httpsgithu
diff --git a/‎docs/asciidoc/servers.adoc‎
Lines changed: 64 additions & 5 deletions b/‎docs/asciidoc/servers.adoc‎
Lines changed: 64 additions & 5 deletions
diff --git a/‎jooby/src/main/java/io/jooby/Http2Configurer.java‎
Lines changed: 31 additions & 0 deletions b/‎jooby/src/main/java/io/jooby/Http2Configurer.java‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎jooby/src/main/java/io/jooby/ServerOptions.java‎
Lines changed: 50 additions & 2 deletions b/‎jooby/src/main/java/io/jooby/ServerOptions.java‎
Lines changed: 50 additions & 2 deletions
diff --git a/‎jooby/src/main/java/io/jooby/SslOptions.java‎
Lines changed: 2 additions & 2 deletions b/‎jooby/src/main/java/io/jooby/SslOptions.java‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎jooby/src/main/java/io/jooby/internal/SslContextProvider.java‎
Lines changed: 1 addition & 1 deletion b/‎jooby/src/main/java/io/jooby/internal/SslContextProvider.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎jooby/src/main/java/io/jooby/internal/SslPkcs12Provider.java‎
Lines changed: 9 additions & 6 deletions b/‎jooby/src/main/java/io/jooby/internal/SslPkcs12Provider.java‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎jooby/src/main/java/io/jooby/internal/SslX509Provider.java‎
Lines changed: 7 additions & 5 deletions b/‎jooby/src/main/java/io/jooby/internal/SslX509Provider.java‎
Lines changed: 7 additions & 5 deletions
diff --git a/‎jooby/src/main/java/io/jooby/internal/x509/JdkSslServerContext.java‎
Lines changed: 5 additions & 2 deletions b/‎jooby/src/main/java/io/jooby/internal/x509/JdkSslServerContext.java‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎jooby/src/main/java/io/jooby/internal/x509/SslContext.java‎
Lines changed: 2 additions & 2 deletions b/‎jooby/src/main/java/io/jooby/internal/x509/SslContext.java‎
Lines changed: 2 additions & 2 deletions
@@ -47,6 +47,7 @@ Server options are available via javadoc:ServerOptions[] class:
       .setMaxRequestSize(10485760)
       .setSecurePort(8433)
       .setSsl(SslOptions.selfSigned())
+      .setHttp2(true)
   ); 
 }
 ----
@@ -67,6 +68,7 @@ Server options are available via javadoc:ServerOptions[] class:
     maxRequestSize = 10485760
     securePort = 8443
     ssl = SslOptions.selfSigned()
+    http2 = true
   }
 }
 ----
@@ -80,8 +82,9 @@ Server options are available via javadoc:ServerOptions[] class:
 - singleLoop: Indicates if the web server should use a single loop/group for doing IO or not. **Netty only**.
 - defaultHeaders: Configure server to set the following headers: `Date`, `Content-Type` and `Server` headers.
 - maxRequestSize: Maximum request size in bytes. Request exceeding this value results in 413(REQUEST_ENTITY_TOO_LARGE) response. Default is `10mb`.
-- securePort: Configure Jooby to do HTTPs. This option is fully convered in next section.
-- ssl: SSL options with certificate details.  This option is fully convered in next section.
+- securePort: Enable HTTPS. This option is fully covered in next section.
+- ssl: SSL options with certificate details. This option is fully covered in next section.
+- http2: Enable HTTP 2.0.
 
 Server options are available as application configuration properties too:
 
@@ -98,9 +101,10 @@ server.defaultHeaders = true
 server.maxRequestSize = 10485760
 server.securePort = 8443
 server.ssl.type = self-signed
+server.http2 = true
 ----
 
-=== SSL
+=== HTTPS Support
 
 Jooby supports HTTPS out of the box. By default HTTPS is disabled and all requests are served using 
 HTTP. Jooby supports two certificate formats:
@@ -157,13 +161,13 @@ A better option for development is the https://mkcert.dev[mkcert] tool:
 .Generates a PKCS12 certificate
 [source,bash,role="primary]
 ----
-mkcrt -pkcs12 localhost
+mkcert -pkcs12 localhost
 ----
 
 .Generates a X.509 certificate
 [source,bash,role="secondary"]
 ----
-mkcrt localhost
+mkcert localhost
 ----
 
 ==== Using X.509
@@ -329,3 +333,58 @@ none of which are supported, an exception will be thrown.
 - TLS 1.3 support in OpenJDK is (beside Azul's OpenJSSE) expected to come into 8u272.
 - Java 11.0.3 or higher.
 ====
+
+=== HTTP/2 Support
+
+HTTP2 support is provided across web server implementation. To enable it, you must add one of the
+following dependencies:
+
+HTTP/2 with Jetty:
+[dependency, artifactId="jooby-http2-jetty"]
+.
+
+HTTP/2 with Netty:
+[dependency, artifactId="jooby-http2-netty"]
+.
+
+HTTP/2 with Undertow:
+[dependency, artifactId="jooby-http2-undertow"]
+.
+
+Once the required dependencies are added, Jooby automatically configures HTTP/2.
+
+To use HTTP/2 from browsers you need TLS (the h2 protocol) please refer to
+<<server-https-support, HTTPS support>> to configure TLS.
+
+.HTTP/2
+[source,java,role="primary"]
+----
+{
+  setServerOptions(new ServerOptions()
+      .setSecurePort(8433)
+  );
+  
+  get("/", ctx -> {
+    ctx.getProtocol()
+  })
+}
+----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+{
+  serverOptions {
+    securePort = 8433
+  }
+  
+  get("/") {
+    ctx.protocol
+  } 
+}
+----
+
+[NOTE]
+====
+There is no support for HTTP/2 Push.
+====
@@ -0,0 +1,31 @@
+/**
+ * Jooby https://jooby.io
+ * Apache License Version 2.0 https://jooby.io/LICENSE.txt
+ * Copyright 2014 Edgar Espina
+ */
+package io.jooby;
+
+/**
+ * HTTP/2 extension.
+ *
+ * @param <ServerInput> Server input.
+ * @param <ServerOutput> Server output.
+ */
+public interface Http2Configurer<ServerInput, ServerOutput> {
+
+  /**
+   * True whenever the extension supports the current server.
+   *
+   * @param type Server implementation.
+   * @return True whenever the extension supports the current server.
+   */
+  boolean support(Class type);
+
+  /**
+   * Configure server to support HTTP/2.
+   *
+   * @param input Server input.
+   * @return Output or <code>null</code> for side-effect configurer.
+   */
+  ServerOutput configure(ServerInput input);
+}
@@ -97,6 +97,8 @@ public class ServerOptions {
 
   private Integer compressionLevel;
 
+  private Boolean http2;
+
   /**
    * Creates server options from config object. The configuration options must provided entries
    * like: <code>server.port</code>, <code>server.ioThreads</code>, etc...
@@ -142,6 +144,9 @@ public class ServerOptions {
       }
       // ssl
       SslOptions.from(conf, "server.ssl").ifPresent(options::setSsl);
+      if (conf.hasPath("server.http2")) {
+        options.setHttp2(conf.getBoolean("server.http2"));
+      }
 
       return Optional.of(options);
     }
@@ -462,6 +467,29 @@ public void setHost(String host) {
     return this;
   }
 
+  /**
+   * Specify when HTTP/2 is enabled or not. This value is set to <code>null</code>, which allows
+   * Jooby to enabled by default when dependency is added it.
+   *
+   * To turn off set to false.
+   *
+   * @return Whenever HTTP/2 is enabled.
+   */
+  public @Nullable Boolean isHttp2() {
+    return http2;
+  }
+
+  /**
+   * Turn on/off HTTP/2 support.
+   *
+   * @param http2 True to enabled.
+   * @return This options.
+   */
+  public ServerOptions setHttp2(@Nullable Boolean http2) {
+    this.http2 = http2;
+    return this;
+  }
+
   /**
    * Creates SSL context using the given resource loader. This method attempts to create a
    * SSLContext when:
@@ -476,16 +504,36 @@ public void setHost(String host) {
    * @return SSLContext or <code>null</code> when SSL is disabled.
    */
   public @Nullable SSLContext getSSLContext(@Nonnull ClassLoader loader) {
+    return getSSLContext(loader, null);
+  }
+
+  /**
+   * Creates SSL context using the given resource loader. This method attempts to create a
+   * SSLContext when:
+   *
+   * - {@link #getSecurePort()} has been set; or
+   * - {@link #getSsl()} has been set.
+   *
+   * If secure port is set and there is no SSL options, this method configure a SSL context using
+   * the a self-signed certificate for <code>localhost</code>.
+   *
+   * @param loader Resource loader.
+   * @param provider
+   * @return SSLContext or <code>null</code> when SSL is disabled.
+   */
+  public @Nullable SSLContext getSSLContext(@Nonnull ClassLoader loader,
+      @Nullable String provider) {
     if (isSSLEnabled()) {
       setSecurePort(Optional.ofNullable(securePort).orElse(SEVER_SECURE_PORT));
       setSsl(Optional.ofNullable(ssl).orElseGet(SslOptions::selfSigned));
       SslOptions options = getSsl();
-      SslContextProvider provider = Stream.of(SslContextProvider.providers())
+
+      SslContextProvider sslContextProvider = Stream.of(SslContextProvider.providers())
           .filter(it -> it.supports(options.getType()))
           .findFirst()
           .orElseThrow(
               () -> new UnsupportedOperationException("SSL Type: " + options.getType()));
-      SSLContext sslContext = provider.create(loader, options);
+      SSLContext sslContext = sslContextProvider.create(loader, provider, options);
       // validate TLS protocol, at least one protocol must be supported
       Set<String> supportedProtocols = new LinkedHashSet<>(Arrays
           .asList(sslContext.getDefaultSSLParameters().getProtocols()));
 
@@ -295,7 +295,7 @@ public String getType() {
    * @param protocol TLS protocols.
    * @return This options.
    */
-  public SslOptions setProtocol(@Nonnull String... protocol) {
+  public @Nonnull SslOptions setProtocol(@Nonnull String... protocol) {
     return setProtocol(Arrays.asList(protocol));
   }
 
@@ -307,7 +307,7 @@ public SslOptions setProtocol(@Nonnull String... protocol) {
    * @param protocol TLS protocols.
    * @return This options.
    */
-  public SslOptions setProtocol(@Nonnull List<String> protocol) {
+  public @Nonnull SslOptions setProtocol(@Nonnull List<String> protocol) {
     this.protocol = protocol;
     return this;
   }
 
@@ -13,7 +13,7 @@ public interface SslContextProvider {
 
   boolean supports(String type);
 
-  SSLContext create(ClassLoader loader, SslOptions options);
+  SSLContext create(ClassLoader loader, String provider, SslOptions options);
 
   static SslContextProvider[] providers() {
     return new SslContextProvider[] {new SslPkcs12Provider(), new SslX509Provider()};
 
@@ -5,31 +5,34 @@
  */
 package io.jooby.internal;
 
-import io.jooby.SneakyThrows;
-import io.jooby.SslOptions;
+import java.io.InputStream;
+import java.security.KeyStore;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
-import java.io.InputStream;
-import java.security.KeyStore;
+
+import io.jooby.SneakyThrows;
+import io.jooby.SslOptions;
 
 public class SslPkcs12Provider implements SslContextProvider {
 
   @Override public boolean supports(String type) {
     return SslOptions.PKCS12.equalsIgnoreCase(type);
   }
 
-  @Override public SSLContext create(ClassLoader loader, SslOptions options) {
+  @Override public SSLContext create(ClassLoader loader, String provider, SslOptions options) {
     try {
       KeyStore store = keystore(options, loader, options.getCert(), options.getPassword());
       KeyManagerFactory kmf = KeyManagerFactory
           .getInstance(KeyManagerFactory.getDefaultAlgorithm());
       kmf.init(store, toCharArray(options.getPassword()));
       KeyManager[] kms = kmf.getKeyManagers();
-      SSLContext context = SSLContext.getInstance("TLS");
+      SSLContext context = provider == null
+          ? SSLContext.getInstance("TLS")
+          : SSLContext.getInstance("TLS", provider);
 
       TrustManager[] tms;
       if (options.getTrustCert() != null) {
 
@@ -5,19 +5,20 @@
  */
 package io.jooby.internal;
 
+import java.io.InputStream;
+
+import javax.net.ssl.SSLContext;
+
 import io.jooby.SneakyThrows;
 import io.jooby.SslOptions;
 import io.jooby.internal.x509.SslContext;
 
-import javax.net.ssl.SSLContext;
-import java.io.InputStream;
-
 public class SslX509Provider implements SslContextProvider {
   @Override public boolean supports(String type) {
     return SslOptions.X509.equalsIgnoreCase(type);
   }
 
-  @Override public SSLContext create(ClassLoader loader, SslOptions options) {
+  @Override public SSLContext create(ClassLoader loader, String provider, SslOptions options) {
     try {
       InputStream trustCert;
       if (options.getTrustCert() == null) {
@@ -30,7 +31,8 @@ public class SslX509Provider implements SslContextProvider {
       String keyStorePass = null;
 
       SSLContext context = SslContext
-          .newServerContextInternal(trustCert, keyStoreCert, keyStoreKey, keyStorePass, 0, 0)
+          .newServerContextInternal(provider, trustCert, keyStoreCert, keyStoreKey,
+              keyStorePass, 0, 0)
           .context();
 
       return context;
 
@@ -62,7 +62,7 @@ public final class JdkSslServerContext extends JdkSslContext {
    * @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
    *        {@code 0} to use the default value.
    */
-  public JdkSslServerContext(final InputStream trustCertChainFile,
+  public JdkSslServerContext(final String provider, final InputStream trustCertChainFile,
       final InputStream keyCertChainFile, final InputStream keyFile, final String keyPassword,
       final long sessionCacheSize, final long sessionTimeout) throws SSLException {
 
@@ -75,7 +75,10 @@ public JdkSslServerContext(final InputStream trustCertChainFile,
           keyPassword);
 
       // Initialize the SSLContext to work with our key managers.
-      ctx = SSLContext.getInstance(PROTOCOL);
+      ctx = provider == null
+          ? SSLContext.getInstance(PROTOCOL)
+          : SSLContext.getInstance(PROTOCOL, provider);
+
       ctx.init(keyManagerFactory.getKeyManagers(),
           trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(),
           null);
 
@@ -86,11 +86,11 @@ public abstract class SslContext {
     }
   }
 
-  public static SslContext newServerContextInternal(
+  public static SslContext newServerContextInternal(final String provider,
       final InputStream trustCertChainFile,
       final InputStream keyCertChainFile, final InputStream keyFile, final String keyPassword,
       final long sessionCacheSize, final long sessionTimeout) throws SSLException {
-    return new JdkSslServerContext(trustCertChainFile, keyCertChainFile,
+    return new JdkSslServerContext(provider, trustCertChainFile, keyCertChainFile,
         keyFile, keyPassword, sessionCacheSize, sessionTimeout);
   }
Original file line number	Diff line number	Diff line change
`@@ -86,11 +86,11 @@ public abstract class SslContext {`
`86`	`86`	`}`
`87`	`87`	`}`
`88`	`88`
`89`		`- public static SslContext newServerContextInternal(`
	`89`	`+ public static SslContext newServerContextInternal(final String provider,`
`90`	`90`	`final InputStream trustCertChainFile,`
`91`	`91`	`final InputStream keyCertChainFile, final InputStream keyFile, final String keyPassword,`
`92`	`92`	`final long sessionCacheSize, final long sessionTimeout) throws SSLException {`
`93`		`- return new JdkSslServerContext(trustCertChainFile, keyCertChainFile,`
	`93`	`+ return new JdkSslServerContext(provider, trustCertChainFile, keyCertChainFile,`
`94`	`94`	`keyFile, keyPassword, sessionCacheSize, sessionTimeout);`
`95`	`95`	`}`
`96`	`96`