kptfh
WebReactiveFeign.Builder not using webclient's httpClient configuration
Hello,
I'm currently constructing multiple feign clients using the WebReactiveFeign.Builder api. However this class is not using the httpClient configured before in the webclient. ( my httpClient use sslContext that trust all certs but the feignClient is not using it) to be clear this is my configuration :
@Configuration
public class FeignConfiguration {
// ssl context trusting all certificates
@Bean
public SslContext sslContext() throws Exception {
SslContext sslContext = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.build();
return sslContext;
}
@Bean
public ClientHttpConnector httpConnector(SslContext sslContext) {
HttpClient httpClient = HttpClient.create().secure(sslContextSpec -> sslContextSpec.sslContext(sslContext));
return new ReactorClientHttpConnector(httpClient);
}
@Bean
public WebClient webClient(ClientHttpConnector httpConnector, ObjectMapper mapper) {
ExchangeStrategies strategies = ExchangeStrategies
.builder()
.codecs(configurer -> {
configurer.defaultCodecs().jackson2JsonEncoder(new Jackson2JsonEncoder(mapper));
configurer.defaultCodecs().jackson2JsonDecoder(new Jackson2JsonDecoder(mapper));
}).build();
return WebClient.builder().clientConnector(httpConnector).exchangeStrategies(strategies).build();
}
@Bean
public WebReactiveFeign.Builder reactiveFeignBuilder(WebClient webClient) {
return WebReactiveFeign.builder(webClient.mutate());
}
}
so when I use the bean WebReactiveFeign.Builder to create feignClients dynamically I got an ssl exception ( which means is not using my sslContext as configured in the httpClient -> webclient bean)
the ssl exception is :
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
However if I pass the httpClient bean to the WebReactiveFeign.Builder directly ( as below ) it use the insecure sslContext without any exception :
@Bean
public HttpClient httpConnector(SecurityProperties securityProps, SslContext sslContext) {
HttpClient httpClient = HttpClient.create().secure(sslContextSpec -> sslContextSpec.sslContext(sslContext));
SecurityProperties.ProxyServer proxyServer = securityProps.getProxy();
if (proxyServer != null) {
httpClient.proxy(proxy -> proxy.type(ProxyProvider.Proxy.HTTP)
.host(proxyServer.getHost())
.port(proxyServer.getPort())
.username(proxyServer.getUsername())
.password(u -> proxyServer.getPassword()));
}
return httpClient;
}
@Bean
public WebClient webClient(HttpClient httpClient, ObjectMapper mapper) {
ExchangeStrategies strategies = ExchangeStrategies
.builder()
.codecs(configurer -> {
configurer.defaultCodecs().jackson2JsonEncoder(new Jackson2JsonEncoder(mapper));
configurer.defaultCodecs().jackson2JsonDecoder(new Jackson2JsonDecoder(mapper));
}).build();
return WebClient.builder().clientConnector(new ReactorClientHttpConnector(httpClient)).exchangeStrategies(strategies).build();
}
@Bean
public WebReactiveFeign.Builder reactiveFeignBuilder(WebClient webClient, HttpClient httpClient) {
WebReactiveFeign.Builder<Object> builder = WebReactiveFeign.builder(webClient.mutate());
builder.httpClient(httpClient);
return builder;
}
do you think it's WebReactiveFeign.Builder bug?
FYI I'm using :
<dependency>
<groupId>com.playtika.reactivefeign</groupId>
<artifactId>feign-reactor-spring-cloud-starter</artifactId>
<version>3.2.6</version>
<type>pom</type>
</dependency>
thank you in advance for your help ;)
Best regards, Med
Please, try with Playtika fork.
On Tue, 11 Oct 2022, 16:25 medbelamachi, @.***> wrote:
Hello,
I'm currently constructing multiple feign clients using the WebReactiveFeign.Builder api. However this class is not using the httpClient configured before in the webclient. ( my httpClient use sslContext that trust all certs but the feignClient is not using it) to be clear this is my configuration :
` @configuration https://github.com/configuration public class FeignConfiguration {
// ssl context trusting all certificates @Bean public SslContext sslContext() throws Exception { SslContext sslContext = SslContextBuilder.forClient() .trustManager(InsecureTrustManagerFactory.INSTANCE) .build(); return sslContext; }
@Bean public ClientHttpConnector httpConnector(SslContext sslContext) { HttpClient httpClient = HttpClient.create().secure(sslContextSpec -> sslContextSpec.sslContext(sslContext)); return new ReactorClientHttpConnector(httpClient); }
@Bean public WebClient webClient(ClientHttpConnector httpConnector, ObjectMapper mapper) { ExchangeStrategies strategies = ExchangeStrategies .builder() .codecs(configurer -> { configurer.defaultCodecs().jackson2JsonEncoder(new Jackson2JsonEncoder(mapper)); configurer.defaultCodecs().jackson2JsonDecoder(new Jackson2JsonDecoder(mapper)); }).build(); return WebClient.builder().clientConnector(httpConnector).exchangeStrategies(strategies).build(); }
@Bean public WebReactiveFeign.Builder reactiveFeignBuilder(WebClient webClient) { return WebReactiveFeign.builder(webClient.mutate()); }
} `
so when I use the bean WebReactiveFeign.Builder to create feignClients dynamically I got an ssl exception ( which means is not using my sslContext as configured in the httpClient -> webclient bean)
the ssl exception is : javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
However if I pass the httpClient bean to the WebReactiveFeign.Builder directly ( as below ) it use the insecure sslContext without any exception : ` @bean https://github.com/bean public HttpClient httpConnector(SecurityProperties securityProps, SslContext sslContext) { HttpClient httpClient = HttpClient.create().secure(sslContextSpec -> sslContextSpec.sslContext(sslContext)); SecurityProperties.ProxyServer proxyServer = securityProps.getProxy(); if (proxyServer != null) { httpClient.proxy(proxy -> proxy.type(ProxyProvider.Proxy.HTTP) .host(proxyServer.getHost()) .port(proxyServer.getPort()) .username(proxyServer.getUsername()) .password(u -> proxyServer.getPassword())); } return httpClient; }
@Bean public WebClient webClient(HttpClient httpClient, ObjectMapper mapper) { ExchangeStrategies strategies = ExchangeStrategies .builder() .codecs(configurer -> { configurer.defaultCodecs().jackson2JsonEncoder(new Jackson2JsonEncoder(mapper)); configurer.defaultCodecs().jackson2JsonDecoder(new Jackson2JsonDecoder(mapper)); }).build(); return WebClient.builder().clientConnector(new ReactorClientHttpConnector(httpClient)).exchangeStrategies(strategies).build(); }
@Bean public WebReactiveFeign.Builder reactiveFeignBuilder(WebClient webClient, HttpClient httpClient) { WebReactiveFeign.Builder<Object> builder = WebReactiveFeign.builder(webClient.mutate()); builder.httpClient(httpClient); return builder; }
`
do you think it's WebReactiveFeign.Builder bug?
FYI I'm using :
<groupId>com.playtika.reactivefeign</groupId> <artifactId>feign-reactor-spring-cloud-starter</artifactId> 3.2.6 pom thank you in advance for your help ;)
Best regards, Med
— Reply to this email directly, view it on GitHub https://github.com/kptfh/feign-reactive/issues/26, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADYRISWAOYUJXIQYJW57ZF3WCVTFFANCNFSM6AAAAAARCJFJQI . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Yes, the same happens with the Playtika repo, gonna create the same issue there