Java Quarkus/MicroProfile Restclient注入sslContext

Question

如何通过在接口中使用@RegisterRestClient来注入自定义sslContext？

Answer 1

Quarkus或Microprofile也不允许您以编程方式构建rest客户端(这毕竟是为您提供自动实现的接口的目的)。不过，您也可以自己实现rest-client接口并设置javax.net.ssl.SSLContext。

下面的示例旨在提供一个信任所有主机的SSLContext：

package org.me.rest;

import java.net.URI;
import java.security.KeyManagementException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.annotation.Priority;
import javax.enterprise.context.ApplicationScoped;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.eclipse.microprofile.rest.client.RestClientBuilder;
import org.eclipse.microprofile.rest.client.inject.RestClient;
import org.me.rest.MyRestClient;

@Priority(value = 1) //choose an appropriate value here
@RestClient
@ApplicationScoped
public class MyRestClientImpl implements MyRestClient {

    @Override
    public Response getTheResource() {

        SSLContext sslContext = null;

        try {

            sslContext = SSLContext.getInstance("TLS");
            TrustManager tm = new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}

                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            sslContext.init(null, new TrustManager[] {
                tm
            }, null);
        } catch (Exception e) {
            e.printStackTrace();
        }

        AuthRestClient client =
            RestClientBuilder.newBuilder().baseUri(URI.create("https://hostname:port/some/rest/resource/"))
            .hostnameVerifier(new NoopHostnameVerifier()).sslContext(sslContext).build(AuthRestClient.class);
        return client.getTheResource();
    }
}