From 83127362003af3d57539a90e8ff4cbcb7a92bba1 Mon Sep 17 00:00:00 2001 From: ztzh_xieyun Date: Tue, 14 May 2024 13:44:21 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81https=20=E4=BF=AE=E6=94=B9rou?= =?UTF-8?q?ter=20header=20=E6=A8=A1=E5=BC=8F=20bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/sf/vertx/handle/AppConfigHandler.java | 36 ++++++++++-------- .../com/sf/vertx/init/SacVertxConfig.java | 3 ++ .../java/com/sf/vertx/utils/ProxyTool.java | 2 - sf-vertx/src/main/resources/application.yml | 3 +- sf-vertx/src/main/resources/cacerts.jks | Bin 0 -> 1286 bytes sf-vertx/src/main/resources/keystore.jks | Bin 0 -> 2756 bytes sf-vertx/src/main/resources/server.cer | Bin 0 -> 896 bytes 7 files changed, 25 insertions(+), 19 deletions(-) create mode 100644 sf-vertx/src/main/resources/cacerts.jks create mode 100644 sf-vertx/src/main/resources/keystore.jks create mode 100644 sf-vertx/src/main/resources/server.cer diff --git a/sf-vertx/src/main/java/com/sf/vertx/handle/AppConfigHandler.java b/sf-vertx/src/main/java/com/sf/vertx/handle/AppConfigHandler.java index f81abd6..ba81bdf 100644 --- a/sf-vertx/src/main/java/com/sf/vertx/handle/AppConfigHandler.java +++ b/sf-vertx/src/main/java/com/sf/vertx/handle/AppConfigHandler.java @@ -43,6 +43,7 @@ import io.vertx.core.http.HttpClient; import io.vertx.core.http.HttpMethod; import io.vertx.core.http.HttpServer; import io.vertx.core.http.HttpServerOptions; +import io.vertx.core.net.JksOptions; import io.vertx.core.spi.cluster.ClusterManager; import io.vertx.ext.web.Route; import io.vertx.ext.web.Router; @@ -82,12 +83,13 @@ public class AppConfigHandler { // 负载均衡路由类型 appCode:apiCode - routerType // 执行流程 routerType=
- // 1、serviceNodel="NORMAL", serviceNodel="ROUTE" and RouteType = "WEIGHT_ROUTE"
+ // 1、serviceNodel="NORMAL", serviceNodel="ROUTE" and RouteType = "WEIGHT_ROUTE" + //
// return LOADBALANCING_MAP - // 2、serviceNodel="ROUTE", RouteType = "HEADER_ROUTE"
+ // 2、serviceNodel="ROUTE", RouteType = "HEADER_ROUTE"
// return APICODE_CONFIG_ROUTERCONENT_MAP private static ConcurrentHashMap APICODE_CONFIG_ROUTERTYPE_MAP = new ConcurrentHashMap<>(); - + private static ConcurrentHashMap> APICODE_CONFIG_ROUTERCONENT_MAP = new ConcurrentHashMap<>(); // apiCode熔断配置 appCode:apiCode - CircuitBreaker private static ConcurrentHashMap APICODE_CONFIG_CIRCUIT_BREAKER_MAP = new ConcurrentHashMap<>(); @@ -95,23 +97,22 @@ public class AppConfigHandler { // 禁用appCode private static ConcurrentHashSet DISABLED_APPCODE = new ConcurrentHashSet(); - public static Integer routerType(String key) { return APICODE_CONFIG_ROUTERTYPE_MAP.get(key) != null ? APICODE_CONFIG_ROUTERTYPE_MAP.get(key) : 1; } - + public static List routerConentList(String key) { return APICODE_CONFIG_ROUTERCONENT_MAP.get(key); } - + public static Integer requestModel() { return sacVertxConfig.getRequestModel(); } - + public static String sacResponseHeaderKey() { return sacVertxConfig.getSacResponseHeaderKey(); } - + public static String rpcUri() { return sacVertxConfig.getRpcUri(); } @@ -299,11 +300,11 @@ public class AppConfigHandler { if (appConfig.getAppCurrentLimitingConfig() != null) { initRateLimiter(appCode, appConfig.getAppCurrentLimitingConfig(), GLOBAL_APP_CURRENT_LIMITING_MAP); } - + // app router负载均衡 - int routerType = 1; List routeContentList = null; for (SacService sacService : appConfig.getService()) { + int routerType = 1; List nodeList = new ArrayList<>(); // 获取service模式 if (StringUtils.equals(sacService.getServiceModel(), "NORMAL")) { @@ -338,7 +339,7 @@ public class AppConfigHandler { for (ApiConfig apiConfig : sacService.getApiConfig()) { String key = appCode + ":" + apiConfig.getApiCode(); APICODE_CONFIG_MAP.put(key, apiConfig); - + // 负载均衡模式 APICODE_CONFIG_ROUTERTYPE_MAP.put(key, routerType); switch (routerType) { @@ -480,7 +481,7 @@ public class AppConfigHandler { } }); } - + /*** * 发布消息,订阅消息 * @@ -501,6 +502,10 @@ public class AppConfigHandler { // 创建HTTP监听 // 所有ip都能访问 HttpServerOptions httpServerOptions = new HttpServerOptions().setHost("0.0.0.0"); + if (sacVertxConfig.isSSLs()) { + httpServerOptions.setSsl(true) + .setKeyStoreOptions(new JksOptions().setPassword("changeit").setPath("keystore.jks")); + } HttpServer server = VERTX.createHttpServer(httpServerOptions); Router mainHttpRouter = Router.router(VERTX); Integer serverPort = vertxConfig.getPort() == null ? sacVertxConfig.getPort() : vertxConfig.getPort(); @@ -563,10 +568,9 @@ public class AppConfigHandler { } else { route = mainHttpRouter.route(); } - route.handler(ParameterCheckHandler.create()) - .handler(AppRateLimitHandler.create(rateLimitModel)).handler(ApiRateLimitHandler.create(rateLimitModel)) - .handler(BodyHandler.create()).handler(ProxyHandler.create(mainWebClient, proxy)) - .failureHandler(RestfulFailureHandler.create()); + route.handler(ParameterCheckHandler.create()).handler(AppRateLimitHandler.create(rateLimitModel)) + .handler(ApiRateLimitHandler.create(rateLimitModel)).handler(BodyHandler.create()) + .handler(ProxyHandler.create(mainWebClient, proxy)).failureHandler(RestfulFailureHandler.create()); // mainHttpRouter.route().handler(ProxyHandler.create(mainWebClient, proxy)); } diff --git a/sf-vertx/src/main/java/com/sf/vertx/init/SacVertxConfig.java b/sf-vertx/src/main/java/com/sf/vertx/init/SacVertxConfig.java index f2472bf..2744792 100644 --- a/sf-vertx/src/main/java/com/sf/vertx/init/SacVertxConfig.java +++ b/sf-vertx/src/main/java/com/sf/vertx/init/SacVertxConfig.java @@ -34,6 +34,9 @@ public class SacVertxConfig { @Value("${server.vertx.rpcUri:/rpc}") private String rpcUri; + @Value("${server.vertx.isSSL:false}") + private boolean isSSLs; + @Value("${server.vertx.deploymentMode:1}") private Integer deploymentMode; diff --git a/sf-vertx/src/main/java/com/sf/vertx/utils/ProxyTool.java b/sf-vertx/src/main/java/com/sf/vertx/utils/ProxyTool.java index 61ddaa3..5113e96 100644 --- a/sf-vertx/src/main/java/com/sf/vertx/utils/ProxyTool.java +++ b/sf-vertx/src/main/java/com/sf/vertx/utils/ProxyTool.java @@ -3,8 +3,6 @@ package com.sf.vertx.utils; import java.util.List; import java.util.regex.Pattern; -import org.apache.commons.lang3.StringUtils; - import com.sf.vertx.api.pojo.Node; import com.sf.vertx.api.pojo.RouteContent; import com.sf.vertx.arithmetic.roundRobin.SacLoadBalancing; diff --git a/sf-vertx/src/main/resources/application.yml b/sf-vertx/src/main/resources/application.yml index 0a6405d..adb9c17 100644 --- a/sf-vertx/src/main/resources/application.yml +++ b/sf-vertx/src/main/resources/application.yml @@ -3,12 +3,13 @@ server: vertx: deploymentMode: 1 # 1:单机 2:集群 requestModel: 2 # 1: 客户端传递uri. 2: uri vertx代理,不对客户端暴露uri + isSSL: false # vertx https或者http启动, ssl 证书有过期时间 rpcUri: /rpc sacResponseHeaderKey: sacErrorCode environment: dev server: default: - port: 80 + port: 80 # https端口配置为443 cluster: ip: 127.0.0.1 clusterName: sac-dev diff --git a/sf-vertx/src/main/resources/cacerts.jks b/sf-vertx/src/main/resources/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..bd8a4036506883f92784bf36313b3fdfe731fcfc GIT binary patch literal 1286 zcmV+h1^N0gf&~Hs0Ru3C1gr)LDuzgg_YDCD0ic2eodkjenJ|I`l`w(?kp>AWhDe6@ z4FLxRpn?Q~FoFbr0s#Opf&_O42`Yw2hW8Bt2LUi<1_>&LNQU+thDZTr0|Wso1Q31C{mUoj(c&I6Hy3(lsMmmk1OUkh-jH|}-h8@WX7uoWk3U>_;xu=LMxhm2X?(E(sgvz^doV2LkGOKUqa%7iKA*Q=j0#8cSp(}; zZ~5Nn0jUB%^XUV#83usgWq7tlW+9&4{{TtbMu!3k%v&NJ6!% zE6@0ZsOelS`G1IpJaMgFpgE_Ubi3od!6#=91V1uZW-MUuQO9@H^|wN050meA>cu-; z{w-jt;gkJ*BVfVkGcpHyaywm?tTb9AbT;#4 zL2~r-SwgxX2VWjEox|>h`--{OQ6ibf_Y^m2*HQ}*wT6x~+~5`3*_!#_U_oUU-OiVP ztD4G2kuaF5TExWH5Am+B4Iid&X2ex@fi6!VE7S;8A-C=F!s~z#D!MI@y*hYa!|SKc zLeqB+i5{-}F9^mQdVi2@abHHEg7+NzA1yZ}!OCO2fxfnFbruR6Yq1)ijZM!j1gX^I zcd=k&m3ZpSo&10nn1-Ilj@3I-!nLE4o{#sKBc}V;W!}0pWC>wshtMeMP;x!2(pdp4{GbsL<3OpGD$E6YrKjrjhw>I}(E;=@FoJv}`R#8T{oMEyad?VDZQ=eLZ zY|zGaa~;p+ahsju!Hy-#$}9XCV`)3J<+6!lU0dmdt6JY3UznRLs8ZGV-OqlW(ArvO z&G0-poMC|6=*=5`t-q&K{&dN91`T#_9ARN%ybk{4Nq^7MSLZ(mRo%zTO?=nC61s>W zqHx3|wSS!zNC9O71OfpC00bZ+sT{7Q_l06OE|7UT wteKOuVqbu;Fu}{D)G5Aw(4gvxv5WbO5I{*Lx literal 0 HcmV?d00001 diff --git a/sf-vertx/src/main/resources/keystore.jks b/sf-vertx/src/main/resources/keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..4da3ff65712fb6f1d30cfb0ca00f788a3e11530f GIT binary patch literal 2756 zcma)8XE+;-7EU5DB349EBWA6VsL|Sr*s8VnEVat_8MReo6tz;ciq>kWTD41!AnKCR znr&jXRvSC0)$+OH>G#}U_x?EVdCvQu_xyaHgT_MfARrAI3-zI8kWAE1+-CyP0gJFu zdoUJieMXz3v5>a^k|32}ETsI5EJLc2i1IX~e4OV2U7+7%K=UfQHf1|NA0{0Rlkt(K5Is>H|G!z(7eb zD{pY7gCgZH?6%gkuTd8&TEJNF$A}LGF%vX8l(isT*n@)~L`wFvgY3w+86S~cj9L$kRoVtlJ@o$)CgFCPG zNBf=g*<31A@iCUd`KzeO2RcA~tvxO&X}1JGziLU+-;vKEb9$<$CLQILVGVFO=^Q?h z2;PJ@j7*Kt{vXVASoK#qmsYx-!~^C{ zylF;_=xK~aKSQgOarpw$pM{~~f|L$jyX4A*KH@;x{<%iAa&Qx*9^NzKb*@4Dbe24N zNzAwrROzVXSJyp3@s*%(4VtXS@AryFf-?g7E?82K!L5uE8T{@U{(EdhdKJ&&;}08^ zWu&!;u8q6lc4-XP%A2Df__x;i6jNN-JDHl)tZKjIex5?wJX-^^JC?HPuD&$8{>Kef zPb(VcmB)m*!!IVub+RXD_bA3sKC(6f+t3C5xxv_ojk@!3fR{_-R;eRkF^iS)A4uC( zEzfwjMQLE)qUl3aKDH#jRkH}sU+^Vlctj3&9x_zypC!CIA;m}Ob<_Q|_sWXyZC_DK zHz8yLO}R40YpLFIp%l}gnKx9r6DHg?`92Xmt?uk#>`Ngmm03!MusJa&aU0MdJq6ey z@=`PNcbim;6N40a(+zzP2sQPb{$oZz{N@}F(>Dhf3BPatU#Kje54ERIuIZn|2`qY% z-B(0QW%Oa6GY@LxRteRZSQcr$!M(OTB?YgY^Ksi|$mfu#6`8n4O{k`5rjRVQV=Z2~73K79w%6Z1p>jUjCrIWCuNVS)*5~ZVZqFMkcO6E?J@ih_Uu3z{M{M)b zp`UpVCQ}|q3xx|`HC^8&m75e+bmk0&Sy$P{hJwSpZNQP6WeO*xp@A1f3r$b2AA$;Q zs@bd7lwM`fQ;8D~-J=STw9(zy0wTDJ7!c>ZVp`xp7wf6E^*M1!<&hI)Yd`u6Gm#K-2XF}ZvvAD@l-?-JYbR`fcF*~%x3{PXkfSqSqR zUxq(%iI~S;Mt^l0^%5Z$UGliaAYriTx2KaHdg<|(I67tJi2R{cspwbwPqPSBV&3eN zlQV&C^`tIw{3jNOb+^GMHW+(K=d0D|&p%J~<6g7dbYKp6^Tclx?ePvvzcf4#_v$1G z?WY-EJu>io;{N%aC`%&<{_dJadgGFgd6@k7i{aaBPP+*Yx7T6-Ly~eAwiV>-wY ztlmwQHAaj5j!OoF?0J4JKoGzK5D2*QFO&wj0{j5pXBdPQ{Ckl@76FD^c;EIAki9Ic zpr9lxk4B>}E1byMl6DpMlh*QAihdK zF>>txiEIfw|SHC z?h1%WmACTinIh-|(`r7&u^yOU!d_6xvO&ys+=P1Om~~=GoXROxj$}LMSMtV-we$ru z&8*NEyi&z#-gNhYTYF9X{`U{w4wpcA*}jgOtwchsL*>c|EaB-*x>U@7WP2XG?l?{F zPWqj&7a1Fa=~QQg$srl{GgGloDW)_b1Sx-4&&o9yW>_`2d7q{;~Td=o`W&r#| zZ|zNrKA+jOME$;j=kaR8Vi%8Th2z@I0C{+12fa)1c-K(K>9u)TeUUVsOhI`aR*hdN zJdxbESIe=qHBqbgtl{51nSo{ZP?2SYKhQlchn_>t&*c}m`eM@bmHWFW58nrRbaA5Q zU3y0w{$x&pmdB5y@`J;C7J!|@2dQdK#xqA1b1rdE9h|zapsJ6kr=e>dW4f;Mi=ojU zUZdf4PT(6}ZiYw}3G|)J%#U;FdHVJA&dD``9R1oj%bgxr1T|jTS9EWv`D&-yNaCoI zznDhyRLQhLZ@A0NdD37?sV{8x(OQkD+4K$A=4LXxJJ+8w?nQGtRbC2Ul!|l5R7;={ zW|4JnqVqVCnRr=gdM!JUZ&6G!qez{zQ_1Dl{hV}DWQRJnfvLUm6}&&di?E#OX6l#t zlCS6UQQJ$t)@Jc{5||-9+2py!fM+ZmCkYO8W&$cX3|GFFXyPdP?Ijw9wJU2)c{I_^O2|dq@TkW0S zFvU@7H^sc2IwB6;AZ!sydGNlBDEw+(-EEAKjQwKS@Vkmm`W;{K`=bHQa`h$+BbGCU zSvPg7ebh2R++;zLj&5vmD%6PxFmoHT^HvM|I9%Lq>&g@ep9)3?=_w`li<=)SlR?YRH`+^&~UVjXy_%AKF_NFcAI=0QWV&1qJ8?AefkOIxW zUPZ`pG)BEhOS<`%_{qkD{rfO-St%=lWviSi)zi5?G}&k?yJ8D2GUy#HO`=v545tmZ zK>~C_gvfyHEHpc~N4nEk;ScVNuHr%(0gLM)*8KJ=`NlCT%_LvpnyX#m&#GM6hb4JL z>kI=(K@=Ud30fA-^!u{|0U-deKnH(?^!V|#Y>~n1p6Pp;vvM})wUf)?0!8jwtkjne e^}vW;hq$Lp&DPspz1=`$H@p%wXzKLO2>J_E^6%*Y literal 0 HcmV?d00001 diff --git a/sf-vertx/src/main/resources/server.cer b/sf-vertx/src/main/resources/server.cer new file mode 100644 index 0000000000000000000000000000000000000000..b9b8a4636cea7a4eac4f78b100215f29af2de045 GIT binary patch literal 896 zcmXqLVy-c0VoF)S%*4pV#K~~&eO6{w%bG9)UN%mxHjlRNyo`+8tPBP@h5`nBY|No7 zY{KlJdD(gS<#{j>4h#`?3=u925pE0-X1IufoH(zMiGiu1v4N$bfq_93m}_BZ2<6h* zHBF34$iczL%D~*j$j@NV#K^_e#K_2SAZ?mg>eEbnk(i|BXD)@6!rl%iT7xbBg}kia zv@iZr%d6!LlijyV-rU8k)akYMQ~Jtcr}~D47n?b`?$?Nk{?dJ!FVHPFP5N3ndv$(6 zRhFEGj^T{G9gS*pX86xxV4k;ca?WZFPM=%e|KrT}`ngPwzjkN;EsleBNy49&%kTQd zy+DkaLE@Pw>(T4K=RL8J=Q!~?C34O2N~ZS3HPa0|IVOEbOOcKWI31E?c8rCcQgg&Uu~xR!`4JWF7iam?3H# zeD^`jAz`MEE1y1@d%5FGQ|4zu3#s1OZiip=$D|%^WnyMzU|g(dAa5WGOd+y-EMhDo zVT}2HZ88dCE3Vo`JwJ1=(r29^CvqSH(-bfe85#1E;lrKtOKyMw}o+rL@&rF8X{ zmNw`8+aS7d#utm9xhp6A-Ku|8Dk*fbxJFfP>dkA3ce?67?^?1gR4y=z@xmAV3yv=? zZ)o&f-Cprjc-QsN50Nune<~Hfb&jz4IoE8-^#8Bk|5$r)>xnn%9g%ZpuCu?Eb|fP^ z^-{~Vm`?|z?g>3-niyVVvrSZ0rexozZ?;`VN_)50@=RboTz7AkMDmLdVr7i!%=3=D t=dLS$7Guy8wy1Y<$-*X!MaMrrn