Add string constants for HTTP header names (#956)

* Add string constants for HTTP header names * revert package-lock changes * Clarify names * add CONTENT_TYPE * Fix formatting * Move X-FORWARDED-FOR to ProxyHttpHeaders
2025-07-25 12:08:36 +02:00 · 2021-02-11 12:02:51 -05:00 · 2021-02-11 12:02:51 -05:00 · 3f6a796aaf
commit 3f6a796aaf
parent 844f1fac41
8 changed files with 88 additions and 46 deletions
--- a/proxy/src/main/java/google/registry/proxy/handler/EppServiceHandler.java
+++ b/proxy/src/main/java/google/registry/proxy/handler/EppServiceHandler.java
@ -22,6 +22,7 @@ import static google.registry.util.X509Utils.getCertificateHash;

 import com.google.common.flogger.FluentLogger;
 import google.registry.proxy.metric.FrontendMetrics;
+import google.registry.util.ProxyHttpHeaders;
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.Unpooled;
 import io.netty.channel.ChannelFuture;
@ -51,21 +52,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
  public static final AttributeKey<String> CLIENT_CERTIFICATE_HASH_KEY =
      AttributeKey.valueOf("CLIENT_CERTIFICATE_HASH_KEY");

-  /** Name of the HTTP header that stores the client certificate hash. */
-  public static final String SSL_CLIENT_CERTIFICATE_HASH_FIELD = "X-SSL-Certificate";
-
-  /** Name of the HTTP header that stores the full client certificate. */
-  public static final String SSL_CLIENT_FULL_CERTIFICATE_FIELD = "X-SSL-Full-Certificate";
-
-  /** Name of the HTTP header that stores the client IP address. */
-  public static final String FORWARDED_FOR_FIELD = "X-Forwarded-For";
-
-  /** Name of the HTTP header that indicates if the EPP session should be closed. */
-  public static final String EPP_SESSION_FIELD = "Epp-Session";
-
-  /** Name of the HTTP header that indicates a successful login has occurred. */
-  public static final String EPP_LOGGED_IN_FIELD = "Logged-In";
-
  public static final String EPP_CONTENT_TYPE = "application/epp+xml";

  private final byte[] helloBytes;
@ -139,8 +125,8 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
    FullHttpRequest request = super.decodeFullHttpRequest(byteBuf);
    request
        .headers()
-        .set(SSL_CLIENT_CERTIFICATE_HASH_FIELD, sslClientCertificateHash)
-        .set(FORWARDED_FOR_FIELD, clientAddress)
+        .set(ProxyHttpHeaders.CERTIFICATE_HASH, sslClientCertificateHash)
+        .set(ProxyHttpHeaders.IP_ADDRESS, clientAddress)
        .set(HttpHeaderNames.CONTENT_TYPE, EPP_CONTENT_TYPE)
        .set(HttpHeaderNames.ACCEPT, EPP_CONTENT_TYPE);
    if (!isLoggedIn) {
@ -148,7 +134,7 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
        request
            .headers()
            .set(
-                SSL_CLIENT_FULL_CERTIFICATE_FIELD,
+                ProxyHttpHeaders.FULL_CERTIFICATE,
                Base64.getEncoder().encodeToString(sslClientCertificate.getEncoded()));
      } catch (CertificateEncodingException e) {
        throw new RuntimeException("Cannot encode client certificate", e);
@ -162,8 +148,8 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
      throws Exception {
    checkArgument(msg instanceof HttpResponse);
    HttpResponse response = (HttpResponse) msg;
-    String sessionAliveValue = response.headers().get(EPP_SESSION_FIELD);
-    String loginValue = response.headers().get(EPP_LOGGED_IN_FIELD);
+    String sessionAliveValue = response.headers().get(ProxyHttpHeaders.EPP_SESSION);
+    String loginValue = response.headers().get(ProxyHttpHeaders.LOGGED_IN);
    if (sessionAliveValue != null && sessionAliveValue.equals("close")) {
      promise.addListener(ChannelFutureListener.CLOSE);
    }
--- a/proxy/src/test/java/google/registry/proxy/TestUtils.java
+++ b/proxy/src/test/java/google/registry/proxy/TestUtils.java
@ -17,6 +17,7 @@ package google.registry.proxy;
 import static com.google.common.truth.Truth.assertThat;
 import static java.nio.charset.StandardCharsets.US_ASCII;

+import google.registry.util.ProxyHttpHeaders;
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.Unpooled;
 import io.netty.handler.codec.http.DefaultFullHttpRequest;
@ -24,6 +25,7 @@ import io.netty.handler.codec.http.DefaultFullHttpResponse;
 import io.netty.handler.codec.http.FullHttpMessage;
 import io.netty.handler.codec.http.FullHttpRequest;
 import io.netty.handler.codec.http.FullHttpResponse;
+import io.netty.handler.codec.http.HttpHeaderNames;
 import io.netty.handler.codec.http.HttpMessage;
 import io.netty.handler.codec.http.HttpMethod;
 import io.netty.handler.codec.http.HttpRequest;
@ -122,7 +124,7 @@ public class TestUtils {
    request
        .headers()
        .set("authorization", "Bearer " + accessToken)
-        .set("content-type", "text/plain")
+        .set(HttpHeaderNames.CONTENT_TYPE, "text/plain")
        .set("accept", "text/plain");
    return request;
  }
@ -139,10 +141,10 @@ public class TestUtils {
    request
        .headers()
        .set("authorization", "Bearer " + accessToken)
-        .set("content-type", "application/epp+xml")
+        .set(HttpHeaderNames.CONTENT_TYPE, "application/epp+xml")
        .set("accept", "application/epp+xml")
-        .set("X-SSL-Certificate", sslClientCertificateHash)
-        .set("X-Forwarded-For", clientAddress);
+        .set(ProxyHttpHeaders.CERTIFICATE_HASH, sslClientCertificateHash)
+        .set(ProxyHttpHeaders.IP_ADDRESS, clientAddress);
    if (cookies.length != 0) {
      request.headers().set("cookie", ClientCookieEncoder.STRICT.encode(cookies));
    }
@ -166,14 +168,14 @@ public class TestUtils {

  public static FullHttpResponse makeWhoisHttpResponse(String content, HttpResponseStatus status) {
    FullHttpResponse response = makeHttpResponse(content, status);
-    response.headers().set("content-type", "text/plain");
+    response.headers().set(HttpHeaderNames.CONTENT_TYPE, "text/plain");
    return response;
  }

  public static FullHttpResponse makeEppHttpResponse(
      String content, HttpResponseStatus status, Cookie... cookies) {
    FullHttpResponse response = makeHttpResponse(content, status);
-    response.headers().set("content-type", "application/epp+xml");
+    response.headers().set(HttpHeaderNames.CONTENT_TYPE, "application/epp+xml");
    for (Cookie cookie : cookies) {
      response.headers().add("set-cookie", ServerCookieEncoder.STRICT.encode(cookie));
    }
--- a/proxy/src/test/java/google/registry/proxy/handler/EppServiceHandlerTest.java
+++ b/proxy/src/test/java/google/registry/proxy/handler/EppServiceHandlerTest.java
@ -32,6 +32,7 @@ import com.google.common.base.Throwables;
 import google.registry.proxy.TestUtils;
 import google.registry.proxy.handler.HttpsRelayServiceHandler.NonOkHttpResponseException;
 import google.registry.proxy.metric.FrontendMetrics;
+import google.registry.util.ProxyHttpHeaders;
 import google.registry.util.SelfSignedCaCertificate;
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.Unpooled;
@ -250,7 +251,7 @@ class EppServiceHandlerTest {
    channel.writeInbound(Unpooled.wrappedBuffer(content.getBytes(UTF_8)));
    FullHttpRequest request = channel.readInbound();
    assertThat(request).isEqualTo(makeEppHttpRequestWithCertificate(content));
-    String encodedCert = request.headers().get("X-SSL-Full-Certificate");
+    String encodedCert = request.headers().get(ProxyHttpHeaders.FULL_CERTIFICATE);
    assertThat(encodedCert).isNotEqualTo(SAMPLE_CERT);
    X509Certificate decodedCert =
        loadCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(encodedCert)));
@ -269,7 +270,7 @@ class EppServiceHandlerTest {
    assertThat(request).isEqualTo(makeEppHttpRequestWithCertificate(content));
    // Receive response indicating session is logged in
    HttpResponse response = makeEppHttpResponse(content, HttpResponseStatus.OK);
-    response.headers().set("Logged-In", "true");
+    response.headers().set(ProxyHttpHeaders.LOGGED_IN, "true");
    // Send another inbound message after login
    channel.writeOutbound(response);
    channel.writeInbound(Unpooled.wrappedBuffer(content.getBytes(UTF_8)));
@ -297,7 +298,7 @@ class EppServiceHandlerTest {
    setHandshakeSuccess();
    String content = "<epp>stuff</epp>";
    HttpResponse response = makeEppHttpResponse(content, HttpResponseStatus.OK);
-    response.headers().set("Epp-Session", "close");
+    response.headers().set(ProxyHttpHeaders.EPP_SESSION, "close");
    channel.writeOutbound(response);
    ByteBuf expectedResponse = channel.readOutbound();
    assertThat(Unpooled.wrappedBuffer(content.getBytes(UTF_8))).isEqualTo(expectedResponse);
@ -384,7 +385,7 @@ class EppServiceHandlerTest {
    // Second response written.
    HttpResponse response =
        makeEppHttpResponse(responseContent2, HttpResponseStatus.OK, cookie3, newCookie2);
-    response.headers().set("Logged-In", "true");
+    response.headers().set(ProxyHttpHeaders.LOGGED_IN, "true");
    channel.writeOutbound(response);
    channel.readOutbound();
    String requestContent2 = "<epp>request2</epp>";