loafle/openapi-generator-original
3
0
Fork 1
mirror of https://github.com/OpenAPITools/openapi-generator.git synced 2025-12-19 04:27:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for custom tls server names. (#22372)

Browse Source 
* Add support for custom tls server names.

* Update samples

* Fix missing declaration.
This commit is contained in:
Brendan Burns
2025-11-19 18:36:11 -08:00
committed by GitHub
parent a1b962d0b6
commit 8a4246cbaf
16 changed files with 576 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
samples/client/echo_api/java/okhttp-gson-user-defined-templates/src/main/java/org/openapitools/client/ApiClient.java
View File

@@ -91,7 +91,8 @@ public class ApiClient {
protected InputStream sslCaCert;
protected boolean verifyingSsl;
protected KeyManager[] keyManagers;
protected String tlsServerName;
protected OkHttpClient httpClient;
protected JSON json;
@@ -376,6 +377,29 @@ public class ApiClient {
return this;
}
/**
* Get TLS server name for SNI (Server Name Indication).
*
* @return The TLS server name
*/
public String getTlsServerName() {
return tlsServerName;
}
/**
* Set TLS server name for SNI (Server Name Indication).
* This is used to verify the server certificate against a specific hostname
* instead of the hostname in the URL.
*
* @param tlsServerName The TLS server name to use for certificate verification
* @return ApiClient
*/
public ApiClient setTlsServerName(String tlsServerName) {
this.tlsServerName = tlsServerName;
applySslSettings();
return this;
}
/**
* <p>Getter for the field <code>dateFormat</code>.</p>
*
@@ -1635,7 +1659,17 @@ public class ApiClient {
trustManagerFactory.init(caKeyStore);
}
trustManagers = trustManagerFactory.getTrustManagers();
hostnameVerifier = OkHostnameVerifier.INSTANCE;
if (tlsServerName != null && !tlsServerName.isEmpty()) {
hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
// Verify the certificate against tlsServerName instead of the actual hostname
return OkHostnameVerifier.INSTANCE.verify(tlsServerName, session);
}
};
} else {
hostnameVerifier = OkHostnameVerifier.INSTANCE;
}
}
SSLContext sslContext = SSLContext.getInstance("TLS");

38
samples/client/echo_api/java/okhttp-gson/src/main/java/org/openapitools/client/ApiClient.java
View File

@@ -86,7 +86,8 @@ public class ApiClient {
protected InputStream sslCaCert;
protected boolean verifyingSsl;
protected KeyManager[] keyManagers;
protected String tlsServerName;
protected OkHttpClient httpClient;
protected JSON json;
@@ -304,6 +305,29 @@ public class ApiClient {
return this;
}
/**
* Get TLS server name for SNI (Server Name Indication).
*
* @return The TLS server name
*/
public String getTlsServerName() {
return tlsServerName;
}
/**
* Set TLS server name for SNI (Server Name Indication).
* This is used to verify the server certificate against a specific hostname
* instead of the hostname in the URL.
*
* @param tlsServerName The TLS server name to use for certificate verification
* @return ApiClient
*/
public ApiClient setTlsServerName(String tlsServerName) {
this.tlsServerName = tlsServerName;
applySslSettings();
return this;
}
/**
* <p>Getter for the field <code>dateFormat</code>.</p>
*
@@ -1565,7 +1589,17 @@ public class ApiClient {
trustManagerFactory.init(caKeyStore);
}
trustManagers = trustManagerFactory.getTrustManagers();
hostnameVerifier = OkHostnameVerifier.INSTANCE;
if (tlsServerName != null && !tlsServerName.isEmpty()) {
hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
// Verify the certificate against tlsServerName instead of the actual hostname
return OkHostnameVerifier.INSTANCE.verify(tlsServerName, session);
}
};
} else {
hostnameVerifier = OkHostnameVerifier.INSTANCE;
}
}
SSLContext sslContext = SSLContext.getInstance("TLS");