DATAREDIS-974 - Apply SSL configuration when creating Jedis Cluster.

christophstrobl · mp911de · commit 849091d6cfcd · 2019-09-02T14:59:40.000+02:00
Original pull request: #472.
diff --git a/src/main/java/org/springframework/data/redis/connection/jedis/JedisConnectionFactory.java b/src/main/java/org/springframework/data/redis/connection/jedis/JedisConnectionFactory.java
@@ -58,7 +58,6 @@
 import org.springframework.util.Assert;
 import org.springframework.util.ClassUtils;
 import org.springframework.util.CollectionUtils;
-import org.springframework.util.StringUtils;
 
 /**
  * Connection factory creating <a href="https://github.com/xetorthio/jedis">Jedis</a> based connections.
@@ -425,12 +424,10 @@ protected JedisCluster createCluster(RedisClusterConfiguration clusterConfig, Ge
 
 		int redirects = clusterConfig.getMaxRedirects() != null ? clusterConfig.getMaxRedirects() : 5;
 
-		int connectTimeout = getConnectTimeout();
-		int readTimeout = getReadTimeout();
-
-		return StringUtils.hasText(getPassword())
-				? new JedisCluster(hostAndPort, connectTimeout, readTimeout, redirects, getPassword(), poolConfig)
-				: new JedisCluster(hostAndPort, connectTimeout, readTimeout, redirects, poolConfig);
+		return new JedisCluster(hostAndPort, getConnectTimeout(), getReadTimeout(), redirects, getPassword(),
+				clientConfiguration.getClientName().orElse(null), poolConfig, isUseSsl(),
+				clientConfiguration.getSslSocketFactory().orElse(null), clientConfiguration.getSslParameters().orElse(null),
+				clientConfiguration.getHostnameVerifier().orElse(null), null);
 	}
 
 	/*
diff --git a/src/test/java/org/springframework/data/redis/connection/jedis/JedisConnectionFactoryUnitTests.java b/src/test/java/org/springframework/data/redis/connection/jedis/JedisConnectionFactoryUnitTests.java
@@ -19,6 +19,8 @@
 import static org.mockito.Mockito.*;
 
 import redis.clients.jedis.JedisCluster;
+import redis.clients.jedis.JedisClusterConnectionHandler;
+import redis.clients.jedis.JedisClusterInfoCache;
 import redis.clients.jedis.JedisPoolConfig;
 import sun.net.www.protocol.https.DefaultHostnameVerifier;
 
@@ -27,13 +29,15 @@
 import java.time.Duration;
 import java.time.temporal.ChronoUnit;
 
+import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLParameters;
 import javax.net.ssl.SSLSocketFactory;
 
 import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
 import org.junit.Test;
 import org.springframework.data.redis.connection.RedisClusterConfiguration;
+import org.springframework.data.redis.connection.RedisClusterConnection;
 import org.springframework.data.redis.connection.RedisPassword;
 import org.springframework.data.redis.connection.RedisSentinelConfiguration;
 import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
@@ -287,6 +291,49 @@ public void shouldReturnClusterConfiguration() {
 		assertThat(connectionFactory.getClusterConfiguration()).isSameAs(configuration);
 	}
 
+	@Test // DATAREDIS-975
+	public void shouldApplySslConfigWhenCreatingClusterClient() throws NoSuchAlgorithmException {
+
+		SSLParameters sslParameters = new SSLParameters();
+		SSLContext context = SSLContext.getDefault();
+		SSLSocketFactory socketFactory = context.getSocketFactory();
+		JedisPoolConfig poolConfig = new JedisPoolConfig();
+		HostnameVerifier hostNameVerifier = new DefaultHostnameVerifier();
+
+		JedisClientConfiguration configuration = JedisClientConfiguration.builder() //
+				.useSsl() //
+				.hostnameVerifier(hostNameVerifier) //
+				.sslParameters(sslParameters) //
+				.sslSocketFactory(socketFactory).and() //
+				.clientName("my-client") //
+				.connectTimeout(Duration.ofMinutes(1)) //
+				.readTimeout(Duration.ofMinutes(5)) //
+				.usePooling().poolConfig(poolConfig) //
+				.build();
+
+		connectionFactory = new JedisConnectionFactory(new RedisClusterConfiguration(), configuration);
+		connectionFactory.afterPropertiesSet();
+
+		RedisClusterConnection connection = connectionFactory.getClusterConnection();
+		assertThat(connection).isInstanceOf(JedisClusterConnection.class);
+
+		JedisCluster cluster = ((JedisClusterConnection) connection).getCluster();
+
+		JedisClusterConnectionHandler connectionHandler = (JedisClusterConnectionHandler) ReflectionTestUtils
+				.getField(cluster, "connectionHandler");
+		JedisClusterInfoCache cache = (JedisClusterInfoCache) ReflectionTestUtils.getField(connectionHandler, "cache");
+
+		assertThat(ReflectionTestUtils.getField(cache, "connectionTimeout")).isEqualTo(60000);
+		assertThat(ReflectionTestUtils.getField(cache, "soTimeout")).isEqualTo(300000);
+		assertThat(ReflectionTestUtils.getField(cache, "password")).isNull();
+		assertThat(ReflectionTestUtils.getField(cache, "clientName")).isEqualTo("my-client");
+		assertThat(ReflectionTestUtils.getField(cache, "ssl")).isEqualTo(true);
+		assertThat(ReflectionTestUtils.getField(cache, "sslSocketFactory")).isEqualTo(socketFactory);
+		assertThat(ReflectionTestUtils.getField(cache, "sslParameters")).isEqualTo(sslParameters);
+		assertThat(ReflectionTestUtils.getField(cache, "hostnameVerifier")).isEqualTo(hostNameVerifier);
+		assertThat(ReflectionTestUtils.getField(cache, "hostAndPortMap")).isNull();
+	}
+
 	@Test(expected = IllegalStateException.class) // DATAREDIS-574
 	public void shouldDenyChangesToImmutableClientConfiguration() throws NoSuchAlgorithmException {
 
