Skip to content

Feature/domain name bypass #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jun 28, 2025
Merged

Feature/domain name bypass #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5dad955
feat: domain name check bypass
zeluciojr Mar 11, 2025
c032811
fix: actually bypassing all verifications if needed
zeluciojr Mar 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<url>https://github.com/clean-arch-enablers-project/cae-utils-http-client/blob/main/README.md</url>
<groupId>com.clean-arch-enablers</groupId>
<artifactId>cae-http-client</artifactId>
<version>2.1.0</version>
<version>2.2.1</version>
<packaging>jar</packaging>
<licenses>
<license>
Expand Down
1 change: 1 addition & 0 deletions src/main/java/com/cae/http_client/HttpRequestBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ public interface HttpRequestBuilder extends HttpRequestBuilderForHandlers{
HttpRequestBuilder queryParameterOf(String queryParameterName, String queryParameterValue);
HttpRequestBuilder proxyAddress(String host, Integer port);
HttpRequestBuilder bypassSsl();
HttpRequestBuilder bypassDomainCheck();
HttpRequestModel buildRequestModel();

}
6 changes: 5 additions & 1 deletion src/main/java/com/cae/http_client/implementations/AbstractHttpRequestModel.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
package com.cae.http_client.implementations;

import com.cae.http_client.*;
import com.cae.http_client.ExceptionHandler;
import com.cae.http_client.HttpRequestMethod;
import com.cae.http_client.HttpRequestModel;
import com.cae.http_client.HttpResponseHandler;

import java.net.http.HttpRequest.BodyPublisher;
import java.util.ArrayList;
Expand All @@ -18,6 +21,7 @@ public abstract class AbstractHttpRequestModel implements HttpRequestModel {
protected HttpRequestMethod method;
protected ProxyAddressModel proxyAddress;
protected Boolean bypassSsl = false;
protected Boolean bypassDomainCheck = false;
protected HttpResponseHandler genericResponseHandler;
protected final Map<Integer, HttpResponseHandler> responseHandlersByStatusCode = new HashMap<>();
protected final Map<Class<? extends Exception>, ExceptionHandler> exceptionHandlersByExceptionType = new HashMap<>();
Expand Down
15 changes: 15 additions & 0 deletions src/main/java/com/cae/http_client/implementations/DomainCheckBypass.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
package com.cae.http_client.implementations;

import lombok.AccessLevel;
import lombok.NoArgsConstructor;

import javax.net.ssl.SSLParameters;

@NoArgsConstructor(access = AccessLevel.PRIVATE)
public class DomainCheckBypass {

public static void run(SSLParameters sslParameters){
sslParameters.setEndpointIdentificationAlgorithm("");
}

}
15 changes: 13 additions & 2 deletions src/main/java/com/cae/http_client/implementations/FinalHttpRequestExecutor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import lombok.AccessLevel;
import lombok.NoArgsConstructor;

import javax.net.ssl.SSLParameters;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.ProxySelector;
Expand Down Expand Up @@ -38,7 +39,8 @@ public HttpResponse<String> execute(HttpRequest finalRequest){
private HttpClient createClient() {
var client = HttpClient.newBuilder();
this.handleProxySettings(client);
this.handleSslByPass(client);
this.handleSslBypass(client);
this.handleDomainCheckBypass(client);
return client.build();
}

Expand All @@ -55,9 +57,18 @@ private void handleProxySettings(HttpClient.Builder client) {
);
}

private void handleSslByPass(HttpClient.Builder client) {
private void handleSslBypass(HttpClient.Builder client) {
if (this.httpRequestModel.bypassSsl)
client.sslContext(SSLBypassSettings.getContext());
}

private void handleDomainCheckBypass(HttpClient.Builder client) {
if (this.httpRequestModel.bypassDomainCheck){
var sslParameters = new SSLParameters();
DomainCheckBypass.run(sslParameters);
client.sslParameters(sslParameters);
}
}


}
6 changes: 6 additions & 0 deletions src/main/java/com/cae/http_client/implementations/HttpRequestBuilderImplementation.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@ public HttpRequestBuilder bypassSsl() {
return this;
}

@Override
public HttpRequestBuilder bypassDomainCheck() {
this.httpRequest.bypassDomainCheck = true;
return this;
}

@Override
public HttpRequestModel buildRequestModel() {
return this.httpRequest;
Expand Down
36 changes: 32 additions & 4 deletions src/main/java/com/cae/http_client/implementations/SSLBypassSettings.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,10 @@
import lombok.NoArgsConstructor;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
Expand Down Expand Up @@ -33,18 +35,44 @@ public static SSLContext getContext(){
}
}

public static class CustomTrustManager implements X509TrustManager{
public static class CustomTrustManager extends X509ExtendedTrustManager {

public static final String BYPASS_MESSAGE = "Bypassing SSL verifications";

@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
System.out.println(BYPASS_MESSAGE);
}

@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
System.out.println(BYPASS_MESSAGE);
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}

@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) {
System.out.println(BYPASS_MESSAGE);
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) {
System.out.println(BYPASS_MESSAGE);
}

@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) {
System.out.println(BYPASS_MESSAGE);
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) {
System.out.println(BYPASS_MESSAGE);
}
}

public static class SSLBypassSettingsException extends RuntimeException{
Expand Down