Package com.github.nhenneaux.resilienthttpclient.singlehostclient

Class SingleHostHttpClientBuilder

java.lang.Object
com.github.nhenneaux.resilienthttpclient.singlehostclient.SingleHostHttpClientBuilder
public class SingleHostHttpClientBuilder extends Object
Create an HttpClient to target a single host. It validates the certificate to authenticate the server in TLS communication with this single name. It can be used to target a single host using its IP address(es) instead of its hostname while keeping a high protection against Man-in-the-middle attack.

-Djdk.internal.httpclient.disableHostnameVerification is needed to use a custom TLS name matching based on the requested host instead of the one from the URL.

-Djdk.httpclient.allowRestrictedHeaders=Host is needed to customize the HTTP Host header.

  • Method Details

    • newHttpClient

      public static HttpClient newHttpClient(String hostname, InetAddress hostAddress)
      Build a single hostname client with default configuration. It uses TLS matching based on the given hostname. It also provides the given hostname in SNI extension. The returned java.net.http.HttpClient is wrapped to force the HTTP header Host with the given hostname.

    • builder

      public static SingleHostHttpClientBuilder builder(String hostname, InetAddress hostAddress, HttpClient.Builder builder)
      Build a single hostname client builder. It could override the following elements of the builder.
      • java.net.http.HttpClient.Builder#sslContext(javax.net.ssl.SSLContext) with a custom SSLContext using the given truststore disabling default name validation and using the given hostname
      • java.net.http.HttpClient.Builder#sslParameters(javax.net.ssl.SSLParameters) to force the SNI server name expected

    • withSni

      public SingleHostHttpClientBuilder withSni()

    • withTlsNameMatching

      public SingleHostHttpClientBuilder withTlsNameMatching()

    • withTlsNameMatching

      public SingleHostHttpClientBuilder withTlsNameMatching(KeyStore trustStore)

    • withTlsNameMatching

      public SingleHostHttpClientBuilder withTlsNameMatching(KeyStore trustStore, KeyStore keystore, char[] password)

    • buildWithHostHeader

      public HttpClient buildWithHostHeader()
      Build a client with HTTP header host overridden in Java 13+

    • build

      public HttpClient build()

    • withTlsNameMatching

      public SingleHostHttpClientBuilder withTlsNameMatching(SSLContext initialSslContext)

    • withTlsNameMatching

      public SingleHostHttpClientBuilder withTlsNameMatching(KeyStore trustStore, KeyStore keystore, char[] password, SSLContext initialSslContext)