support sni_host_check and sni_required flags within port-uri json

[havetisyan]

Description

Contribution Checklist:

• The pull request does not introduce any breaking changes
• I have read the contribution guidelines.
• Create an issue and link to the pull request.

Attach Screenshots (Optional)

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily focuses on improving the flexibility of HTTPS connector configuration in the Jetty container by integrating SNI host check and required flags directly into the port-uri.json schema. This change allows administrators to define SNI behavior on a per-port basis, moving away from global property-based settings. Alongside this core enhancement, the PR includes significant updates to various test suites, ensuring the stability and correctness of the new configuration options and other filter functionalities.

Highlights

• Enhanced HTTPS Connector Configuration: The Jetty container now supports configuring sni_host_check and sni_required flags directly within the port-uri.json file for each port, providing more granular control over Server Name Indication (SNI) behavior.
• PortConfig Model Update: The PortConfig class has been extended to include new properties for sniRequired and sniHostCheck, allowing these settings to be deserialized from the JSON configuration.
• Refactored Connector Creation Logic: The addConnectorsFromPortConfig method in AthenzJettyContainer was updated to retrieve SNI-related settings from the PortConfig object rather than passing them as direct parameters, streamlining the configuration flow.
• Improved Test Coverage and Filter Logic: Several test files have been updated with new and expanded test cases for PortConfig, ETagFilter, PortFilter, and RateLimitFilter, enhancing the robustness and reliability of these components. The PortFilter's path matching methods were also made protected for better testability.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request successfully implements support for sni_host_check and sni_required flags within the port-uri.json configuration. This is achieved by extending the PortConfig class with the new properties and updating AthenzJettyContainer to utilize these configuration values when connectors are built from the port-uri.json file. The changes also include comprehensive unit tests for the new PortConfig fields and expanded test coverage for ETagFilter and PortFilter, which is a positive contribution to the codebase's robustness. The refactoring of pathMatches and getMatchDescription methods in PortFilter to protected visibility enhances testability. Overall, the changes are well-implemented and align with the stated objective.