Merge pull request #44 from AntonyVorontsov/feature/ssl-option

Feature/ssl option

Author: antonyvorontsov

RabbitMQ.Client.Core.DependencyInjection.sln

@@ -47,6 +47,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Examples.AdvancedConfigurat
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Examples.BatchMessageHandler", "examples\Examples.BatchMessageHandler\Examples.BatchMessageHandler.csproj", "{BC9BE326-AEFE-42F2-B592-80126188514D}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Example.SslProducer", "examples\Example.SslProducer\Example.SslProducer.csproj", "{863CDE58-B16B-4058-8C48-DB78058DDDC9}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -81,6 +83,10 @@ Global
 		{BC9BE326-AEFE-42F2-B592-80126188514D}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{BC9BE326-AEFE-42F2-B592-80126188514D}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{BC9BE326-AEFE-42F2-B592-80126188514D}.Release|Any CPU.Build.0 = Release|Any CPU
+		{863CDE58-B16B-4058-8C48-DB78058DDDC9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{863CDE58-B16B-4058-8C48-DB78058DDDC9}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{863CDE58-B16B-4058-8C48-DB78058DDDC9}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{863CDE58-B16B-4058-8C48-DB78058DDDC9}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -94,6 +100,7 @@ Global
 		{85907F19-00B0-4BA6-9B7C-0452A174903D} = {9D0289B2-C566-46CC-A53A-471BCBA0F277}
 		{0C713913-8D54-49E7-AADD-45497216E2EF} = {04EFD8F7-5120-4072-9728-64203F6F4873}
 		{BC9BE326-AEFE-42F2-B592-80126188514D} = {04EFD8F7-5120-4072-9728-64203F6F4873}
+		{863CDE58-B16B-4058-8C48-DB78058DDDC9} = {04EFD8F7-5120-4072-9728-64203F6F4873}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {0EBBD182-65B2-47F9-ABBE-64B5B8C9652F}

examples/Example.SslProducer/Example.SslProducer.csproj

@@ -0,0 +1,24 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <OutputType>Exe</OutputType>
+        <TargetFramework>netcoreapp3.1</TargetFramework>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Microsoft.Extensions.Configuration" Version="3.1.3" />
+        <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="3.1.3" />
+    </ItemGroup>
+    
+    <ItemGroup>
+      <ProjectReference Include="..\..\src\RabbitMQ.Client.Core.DependencyInjection\RabbitMQ.Client.Core.DependencyInjection.csproj" />
+    </ItemGroup>
+    
+    <ItemGroup>
+      <None Remove="appsettings.json" />
+      <Content Include="appsettings.json">
+        <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+      </Content>
+    </ItemGroup>
+
+</Project>

examples/Example.SslProducer/Program.cs

@@ -0,0 +1,92 @@
+using System.Collections.Generic;
+using System.IO;
+using System.Net.Security;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using RabbitMQ.Client.Core.DependencyInjection;
+using RabbitMQ.Client.Core.DependencyInjection.Configuration;
+using RabbitMQ.Client.Core.DependencyInjection.Services;
+
+namespace Example.SslProducer
+{
+    public static class Program
+    {
+        public static IConfiguration Configuration { get; set; }
+
+        public static async Task Main()
+        {
+            var builder = new ConfigurationBuilder()
+                .SetBasePath(Directory.GetCurrentDirectory())
+                .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true);
+            Configuration = builder.Build();
+
+            var serviceCollection = new ServiceCollection();
+            ConfigureServices(serviceCollection);
+
+            var serviceProvider = serviceCollection.BuildServiceProvider();
+            var queueService = serviceProvider.GetRequiredService<IQueueService>();
+
+            for (var i = 0; i < 10; i++)
+            {
+                var message = new
+                {
+                    Name = "Custom message",
+                    Flag = true,
+                    Index = i,
+                    Numbers = new[] { 1, 2, 3 }
+                };
+                await queueService.SendAsync(message, "exchange.name", "routing.key");
+            }
+        }
+
+        static void ConfigureServices(IServiceCollection services)
+        {
+            // You can either use a json configuration or bind options by yourself.
+            var rabbitMqConfiguration = Configuration.GetSection("RabbitMq");
+            // There are both examples of json and manual configuration.
+            //var rabbitMqConfiguration = GetClientOptions();
+            
+            var exchangeOptions = GetExchangeOptions();
+            
+            services.AddRabbitMqClient(rabbitMqConfiguration)
+                .AddProductionExchange("exchange.name", exchangeOptions);
+        }
+
+        static RabbitMqClientOptions GetClientOptions() =>
+            new RabbitMqClientOptions
+            {
+                UserName = "guest",
+                Password = "guest",
+                TcpEndpoints = new List<RabbitMqTcpEndpoint>
+                {
+                    new RabbitMqTcpEndpoint
+                    {
+                        HostName = "127.0.0.1",
+                        Port = 5671,
+                        SslOption = new RabbitMqSslOption
+                        {
+                            Enabled = true,
+                            ServerName = "yourCA",
+                            CertificatePath = "/path/tp/client-key-store.p12",
+                            CertificatePassphrase = "yourPathPhrase",
+                            AcceptablePolicyErrors = SslPolicyErrors.RemoteCertificateChainErrors | SslPolicyErrors.RemoteCertificateNameMismatch
+                        }
+                    }
+                }
+            };
+
+        static RabbitMqExchangeOptions GetExchangeOptions() =>
+            new RabbitMqExchangeOptions
+            {
+                Queues = new List<RabbitMqQueueOptions>
+                {
+                    new RabbitMqQueueOptions
+                    {
+                        Name = "myqueue",
+                        RoutingKeys = new HashSet<string> { "routing.key" }
+                    }
+                }
+            };
+    }
+}

examples/Example.SslProducer/appsettings.json

@@ -0,0 +1,27 @@
+{
+    "RabbitMq": {
+        "TcpEndpoints": [
+            {
+                "HostName": "127.0.0.1",
+                "Port": 5671,
+                "SslOption": {
+                    "Enabled": true,
+                    "ServerName": "yourCA",
+                    "CertificatePath": "/path/tp/client-key-store.p12",
+                    "CertificatePassphrase": "yourPathPhrase",
+                    "AcceptablePolicyErrors": "RemoteCertificateChainErrors, RemoteCertificateNameMismatch"
+                }
+            }
+        ],
+        "UserName": "guest",
+        "Password": "guest"
+    },
+    "RabbitMqExchange": {
+        "Queues": [
+            {
+                "Name": "myqueue",
+                "RoutingKeys": [ "routing.key" ]
+            }
+        ]
+    }
+}

src/RabbitMQ.Client.Core.DependencyInjection/Configuration/RabbitMqSslOption.cs

@@ -0,0 +1,38 @@
+using System.Net.Security;
+
+namespace RabbitMQ.Client.Core.DependencyInjection.Configuration
+{
+    /// <summary>
+    /// Ssl option model.
+    /// </summary>
+    public class RabbitMqSslOption
+    {
+        /// <summary>
+        /// Canonical server name.
+        /// </summary>
+        public string ServerName { get; set; }
+        
+        /// <summary>
+        /// Path to the certificate.
+        /// </summary>
+        public string CertificatePath { get; set; }
+        
+        /// <summary>
+        /// A passphrase for the certificate.
+        /// </summary>
+        public string CertificatePassphrase { get; set; }
+
+        /// <summary>
+        /// Flag that defines if certificate should be used.
+        /// </summary>
+        public bool Enabled { get; set; } = true;
+        
+        /// <summary>
+        /// Acceptable policy errors.
+        /// </summary>
+        /// <remarks>
+        /// SslPolicyErrors is a flag enum, so you can have multiple set values.
+        /// </remarks>
+        public SslPolicyErrors? AcceptablePolicyErrors { get; set; }
+    }
+}

src/RabbitMQ.Client.Core.DependencyInjection/Configuration/RabbitMqTcpEndpoint.cs

@@ -14,5 +14,13 @@ public class RabbitMqTcpEndpoint
         /// Tcp connection port.
         /// </summary>
         public int Port { get; set; } = 5672;
+        
+        /// <summary>
+        /// Ssl option.
+        /// </summary>
+        /// <remarks>
+        /// Should be null if certificate should not be used.
+        /// </remarks>
+        public RabbitMqSslOption SslOption { get; set; }
     }
 }

src/RabbitMQ.Client.Core.DependencyInjection/Services/RabbitMqConnectionFactory.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using RabbitMQ.Client.Core.DependencyInjection.Configuration;
@@ -41,8 +42,7 @@ public IConnection CreateRabbitMqConnection(RabbitMqClientOptions options)
 
             if (options.TcpEndpoints?.Any() == true)
             {
-                var clientEndpoints = options.TcpEndpoints.Select(x => new AmqpTcpEndpoint(x.HostName, x.Port)).ToList();
-                return TryToCreateConnection(() => factory.CreateConnection(clientEndpoints), options.InitialConnectionRetries, options.InitialConnectionRetryTimeoutMilliseconds);
+                return CreateConnectionWithTcpEndpoints(options, factory);
             }
 
             return string.IsNullOrEmpty(options.ClientProvidedName)
@@ -57,6 +57,35 @@ public IConnection CreateRabbitMqConnection(RabbitMqClientOptions options)
         /// <returns>A consumer instance <see cref="AsyncEventingBasicConsumer"/>.</returns>
         public AsyncEventingBasicConsumer CreateConsumer(IModel channel) => new AsyncEventingBasicConsumer(channel);
 
+        static IConnection CreateConnectionWithTcpEndpoints(RabbitMqClientOptions options, ConnectionFactory factory)
+        {
+            var clientEndpoints = new List<AmqpTcpEndpoint>();
+            foreach (var endpoint in options.TcpEndpoints)
+            {
+                var sslOption = endpoint.SslOption;
+                if (sslOption != null)
+                {
+                    var convertedOption = new SslOption(sslOption.ServerName, sslOption.CertificatePath, sslOption.Enabled);
+                    if (!string.IsNullOrEmpty(sslOption.CertificatePassphrase))
+                    {
+                        convertedOption.CertPassphrase = sslOption.CertificatePassphrase;
+                    }
+
+                    if (sslOption.AcceptablePolicyErrors != null)
+                    {
+                        convertedOption.AcceptablePolicyErrors = sslOption.AcceptablePolicyErrors.Value;
+                    }
+
+                    clientEndpoints.Add(new AmqpTcpEndpoint(endpoint.HostName, endpoint.Port, convertedOption));
+                }
+                else
+                {
+                    clientEndpoints.Add(new AmqpTcpEndpoint(endpoint.HostName, endpoint.Port));
+                }
+            }
+            return TryToCreateConnection(() => factory.CreateConnection(clientEndpoints), options.InitialConnectionRetries, options.InitialConnectionRetryTimeoutMilliseconds);
+        }
+
         static IConnection CreateNamedConnection(RabbitMqClientOptions options, ConnectionFactory factory)
         {
             if (options.HostNames?.Any() == true)