sttp icon indicating copy to clipboard operation
sttp copied to clipboard

Published 20 hours ago verified publisher icon softwaremill

Cannot make Async-http-client use tls

Open adamstarlight opened this issue 3 years ago • 4 comments

I'm trying to make a request through a secure http proxy using sttp and async-http-client-backend-zio1 client. The proxy (squid) is working fine, I was able to connect through it on node.js without any issues at all. Here is how it was implemented in Javascript:

import fetch from "node-fetch";
import HttpsProxyAgent from "https-proxy-agent";

const agent = new HttpsProxyAgent({
  host: "**proxy-domain-name**",
  port: 443,
  secureProxy: true,
});

fetch("https://api.ipify.org?format=json", { agent })
  .then((response) => response.json())
  .then((response) => {
    console.log("Response received");
    console.log(response);
  })
  .catch((err) => console.log(err));

However recreating something similar in Scala proven to be much more difficult! I used code below to make a request. This solution fails with Bad request, Client sent an HTTP request to an HTTPS server..

def buildBackend = AsyncHttpClientZioBackend(
  options = SttpBackendOptions.httpProxy(
    "**proxy-domain-name**",
    443
  )
)

for {
  _ <- putStrLn("Executing fetch task")
  backend <- buildBackend
  response <- request(uri"https://api.ipify.org?format=json").send(backend)
  _ <- putStrLn(response.toString())
} yield ()

How to correctly configure secure proxy using sttp?

adamstarlight avatar Feb 01 '22 11:02 adamstarlight

Checked network traffic in Wireshark. Node.js seem to connect to proxy using HTTPS, while sttp does not use TLS at all. Is there any way to customize this behavior?

adamstarlight avatar Feb 01 '22 15:02 adamstarlight

Given up on Async-http-client, this should not be this hard and disappointing to figure simple configurations... And thank you all for supporting multiple backends! Armeria was so much friendlier)

val proxyConfig =
  ProxyConfig.connect(new InetSocketAddress("***proxy-ip***", 443), true)

val clientFactory = ClientFactory.builder().proxyConfig(proxyConfig).build()
val webClient = WebClient.builder().factory(clientFactory).build()
val buildBackend = ArmeriaZioBackend.usingClient(webClient)

adamstarlight avatar Feb 01 '22 19:02 adamstarlight

Thanks for the report. Maybe we are integrating with async-http-client incorrectly someplace, that would need testing. But on first look, there's no special options available for https. So to debug and determine if it's a problem with sttp or async-http-client, we'd first need to reproduce (or not) using async-http-client itself.

Out of curiosity, didn't setting the proxy using SttpBackendOptions.httpProxy work for you with the armeria backend?

adamw avatar Feb 02 '22 14:02 adamw

FWIW I am having similar proxy usage related issues with AsyncHttpClientCatsBackend. May not be the exact same problem in my case but definitely there are issues around using proxies with async.

halfhp avatar Jul 22 '22 12:07 halfhp