstantiator; import io.quarkus.runtime.configuration.ConfigUtils; import io.quarkus.runtime.configuration.MemorySize; import io.quarkus.runtime.logging.LogBuildTimeConfig; @@ -97,6 +96,8 @@ import io.smallrye.common.cpu.ProcessorInfo; import io.smallrye.common.vertx.VertxContext; import io.smallrye.config.SmallRyeConfig; +import io.smallrye.config.SmallRyeConfigBuilder; +import io.smallrye.config.SmallRyeConfigBuilderCustomizer; import io.vertx.core.AbstractVerticle; import io.vertx.core.AsyncResult; import io.vertx.core.Closeable; @@ -257,6 +258,16 @@ public static void startServerAfterFailedStart() { Vertx vertx; SmallRyeConfig config = ConfigUtils.emptyConfigBuilder() .addDiscoveredSources() + .withCustomizers(new SmallRyeConfigBuilderCustomizer() { + @Override + public void configBuilder(final SmallRyeConfigBuilder builder) { + new VertxConfigBuilder().configBuilder(builder); + } + }) + .withMapping(HttpBuildTimeConfig.class) + .withMapping(HttpConfiguration.class) + .withMapping(ManagementInterfaceBuildTimeConfig.class) + .withMapping(ManagementInterfaceConfiguration.class) .withMapping(VertxConfiguration.class) .withMapping(ThreadPoolConfig.class) .withMapping(LiveReloadConfig.class) @@ -270,22 +281,12 @@ public static void startServerAfterFailedStart() { } try { - HttpBuildTimeConfig buildConfig = new HttpBuildTimeConfig(); - ConfigInstantiator.handleObject(buildConfig); - ManagementInterfaceBuildTimeConfig managementBuildTimeConfig = new ManagementInterfaceBuildTimeConfig(); - ConfigInstantiator.handleObject(managementBuildTimeConfig); - HttpConfiguration httpConfiguration = new HttpConfiguration(); - ConfigInstantiator.handleObject(httpConfiguration); - ManagementInterfaceConfiguration managementConfig = new ManagementInterfaceConfiguration(); - ConfigInstantiator.handleObject(managementConfig); - if (httpConfiguration.host == null) { - //VertxConfigBuilder does not come into play here - httpConfiguration.host = "localhost"; - } - if (managementConfig.host == null) { - //VertxConfigBuilder does not come into play here - managementConfig.host = "localhost"; - } + HttpBuildTimeConfig httpBuildConfig = config.getConfigMapping(HttpBuildTimeConfig.class); + ManagementInterfaceBuildTimeConfig managementBuildTimeConfig = config + .getConfigMapping(ManagementInterfaceBuildTimeConfig.class); + HttpConfiguration httpConfig = config.getConfigMapping(HttpConfiguration.class); + ManagementInterfaceConfiguration managementConfig = config.getConfigMapping(ManagementInterfaceConfiguration.class); + Router router = Router.router(vertx); if (hotReplacementHandler != null) { router.route().order(RouteConstants.ROUTE_ORDER_HOT_REPLACEMENT).blockingHandler(hotReplacementHandler); @@ -300,9 +301,9 @@ public static void startServerAfterFailedStart() { } rootHandler = root; - var insecureRequestStrategy = getInsecureRequestStrategy(buildConfig, httpConfiguration.insecureRequests); + var insecureRequestStrategy = getInsecureRequestStrategy(httpBuildConfig, httpConfig.insecureRequests()); //we can't really do - doServerStart(vertx, buildConfig, managementBuildTimeConfig, null, httpConfiguration, managementConfig, + doServerStart(vertx, httpBuildConfig, managementBuildTimeConfig, null, httpConfig, managementConfig, LaunchMode.DEVELOPMENT, new Supplier() { @Override @@ -356,13 +357,13 @@ public void startServer(Supplier vertx, ShutdownContext shutdown, HttpConfiguration httpConfiguration = this.httpConfiguration.getValue(); ManagementInterfaceConfiguration managementConfig = this.managementConfiguration == null ? null : this.managementConfiguration.getValue(); - if (startSocket && (httpConfiguration.hostEnabled || httpConfiguration.domainSocketEnabled - || (managementConfig != null && managementConfig.hostEnabled) - || (managementConfig != null && managementConfig.domainSocketEnabled))) { + if (startSocket && (httpConfiguration.hostEnabled() || httpConfiguration.domainSocketEnabled() + || (managementConfig != null && managementConfig.hostEnabled()) + || (managementConfig != null && managementConfig.domainSocketEnabled()))) { // Start the server if (closeTask == null) { var insecureRequestStrategy = getInsecureRequestStrategy(httpBuildTimeConfig, - httpConfiguration.insecureRequests); + httpConfiguration.insecureRequests()); doServerStart(vertx.get(), httpBuildTimeConfig, managementBuildTimeConfig, managementRouter, httpConfiguration, managementConfig, launchMode, ioThreads, websocketSubProtocols, insecureRequestStrategy, @@ -435,10 +436,10 @@ public void finalizeRouter(BeanContainer container, Consumer defaultRoute defaultRouteHandler.accept(httpRouteRouter.route().order(RouteConstants.ROUTE_ORDER_DEFAULT)); } - applyCompression(httpBuildTimeConfig.enableCompression, httpRouteRouter); + applyCompression(httpBuildTimeConfig.enableCompression(), httpRouteRouter); httpRouteRouter.route().last().failureHandler( new QuarkusErrorHandler(launchMode.isDevOrTest(), decorateStacktrace(launchMode, logBuildTimeConfig), - httpConfiguration.unhandledErrorContentTypeDefault, srcMainJava, knowClasses, actions)); + httpConfiguration.unhandledErrorContentTypeDefault(), srcMainJava, knowClasses, actions)); for (BooleanSupplier requireBodyHandlerCondition : requireBodyHandlerConditions) { if (requireBodyHandlerCondition.getAsBoolean()) { //if this is set then everything needs the body handler installed @@ -454,12 +455,12 @@ public void handle(RoutingContext routingContext) { } } - HttpServerCommonHandlers.enforceMaxBodySize(httpConfiguration.limits, httpRouteRouter); + HttpServerCommonHandlers.enforceMaxBodySize(httpConfiguration.limits(), httpRouteRouter); // Filter Configuration per path - var filtersInConfig = httpConfiguration.filter; + var filtersInConfig = httpConfiguration.filter(); HttpServerCommonHandlers.applyFilters(filtersInConfig, httpRouteRouter); // Headers sent on any request, regardless of the response - HttpServerCommonHandlers.applyHeaders(httpConfiguration.header, httpRouteRouter); + HttpServerCommonHandlers.applyHeaders(httpConfiguration.header(), httpRouteRouter); Handler root; if (rootPath.equals("/")) { @@ -474,8 +475,8 @@ public void handle(RoutingContext routingContext) { root = mainRouter; } - warnIfProxyAddressForwardingAllowedWithMultipleHeaders(httpConfiguration.proxy); - root = HttpServerCommonHandlers.applyProxy(httpConfiguration.proxy, root, vertx); + warnIfProxyAddressForwardingAllowedWithMultipleHeaders(httpConfiguration.proxy()); + root = HttpServerCommonHandlers.applyProxy(httpConfiguration.proxy(), root, vertx); boolean quarkusWrapperNeeded = false; @@ -485,18 +486,18 @@ public void handle(RoutingContext routingContext) { quarkusWrapperNeeded = true; } - AccessLogConfig accessLog = httpConfiguration.accessLog; - if (accessLog.enabled) { + AccessLogConfig accessLog = httpConfiguration.accessLog(); + if (accessLog.enabled()) { AccessLogReceiver receiver; - if (accessLog.logToFile) { - File outputDir = accessLog.logDirectory.isPresent() ? new File(accessLog.logDirectory.get()) : new File(""); - receiver = new DefaultAccessLogReceiver(executor, outputDir, accessLog.baseFileName, accessLog.logSuffix, - accessLog.rotate); + if (accessLog.logToFile()) { + File outputDir = accessLog.logDirectory().isPresent() ? new File(accessLog.logDirectory().get()) : new File(""); + receiver = new DefaultAccessLogReceiver(executor, outputDir, accessLog.baseFileName(), accessLog.logSuffix(), + accessLog.rotate()); } else { - receiver = new JBossLoggingAccessLogReceiver(accessLog.category); + receiver = new JBossLoggingAccessLogReceiver(accessLog.category()); } setupAccessLogHandler(mainRouterRuntimeValue, httpRouterRuntimeValue, frameworkRouter, receiver, rootPath, - nonRootPath, accessLog.pattern, accessLog.consolidateReroutedRequests, accessLog.excludePattern); + nonRootPath, accessLog.pattern(), accessLog.consolidateReroutedRequests(), accessLog.excludePattern()); quarkusWrapperNeeded = true; } @@ -512,14 +513,14 @@ public void logMessage(String message) { }; setupAccessLogHandler(mainRouterRuntimeValue, httpRouterRuntimeValue, frameworkRouter, receiver, rootPath, - nonRootPath, accessLog.pattern, accessLog.consolidateReroutedRequests, - accessLog.excludePattern.or(() -> Optional.of("^" + nonRootPath + ".*"))); + nonRootPath, accessLog.pattern(), accessLog.consolidateReroutedRequests(), + accessLog.excludePattern().or(() -> Optional.of("^" + nonRootPath + ".*"))); quarkusWrapperNeeded = true; } BiConsumer cookieFunction = null; - if (!httpConfiguration.sameSiteCookie.isEmpty()) { - cookieFunction = processSameSiteConfig(httpConfiguration.sameSiteCookie); + if (!httpConfiguration.sameSiteCookie().isEmpty()) { + cookieFunction = processSameSiteConfig(httpConfiguration.sameSiteCookie()); quarkusWrapperNeeded = true; } BiConsumer cookieConsumer = cookieFunction; @@ -536,7 +537,7 @@ public void handle(HttpServerRequest event) { Handler delegate = root; root = HttpServerCommonHandlers.enforceDuplicatedContext(delegate); - if (httpConfiguration.recordRequestStartTime) { + if (httpConfiguration.recordRequestStartTime()) { httpRouteRouter.route().order(RouteConstants.ROUTE_ORDER_RECORD_START_TIME).handler(new Handler() { @Override public void handle(RoutingContext event) { @@ -561,23 +562,23 @@ public void handle(RoutingContext event) { mr.route().last().failureHandler( new QuarkusErrorHandler(launchMode.isDevOrTest(), decorateStacktrace(launchMode, logBuildTimeConfig), - httpConfiguration.unhandledErrorContentTypeDefault, srcMainJava, knowClasses, actions)); + httpConfiguration.unhandledErrorContentTypeDefault(), srcMainJava, knowClasses, actions)); mr.route().order(RouteConstants.ROUTE_ORDER_BODY_HANDLER_MANAGEMENT) .handler(createBodyHandlerForManagementInterface()); // We can use "*" here as the management interface is not expected to be used publicly. mr.route().order(RouteConstants.ROUTE_ORDER_CORS_MANAGEMENT).handler(CorsHandler.create().addOrigin("*")); - HttpServerCommonHandlers.applyFilters(managementConfiguration.getValue().filter, mr); + HttpServerCommonHandlers.applyFilters(managementConfiguration.getValue().filter(), mr); for (Filter filter : managementInterfaceFilterList) { mr.route().order(filter.getPriority()).handler(filter.getHandler()); } - HttpServerCommonHandlers.applyHeaders(managementConfiguration.getValue().header, mr); - applyCompression(managementBuildTimeConfig.enableCompression, mr); + HttpServerCommonHandlers.applyHeaders(managementConfiguration.getValue().header(), mr); + applyCompression(managementBuildTimeConfig.enableCompression(), mr); Handler handler = HttpServerCommonHandlers.enforceDuplicatedContext(mr); - handler = HttpServerCommonHandlers.applyProxy(managementConfiguration.getValue().proxy, handler, vertx); + handler = HttpServerCommonHandlers.applyProxy(managementConfiguration.getValue().proxy(), handler, vertx); int routesBeforeMiEvent = mr.getRoutes().size(); event.select(ManagementInterface.class).fire(new ManagementInterfaceImpl(mr)); @@ -658,9 +659,9 @@ public void handle(RoutingContext ctx) { } private void warnIfProxyAddressForwardingAllowedWithMultipleHeaders(ProxyConfig proxyConfig) { - boolean proxyAddressForwardingActivated = proxyConfig.proxyAddressForwarding; - boolean forwardedActivated = proxyConfig.allowForwarded; - boolean xForwardedActivated = proxyConfig.allowXForwarded.orElse(!forwardedActivated); + boolean proxyAddressForwardingActivated = proxyConfig.proxyAddressForwarding(); + boolean forwardedActivated = proxyConfig.allowForwarded(); + boolean xForwardedActivated = proxyConfig.allowXForwarded().orElse(!forwardedActivated); if (proxyAddressForwardingActivated && forwardedActivated && xForwardedActivated) { LOGGER.warn( @@ -676,7 +677,7 @@ private static CompletableFuture initializeManagementInterfaceWithDo ManagementInterfaceConfiguration managementConfig, List websocketSubProtocols) { CompletableFuture managementInterfaceDomainSocketFuture = new CompletableFuture<>(); - if (!managementBuildTimeConfig.enabled || managementRouter == null || managementConfig == null) { + if (!managementBuildTimeConfig.enabled() || managementRouter == null || managementConfig == null) { managementInterfaceDomainSocketFuture.complete(null); return managementInterfaceDomainSocketFuture; } @@ -711,7 +712,7 @@ private static CompletableFuture initializeManagementInterface(Vertx List websocketSubProtocols, TlsConfigurationRegistry registry) throws IOException { httpManagementServerOptions = null; CompletableFuture managementInterfaceFuture = new CompletableFuture<>(); - if (!managementBuildTimeConfig.enabled || managementRouter == null || managementConfig == null) { + if (!managementBuildTimeConfig.enabled() || managementRouter == null || managementConfig == null) { managementInterfaceFuture.complete(null); return managementInterfaceFuture; } @@ -737,11 +738,11 @@ private static CompletableFuture initializeManagementInterface(Vertx + httpManagementServerOptions.getPort(), ar.cause())); } else { if (httpManagementServerOptions.isSsl() - && (managementConfig.ssl.certificate.reloadPeriod.isPresent())) { + && (managementConfig.ssl().certificate().reloadPeriod().isPresent())) { try { long l = TlsCertificateReloader.initCertReloadingAction( - vertx, ar.result(), httpManagementServerOptions, managementConfig.ssl, registry, - managementConfig.tlsConfigurationName); + vertx, ar.result(), httpManagementServerOptions, managementConfig.ssl(), registry, + managementConfig.tlsConfigurationName()); if (l != -1) { refresTaskIds.add(l); } @@ -754,7 +755,7 @@ private static CompletableFuture initializeManagementInterface(Vertx if (httpManagementServerOptions.isSsl()) { CDI.current().select(HttpCertificateUpdateEventListener.class).get() .register(ar.result(), - managementConfig.tlsConfigurationName.orElse(TlsConfig.DEFAULT_NAME), + managementConfig.tlsConfigurationName().orElse(TlsConfig.DEFAULT_NAME), "management interface"); } @@ -787,7 +788,7 @@ private static CompletableFuture initializeMainHttpServer(Vertx vertx, H TlsConfigurationRegistry registry) throws IOException { - if (!httpConfiguration.hostEnabled && !httpConfiguration.domainSocketEnabled) { + if (!httpConfiguration.hostEnabled() && !httpConfiguration.domainSocketEnabled()) { return CompletableFuture.completedFuture(null); } @@ -831,8 +832,8 @@ private static CompletableFuture initializeMainHttpServer(Vertx vertx, H int eventLoopCount = eventLoops.get(); final int ioThreads; - if (httpConfiguration.ioThreads.isPresent()) { - ioThreads = Math.min(httpConfiguration.ioThreads.getAsInt(), eventLoopCount); + if (httpConfiguration.ioThreads().isPresent()) { + ioThreads = Math.min(httpConfiguration.ioThreads().getAsInt(), eventLoopCount); } else if (launchMode.isDevOrTest()) { ioThreads = Math.min(2, eventLoopCount); //Don't start ~100 threads to run a couple unit tests } else { @@ -1054,7 +1055,7 @@ private static boolean isWSL() { private static HttpServerOptions createHttpServerOptions( HttpBuildTimeConfig buildTimeConfig, HttpConfiguration httpConfiguration, LaunchMode launchMode, List websocketSubProtocols) { - if (!httpConfiguration.hostEnabled) { + if (!httpConfiguration.hostEnabled()) { return null; } // TODO other config properties @@ -1064,8 +1065,8 @@ private static HttpServerOptions createHttpServerOptions( HttpServerOptionsUtils.applyCommonOptions(options, buildTimeConfig, httpConfiguration, websocketSubProtocols); - httpConfiguration.websocketServer.maxFrameSize.ifPresent(s -> options.setMaxWebSocketFrameSize(s)); - httpConfiguration.websocketServer.maxMessageSize.ifPresent(s -> options.setMaxWebSocketMessageSize(s)); + httpConfiguration.websocketServer().maxFrameSize().ifPresent(s -> options.setMaxWebSocketFrameSize(s)); + httpConfiguration.websocketServer().maxMessageSize().ifPresent(s -> options.setMaxWebSocketMessageSize(s)); return options; } @@ -1073,7 +1074,7 @@ private static HttpServerOptions createHttpServerOptions( private static HttpServerOptions createHttpServerOptionsForManagementInterface( ManagementInterfaceBuildTimeConfig buildTimeConfig, ManagementInterfaceConfiguration httpConfiguration, LaunchMode launchMode, List websocketSubProtocols) { - if (!httpConfiguration.hostEnabled) { + if (!httpConfiguration.hostEnabled()) { return null; } HttpServerOptions options = new HttpServerOptions(); @@ -1089,22 +1090,22 @@ private static HttpServerOptions createHttpServerOptionsForManagementInterface( private static HttpServerOptions createDomainSocketOptions( HttpBuildTimeConfig buildTimeConfig, HttpConfiguration httpConfiguration, List websocketSubProtocols) { - if (!httpConfiguration.domainSocketEnabled) { + if (!httpConfiguration.domainSocketEnabled()) { return null; } HttpServerOptions options = new HttpServerOptions(); HttpServerOptionsUtils.applyCommonOptions(options, buildTimeConfig, httpConfiguration, websocketSubProtocols); // Override the host (0.0.0.0 by default) with the configured domain socket. - options.setHost(httpConfiguration.domainSocket); + options.setHost(httpConfiguration.domainSocket()); // Check if we can write into the domain socket directory // We can do this check using a blocking API as the execution is done from the main thread (not an I/O thread) - File file = new File(httpConfiguration.domainSocket); + File file = new File(httpConfiguration.domainSocket()); if (!file.getParentFile().canWrite()) { LOGGER.warnf( "Unable to write in the domain socket directory (`%s`). Binding to the socket is likely going to fail.", - httpConfiguration.domainSocket); + httpConfiguration.domainSocket()); } return options; @@ -1113,7 +1114,7 @@ private static HttpServerOptions createDomainSocketOptions( private static HttpServerOptions createDomainSocketOptionsForManagementInterface( ManagementInterfaceBuildTimeConfig buildTimeConfig, ManagementInterfaceConfiguration httpConfiguration, List websocketSubProtocols) { - if (!httpConfiguration.domainSocketEnabled) { + if (!httpConfiguration.domainSocketEnabled()) { return null; } HttpServerOptions options = new HttpServerOptions(); @@ -1121,15 +1122,15 @@ private static HttpServerOptions createDomainSocketOptionsForManagementInterface HttpServerOptionsUtils.applyCommonOptionsForManagementInterface(options, buildTimeConfig, httpConfiguration, websocketSubProtocols); // Override the host (0.0.0.0 by default) with the configured domain socket. - options.setHost(httpConfiguration.domainSocket); + options.setHost(httpConfiguration.domainSocket()); // Check if we can write into the domain socket directory // We can do this check using a blocking API as the execution is done from the main thread (not an I/O thread) - File file = new File(httpConfiguration.domainSocket); + File file = new File(httpConfiguration.domainSocket()); if (!file.getParentFile().canWrite()) { LOGGER.warnf( "Unable to write in the domain socket directory (`%s`). Binding to the socket is likely going to fail.", - httpConfiguration.domainSocket); + httpConfiguration.domainSocket()); } return options; @@ -1320,12 +1321,12 @@ private void setupTcpHttpServer(HttpServer httpServer, HttpServerOptions options Promise startFuture, AtomicInteger remainingCount, AtomicInteger currentConnectionCount, ArcContainer container, boolean notifyStartObservers) { - if (quarkusConfig.limits.maxConnections.isPresent() && quarkusConfig.limits.maxConnections.getAsInt() > 0) { + if (quarkusConfig.limits().maxConnections().isPresent() && quarkusConfig.limits().maxConnections().getAsInt() > 0) { var tracker = vertx.isMetricsEnabled() ? ((ExtendedQuarkusVertxHttpMetrics) ((VertxInternal) vertx).metricsSPI()).getHttpConnectionTracker() : ExtendedQuarkusVertxHttpMetrics.NOOP_CONNECTION_TRACKER; - final int maxConnections = quarkusConfig.limits.maxConnections.getAsInt(); + final int maxConnections = quarkusConfig.limits().maxConnections().getAsInt(); tracker.initialize(maxConnections, currentConnectionCount); httpServer.connectionHandler(new Handler() { @@ -1383,11 +1384,11 @@ public void handle(AsyncResult event) { portSystemProperties.set(schema, actualPort, launchMode); } - if (https && (quarkusConfig.ssl.certificate.reloadPeriod.isPresent())) { + if (https && (quarkusConfig.ssl().certificate().reloadPeriod().isPresent())) { try { long l = TlsCertificateReloader.initCertReloadingAction( - vertx, httpsServer, httpsOptions, quarkusConfig.ssl, registry, - quarkusConfig.tlsConfigurationName); + vertx, httpsServer, httpsOptions, quarkusConfig.ssl(), registry, + quarkusConfig.tlsConfigurationName()); if (l != -1) { reloadingTasks.add(l); } @@ -1399,7 +1400,8 @@ public void handle(AsyncResult event) { if (https) { container.instance(HttpCertificateUpdateEventListener.class).get() - .register(event.result(), quarkusConfig.tlsConfigurationName.orElse(TlsConfig.DEFAULT_NAME), + .register(event.result(), + quarkusConfig.tlsConfigurationName().orElse(TlsConfig.DEFAULT_NAME), "http server"); } @@ -1581,11 +1583,11 @@ private static Handler configureAndGetBody(Optional if (maxBodySize.isPresent()) { bodyHandler.setBodyLimit(maxBodySize.get().asLongValue()); } - bodyHandler.setHandleFileUploads(bodyConfig.handleFileUploads); - bodyHandler.setUploadsDirectory(bodyConfig.uploadsDirectory); - bodyHandler.setDeleteUploadedFilesOnEnd(bodyConfig.deleteUploadedFilesOnEnd); - bodyHandler.setMergeFormAttributes(bodyConfig.mergeFormAttributes); - bodyHandler.setPreallocateBodyBuffer(bodyConfig.preallocateBodyBuffer); + bodyHandler.setHandleFileUploads(bodyConfig.handleFileUploads()); + bodyHandler.setUploadsDirectory(bodyConfig.uploadsDirectory()); + bodyHandler.setDeleteUploadedFilesOnEnd(bodyConfig.deleteUploadedFilesOnEnd()); + bodyHandler.setMergeFormAttributes(bodyConfig.mergeFormAttributes()); + bodyHandler.setPreallocateBodyBuffer(bodyConfig.preallocateBodyBuffer()); return new Handler() { @Override public void handle(RoutingContext event) { @@ -1625,13 +1627,13 @@ public void run() { } public Handler createBodyHandler() { - Optional maxBodySize = httpConfiguration.getValue().limits.maxBodySize; - return configureAndGetBody(maxBodySize, httpConfiguration.getValue().body); + Optional maxBodySize = httpConfiguration.getValue().limits().maxBodySize(); + return configureAndGetBody(maxBodySize, httpConfiguration.getValue().body()); } public Handler createBodyHandlerForManagementInterface() { - Optional maxBodySize = managementConfiguration.getValue().limits.maxBodySize; - return configureAndGetBody(maxBodySize, managementConfiguration.getValue().body); + Optional maxBodySize = managementConfiguration.getValue().limits().maxBodySize(); + return configureAndGetBody(maxBodySize, managementConfiguration.getValue().body()); } private static final List CAN_HAVE_BODY = Arrays.asList(HttpMethod.POST, HttpMethod.PUT, HttpMethod.PATCH, @@ -1643,24 +1645,24 @@ private BiConsumer processSameSiteConfig(Map last = null; for (Map.Entry entry : new TreeMap<>(httpConfiguration).entrySet()) { - Pattern p = Pattern.compile(entry.getKey(), entry.getValue().caseSensitive ? 0 : Pattern.CASE_INSENSITIVE); + Pattern p = Pattern.compile(entry.getKey(), entry.getValue().caseSensitive() ? 0 : Pattern.CASE_INSENSITIVE); BiFunction biFunction = new BiFunction() { @Override public Boolean apply(Cookie cookie, HttpServerRequest request) { if (p.matcher(cookie.getName()).matches()) { - if (entry.getValue().value == CookieSameSite.NONE) { - if (entry.getValue().enableClientChecker) { + if (entry.getValue().value() == CookieSameSite.NONE) { + if (entry.getValue().enableClientChecker()) { String userAgent = request.getHeader(HttpHeaders.USER_AGENT); if (userAgent != null && SameSiteNoneIncompatibleClientChecker.isSameSiteNoneIncompatible(userAgent)) { return false; } } - if (entry.getValue().addSecureForNone) { + if (entry.getValue().addSecureForNone()) { cookie.setSecure(true); } } - cookie.setSameSite(entry.getValue().value); + cookie.setSameSite(entry.getValue().value()); return true; } return false; diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/WebsocketServerConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/WebsocketServerConfig.java index 36437308a3f97..975a16b36064d 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/WebsocketServerConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/WebsocketServerConfig.java @@ -2,31 +2,23 @@ import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; - /** * Configure the Vert.X HTTP Server for WebSocker Server connection. */ -@ConfigGroup -public class WebsocketServerConfig { - +public interface WebsocketServerConfig { /** * The maximum amount of data that can be sent in a single frame. - * + *

* Messages larger than this must be broken up into continuation frames. - * + *

* Default 65536 (from HttpServerOptions of Vert.X HttpServerOptions) */ - @ConfigItem - public Optional maxFrameSize; + Optional maxFrameSize(); /** * The maximum WebSocket message size. - * + *

* Default 262144 (from HttpServerOptions of Vert.X HttpServerOptions) */ - @ConfigItem - public Optional maxMessageSize; - + Optional maxMessageSize(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSConfig.java index e0ff22093891a..9dcdbb7da8a0f 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSConfig.java @@ -4,88 +4,62 @@ import java.util.List; import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; -import io.quarkus.runtime.annotations.ConvertWith; import io.quarkus.runtime.configuration.TrimmedStringConverter; +import io.smallrye.config.WithConverter; -@ConfigGroup -public class CORSConfig { - +public interface CORSConfig { /** * The origins allowed for CORS. - * + *

* A comma-separated list of valid URLs, such as `http://www.quarkus.io,http://localhost:3000`. * URLs enclosed in forward slashes are interpreted as regular expressions. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional> origins = Optional.empty(); + Optional> origins(); /** * The HTTP methods allowed for CORS requests. - * + *

* A comma-separated list of valid HTTP methods, such as `GET,PUT,POST`. * If not set, the filter allows any HTTP method by default. - * + *

* Default: Any HTTP request method is allowed. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional> methods = Optional.empty(); + Optional> methods(); /** * The HTTP headers allowed for CORS requests. - * + *

* A comma-separated list of valid headers, such as `X-Custom,Content-Disposition`. * If not set, the filter allows any header by default. - * + *

* Default: Any HTTP request header is allowed. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional> headers = Optional.empty(); + Optional> headers(); /** * The HTTP headers exposed in CORS responses. - * + *

* A comma-separated list of headers to expose, such as `X-Custom,Content-Disposition`. - * + *

* Default: No headers are exposed. */ - @ConfigItem - @ConvertWith(TrimmedStringConverter.class) - public Optional> exposedHeaders = Optional.empty(); + Optional> exposedHeaders(); /** * The `Access-Control-Max-Age` response header value in {@link java.time.Duration} format. - * + *

* Informs the browser how long it can cache the results of a preflight request. */ - @ConfigItem - public Optional accessControlMaxAge = Optional.empty(); + Optional accessControlMaxAge(); /** * The `Access-Control-Allow-Credentials` response header. - * + *

* Tells browsers if front-end JavaScript can be allowed to access credentials when the request's credentials mode, * `Request.credentials`, is set to `include`. - * + *

* Default: `true` if the `quarkus.http.cors.origins` property is set * and matches the precise `Origin` header value. */ - @ConfigItem - public Optional accessControlAllowCredentials = Optional.empty(); - - @Override - public String toString() { - return "CORSConfig{" + - "origins=" + origins + - ", methods=" + methods + - ", headers=" + headers + - ", exposedHeaders=" + exposedHeaders + - ", accessControlMaxAge=" + accessControlMaxAge + - ", accessControlAllowCredentials=" + accessControlAllowCredentials + - '}'; - } + Optional accessControlAllowCredentials(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java index 9ecd59b373ec5..3f9cd18c9ca9b 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSFilter.java @@ -39,13 +39,13 @@ public class CORSFilter implements Handler { public CORSFilter(CORSConfig corsConfig) { this.corsConfig = corsConfig; - this.wildcardOrigin = isOriginConfiguredWithWildcard(this.corsConfig.origins); - this.wildcardMethod = isConfiguredWithWildcard(corsConfig.methods); - this.allowedOriginsRegex = this.wildcardOrigin ? List.of() : parseAllowedOriginsRegex(this.corsConfig.origins); - this.configuredHttpMethods = createConfiguredHttpMethods(this.corsConfig.methods); - this.exposedHeaders = createHeaderString(this.corsConfig.exposedHeaders); - this.allowedHeaders = createHeaderString(this.corsConfig.headers); - this.allowedMethods = createHeaderString(this.corsConfig.methods); + this.wildcardOrigin = isOriginConfiguredWithWildcard(this.corsConfig.origins()); + this.wildcardMethod = isConfiguredWithWildcard(corsConfig.methods()); + this.allowedOriginsRegex = this.wildcardOrigin ? List.of() : parseAllowedOriginsRegex(this.corsConfig.origins()); + this.configuredHttpMethods = createConfiguredHttpMethods(this.corsConfig.methods()); + this.exposedHeaders = createHeaderString(this.corsConfig.exposedHeaders()); + this.allowedHeaders = createHeaderString(this.corsConfig.headers()); + this.allowedMethods = createHeaderString(this.corsConfig.methods()); } private String createHeaderString(Optional> headers) { @@ -146,10 +146,10 @@ public void handle(RoutingContext event) { //for both normal and preflight requests we need to check the origin boolean allowsOrigin = wildcardOrigin; - boolean originMatches = !wildcardOrigin && corsConfig.origins.isPresent() && - (corsConfig.origins.get().contains(origin) || isOriginAllowedByRegex(allowedOriginsRegex, origin)); + boolean originMatches = !wildcardOrigin && corsConfig.origins().isPresent() && + (corsConfig.origins().get().contains(origin) || isOriginAllowedByRegex(allowedOriginsRegex, origin)); if (!allowsOrigin) { - if (corsConfig.origins.isPresent()) { + if (corsConfig.origins().isPresent()) { allowsOrigin = originMatches || isSameOrigin(request, origin); } else { allowsOrigin = isSameOrigin(request, origin); @@ -160,7 +160,7 @@ public void handle(RoutingContext event) { response.setStatusCode(403); response.setStatusMessage("CORS Rejected - Invalid origin"); } else { - boolean allowCredentials = corsConfig.accessControlAllowCredentials.orElse(originMatches); + boolean allowCredentials = corsConfig.accessControlAllowCredentials().orElse(originMatches); response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, String.valueOf(allowCredentials)); response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin); } @@ -209,9 +209,9 @@ private void handlePreflightRequest(RoutingContext event, String requestedHeader boolean allowsOrigin) { //see https://fetch.spec.whatwg.org/#http-cors-protocol - if (corsConfig.accessControlMaxAge.isPresent()) { + if (corsConfig.accessControlMaxAge().isPresent()) { event.response().putHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, - String.valueOf(corsConfig.accessControlMaxAge.get().getSeconds())); + String.valueOf(corsConfig.accessControlMaxAge().get().getSeconds())); } var response = event.response(); if (requestedMethods != null) { @@ -315,7 +315,7 @@ static boolean substringMatch(String str, int pos, String substring, boolean req } private void processPreFlightRequestedHeaders(HttpServerResponse response, String allowHeadersValue) { - if (isConfiguredWithWildcard(corsConfig.headers)) { + if (isConfiguredWithWildcard(corsConfig.headers())) { response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowHeadersValue); } else { response.headers().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowedHeaders); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSRecorder.java index 18d2b5a4b4d40..edf4161815351 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/cors/CORSRecorder.java @@ -14,8 +14,8 @@ public CORSRecorder(HttpConfiguration configuration) { } public Handler corsHandler() { - if (configuration.corsEnabled) { - return new CORSFilter(configuration.cors); + if (configuration.corsEnabled()) { + return new CORSFilter(configuration.cors()); } return null; } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementAuthConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementAuthConfig.java index 6aeda761ce7a0..25fd0dc6fca30 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementAuthConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementAuthConfig.java @@ -2,35 +2,30 @@ import java.util.Optional; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; +import io.smallrye.config.WithDefault; /** * Authentication for the management interface. */ -@ConfigGroup -public class ManagementAuthConfig { - +public interface ManagementAuthConfig { /** * If authentication for the management interface should be enabled. */ - @ConfigItem(defaultValue = "${quarkus.management.auth.basic:false}") - public boolean enabled; + @WithDefault("${quarkus.management.auth.basic:false}") + boolean enabled(); /** * If basic auth should be enabled. - * */ - @ConfigItem - public Optional basic; + Optional basic(); /** * If this is true and credentials are present then a user will always be authenticated * before the request progresses. - * + *

* If this is false then an attempt will only be made to authenticate the user if a permission * check is performed or the current user is required for some other reason. */ - @ConfigItem(defaultValue = "true") - public boolean proactive; + @WithDefault("true") + boolean proactive(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceBuildTimeConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceBuildTimeConfig.java index b2ca8512199e9..1caac3d0790fd 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceBuildTimeConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceBuildTimeConfig.java @@ -2,43 +2,46 @@ import java.util.OptionalInt; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.annotations.ConfigPhase; import io.quarkus.runtime.annotations.ConfigRoot; +import io.smallrye.config.ConfigMapping; +import io.smallrye.config.WithDefault; +import io.smallrye.config.WithName; import io.vertx.core.http.ClientAuth; /** * Management interface configuration. */ -@ConfigRoot(name = "management", phase = ConfigPhase.BUILD_AND_RUN_TIME_FIXED) -public class ManagementInterfaceBuildTimeConfig { - +@ConfigMapping(prefix = "quarkus.management") +@ConfigRoot(phase = ConfigPhase.BUILD_AND_RUN_TIME_FIXED) +public interface ManagementInterfaceBuildTimeConfig { /** * Enables / Disables the usage of a separate interface/port to expose the management endpoints. * If sets to {@code true}, the management endpoints will be exposed to a different HTTP server. - * This avoids exposing the management endpoints on a publicly available server. + * This avoids exposing the management endpoints on a y available server(. */ - @ConfigItem(defaultValue = "false") - public boolean enabled; + @WithDefault("false") + boolean enabled(); /** * Authentication configuration */ - public ManagementAuthConfig auth; + ManagementAuthConfig auth(); /** * Configures the engine to require/request client authentication. * NONE, REQUEST, REQUIRED */ - @ConfigItem(name = "ssl.client-auth", defaultValue = "NONE") - public ClientAuth tlsClientAuth; + @WithName("ssl.client-auth") + @WithDefault("NONE") + ClientAuth tlsClientAuth(); /** * A common root path for management endpoints. Various extension-provided management endpoints such as metrics * and health are deployed under this path by default. */ - @ConfigItem(defaultValue = "/q") - public String rootPath; + @WithDefault("/q") + String rootPath(); /** * If responses should be compressed. @@ -50,8 +53,8 @@ public class ManagementInterfaceBuildTimeConfig { *

* Which will tell vert.x not to compress the response. */ - @ConfigItem - public boolean enableCompression; + @WithDefault("false") + boolean enableCompression(); /** * When enabled, vert.x will decompress the request's body if it's compressed. @@ -59,12 +62,11 @@ public class ManagementInterfaceBuildTimeConfig { * Note that the compression format (e.g., gzip) must be specified in the Content-Encoding header * in the request. */ - @ConfigItem - public boolean enableDecompression; + @WithDefault("false") + boolean enableDecompression(); /** * The compression level used when compression support is enabled. */ - @ConfigItem - public OptionalInt compressionLevel; + OptionalInt compressionLevel(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceConfiguration.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceConfiguration.java index a9aed78d337dc..ccce79adbe131 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceConfiguration.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceConfiguration.java @@ -5,7 +5,6 @@ import java.util.Optional; import io.quarkus.runtime.LaunchMode; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.runtime.annotations.ConfigPhase; import io.quarkus.runtime.annotations.ConfigRoot; import io.quarkus.vertx.http.runtime.BodyConfig; @@ -14,31 +13,34 @@ import io.quarkus.vertx.http.runtime.ProxyConfig; import io.quarkus.vertx.http.runtime.ServerLimitsConfig; import io.quarkus.vertx.http.runtime.ServerSslConfig; +import io.smallrye.config.ConfigMapping; +import io.smallrye.config.WithDefault; +import io.smallrye.config.WithName; /** * Configures the management interface. * Note that the management interface must be enabled using the * {@link ManagementInterfaceBuildTimeConfig#enabled} build-time property. */ -@ConfigRoot(phase = ConfigPhase.RUN_TIME, name = "management") -public class ManagementInterfaceConfiguration { - +@ConfigMapping(prefix = "quarkus.management") +@ConfigRoot(phase = ConfigPhase.RUN_TIME) +public interface ManagementInterfaceConfiguration { /** * Authentication configuration */ - public ManagementRuntimeAuthConfig auth; + ManagementRuntimeAuthConfig auth(); /** * The HTTP port */ - @ConfigItem(defaultValue = "9000") - public int port; + @WithDefault("9000") + int port(); /** * The HTTP port */ - @ConfigItem(defaultValue = "9001") - public int testPort; + @WithDefault("9001") + int testPort(); /** * The HTTP host @@ -53,19 +55,18 @@ public class ManagementInterfaceConfiguration { * defaults to 0.0.0.0 even in dev/test mode since using localhost makes the application * inaccessible. */ - @ConfigItem - public String host; + String host(); /** * Enable listening to host:port */ - @ConfigItem(defaultValue = "true") - public boolean hostEnabled; + @WithDefault("true") + boolean hostEnabled(); /** * The SSL config */ - public ServerSslConfig ssl; + ServerSslConfig ssl(); /** * The name of the TLS configuration to use. @@ -76,66 +77,66 @@ public class ManagementInterfaceConfiguration { *

* If no TLS configuration is set, and {@code quarkus.tls.*} is not configured, then, `quarkus.management.ssl` will be used. */ - @ConfigItem - public Optional tlsConfigurationName; + Optional tlsConfigurationName(); /** * When set to {@code true}, the HTTP server automatically sends `100 CONTINUE` * response when the request expects it (with the `Expect: 100-Continue` header). */ - @ConfigItem(defaultValue = "false", name = "handle-100-continue-automatically") - public boolean handle100ContinueAutomatically; + @WithName("handle-100-continue-automatically") + @WithDefault("false") + boolean handle100ContinueAutomatically(); /** * Server limits configuration */ - public ServerLimitsConfig limits; + ServerLimitsConfig limits(); /** * Http connection idle timeout */ - @ConfigItem(defaultValue = "30M", name = "idle-timeout") - public Duration idleTimeout; + @WithDefault("30M") + Duration idleTimeout(); /** * Request body related settings */ - public BodyConfig body; + BodyConfig body(); /** * The accept backlog, this is how many connections can be waiting to be accepted before connections start being rejected */ - @ConfigItem(defaultValue = "-1") - public int acceptBacklog; + @WithDefault("-1") + int acceptBacklog(); /** * Path to a unix domain socket */ - @ConfigItem(defaultValue = "/var/run/io.quarkus.management.socket") - public String domainSocket; + @WithDefault("/var/run/io.quarkus.management.socket") + String domainSocket(); /** * Enable listening to host:port */ - @ConfigItem - public boolean domainSocketEnabled; + @WithDefault("false") + boolean domainSocketEnabled(); /** * Additional HTTP Headers always sent in the response */ - @ConfigItem - public Map header; + Map header(); /** * Additional HTTP configuration per path */ - @ConfigItem - public Map filter; + Map filter(); - public ProxyConfig proxy; + /** + * Holds configuration related with proxy addressing forward. + */ + ProxyConfig proxy(); - public int determinePort(LaunchMode launchMode) { - return launchMode == LaunchMode.TEST ? testPort : port; + default int determinePort(LaunchMode launchMode) { + return launchMode == LaunchMode.TEST ? testPort() : port(); } - } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceSecurityRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceSecurityRecorder.java index 7ef7f637982ff..56cee6d227554 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceSecurityRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementInterfaceSecurityRecorder.java @@ -28,7 +28,7 @@ public Handler getAuthenticationHandler(RuntimeValue handler, ManagementInterfaceConfiguration runTimeConfig) { handler.getValue().init(ManagementPathMatchingHttpSecurityPolicy.class, - RolesMapping.of(runTimeConfig.auth.rolesMapping)); + RolesMapping.of(runTimeConfig.auth().rolesMapping())); } public Handler permissionCheckHandler() { diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementRuntimeAuthConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementRuntimeAuthConfig.java index 5e6cd28d987b4..e0e4424a85d11 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementRuntimeAuthConfig.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/management/ManagementRuntimeAuthConfig.java @@ -4,28 +4,25 @@ import java.util.Map; import io.quarkus.runtime.annotations.ConfigDocMapKey; -import io.quarkus.runtime.annotations.ConfigGroup; -import io.quarkus.runtime.annotations.ConfigItem; import io.quarkus.vertx.http.runtime.PolicyConfig; import io.quarkus.vertx.http.runtime.PolicyMappingConfig; +import io.smallrye.config.WithName; /** * Authentication for the management interface. */ -@ConfigGroup -public class ManagementRuntimeAuthConfig { - +public interface ManagementRuntimeAuthConfig { /** * The HTTP permissions */ - @ConfigItem(name = "permission") - public Map permissions; + @WithName("permission") + Map permissions(); /** * The HTTP role based policies */ - @ConfigItem(name = "policy") - public Map rolePolicy; + @WithName("policy") + Map rolePolicy(); /** * Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`. @@ -34,7 +31,6 @@ public class ManagementRuntimeAuthConfig { * use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have * both `user` and `UserRole` roles. */ - @ConfigItem @ConfigDocMapKey("role-name") - public Map> rolesMapping; + Map> rolesMapping(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerCommonHandlers.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerCommonHandlers.java index d14da39ac12cf..bd914017eeaaf 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerCommonHandlers.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerCommonHandlers.java @@ -34,8 +34,8 @@ public class HttpServerCommonHandlers { public static void enforceMaxBodySize(ServerLimitsConfig limits, Router httpRouteRouter) { - if (limits.maxBodySize.isPresent()) { - long limit = limits.maxBodySize.get().asLongValue(); + if (limits.maxBodySize().isPresent()) { + long limit = limits.maxBodySize().get().asLongValue(); Long limitObj = limit; httpRouteRouter.route().order(RouteConstants.ROUTE_ORDER_UPLOAD_LIMIT).handler(new Handler() { @Override @@ -91,7 +91,7 @@ public void handle(Void x) { public static Handler applyProxy(ProxyConfig proxyConfig, Handler root, Supplier vertx) { - if (proxyConfig.proxyAddressForwarding) { + if (proxyConfig.proxyAddressForwarding()) { final ForwardingProxyOptions forwardingProxyOptions = ForwardingProxyOptions.from(proxyConfig); final TrustedProxyCheck.TrustedProxyCheckBuilder proxyCheckBuilder = forwardingProxyOptions.trustedProxyCheckBuilder; if (proxyCheckBuilder == null) { @@ -115,10 +115,10 @@ public static void applyFilters(Map filtersInConfig, Route if (!filtersInConfig.isEmpty()) { for (var entry : filtersInConfig.entrySet()) { var filterConfig = entry.getValue(); - var matches = filterConfig.matches; - var order = filterConfig.order.orElse(Integer.MIN_VALUE); - var methods = filterConfig.methods; - var headers = filterConfig.header; + var matches = filterConfig.matches(); + var order = filterConfig.order().orElse(Integer.MIN_VALUE); + var methods = filterConfig.methods(); + var headers = filterConfig.header(); if (methods.isEmpty()) { httpRouteRouter.routeWithRegex(matches) .order(order) @@ -174,24 +174,24 @@ public static void applyHeaders(Map headers, Router httpRo for (Map.Entry entry : headers.entrySet()) { var name = entry.getKey(); var config = entry.getValue(); - if (config.methods.isEmpty()) { - httpRouteRouter.route(config.path) + if (config.methods().isEmpty()) { + httpRouteRouter.route(config.path()) .order(RouteConstants.ROUTE_ORDER_HEADERS) .handler(new Handler() { @Override public void handle(RoutingContext event) { - event.response().headers().set(name, config.value); + event.response().headers().set(name, config.value()); event.next(); } }); } else { - for (String method : config.methods.get()) { - httpRouteRouter.route(HttpMethod.valueOf(method.toUpperCase(Locale.ROOT)), config.path) + for (String method : config.methods().get()) { + httpRouteRouter.route(HttpMethod.valueOf(method.toUpperCase(Locale.ROOT)), config.path()) .order(RouteConstants.ROUTE_ORDER_HEADERS) .handler(new Handler() { @Override public void handle(RoutingContext event) { - event.response().headers().add(name, config.value); + event.response().headers().add(name, config.value()); event.next(); } }); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerOptionsUtils.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerOptionsUtils.java index f270cc64b2bd6..6786033c8fba4 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerOptionsUtils.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerOptionsUtils.java @@ -66,7 +66,7 @@ public class HttpServerOptionsUtils { public static HttpServerOptions createSslOptions(HttpBuildTimeConfig buildTimeConfig, HttpConfiguration httpConfiguration, LaunchMode launchMode, List websocketSubProtocols, TlsConfigurationRegistry registry) throws IOException { - if (!httpConfiguration.hostEnabled) { + if (!httpConfiguration.hostEnabled()) { return null; } @@ -74,17 +74,17 @@ public static HttpServerOptions createSslOptions(HttpBuildTimeConfig buildTimeCo int sslPort = httpConfiguration.determineSslPort(launchMode); // -2 instead of -1 (see http) to have vert.x assign two different random ports if both http and https shall be random serverOptions.setPort(sslPort == 0 ? RANDOM_PORT_MAIN_TLS : sslPort); - serverOptions.setClientAuth(buildTimeConfig.tlsClientAuth); + serverOptions.setClientAuth(buildTimeConfig.tlsClientAuth()); if (JdkSSLEngineOptions.isAlpnAvailable()) { - serverOptions.setUseAlpn(httpConfiguration.http2); - if (httpConfiguration.http2) { + serverOptions.setUseAlpn(httpConfiguration.http2()); + if (httpConfiguration.http2()) { serverOptions.setAlpnVersions(Arrays.asList(HttpVersion.HTTP_2, HttpVersion.HTTP_1_1)); } } setIdleTimeout(httpConfiguration, serverOptions); - TlsConfiguration bucket = getTlsConfiguration(httpConfiguration.tlsConfigurationName, registry); + TlsConfiguration bucket = getTlsConfiguration(httpConfiguration.tlsConfigurationName(), registry); if (bucket != null) { applyTlsConfigurationToHttpServerOptions(bucket, serverOptions); applyCommonOptions(serverOptions, buildTimeConfig, httpConfiguration, websocketSubProtocols); @@ -92,7 +92,7 @@ public static HttpServerOptions createSslOptions(HttpBuildTimeConfig buildTimeCo } // Legacy configuration: - applySslConfigToHttpServerOptions(httpConfiguration.ssl, serverOptions); + applySslConfigToHttpServerOptions(httpConfiguration.ssl(), serverOptions); applyCommonOptions(serverOptions, buildTimeConfig, httpConfiguration, websocketSubProtocols); return serverOptions; @@ -122,56 +122,57 @@ private static void applySslConfigToHttpServerOptions(ServerSslConfig httpConfig ServerSslConfig sslConfig = httpConfiguration; // credentials provider Map credentials = Map.of(); - if (sslConfig.certificate.credentialsProvider.isPresent()) { - String beanName = sslConfig.certificate.credentialsProviderName.orElse(null); + if (sslConfig.certificate().credentialsProvider().isPresent()) { + String beanName = sslConfig.certificate().credentialsProviderName().orElse(null); CredentialsProvider credentialsProvider = CredentialsProviderFinder.find(beanName); - String name = sslConfig.certificate.credentialsProvider.get(); + String name = sslConfig.certificate().credentialsProvider().get(); credentials = credentialsProvider.getCredentials(name); } - final Optional keyStorePassword = getCredential(sslConfig.certificate.keyStorePassword, credentials, - sslConfig.certificate.keyStorePasswordKey); + final Optional keyStorePassword = getCredential(sslConfig.certificate().keyStorePassword(), credentials, + sslConfig.certificate().keyStorePasswordKey()); Optional keyStoreAliasPassword = Optional.empty(); - if (sslConfig.certificate.keyStoreAliasPassword.isPresent() || sslConfig.certificate.keyStoreKeyPassword.isPresent() - || sslConfig.certificate.keyStoreKeyPasswordKey.isPresent() - || sslConfig.certificate.keyStoreAliasPasswordKey.isPresent()) { - if (sslConfig.certificate.keyStoreKeyPasswordKey.isPresent() - && sslConfig.certificate.keyStoreAliasPasswordKey.isPresent()) { + if (sslConfig.certificate().keyStoreAliasPassword().isPresent() + || sslConfig.certificate().keyStoreKeyPassword().isPresent() + || sslConfig.certificate().keyStoreKeyPasswordKey().isPresent() + || sslConfig.certificate().keyStoreAliasPasswordKey().isPresent()) { + if (sslConfig.certificate().keyStoreKeyPasswordKey().isPresent() + && sslConfig.certificate().keyStoreAliasPasswordKey().isPresent()) { throw new ConfigurationException( "You cannot specify both `keyStoreKeyPasswordKey` and `keyStoreAliasPasswordKey` - Use `keyStoreAliasPasswordKey` instead"); } - if (sslConfig.certificate.keyStoreAliasPassword.isPresent() - && sslConfig.certificate.keyStoreKeyPassword.isPresent()) { + if (sslConfig.certificate().keyStoreAliasPassword().isPresent() + && sslConfig.certificate().keyStoreKeyPassword().isPresent()) { throw new ConfigurationException( "You cannot specify both `keyStoreKeyPassword` and `keyStoreAliasPassword` - Use `keyStoreAliasPassword` instead"); } keyStoreAliasPassword = getCredential( - or(sslConfig.certificate.keyStoreAliasPassword, sslConfig.certificate.keyStoreKeyPassword), + or(sslConfig.certificate().keyStoreAliasPassword(), sslConfig.certificate().keyStoreKeyPassword()), credentials, - or(sslConfig.certificate.keyStoreAliasPasswordKey, sslConfig.certificate.keyStoreKeyPasswordKey)); + or(sslConfig.certificate().keyStoreAliasPasswordKey(), sslConfig.certificate().keyStoreKeyPasswordKey())); } - final Optional trustStorePassword = getCredential(sslConfig.certificate.trustStorePassword, credentials, - sslConfig.certificate.trustStorePasswordKey); + final Optional trustStorePassword = getCredential(sslConfig.certificate().trustStorePassword(), credentials, + sslConfig.certificate().trustStorePasswordKey()); - var kso = computeKeyStoreOptions(sslConfig.certificate, keyStorePassword, keyStoreAliasPassword); + var kso = computeKeyStoreOptions(sslConfig.certificate(), keyStorePassword, keyStoreAliasPassword); if (kso != null) { serverOptions.setKeyCertOptions(kso); } - var to = computeTrustOptions(sslConfig.certificate, trustStorePassword); + var to = computeTrustOptions(sslConfig.certificate(), trustStorePassword); if (to != null) { serverOptions.setTrustOptions(to); } - for (String cipher : sslConfig.cipherSuites.orElse(Collections.emptyList())) { + for (String cipher : sslConfig.cipherSuites().orElse(Collections.emptyList())) { serverOptions.addEnabledCipherSuite(cipher); } - serverOptions.setEnabledSecureTransportProtocols(sslConfig.protocols); + serverOptions.setEnabledSecureTransportProtocols(sslConfig.protocols()); serverOptions.setSsl(true); - serverOptions.setSni(sslConfig.sni); + serverOptions.setSni(sslConfig.sni()); } /** @@ -181,7 +182,7 @@ public static HttpServerOptions createSslOptionsForManagementInterface(Managemen ManagementInterfaceConfiguration httpConfiguration, LaunchMode launchMode, List websocketSubProtocols, TlsConfigurationRegistry registry) throws IOException { - if (!httpConfiguration.hostEnabled) { + if (!httpConfiguration.hostEnabled()) { return null; } @@ -190,15 +191,15 @@ public static HttpServerOptions createSslOptionsForManagementInterface(Managemen serverOptions.setUseAlpn(true); serverOptions.setAlpnVersions(Arrays.asList(HttpVersion.HTTP_2, HttpVersion.HTTP_1_1)); } - int idleTimeout = (int) httpConfiguration.idleTimeout.toMillis(); + int idleTimeout = (int) httpConfiguration.idleTimeout().toMillis(); serverOptions.setIdleTimeout(idleTimeout); serverOptions.setIdleTimeoutUnit(TimeUnit.MILLISECONDS); int sslPort = httpConfiguration.determinePort(launchMode); serverOptions.setPort(sslPort == 0 ? RANDOM_PORT_MANAGEMENT : sslPort); - serverOptions.setClientAuth(buildTimeConfig.tlsClientAuth); + serverOptions.setClientAuth(buildTimeConfig.tlsClientAuth()); - TlsConfiguration bucket = getTlsConfiguration(httpConfiguration.tlsConfigurationName, registry); + TlsConfiguration bucket = getTlsConfiguration(httpConfiguration.tlsConfigurationName(), registry); if (bucket != null) { applyTlsConfigurationToHttpServerOptions(bucket, serverOptions); applyCommonOptionsForManagementInterface(serverOptions, buildTimeConfig, httpConfiguration, websocketSubProtocols); @@ -206,7 +207,7 @@ public static HttpServerOptions createSslOptionsForManagementInterface(Managemen } // Legacy configuration: - applySslConfigToHttpServerOptions(httpConfiguration.ssl, serverOptions); + applySslConfigToHttpServerOptions(httpConfiguration.ssl(), serverOptions); applyCommonOptionsForManagementInterface(serverOptions, buildTimeConfig, httpConfiguration, websocketSubProtocols); return serverOptions; @@ -257,31 +258,32 @@ public static void applyCommonOptions(HttpServerOptions httpServerOptions, HttpBuildTimeConfig buildTimeConfig, HttpConfiguration httpConfiguration, List websocketSubProtocols) { - httpServerOptions.setHost(httpConfiguration.host); + httpServerOptions.setHost(httpConfiguration.host()); setIdleTimeout(httpConfiguration, httpServerOptions); - httpServerOptions.setMaxHeaderSize(httpConfiguration.limits.maxHeaderSize.asBigInteger().intValueExact()); - httpServerOptions.setMaxChunkSize(httpConfiguration.limits.maxChunkSize.asBigInteger().intValueExact()); - httpServerOptions.setMaxFormAttributeSize(httpConfiguration.limits.maxFormAttributeSize.asBigInteger().intValueExact()); - httpServerOptions.setMaxFormFields(httpConfiguration.limits.maxFormFields); - httpServerOptions.setMaxFormBufferedBytes(httpConfiguration.limits.maxFormBufferedBytes.asBigInteger().intValue()); + httpServerOptions.setMaxHeaderSize(httpConfiguration.limits().maxHeaderSize().asBigInteger().intValueExact()); + httpServerOptions.setMaxChunkSize(httpConfiguration.limits().maxChunkSize().asBigInteger().intValueExact()); + httpServerOptions + .setMaxFormAttributeSize(httpConfiguration.limits().maxFormAttributeSize().asBigInteger().intValueExact()); + httpServerOptions.setMaxFormFields(httpConfiguration.limits().maxFormFields()); + httpServerOptions.setMaxFormBufferedBytes(httpConfiguration.limits().maxFormBufferedBytes().asBigInteger().intValue()); httpServerOptions.setWebSocketSubProtocols(websocketSubProtocols); - httpServerOptions.setReusePort(httpConfiguration.soReusePort); - httpServerOptions.setTcpQuickAck(httpConfiguration.tcpQuickAck); - httpServerOptions.setTcpCork(httpConfiguration.tcpCork); - httpServerOptions.setAcceptBacklog(httpConfiguration.acceptBacklog); - httpServerOptions.setTcpFastOpen(httpConfiguration.tcpFastOpen); - httpServerOptions.setCompressionSupported(buildTimeConfig.enableCompression); - if (buildTimeConfig.compressionLevel.isPresent()) { - httpServerOptions.setCompressionLevel(buildTimeConfig.compressionLevel.getAsInt()); + httpServerOptions.setReusePort(httpConfiguration.soReusePort()); + httpServerOptions.setTcpQuickAck(httpConfiguration.tcpQuickAck()); + httpServerOptions.setTcpCork(httpConfiguration.tcpCork()); + httpServerOptions.setAcceptBacklog(httpConfiguration.acceptBacklog()); + httpServerOptions.setTcpFastOpen(httpConfiguration.tcpFastOpen()); + httpServerOptions.setCompressionSupported(buildTimeConfig.enableCompression()); + if (buildTimeConfig.compressionLevel().isPresent()) { + httpServerOptions.setCompressionLevel(buildTimeConfig.compressionLevel().getAsInt()); } - httpServerOptions.setDecompressionSupported(buildTimeConfig.enableDecompression); - httpServerOptions.setMaxInitialLineLength(httpConfiguration.limits.maxInitialLineLength); - httpServerOptions.setHandle100ContinueAutomatically(httpConfiguration.handle100ContinueAutomatically); + httpServerOptions.setDecompressionSupported(buildTimeConfig.enableDecompression()); + httpServerOptions.setMaxInitialLineLength(httpConfiguration.limits().maxInitialLineLength()); + httpServerOptions.setHandle100ContinueAutomatically(httpConfiguration.handle100ContinueAutomatically()); - if (buildTimeConfig.compressors.isPresent()) { + if (buildTimeConfig.compressors().isPresent()) { // Adding defaults too, because mere addition of .addCompressor(brotli) actually // overrides the default deflate and gzip capability. - for (String compressor : buildTimeConfig.compressors.get()) { + for (String compressor : buildTimeConfig.compressors().get()) { if ("gzip".equalsIgnoreCase(compressor)) { // GZip's default compression level is 6 in Netty Codec 4.1, the same // as the default compression level in Vert.x Core 4.5.7's HttpServerOptions. @@ -297,8 +299,8 @@ public static void applyCommonOptions(HttpServerOptions httpServerOptions, final BrotliOptions o = StandardCompressionOptions.brotli(); // The default compression level for brotli as of Netty Codec 4.1 is 4, // so we don't pick up Vert.x Core 4.5.7's default of 6. User can override: - if (buildTimeConfig.compressionLevel.isPresent()) { - o.parameters().setQuality(buildTimeConfig.compressionLevel.getAsInt()); + if (buildTimeConfig.compressionLevel().isPresent()) { + o.parameters().setQuality(buildTimeConfig.compressionLevel().getAsInt()); } httpServerOptions.addCompressor(o); } else { @@ -307,65 +309,67 @@ public static void applyCommonOptions(HttpServerOptions httpServerOptions, } } - if (httpConfiguration.http2) { + if (httpConfiguration.http2()) { var settings = new Http2Settings(); - if (httpConfiguration.limits.headerTableSize.isPresent()) { - settings.setHeaderTableSize(httpConfiguration.limits.headerTableSize.getAsLong()); + if (httpConfiguration.limits().headerTableSize().isPresent()) { + settings.setHeaderTableSize(httpConfiguration.limits().headerTableSize().getAsLong()); } - settings.setPushEnabled(httpConfiguration.http2PushEnabled); - if (httpConfiguration.limits.maxConcurrentStreams.isPresent()) { - settings.setMaxConcurrentStreams(httpConfiguration.limits.maxConcurrentStreams.getAsLong()); + settings.setPushEnabled(httpConfiguration.http2PushEnabled()); + if (httpConfiguration.limits().maxConcurrentStreams().isPresent()) { + settings.setMaxConcurrentStreams(httpConfiguration.limits().maxConcurrentStreams().getAsLong()); } - if (httpConfiguration.initialWindowSize.isPresent()) { - settings.setInitialWindowSize(httpConfiguration.initialWindowSize.getAsInt()); + if (httpConfiguration.initialWindowSize().isPresent()) { + settings.setInitialWindowSize(httpConfiguration.initialWindowSize().getAsInt()); } - if (httpConfiguration.limits.maxFrameSize.isPresent()) { - settings.setMaxFrameSize(httpConfiguration.limits.maxFrameSize.getAsInt()); + if (httpConfiguration.limits().maxFrameSize().isPresent()) { + settings.setMaxFrameSize(httpConfiguration.limits().maxFrameSize().getAsInt()); } - if (httpConfiguration.limits.maxHeaderListSize.isPresent()) { - settings.setMaxHeaderListSize(httpConfiguration.limits.maxHeaderListSize.getAsLong()); + if (httpConfiguration.limits().maxHeaderListSize().isPresent()) { + settings.setMaxHeaderListSize(httpConfiguration.limits().maxHeaderListSize().getAsLong()); } httpServerOptions.setInitialSettings(settings); // RST attack protection - https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p - if (httpConfiguration.limits.rstFloodMaxRstFramePerWindow.isPresent()) { + if (httpConfiguration.limits().rstFloodMaxRstFramePerWindow().isPresent()) { httpServerOptions - .setHttp2RstFloodMaxRstFramePerWindow(httpConfiguration.limits.rstFloodMaxRstFramePerWindow.getAsInt()); + .setHttp2RstFloodMaxRstFramePerWindow( + httpConfiguration.limits().rstFloodMaxRstFramePerWindow().getAsInt()); } - if (httpConfiguration.limits.rstFloodWindowDuration.isPresent()) { + if (httpConfiguration.limits().rstFloodWindowDuration().isPresent()) { httpServerOptions.setHttp2RstFloodWindowDuration( - (int) httpConfiguration.limits.rstFloodWindowDuration.get().toSeconds()); + (int) httpConfiguration.limits().rstFloodWindowDuration().get().toSeconds()); httpServerOptions.setHttp2RstFloodWindowDurationTimeUnit(TimeUnit.SECONDS); } } - httpServerOptions.setUseProxyProtocol(httpConfiguration.proxy.useProxyProtocol); + httpServerOptions.setUseProxyProtocol(httpConfiguration.proxy().useProxyProtocol()); configureTrafficShapingIfEnabled(httpServerOptions, httpConfiguration); } private static void configureTrafficShapingIfEnabled(HttpServerOptions httpServerOptions, HttpConfiguration httpConfiguration) { - if (httpConfiguration.trafficShaping.enabled) { + if (httpConfiguration.trafficShaping().enabled()) { TrafficShapingOptions options = new TrafficShapingOptions(); - if (httpConfiguration.trafficShaping.checkInterval.isPresent()) { - options.setCheckIntervalForStats(httpConfiguration.trafficShaping.checkInterval.get().toSeconds()); + if (httpConfiguration.trafficShaping().checkInterval().isPresent()) { + options.setCheckIntervalForStats(httpConfiguration.trafficShaping().checkInterval().get().toSeconds()); options.setCheckIntervalForStatsTimeUnit(TimeUnit.SECONDS); } - if (httpConfiguration.trafficShaping.maxDelay.isPresent()) { - options.setMaxDelayToWait(httpConfiguration.trafficShaping.maxDelay.get().toSeconds()); + if (httpConfiguration.trafficShaping().maxDelay().isPresent()) { + options.setMaxDelayToWait(httpConfiguration.trafficShaping().maxDelay().get().toSeconds()); options.setMaxDelayToWaitUnit(TimeUnit.SECONDS); } - if (httpConfiguration.trafficShaping.inboundGlobalBandwidth.isPresent()) { - options.setInboundGlobalBandwidth(httpConfiguration.trafficShaping.inboundGlobalBandwidth.get().asLongValue()); + if (httpConfiguration.trafficShaping().inboundGlobalBandwidth().isPresent()) { + options.setInboundGlobalBandwidth( + httpConfiguration.trafficShaping().inboundGlobalBandwidth().get().asLongValue()); } - if (httpConfiguration.trafficShaping.outboundGlobalBandwidth.isPresent()) { + if (httpConfiguration.trafficShaping().outboundGlobalBandwidth().isPresent()) { options.setOutboundGlobalBandwidth( - httpConfiguration.trafficShaping.outboundGlobalBandwidth.get().asLongValue()); + httpConfiguration.trafficShaping().outboundGlobalBandwidth().get().asLongValue()); } - if (httpConfiguration.trafficShaping.peakOutboundGlobalBandwidth.isPresent()) { + if (httpConfiguration.trafficShaping().peakOutboundGlobalBandwidth().isPresent()) { options.setPeakOutboundGlobalBandwidth( - httpConfiguration.trafficShaping.peakOutboundGlobalBandwidth.get().asLongValue()); + httpConfiguration.trafficShaping().peakOutboundGlobalBandwidth().get().asLongValue()); } httpServerOptions.setTrafficShapingOptions(options); } @@ -375,28 +379,28 @@ public static void applyCommonOptionsForManagementInterface(HttpServerOptions op ManagementInterfaceBuildTimeConfig buildTimeConfig, ManagementInterfaceConfiguration httpConfiguration, List websocketSubProtocols) { - options.setHost(httpConfiguration.host); + options.setHost(httpConfiguration.host()); - int idleTimeout = (int) httpConfiguration.idleTimeout.toMillis(); + int idleTimeout = (int) httpConfiguration.idleTimeout().toMillis(); options.setIdleTimeout(idleTimeout); options.setIdleTimeoutUnit(TimeUnit.MILLISECONDS); - options.setMaxHeaderSize(httpConfiguration.limits.maxHeaderSize.asBigInteger().intValueExact()); - options.setMaxChunkSize(httpConfiguration.limits.maxChunkSize.asBigInteger().intValueExact()); - options.setMaxFormAttributeSize(httpConfiguration.limits.maxFormAttributeSize.asBigInteger().intValueExact()); - options.setMaxFormFields(httpConfiguration.limits.maxFormFields); - options.setMaxFormBufferedBytes(httpConfiguration.limits.maxFormBufferedBytes.asBigInteger().intValue()); - options.setMaxInitialLineLength(httpConfiguration.limits.maxInitialLineLength); + options.setMaxHeaderSize(httpConfiguration.limits().maxHeaderSize().asBigInteger().intValueExact()); + options.setMaxChunkSize(httpConfiguration.limits().maxChunkSize().asBigInteger().intValueExact()); + options.setMaxFormAttributeSize(httpConfiguration.limits().maxFormAttributeSize().asBigInteger().intValueExact()); + options.setMaxFormFields(httpConfiguration.limits().maxFormFields()); + options.setMaxFormBufferedBytes(httpConfiguration.limits().maxFormBufferedBytes().asBigInteger().intValue()); + options.setMaxInitialLineLength(httpConfiguration.limits().maxInitialLineLength()); options.setWebSocketSubProtocols(websocketSubProtocols); - options.setAcceptBacklog(httpConfiguration.acceptBacklog); - options.setCompressionSupported(buildTimeConfig.enableCompression); - if (buildTimeConfig.compressionLevel.isPresent()) { - options.setCompressionLevel(buildTimeConfig.compressionLevel.getAsInt()); + options.setAcceptBacklog(httpConfiguration.acceptBacklog()); + options.setCompressionSupported(buildTimeConfig.enableCompression()); + if (buildTimeConfig.compressionLevel().isPresent()) { + options.setCompressionLevel(buildTimeConfig.compressionLevel().getAsInt()); } - options.setDecompressionSupported(buildTimeConfig.enableDecompression); - options.setHandle100ContinueAutomatically(httpConfiguration.handle100ContinueAutomatically); + options.setDecompressionSupported(buildTimeConfig.enableDecompression()); + options.setHandle100ContinueAutomatically(httpConfiguration.handle100ContinueAutomatically()); - options.setUseProxyProtocol(httpConfiguration.proxy.useProxyProtocol); + options.setUseProxyProtocol(httpConfiguration.proxy().useProxyProtocol()); } static byte[] getFileContent(Path path) throws IOException { @@ -420,7 +424,7 @@ private static byte[] doRead(InputStream is) throws IOException { } private static void setIdleTimeout(HttpConfiguration httpConfiguration, HttpServerOptions options) { - int idleTimeout = (int) httpConfiguration.idleTimeout.toMillis(); + int idleTimeout = (int) httpConfiguration.idleTimeout().toMillis(); options.setIdleTimeout(idleTimeout); options.setIdleTimeoutUnit(TimeUnit.MILLISECONDS); } @@ -429,7 +433,7 @@ public static HttpConfiguration.InsecureRequests getInsecureRequestStrategy(Http Optional requests) { if (requests.isPresent()) { var value = requests.get(); - if (buildTimeConfig.tlsClientAuth == ClientAuth.REQUIRED && value == HttpConfiguration.InsecureRequests.ENABLED) { + if (buildTimeConfig.tlsClientAuth() == ClientAuth.REQUIRED && value == HttpConfiguration.InsecureRequests.ENABLED) { Logger.getLogger(HttpServerOptionsUtils.class).warn( "When configuring TLS client authentication to be required, it is recommended to **NOT** set `quarkus.http.insecure-requests` to `enabled`. " + @@ -437,7 +441,7 @@ public static HttpConfiguration.InsecureRequests getInsecureRequestStrategy(Http } return value; } - if (buildTimeConfig.tlsClientAuth == ClientAuth.REQUIRED) { + if (buildTimeConfig.tlsClientAuth() == ClientAuth.REQUIRED) { Logger.getLogger(HttpServerOptionsUtils.class).info( "TLS client authentication is required, thus disabling insecure requests. " + "You can switch to `redirect` by setting `quarkus.http.insecure-requests=redirect`."); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsCertificateReloader.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsCertificateReloader.java index b89526740d05b..b2f7145602b77 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsCertificateReloader.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsCertificateReloader.java @@ -78,12 +78,12 @@ public static long initCertReloadingAction(Vertx vertx, HttpServer server, long period; // Validation - if (configuration.certificate.reloadPeriod.isPresent()) { - if (configuration.certificate.reloadPeriod.get().toMillis() < 30_000) { + if (configuration.certificate().reloadPeriod().isPresent()) { + if (configuration.certificate().reloadPeriod().get().toMillis() < 30_000) { throw new IllegalArgumentException( "Unable to configure TLS reloading - The reload period cannot be less than 30 seconds"); } - period = configuration.certificate.reloadPeriod.get().toMillis(); + period = configuration.certificate().reloadPeriod().get().toMillis(); } else { return -1; } @@ -185,8 +185,8 @@ private static SSLOptions reloadFileContent(SSLOptions ssl, ServerSslConfig conf final List keys = new ArrayList<>(); final List certificates = new ArrayList<>(); - configuration.certificate.keyFiles.ifPresent(keys::addAll); - configuration.certificate.files.ifPresent(certificates::addAll); + configuration.certificate().keyFiles().ifPresent(keys::addAll); + configuration.certificate().files().ifPresent(certificates::addAll); if (!certificates.isEmpty() && !keys.isEmpty()) { List certBuffer = new ArrayList<>(); @@ -205,15 +205,15 @@ private static SSLOptions reloadFileContent(SSLOptions ssl, ServerSslConfig conf .setCertValues(certBuffer) .setKeyValues(keysBuffer); copy.setKeyCertOptions(opts); - } else if (configuration.certificate.keyStoreFile.isPresent()) { + } else if (configuration.certificate().keyStoreFile().isPresent()) { var opts = ((KeyStoreOptions) copy.getKeyCertOptions()); - opts.setValue(Buffer.buffer(getFileContent(configuration.certificate.keyStoreFile.get()))); + opts.setValue(Buffer.buffer(getFileContent(configuration.certificate().keyStoreFile().get()))); copy.setKeyCertOptions(opts); } - if (configuration.certificate.trustStoreFile.isPresent()) { + if (configuration.certificate().trustStoreFile().isPresent()) { var opts = ((KeyStoreOptions) copy.getKeyCertOptions()); - opts.setValue(Buffer.buffer(getFileContent(configuration.certificate.trustStoreFile.get()))); + opts.setValue(Buffer.buffer(getFileContent(configuration.certificate().trustStoreFile().get()))); copy.setTrustOptions(opts); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java index 1fe3518e35b08..4c722af8c93b0 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java @@ -29,26 +29,26 @@ private TlsUtils() { public static KeyCertOptions computeKeyStoreOptions(CertificateConfig certificates, Optional keyStorePassword, Optional keyStoreAliasPassword) throws IOException { - if (certificates.keyFiles.isPresent() || certificates.files.isPresent()) { - if (certificates.keyFiles.isEmpty()) { + if (certificates.keyFiles().isPresent() || certificates.files().isPresent()) { + if (certificates.keyFiles().isEmpty()) { throw new IllegalArgumentException("You must specify the key files when specifying the certificate files"); } - if (certificates.files.isEmpty()) { + if (certificates.files().isEmpty()) { throw new IllegalArgumentException("You must specify the certificate files when specifying the key files"); } - if (certificates.files.get().size() != certificates.keyFiles.get().size()) { + if (certificates.files().get().size() != certificates.keyFiles().get().size()) { throw new IllegalArgumentException( "The number of certificate files and key files must be the same, and be given in the same order"); } - return createPemKeyCertOptions(certificates.files.get(), certificates.keyFiles.get()); - } else if (certificates.keyStoreFile.isPresent()) { - var type = getKeyStoreType(certificates.keyStoreFile.get(), certificates.keyStoreFileType); + return createPemKeyCertOptions(certificates.files().get(), certificates.keyFiles().get()); + } else if (certificates.keyStoreFile().isPresent()) { + var type = getKeyStoreType(certificates.keyStoreFile().get(), certificates.keyStoreFileType()); return createKeyStoreOptions( - certificates.keyStoreFile.get(), + certificates.keyStoreFile().get(), keyStorePassword, type, - certificates.keyStoreProvider, - or(certificates.keyStoreAlias, certificates.keyStoreKeyAlias), + certificates.keyStoreProvider(), + or(certificates.keyStoreAlias(), certificates.keyStoreKeyAlias()), keyStoreAliasPassword); } return null; @@ -60,7 +60,7 @@ public static TrustOptions computeTrustOptions(CertificateConfig certificates, O Path singleTrustStoreFile = getSingleTrustStoreFile(certificates); if (singleTrustStoreFile != null) { // We have a single trust store file. - String type = getTruststoreType(singleTrustStoreFile, certificates.trustStoreFileType); + String type = getTruststoreType(singleTrustStoreFile, certificates.trustStoreFileType()); if (type.equalsIgnoreCase("pem")) { byte[] cert = getFileContent(singleTrustStoreFile); return new PemTrustOptions() @@ -69,7 +69,7 @@ public static TrustOptions computeTrustOptions(CertificateConfig certificates, O if ((type.equalsIgnoreCase("pkcs12") || type.equalsIgnoreCase("jks"))) { // We cannot assume that custom type configured by the user requires a password. - if (certificates.trustStorePassword.isEmpty() && trustStorePassword.isEmpty()) { + if (certificates.trustStorePassword().isEmpty() && trustStorePassword.isEmpty()) { throw new IllegalArgumentException("No trust store password provided"); } } @@ -78,16 +78,16 @@ public static TrustOptions computeTrustOptions(CertificateConfig certificates, O singleTrustStoreFile, trustStorePassword, type, - certificates.trustStoreProvider, - certificates.trustStoreCertAlias, + certificates.trustStoreProvider(), + certificates.trustStoreCertAlias(), Optional.empty()); } // We have multiple trust store files (PEM). - if (certificates.trustStoreFiles.isPresent() && !certificates.trustStoreFiles.get().isEmpty()) { + if (certificates.trustStoreFiles().isPresent() && !certificates.trustStoreFiles().get().isEmpty()) { // Assuming PEM, as it's the only format with multiple files PemTrustOptions pemKeyCertOptions = new PemTrustOptions(); - for (Path path : certificates.trustStoreFiles.get()) { + for (Path path : certificates.trustStoreFiles().get()) { byte[] cert = getFileContent(path); pemKeyCertOptions.addCertValue(Buffer.buffer(cert)); } @@ -99,15 +99,15 @@ public static TrustOptions computeTrustOptions(CertificateConfig certificates, O private static Path getSingleTrustStoreFile(CertificateConfig certificates) { Path singleTrustStoreFile = null; - if (certificates.trustStoreFile.isPresent()) { - singleTrustStoreFile = certificates.trustStoreFile.get(); + if (certificates.trustStoreFile().isPresent()) { + singleTrustStoreFile = certificates.trustStoreFile().get(); } - if (certificates.trustStoreFiles.isPresent()) { + if (certificates.trustStoreFiles().isPresent()) { if (singleTrustStoreFile != null) { throw new IllegalArgumentException("You cannot specify both `trustStoreFile` and `trustStoreFiles`"); } - if (certificates.trustStoreFiles.get().size() == 1) { - singleTrustStoreFile = certificates.trustStoreFiles.get().get(0); + if (certificates.trustStoreFiles().get().size() == 1) { + singleTrustStoreFile = certificates.trustStoreFiles().get().get(0); } } return singleTrustStoreFile; @@ -196,5 +196,4 @@ private static PemKeyCertOptions createPemKeyCertOptions(List certFile, Li .setCertValues(certificates) .setKeyValues(keys); } - } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java index 091c1e4432adb..9f77474009773 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java @@ -49,13 +49,13 @@ public class AbstractPathMatchingHttpSecurityPolicy { final var builder = ImmutablePathMatcher.> builder().handlerAccumulator(List::addAll) .rootPath(rootPath); for (PolicyMappingConfig policyMappingConfig : permissions.values()) { - if (appliesTo != policyMappingConfig.appliesTo) { + if (appliesTo != policyMappingConfig.appliesTo()) { continue; } if (hasNoPermissions) { hasNoPermissions = false; } - if (policyMappingConfig.shared) { + if (policyMappingConfig.shared()) { final var builder1 = ImmutablePathMatcher.> builder().handlerAccumulator(List::addAll) .rootPath(rootPath); addPermissionToPathMatcher(namedHttpSecurityPolicies, policyMappingConfig, builder1); @@ -176,15 +176,15 @@ private static String getAuthMechanismName(RoutingContext routingContext, private static void addPermissionToPathMatcher(Map permissionCheckers, PolicyMappingConfig policyMappingConfig, ImmutablePathMatcher.ImmutablePathMatcherBuilder> builder) { - HttpSecurityPolicy checker = permissionCheckers.get(policyMappingConfig.policy); + HttpSecurityPolicy checker = permissionCheckers.get(policyMappingConfig.policy()); if (checker == null) { - throw new RuntimeException("Unable to find HTTP security policy " + policyMappingConfig.policy); + throw new RuntimeException("Unable to find HTTP security policy " + policyMappingConfig.policy()); } - if (policyMappingConfig.enabled.orElse(Boolean.TRUE)) { - for (String path : policyMappingConfig.paths.orElse(Collections.emptyList())) { - HttpMatcher m = new HttpMatcher(policyMappingConfig.authMechanism.orElse(null), - new HashSet<>(policyMappingConfig.methods.orElse(Collections.emptyList())), checker); + if (policyMappingConfig.enabled().orElse(Boolean.TRUE)) { + for (String path : policyMappingConfig.paths().orElse(Collections.emptyList())) { + HttpMatcher m = new HttpMatcher(policyMappingConfig.authMechanism().orElse(null), + new HashSet<>(policyMappingConfig.methods().orElse(Collections.emptyList())), checker); List perms = new ArrayList<>(); perms.add(m); builder.addPath(path, perms); @@ -243,11 +243,11 @@ private static Map toNamedHttpSecPolicies(Map e : rolePolicies.entrySet()) { final PolicyConfig policyConfig = e.getValue(); final Map> roleToPermissions; - if (policyConfig.permissions.isEmpty()) { + if (policyConfig.permissions().isEmpty()) { roleToPermissions = null; } else { roleToPermissions = new HashMap<>(); - for (Map.Entry> roleToPermissionStr : policyConfig.permissions.entrySet()) { + for (Map.Entry> roleToPermissionStr : policyConfig.permissions().entrySet()) { // collect permission actions // perm1:action1,perm2:action2,perm1:action3 -> perm1:action1,action3 and perm2:action2 @@ -261,7 +261,7 @@ private static Map toNamedHttpSecPolicies(Map(); for (PermissionToActions helper : cache.values()) { - if (StringPermission.class.getName().equals(policyConfig.permissionClass)) { + if (StringPermission.class.getName().equals(policyConfig.permissionClass())) { permissions.add(new StringPermission(helper.permissionName, helper.actions.toArray(new String[0]))); } else { permissions.add(customPermissionCreator(policyConfig, helper)); @@ -272,7 +272,7 @@ private static Map toNamedHttpSecPolicies(Map loadClass(String className) { private static Permission customPermissionCreator(PolicyConfig policyConfig, PermissionToActions helper) { try { - var constructor = loadClass(policyConfig.permissionClass).getConstructors()[0]; - if (acceptsActions(policyConfig.permissionClass)) { + var constructor = loadClass(policyConfig.permissionClass()).getConstructors()[0]; + if (acceptsActions(policyConfig.permissionClass())) { return (Permission) constructor.newInstance(helper.permissionName, helper.actions.toArray(new String[0])); } else { return (Permission) constructor.newInstance(helper.permissionName); } } catch (InstantiationException | IllegalAccessException | InvocationTargetException e) { throw new RuntimeException(String.format("Failed to create Permission - class '%s', name '%s', actions '%s'", - policyConfig.permissionClass, helper.permissionName, + policyConfig.permissionClass(), helper.permissionName, Arrays.toString(helper.actions.toArray(new String[0]))), e); } } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/BasicAuthenticationMechanism.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/BasicAuthenticationMechanism.java index 7c16ecd8d00c6..5dd34b500097e 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/BasicAuthenticationMechanism.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/BasicAuthenticationMechanism.java @@ -77,7 +77,7 @@ public class BasicAuthenticationMechanism implements HttpAuthenticationMechanism @Inject BasicAuthenticationMechanism(HttpConfiguration runtimeConfig, HttpBuildTimeConfig buildTimeConfig) { - this(runtimeConfig.auth.realm.orElse(null), buildTimeConfig.auth.form.enabled); + this(runtimeConfig.auth().realm().orElse(null), buildTimeConfig.auth().form().enabled()); } public BasicAuthenticationMechanism(final String realmName) { diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/FormAuthenticationMechanism.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/FormAuthenticationMechanism.java index c94c3737f4ce4..2a948bbb1198e 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/FormAuthenticationMechanism.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/FormAuthenticationMechanism.java @@ -72,7 +72,7 @@ public class FormAuthenticationMechanism implements HttpAuthenticationMechanism Event formAuthEvent, BeanManager beanManager, @ConfigProperty(name = "quarkus.security.events.enabled") boolean securityEventsEnabled) { String key; - if (httpConfiguration.encryptionKey.isEmpty()) { + if (httpConfiguration.encryptionKey().isEmpty()) { if (encryptionKey != null) { //persist across dev mode restarts key = encryptionKey; @@ -83,26 +83,26 @@ public class FormAuthenticationMechanism implements HttpAuthenticationMechanism log.warn("Encryption key was not specified for persistent FORM auth, using temporary key " + key); } } else { - key = httpConfiguration.encryptionKey.get(); + key = httpConfiguration.encryptionKey().get(); } - FormAuthConfig form = buildTimeConfig.auth.form; - FormAuthRuntimeConfig runtimeForm = httpConfiguration.auth.form; - this.loginManager = new PersistentLoginManager(key, runtimeForm.cookieName, runtimeForm.timeout.toMillis(), - runtimeForm.newCookieInterval.toMillis(), runtimeForm.httpOnlyCookie, runtimeForm.cookieSameSite.name(), - runtimeForm.cookiePath.orElse(null), runtimeForm.cookieMaxAge.map(Duration::toSeconds).orElse(-1L)); - this.loginPage = startWithSlash(runtimeForm.loginPage.orElse(null)); - this.errorPage = startWithSlash(runtimeForm.errorPage.orElse(null)); - this.landingPage = startWithSlash(runtimeForm.landingPage.orElse(null)); - this.postLocation = startWithSlash(form.postLocation); - this.usernameParameter = runtimeForm.usernameParameter; - this.passwordParameter = runtimeForm.passwordParameter; - this.locationCookie = runtimeForm.locationCookie; - this.cookiePath = runtimeForm.cookiePath.orElse(null); - boolean redirectAfterLogin = runtimeForm.redirectAfterLogin; + FormAuthConfig form = buildTimeConfig.auth().form(); + FormAuthRuntimeConfig runtimeForm = httpConfiguration.auth().form(); + this.loginManager = new PersistentLoginManager(key, runtimeForm.cookieName(), runtimeForm.timeout().toMillis(), + runtimeForm.newCookieInterval().toMillis(), runtimeForm.httpOnlyCookie(), runtimeForm.cookieSameSite().name(), + runtimeForm.cookiePath().orElse(null), runtimeForm.cookieMaxAge().map(Duration::toSeconds).orElse(-1L)); + this.loginPage = startWithSlash(runtimeForm.loginPage().orElse(null)); + this.errorPage = startWithSlash(runtimeForm.errorPage().orElse(null)); + this.landingPage = startWithSlash(runtimeForm.landingPage().orElse(null)); + this.postLocation = startWithSlash(form.postLocation()); + this.usernameParameter = runtimeForm.usernameParameter(); + this.passwordParameter = runtimeForm.passwordParameter(); + this.locationCookie = runtimeForm.locationCookie(); + this.cookiePath = runtimeForm.cookiePath().orElse(null); + boolean redirectAfterLogin = runtimeForm.redirectAfterLogin(); this.redirectToLandingPage = landingPage != null && redirectAfterLogin; this.redirectToLoginPage = loginPage != null; this.redirectToErrorPage = errorPage != null; - this.cookieSameSite = CookieSameSite.valueOf(runtimeForm.cookieSameSite.name()); + this.cookieSameSite = CookieSameSite.valueOf(runtimeForm.cookieSameSite().name()); this.isFormAuthEventObserver = SecurityEventHelper.isEventObserved(createLoginEvent(null), beanManager, securityEventsEnabled); this.formAuthEvent = this.isFormAuthEventObserver ? formAuthEvent : null; diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java index da171acff63df..dfe41720e7048 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java @@ -94,7 +94,7 @@ public final class HttpAuthenticator { this.securityEventHelper = new SecurityEventHelper<>(authSuccessEvent, authFailureEvent, AUTHENTICATION_SUCCESS, AUTHENTICATION_FAILURE, beanManager, securityEventsEnabled); this.identityProviderManager = identityProviderManager; - this.inclusiveAuth = httpBuildTimeConfig.auth.inclusive; + this.inclusiveAuth = httpBuildTimeConfig.auth().inclusive(); List mechanisms = new ArrayList<>(); for (HttpAuthenticationMechanism mechanism : httpAuthenticationMechanism) { if (mechanism.getCredentialTypes().isEmpty()) { @@ -121,7 +121,7 @@ public final class HttpAuthenticator { if (found) { mechanisms.add(mechanism); } else if (BasicAuthenticationMechanism.class.equals(mechanism.getClass()) - && httpBuildTimeConfig.auth.basic.isEmpty()) { + && httpBuildTimeConfig.auth().basic().isEmpty()) { log.debug(""" BasicAuthenticationMechanism has been enabled because no other authentication mechanism has been detected, but there is no IdentityProvider based on username and password. Please use @@ -493,8 +493,8 @@ private static boolean isBasicAuthNotRequired() { if (Boolean.getBoolean(BASIC_AUTH_ANNOTATION_DETECTED)) { return false; } - for (var policy : Arc.container().instance(HttpConfiguration.class).get().auth.permissions.values()) { - if (BasicAuthentication.AUTH_MECHANISM_SCHEME.equals(policy.authMechanism.orElse(null))) { + for (var policy : Arc.container().instance(HttpConfiguration.class).get().auth().permissions().values()) { + if (BasicAuthentication.AUTH_MECHANISM_SCHEME.equals(policy.authMechanism().orElse(null))) { return false; } } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java index 1f1faee90d42d..6dd749960035e 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java @@ -66,7 +66,7 @@ public Handler getHttpAuthenticatorHandler(RuntimeValue handlerRuntimeValue, HttpConfiguration httpConfig) { handlerRuntimeValue.getValue().init(PathMatchingHttpSecurityPolicy.class, - RolesMapping.of(httpConfig.auth.rolesMapping)); + RolesMapping.of(httpConfig.auth().rolesMapping())); } public Handler permissionCheckHandler() { @@ -426,8 +426,8 @@ public void init(Class pathMat public void setMtlsCertificateRoleProperties(HttpConfiguration config) { InstanceHandle mtls = Arc.container().instance(MtlsAuthenticationMechanism.class); - if (mtls.isAvailable() && config.auth.certificateRoleProperties.isPresent()) { - Path rolesPath = config.auth.certificateRoleProperties.get(); + if (mtls.isAvailable() && config.auth().certificateRoleProperties().isPresent()) { + Path rolesPath = config.auth().certificateRoleProperties().get(); URL rolesResource = null; if (Files.exists(rolesPath)) { try { @@ -456,7 +456,7 @@ public void setMtlsCertificateRoleProperties(HttpConfiguration config) { } if (!roles.isEmpty()) { - var certRolesAttribute = new CertificateRoleAttribute(config.auth.certificateRoleAttribute, roles); + var certRolesAttribute = new CertificateRoleAttribute(config.auth().certificateRoleAttribute(), roles); mtls.get().setCertificateToRolesMapper(certRolesAttribute.rolesMapper()); } } catch (Exception e) { diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/JaxRsPathMatchingHttpSecurityPolicy.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/JaxRsPathMatchingHttpSecurityPolicy.java index 7e4022e226027..3c1a99b713164 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/JaxRsPathMatchingHttpSecurityPolicy.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/JaxRsPathMatchingHttpSecurityPolicy.java @@ -36,8 +36,8 @@ public class JaxRsPathMatchingHttpSecurityPolicy { Instance installedPolicies, HttpConfiguration httpConfig, HttpBuildTimeConfig buildTimeConfig, BlockingSecurityExecutor blockingSecurityExecutor) { this.storage = storage; - this.delegate = new AbstractPathMatchingHttpSecurityPolicy(httpConfig.auth.permissions, - httpConfig.auth.rolePolicy, buildTimeConfig.rootPath, installedPolicies, JAXRS); + this.delegate = new AbstractPathMatchingHttpSecurityPolicy(httpConfig.auth().permissions(), + httpConfig.auth().rolePolicy(), buildTimeConfig.rootPath(), installedPolicies, JAXRS); this.foundNoAnnotatedMethods = storage.getMethodToPolicyName().isEmpty(); this.requestContext = new DefaultAuthorizationRequestContext(blockingSecurityExecutor); if (storage.getMethodToPolicyName().isEmpty()) { diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ManagementPathMatchingHttpSecurityPolicy.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ManagementPathMatchingHttpSecurityPolicy.java index 2127bc731d7ef..04c70141a0b61 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ManagementPathMatchingHttpSecurityPolicy.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ManagementPathMatchingHttpSecurityPolicy.java @@ -11,16 +11,15 @@ /** * A security policy that allows for matching of other security policies based on paths. - * + *

* This is used for the default path/method based RBAC. */ @Startup // do not initialize path matcher during first HTTP request @Singleton public class ManagementPathMatchingHttpSecurityPolicy extends AbstractPathMatchingHttpSecurityPolicy { - ManagementPathMatchingHttpSecurityPolicy(ManagementInterfaceBuildTimeConfig buildTimeConfig, ManagementInterfaceConfiguration runTimeConfig, Instance installedPolicies) { - super(runTimeConfig.auth.permissions, runTimeConfig.auth.rolePolicy, buildTimeConfig.rootPath, installedPolicies, ALL); + super(runTimeConfig.auth().permissions(), runTimeConfig.auth().rolePolicy(), buildTimeConfig.rootPath(), + installedPolicies, ALL); } - } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/PathMatchingHttpSecurityPolicy.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/PathMatchingHttpSecurityPolicy.java index 1138529568af5..446782b6eef94 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/PathMatchingHttpSecurityPolicy.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/PathMatchingHttpSecurityPolicy.java @@ -11,16 +11,15 @@ /** * A security policy that allows for matching of other security policies based on paths. - * + *

* This is used for the default path/method based RBAC. */ @Startup // do not initialize path matcher during first HTTP request @Singleton public class PathMatchingHttpSecurityPolicy extends AbstractPathMatchingHttpSecurityPolicy implements HttpSecurityPolicy { - PathMatchingHttpSecurityPolicy(HttpConfiguration httpConfig, HttpBuildTimeConfig buildTimeConfig, Instance installedPolicies) { - super(httpConfig.auth.permissions, httpConfig.auth.rolePolicy, buildTimeConfig.rootPath, installedPolicies, ALL); + super(httpConfig.auth().permissions(), httpConfig.auth().rolePolicy(), buildTimeConfig.rootPath(), installedPolicies, + ALL); } - } diff --git a/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/WebDependencyLocatorProcessor.java b/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/WebDependencyLocatorProcessor.java index 6ee11770182c9..25f19710afe38 100644 --- a/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/WebDependencyLocatorProcessor.java +++ b/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/WebDependencyLocatorProcessor.java @@ -263,7 +263,7 @@ private LibInfo getLibInfo(CurateOutcomeBuildItem curateOutcome, String prefix, private String getRootPath(HttpBuildTimeConfig httpConfig, String path) { // The context path + the resources path - String rootPath = httpConfig.rootPath; + String rootPath = httpConfig.rootPath(); return (rootPath.endsWith("/")) ? rootPath + path + "/" : rootPath + "/" + path + "/"; } diff --git a/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/devui/WebDependencyLocatorDevModeApiProcessor.java b/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/devui/WebDependencyLocatorDevModeApiProcessor.java index 5a5ef624e6c2d..b1badd4015b47 100644 --- a/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/devui/WebDependencyLocatorDevModeApiProcessor.java +++ b/extensions/web-dependency-locator/deployment/src/main/java/io/quarkus/webdependency/locator/deployment/devui/WebDependencyLocatorDevModeApiProcessor.java @@ -62,7 +62,7 @@ private List getLibraries(HttpBuildTimeConfig httpConfig, () -> new HashMap<>(providers.size()))); if (!webDependencyKeys.isEmpty()) { // The root path of the application - final String rootPath = httpConfig.rootPath; + final String rootPath = httpConfig.rootPath(); // The root path of the webDependencies final String webDependencyRootPath = (rootPath.endsWith("/")) ? rootPath + path + "/" : rootPath + "/" + path + "/"; diff --git a/extensions/websockets-next/runtime/src/main/java/io/quarkus/websockets/next/runtime/devui/WebSocketNextJsonRPCService.java b/extensions/websockets-next/runtime/src/main/java/io/quarkus/websockets/next/runtime/devui/WebSocketNextJsonRPCService.java index c780543e70da2..17e9dc6eb4c4e 100644 --- a/extensions/websockets-next/runtime/src/main/java/io/quarkus/websockets/next/runtime/devui/WebSocketNextJsonRPCService.java +++ b/extensions/websockets-next/runtime/src/main/java/io/quarkus/websockets/next/runtime/devui/WebSocketNextJsonRPCService.java @@ -119,8 +119,8 @@ public Uni openDevConnection(String path, String endpointPath) { String connectionKey = UUID.randomUUID().toString(); Uni uni = Uni.createFrom().completionStage(() -> client .connect(new WebSocketConnectOptions() - .setPort(httpConfig.port) - .setHost(httpConfig.host) + .setPort(httpConfig.port()) + .setHost(httpConfig.host()) .setURI(path) .addHeader(DEVUI_SOCKET_KEY_HEADER, connectionKey)) .toCompletionStage()); diff --git a/integration-tests/test-extension/extension/deployment/src/test/java/io/quarkus/extest/UnknownConfigTest.java b/integration-tests/test-extension/extension/deployment/src/test/java/io/quarkus/extest/UnknownConfigTest.java index 97b201903d50f..eba70b89bc9ae 100644 --- a/integration-tests/test-extension/extension/deployment/src/test/java/io/quarkus/extest/UnknownConfigTest.java +++ b/integration-tests/test-extension/extension/deployment/src/test/java/io/quarkus/extest/UnknownConfigTest.java @@ -45,7 +45,7 @@ public class UnknownConfigTest { @Test void unknown() { assertEquals("1234", config.getConfigValue("quarkus.unknown.prop").getValue()); - assertEquals("/1234", httpBuildTimeConfig.nonApplicationRootPath); - assertEquals(4443, httpConfiguration.sslPort); + assertEquals("/1234", httpBuildTimeConfig.nonApplicationRootPath()); + assertEquals(4443, httpConfiguration.sslPort()); } }