Configurable timeouts on UrlConnection

Question

Configurable timeouts on UrlConnection

alienintheheights opened this issue 4 years ago · 6 comments

Configurable timeouts on UrlConnection

Make the timeout value for URL connections configurable, not hardcoded.

Problem

The timeouts for connecting to endpoints are hardcoded in AbstractHttpHelper.buildURLConnection(). They are too short for our environments.

Solution

properties or constructor based timeout options

Alternatives/workarounds

using our own impl for JWK, but we'd rather not because we like fusionauth

Additional context

this is especially problematic when working with various dev environments

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

Answer 1 · 2021-04-15T17:44:35.000Z

Hi @alienintheheights - I'm not finding that class anywhere quickly. Can you provide more information about the code you are referencing here? Where does it exist and how are you seeing the hardcoded values?

Answer 2 · 2021-04-15T18:01:17.000Z

I found it by looking at public static List<JSONWebKey> retrieveKeysFromJWKS(String endpoint) which calls io.fusionauth.http.AbstractHttpHelper

https://github.com/FusionAuth/fusionauth-jwt/blob/f2f987502dc682f644a9c5293357b6259e48e0f2/src/main/java/io/fusionauth/http/AbstractHttpHelper.java

protected static HttpURLConnection buildURLConnection(String endpoint) {
    try {
      HttpURLConnection urlConnection = (HttpURLConnection) new URL(endpoint).openConnection();
      urlConnection.setDoOutput(true);
      urlConnection.setConnectTimeout(3_000);
      urlConnection.setReadTimeout(2_000);
      urlConnection.addRequestProperty("User-Agent", "fusionauth-jwt (https://github.com/FusionAuth/fusionauth-jwt)");
      return urlConnection;
    } catch (IOException e) {
      throw new JSONWebKeySetHelper.JSONWebKeySetException("Failed to build connection to [" + endpoint + "].", e);
    }
  }

My current workaround is to construct my own HttpURLConnection which I pass to this method instead:

public static List<JSONWebKey> retrieveKeysFromJWKS(HttpURLConnection httpURLConnection) {

But I was hoping to avoid getting that low-level in the client code.

Answer 3 · 2021-04-15T18:30:35.000Z

Seems reasonable.

Answer 4 · 2021-04-19T03:55:12.000Z

Can you already do this?

For example

JSONWebKeySetHelper.retrieveKeysFromJWKS(HttpURLConnection httpURLConnection);

Maybe not ideal, you'd have to build the connection object, but if you do this, you can specify any time out you like.

Maybe we can add another method that takes a consumer so that you can modify it inline.

Answer 5 · 2021-04-19T04:13:38.000Z

Added some additional methods under this comment. baa3457

Will this work for you?

Example usage:

retrieveKeysFromJWKS("https://acme.com/jwks", connection -> connection.setConnectTimeout(5_000));

Answer 6 · 2021-04-22T15:09:10.000Z

4.2.0 is released.