make timeout configurable

akto-api-security · Oct 6, 2023 · ccf63d6 · ccf63d6
1 parent 91f3540
commit ccf63d6
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 20 deletions.
diff --git a/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java b/apps/testing/src/main/java/com/akto/testing/ApiExecutor.java
@@ -30,6 +30,12 @@ private static OriginalHttpResponse common(Request request, boolean followRedire
             }
         }
 
+        boolean isSaasDeployment = "true".equals(System.getenv("IS_SAAS"));
+
+        if (HTTPClientHandler.instance == null) {
+            HTTPClientHandler.initHttpClientHandler(isSaasDeployment);
+        }
+
         OkHttpClient client = HTTPClientHandler.instance.getHTTPClient(followRedirects);
         if (!Main.SKIP_SSRF_CHECK && !HostDNSLookup.isRequestValid(request.url().host())) {
             throw new IllegalArgumentException("SSRF attack attempt");

diff --git a/apps/testing/src/main/java/com/akto/testing/HTTPClientHandler.java b/apps/testing/src/main/java/com/akto/testing/HTTPClientHandler.java
@@ -13,7 +13,32 @@
 import java.util.concurrent.TimeUnit;
 
 public class HTTPClientHandler {
-    private HTTPClientHandler() {}
+    private int readTimeout = 30;
+    private final OkHttpClient clientWithoutFollowRedirect;
+    private final OkHttpClient clientWithFollowRedirect;
+    private HTTPClientHandler(boolean isSaas) {
+        if(isSaas) {
+            readTimeout = 60;
+        }
+        clientWithoutFollowRedirect = new OkHttpClient().newBuilder()
+                .connectTimeout(10, TimeUnit.SECONDS)
+                .readTimeout(readTimeout, TimeUnit.SECONDS)
+                .connectionPool(new ConnectionPool(256, 5L, TimeUnit.MINUTES))
+                .followRedirects(false)
+                .sslSocketFactory(trustAllSslSocketFactory, (X509TrustManager)trustAllCerts[0])
+                .hostnameVerifier((hostname, session) -> true)
+                .build();
+
+        clientWithFollowRedirect = new OkHttpClient().newBuilder()
+                .connectTimeout(10, TimeUnit.SECONDS)
+                .readTimeout(readTimeout, TimeUnit.SECONDS)
+                .connectionPool(new ConnectionPool(256, 5L, TimeUnit.MINUTES))
+                .followRedirects(true)
+                .sslSocketFactory(trustAllSslSocketFactory, (X509TrustManager)trustAllCerts[0])
+                .hostnameVerifier((hostname, session) -> true)
+                .build();
+
+    }
 
     private static final TrustManager[] trustAllCerts = new TrustManager[] {
             new X509TrustManager() {
@@ -44,26 +69,13 @@ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
 
     private static final SSLSocketFactory trustAllSslSocketFactory = trustAllSslContext.getSocketFactory();
 
+    public static HTTPClientHandler instance = null;
 
-    private final OkHttpClient clientWithoutFollowRedirect = new OkHttpClient().newBuilder()
-            .connectTimeout(10, TimeUnit.SECONDS)
-            .readTimeout(120, TimeUnit.SECONDS)
-            .connectionPool(new ConnectionPool(256, 5L, TimeUnit.MINUTES))
-            .followRedirects(false)
-            .sslSocketFactory(trustAllSslSocketFactory, (X509TrustManager)trustAllCerts[0])
-            .hostnameVerifier((hostname, session) -> true)
-            .build();
-
-    private final OkHttpClient clientWithFollowRedirect = new OkHttpClient().newBuilder()
-            .connectTimeout(10, TimeUnit.SECONDS)
-            .readTimeout(120, TimeUnit.SECONDS)
-            .connectionPool(new ConnectionPool(256, 5L, TimeUnit.MINUTES))
-            .followRedirects(true)
-            .sslSocketFactory(trustAllSslSocketFactory, (X509TrustManager)trustAllCerts[0])
-            .hostnameVerifier((hostname, session) -> true)
-            .build();
-
-    public static final HTTPClientHandler instance = new HTTPClientHandler();
+    public static void initHttpClientHandler(boolean isSaas) {
+        if (instance == null) {
+            instance = new HTTPClientHandler(isSaas);
+        }
+    }
 
     public OkHttpClient getHTTPClient (boolean followRedirect) {
         if (followRedirect) {

diff --git a/apps/testing/src/main/java/com/akto/testing/Main.java b/apps/testing/src/main/java/com/akto/testing/Main.java
@@ -42,6 +42,7 @@ public class Main {
     public static final ScheduledExecutorService scheduler = Executors.newScheduledThreadPool(2);
 
     public static final boolean SKIP_SSRF_CHECK = "true".equalsIgnoreCase(System.getenv("SKIP_SSRF_CHECK"));
+    public static final boolean IS_SAAS = "true".equalsIgnoreCase(System.getenv("IS_SAAS"));
 
     private static ObjectId createTRRSummaryIfAbsent(TestingRun testingRun, int start){
         ObjectId summaryId = new ObjectId();