Add RestClient SSL support

Add `RestClientSsl` support class to help apply an `SslBundle` to a
`RestClient.Builder`.

See gh-36213

Author: philwebb

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/client/AutoConfiguredRestClientSsl.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.web.client;
+
+import java.util.function.Consumer;
+
+import org.springframework.boot.ssl.SslBundle;
+import org.springframework.boot.ssl.SslBundles;
+import org.springframework.boot.web.client.ClientHttpRequestFactories;
+import org.springframework.boot.web.client.ClientHttpRequestFactorySettings;
+import org.springframework.http.client.ClientHttpRequestFactory;
+import org.springframework.web.client.RestClient;
+
+/**
+ * An auto-configured {@link RestClientSsl} implementation.
+ *
+ * @author Phillip Webb
+ */
+class AutoConfiguredRestClientSsl implements RestClientSsl {
+
+	private final SslBundles sslBundles;
+
+	AutoConfiguredRestClientSsl(SslBundles sslBundles) {
+		this.sslBundles = sslBundles;
+	}
+
+	@Override
+	public Consumer<RestClient.Builder> fromBundle(String bundleName) {
+		return fromBundle(this.sslBundles.getBundle(bundleName));
+	}
+
+	@Override
+	public Consumer<RestClient.Builder> fromBundle(SslBundle bundle) {
+		return (builder) -> {
+			ClientHttpRequestFactorySettings settings = ClientHttpRequestFactorySettings.DEFAULTS.withSslBundle(bundle);
+			ClientHttpRequestFactory requestFactory = ClientHttpRequestFactories.get(settings);
+			builder.requestFactory(requestFactory);
+		};
+	}
+
+}

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/client/RestClientSsl.java

@@ -0,0 +1,68 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.web.client;
+
+import java.util.function.Consumer;
+
+import org.springframework.boot.ssl.NoSuchSslBundleException;
+import org.springframework.boot.ssl.SslBundle;
+import org.springframework.boot.web.client.ClientHttpRequestFactories;
+import org.springframework.boot.web.client.ClientHttpRequestFactorySettings;
+import org.springframework.http.client.ClientHttpRequestFactory;
+import org.springframework.web.client.RestClient;
+
+/**
+ * Interface that can be used to {@link RestClient.Builder#apply apply} SSL configuration
+ * to a {@link org.springframework.web.client.RestClient.Builder RestClient.Builder}.
+ * <p>
+ * Typically used as follows: <pre class="code">
+ * &#064;Bean
+ * public MyBean myBean(RestClient.Builder restClientBuilder, RestClientSsl ssl) {
+ *     RestClient restClientrestClient= restClientBuilder.apply(ssl.forBundle("mybundle")).build();
+ *     return new MyBean(webClient);
+ * }
+ * </pre> NOTE: Apply SSL configuration will replace any previously
+ * {@link RestClient.Builder#requestFactory configured} {@link ClientHttpRequestFactory}.
+ * If you need to configure {@link ClientHttpRequestFactory} with more than just SSL
+ * consider using a {@link ClientHttpRequestFactorySettings} with
+ * {@link ClientHttpRequestFactories}.
+ *
+ * @author Phillip Webb
+ * @since 3.2.0
+ */
+public interface RestClientSsl {
+
+	/**
+	 * Return a {@link Consumer} that will apply SSL configuration for the named
+	 * {@link SslBundle} to a {@link org.springframework.web.client.RestClient.Builder
+	 * RestClient.Builder}.
+	 * @param bundleName the name of the SSL bundle to apply
+	 * @return a {@link Consumer} to apply the configuration
+	 * @throws NoSuchSslBundleException if a bundle with the provided name does not exist
+	 */
+	Consumer<RestClient.Builder> fromBundle(String bundleName) throws NoSuchSslBundleException;
+
+	/**
+	 * Return a {@link Consumer} that will apply SSL configuration for the
+	 * {@link SslBundle} to a {@link org.springframework.web.client.RestClient.Builder
+	 * RestClient.Builder}.
+	 * @param bundle the SSL bundle to apply
+	 * @return a {@link Consumer} to apply the configuration
+	 */
+	Consumer<RestClient.Builder> fromBundle(SslBundle bundle);
+
+}

spring-boot-project/spring-boot-docs/src/docs/asciidoc/io/rest-client.adoc

@@ -107,6 +107,22 @@ In that case, no auto-configuration or `RestClientCustomizer` is applied.
 
 
 
+[[io.rest-client.restclient.ssl]]
+==== RestClient SSL Support
+If you need custom SSL configuration on the `ClientHttpRequestFactory` used by the `RestClient`, you can inject a `RestClientSsl` instance that can be used with the builder's `apply` method.
+
+The `RestClientSsl` interface provides access to any <<features#features.ssl.bundles,SSL bundles>> that you have defined in your `application.properties` or `application.yaml` file.
+
+The following code shows a typical example:
+
+include::code:MyService[]
+
+If you need to apply other customization in addition to an SSL bundle, you can use the `ClientHttpRequestFactorySettings` class with `ClientHttpRequestFactories`:
+
+include::code:settings/MyService[]
+
+
+
 [[io.rest-client.resttemplate]]
 === RestTemplate
 Spring Framework's {spring-framework-api}/web/client/RestTemplate.html[`RestTemplate`] class predates `RestClient` and is the classic way that many applications use to call remote REST services.

spring-boot-project/spring-boot-docs/src/main/java/org/springframework/boot/docs/io/restclient/restclient/ssl/MyService.java

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl;
+
+import org.springframework.boot.autoconfigure.web.client.RestClientSsl;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestClient;
+
+@Service
+public class MyService {
+
+	private final RestClient restClient;
+
+	public MyService(RestClient.Builder restClientBuilder, RestClientSsl ssl) {
+		this.restClient = restClientBuilder.baseUrl("https://example.org").apply(ssl.fromBundle("mybundle")).build();
+	}
+
+	public Details someRestCall(String name) {
+		return this.restClient.get().uri("/{name}/details", name).retrieve().body(Details.class);
+	}
+
+}

spring-boot-project/spring-boot-docs/src/main/java/org/springframework/boot/docs/io/restclient/restclient/ssl/settings/Details.java

@@ -0,0 +1,21 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl.settings;
+
+public class Details {
+
+}

spring-boot-project/spring-boot-docs/src/main/java/org/springframework/boot/docs/io/restclient/restclient/ssl/settings/MyService.java

@@ -0,0 +1,45 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl.settings;
+
+import java.time.Duration;
+
+import org.springframework.boot.ssl.SslBundles;
+import org.springframework.boot.web.client.ClientHttpRequestFactories;
+import org.springframework.boot.web.client.ClientHttpRequestFactorySettings;
+import org.springframework.http.client.ClientHttpRequestFactory;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestClient;
+
+@Service
+public class MyService {
+
+	private final RestClient restClient;
+
+	public MyService(RestClient.Builder restClientBuilder, SslBundles sslBundles) {
+		ClientHttpRequestFactorySettings settings = ClientHttpRequestFactorySettings.DEFAULTS
+			.withReadTimeout(Duration.ofMinutes(2))
+			.withSslBundle(sslBundles.getBundle("mybundle"));
+		ClientHttpRequestFactory requestFactory = ClientHttpRequestFactories.get(settings);
+		this.restClient = restClientBuilder.baseUrl("https://example.org").requestFactory(requestFactory).build();
+	}
+
+	public Details someRestCall(String name) {
+		return this.restClient.get().uri("/{name}/details", name).retrieve().body(Details.class);
+	}
+
+}

spring-boot-project/spring-boot-docs/src/main/kotlin/org/springframework/boot/docs/io/restclient/restclient/ssl/Details.kt

@@ -0,0 +1,19 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl
+
+class Details

spring-boot-project/spring-boot-docs/src/main/kotlin/org/springframework/boot/docs/io/restclient/restclient/ssl/MyService.kt

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl
+
+import org.springframework.boot.autoconfigure.web.client.RestClientSsl
+import org.springframework.boot.docs.io.restclient.restclient.ssl.settings.Details
+import org.springframework.stereotype.Service
+import org.springframework.web.client.RestClient
+
+@Service
+class MyService(restClientBuilder: RestClient.Builder, ssl: RestClientSsl) {
+
+	private val restClient: RestClient
+
+	init {
+		restClient = restClientBuilder.baseUrl("https://example.org")
+				.apply(ssl.fromBundle("mybundle")).build()
+	}
+
+	fun someRestCall(name: String?): Details {
+		return restClient.get().uri("/{name}/details", name)
+				.retrieve().body(Details::class.java)!!
+	}
+
+}

spring-boot-project/spring-boot-docs/src/main/kotlin/org/springframework/boot/docs/io/restclient/restclient/ssl/settings/Details.kt

@@ -0,0 +1,19 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl.settings
+
+class Details

spring-boot-project/spring-boot-docs/src/main/kotlin/org/springframework/boot/docs/io/restclient/restclient/ssl/settings/MyService.kt

@@ -0,0 +1,46 @@
+/*
+ * Copyright 2012-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.docs.io.restclient.restclient.ssl.settings
+
+import org.springframework.boot.ssl.SslBundles
+import org.springframework.boot.web.client.ClientHttpRequestFactories
+import org.springframework.boot.web.client.ClientHttpRequestFactorySettings
+import org.springframework.stereotype.Service
+import org.springframework.web.client.RestClient
+import java.time.Duration
+
+@Service
+class MyService(restClientBuilder: RestClient.Builder, sslBundles: SslBundles) {
+
+	private val restClient: RestClient
+
+	init {
+		val settings = ClientHttpRequestFactorySettings.DEFAULTS
+				.withReadTimeout(Duration.ofMinutes(2))
+				.withSslBundle(sslBundles.getBundle("mybundle"))
+		val requestFactory = ClientHttpRequestFactories.get(settings)
+		restClient = restClientBuilder
+				.baseUrl("https://example.org")
+				.requestFactory(requestFactory).build()
+	}
+
+	fun someRestCall(name: String?): Details {
+		return restClient.get().uri("/{name}/details", name).retrieve().body(Details::class.java)!!
+	}
+
+}
+