netty - WebClientRequestException 与 Netty WebClient OIDC

问题描述

使用 https 连接到远程令牌端点（spring cloud oidc 授权代码流）时出现以下问题。我正在使用以下自定义 netty webClient ：

private WebClient buildSslEnabledWebClient() throws Exception {
        final String trustStorePath = ssl.getTrustStore();
        final String trustStorePassword = ssl.getTrustStorePassword();
        final KeyStore trustStore = createKeyStore(trustStorePath, trustStorePassword);

       Certificate cert= trustStore.getCertificate("bas-wallet");
        try {

            final TrustManagerFactory trustManager = TrustManagerFactory
                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManager.init(trustStore);

            final SslContext sslContext = SslContextBuilder.forClient().trustManager(trustManager)
                    .build();

            final HttpClient httpClient = HttpClient.create()
                    .tcpConfiguration(tcpClient -> tcpClient
                            .proxy(proxy -> proxy
                                    .type(ProxyProvider.Proxy.HTTP)
                                    .host("10.O.O.2")
                                    .port(3128)))
                    .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 50000)
                    .option(ChannelOption.SO_KEEPALIVE, true)
                    .option(EpollChannelOption.TCP_KEEPIDLE, 300)
                    .option(EpollChannelOption.TCP_KEEPINTVL, 60)
                    .option(EpollChannelOption.TCP_KEEPCNT, 8)
                    .secure(ssl -> (
                ssl.sslContext(sslContext))
                    .handshakeTimeout(Duration.ofSeconds(30))
                    .closeNotifyFlushTimeout(Duration.ofSeconds(10))
                    .closeNotifyReadTimeout(Duration.ofSeconds(10)));

            return WebClient.builder().clientConnector(new ReactorClientHttpConnector(httpClient)).build();

        } catch (NoSuchAlgorithmException | KeyStoreException | SSLException e) {
            e.printStackTrace();
            throw e;
        }
    }

我总是收到连接超时异常：

rg.springframework.web.reactive.function.client.WebClientRequestException: Connection timed out: no further information: auth.bas.esw.esante.gouv.fr/81.80.251.57:443; nested exception is io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection timed out: no further information: auth.bas.esw.esante.gouv.fr/81.80.251.57:443
    at org.springframework.web.reactive.function.client.ExchangeFunctions$DefaultExchangeFunction.lambda$wrapException$9(ExchangeFunctions.java:141) ~[spring-webflux-5.3.9.jar:5.3.9]
    Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException: 
Error has been observed at the following site(s):
    |_ checkpoint ⇢ Request to POST https://auth.bas.esw.esante.gouv.fr/auth/realms/esante-wallet/protocol/openid-connect/token [DefaultWebClient]
    |_ checkpoint ⇢ org.springframework.s

标签： nettyopenid-connectwebclienttimeoutexception