feat: support HTTP proxy in client SDK

contract-tests/client-contract-tests/src/entity_manager.cpp

@@ -1,4 +1,4 @@
 #include "entity_manager.hpp"
 
 #include <launchdarkly/config/client.hpp>
 #include <launchdarkly/context_builder.hpp>
@@ -17,7 +17,7 @@
       logger_{logger} {}
 
 static tl::expected<launchdarkly::Context, launchdarkly::JsonError>
 ParseContext(nlohmann::json value) {
     auto boost_json_val = boost::json::parse(value.dump());
     return boost::json::value_to<
         tl::expected<launchdarkly::Context, launchdarkly::JsonError>>(
@@ -38,6 +38,12 @@
             .PollingBaseUrl(default_endpoints.PollingBaseUrl())
             .StreamingBaseUrl(default_endpoints.StreamingBaseUrl());
 
+    if (in.proxy) {
+        if (in.proxy->httpProxy) {
+            config_builder.HttpProperties().HttpProxy(*in.proxy->httpProxy);
+        }
+    }
+
     if (in.serviceEndpoints) {
         if (in.serviceEndpoints->streaming) {
             endpoints.StreamingBaseUrl(*in.serviceEndpoints->streaming);

contract-tests/client-contract-tests/src/main.cpp

@@ -1,4 +1,4 @@
 #include "server.hpp"
 
 #include <launchdarkly/logging/console_backend.hpp>
 
@@ -18,7 +18,7 @@
 using launchdarkly::LogLevel;
 
 int main(int argc, char* argv[]) {
     launchdarkly::Logger logger{
         std::make_unique<ConsoleBackend>("client-contract-tests")};
 
     std::string const default_port = "8123";
@@ -31,8 +31,8 @@
     try {
         net::io_context ioc{1};
 
         auto p = boost::lexical_cast<unsigned short>(port);
         server srv(ioc, "0.0.0.0", p, logger);
 
         srv.add_capability("client-side");
         srv.add_capability("mobile");
@@ -46,7 +46,8 @@
         srv.add_capability("tls:verify-peer");
         srv.add_capability("tls:skip-verify-peer");
         srv.add_capability("tls:custom-ca");
-
+        srv.add_capability("http-proxy");
+
         net::signal_set signals{ioc, SIGINT, SIGTERM};
 
         boost::asio::spawn(ioc.get_executor(), [&](auto yield) mutable {

contract-tests/data-model/include/data_model/data_model.hpp

@@ -3,7 +3,7 @@
 #include <optional>
 #include <string>
 #include <unordered_map>
 #include "nlohmann/json.hpp"
 
 namespace nlohmann {
 template <typename T>
@@ -37,6 +37,12 @@
                                                 skipVerifyPeer,
                                                 customCAFile);
 
+struct ConfigProxyParams {
+    std::optional<std::string> httpProxy;
+};
+
+NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE_WITH_DEFAULT(ConfigProxyParams, httpProxy);
+
 struct ConfigStreamingParams {
     std::optional<std::string> baseUri;
     std::optional<uint32_t> initialRetryDelayMs;
@@ -59,7 +65,7 @@
                                                 pollIntervalMs,
                                                 filter);
 
 struct ConfigEventParams {
     std::optional<std::string> baseUri;
     std::optional<uint32_t> capacity;
     std::optional<bool> enableDiagnostics;
@@ -87,7 +93,7 @@
                                                 polling,
                                                 events);
 
 struct ConfigClientSideParams {
     nlohmann::json initialContext;
     std::optional<bool> evaluationReasons;
     std::optional<bool> useReport;
@@ -118,6 +124,7 @@
     std::optional<ConfigClientSideParams> clientSide;
     std::optional<ConfigTags> tags;
     std::optional<ConfigTLSParams> tls;
+    std::optional<ConfigProxyParams> proxy;
 };
 
 NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE_WITH_DEFAULT(ConfigParams,
@@ -130,9 +137,10 @@
                                                 serviceEndpoints,
                                                 clientSide,
                                                 tags,
-                                                tls);
+                                                tls,
+                                                proxy);
 
 struct ContextSingleParams {
     std::optional<std::string> kind;
     std::string key;
     std::optional<std::string> name;
@@ -227,7 +235,7 @@
                                                 defaultValue,
                                                 detail);
 
 struct EvaluateFlagResponse {
     nlohmann::json value;
     std::optional<uint32_t> variationIndex;
     std::optional<nlohmann::json> reason;
@@ -238,7 +246,7 @@
                                                 variationIndex,
                                                 reason);
 
 struct EvaluateAllFlagParams {
     std::optional<nlohmann::json> context;
     std::optional<bool> withReasons;
     std::optional<bool> clientSideOnly;
@@ -251,7 +259,7 @@
                                                 clientSideOnly,
                                                 detailsOnlyForTrackedFlags);
 
 struct EvaluateAllFlagsResponse {
     nlohmann::json state;
 };
 

libs/client-sdk/include/launchdarkly/client_side/bindings/c/config/builder.h

@@ -421,6 +421,28 @@ LDClientConfigBuilder_HttpProperties_Header(LDClientConfigBuilder b,
                                             char const* key,
                                             char const* value);
 
+/**
+ * Specifies an HTTP proxy which the client should use to communicate
+ * with LaunchDarkly.
+ *
+ * SDK <-- HTTP, plaintext --> Proxy <-- HTTPS --> LaunchDarkly
+ *
+ * This setting affects streaming mode, polling mode, and event delivery.
+ * The argument should be of the form: 'http://proxy.example.com:8080'.
+ *
+ * The scheme must be 'http' and the port is optional (80 if not
+ * specified.)
+ *
+ * The SDK respects the 'http_proxy' environment variable as an alternative
+ * to this method. If both are set, this method takes precedence.
+ *
+ * @param b Client config builder. Must not be NULL.
+ * @param http_proxy HTTP proxy URL. Must not be NULL.
+ */
+LD_EXPORT(void)
+LDClientConfigBuilder_HttpProperties_HttpProxy(LDClientConfigBuilder b,
+                                               char const* http_proxy);
+
 /**
  * Sets the TLS options builder. The builder is automatically freed.
  *

libs/client-sdk/src/bindings/c/builder.cpp

@@ -311,6 +311,15 @@ LDClientConfigBuilder_HttpProperties_Header(LDClientConfigBuilder b,
     TO_BUILDER(b)->HttpProperties().Header(key, value);
 }
 
+LD_EXPORT(void)
+LDClientConfigBuilder_HttpProperties_HttpProxy(LDClientConfigBuilder b,
+                                               char const* http_proxy) {
+    LD_ASSERT_NOT_NULL(b);
+    LD_ASSERT_NOT_NULL(http_proxy);
+
+    TO_BUILDER(b)->HttpProperties().HttpProxy(http_proxy);
+}
+
 LD_EXPORT(void)
 LDClientConfigBuilder_HttpProperties_Tls(
     LDClientConfigBuilder b,

libs/client-sdk/src/data_sources/streaming_data_source.cpp

@@ -121,6 +121,10 @@ void StreamingDataSource::Start() {
         client_builder.custom_ca_file(*ca_file);
     }
 
+    if (http_config_.HttpProxy()) {
+        client_builder.http_proxy(*http_config_.HttpProxy());
+    }
+
     auto weak_self = weak_from_this();
 
     client_builder.receiver([weak_self](launchdarkly::sse::Event const& event) {

libs/common/include/launchdarkly/config/shared/builders/http_properties_builder.hpp

@@ -7,6 +7,7 @@
 #include <vector>
 
 #include <launchdarkly/config/shared/built/http_properties.hpp>
+#include <launchdarkly/config/shared/sdks.hpp>
 
 namespace launchdarkly::config::shared::builders {
 
@@ -179,9 +180,32 @@ class HttpPropertiesBuilder {
     HttpPropertiesBuilder& Tls(TlsBuilder<SDK> builder);
 
     /**
-     * Build a set of HttpProperties.
-     * @return The built properties.
+     * NOTE: This method and the associated 'http_proxy' environment variable
+     * are only available for the client-side SDK.
+     *
+     * Specifies an HTTP proxy which the SDK should use to communicate
+     * with LaunchDarkly.
+     *
+     * SDK <-- HTTP, plaintext --> Proxy <-- HTTPS --> LaunchDarkly
+     *
+     * This setting affects streaming mode, polling mode, and event delivery.
+     * The argument should be of the form: 'http://proxy.example.com:8080'.
+     *
+     * The scheme must be 'http' and the port is optional (80 if not
+     * specified.)
+     *
+     * The SDK respects the 'http_proxy' environment variable as an alternative
+     * to this method. If both are set, this method takes precedence.
+     *
+     * @param http_proxy HTTP proxy URL.
      */
+    template <typename T = SDK,
+              std::enable_if_t<std::is_same_v<T, ClientSDK>, int> = 0>
+    HttpPropertiesBuilder& HttpProxy(std::string http_proxy) {
+        http_proxy_ = std::move(http_proxy);
+        return *this;
+    }
+
     [[nodiscard]] built::HttpProperties Build() const;
 
    private:
@@ -193,6 +217,7 @@ class HttpPropertiesBuilder {
     std::string wrapper_version_;
     std::map<std::string, std::string> base_headers_;
     TlsBuilder<SDK> tls_;
+    std::optional<std::string> http_proxy_;
 };
 
 }  // namespace launchdarkly::config::shared::builders

libs/common/include/launchdarkly/config/shared/built/http_properties.hpp

@@ -30,7 +30,8 @@ class HttpProperties final {
                    std::chrono::milliseconds write_timeout,
                    std::chrono::milliseconds response_timeout,
                    std::map<std::string, std::string> base_headers,
-                   TlsOptions tls);
+                   TlsOptions tls,
+                   std::optional<std::string> http_proxy);
 
     [[nodiscard]] std::chrono::milliseconds ConnectTimeout() const;
     [[nodiscard]] std::chrono::milliseconds ReadTimeout() const;
@@ -41,15 +42,16 @@ class HttpProperties final {
 
     [[nodiscard]] TlsOptions const& Tls() const;
 
+    [[nodiscard]] std::optional<std::string> HttpProxy() const;
+
    private:
     std::chrono::milliseconds connect_timeout_;
     std::chrono::milliseconds read_timeout_;
     std::chrono::milliseconds write_timeout_;
     std::chrono::milliseconds response_timeout_;
     std::map<std::string, std::string> base_headers_;
     TlsOptions tls_;
-
-    // TODO: Proxy.
+    std::optional<std::string> http_proxy_;
 };
 
 bool operator==(HttpProperties const& lhs, HttpProperties const& rhs);

libs/common/include/launchdarkly/config/shared/defaults.hpp

@@ -57,7 +57,8 @@ struct Defaults<ClientSDK> {
                 std::chrono::seconds{10},
                 std::chrono::seconds{10},
                 std::map<std::string, std::string>(),
-                TLS()};
+                TLS(),
+                std::nullopt};
     }
 
     static auto StreamingConfig() -> shared::built::StreamingConfig<ClientSDK> {
@@ -105,7 +106,8 @@ struct Defaults<ServerSDK> {
                 std::chrono::seconds{10},
                 std::chrono::seconds{10},
                 std::map<std::string, std::string>(),
-                TLS()};
+                TLS(),
+                std::nullopt};
     }
 
     static auto StreamingConfig() -> built::StreamingConfig<ServerSDK> {

libs/common/src/config/http_properties.cpp

@@ -4,15 +4,14 @@
 
 namespace launchdarkly::config::shared::built {
 
-TlsOptions::TlsOptions(TlsOptions::VerifyMode verify_mode,
+TlsOptions::TlsOptions(VerifyMode const verify_mode,
                        std::optional<std::string> ca_bundle_path)
     : verify_mode_(verify_mode), ca_bundle_path_(std::move(ca_bundle_path)) {}
 
-TlsOptions::TlsOptions(TlsOptions::VerifyMode verify_mode)
+TlsOptions::TlsOptions(VerifyMode const verify_mode)
     : TlsOptions(verify_mode, std::nullopt) {}
 
-TlsOptions::TlsOptions()
-    : TlsOptions(TlsOptions::VerifyMode::kVerifyPeer, std::nullopt) {}
+TlsOptions::TlsOptions() : TlsOptions(VerifyMode::kVerifyPeer, std::nullopt) {}
 
 TlsOptions::VerifyMode TlsOptions::PeerVerifyMode() const {
     return verify_mode_;
@@ -27,13 +26,15 @@ HttpProperties::HttpProperties(std::chrono::milliseconds connect_timeout,
                                std::chrono::milliseconds write_timeout,
                                std::chrono::milliseconds response_timeout,
                                std::map<std::string, std::string> base_headers,
-                               TlsOptions tls)
+                               TlsOptions tls,
+                               std::optional<std::string> http_proxy)
     : connect_timeout_(connect_timeout),
       read_timeout_(read_timeout),
       write_timeout_(write_timeout),
       response_timeout_(response_timeout),
       base_headers_(std::move(base_headers)),
-      tls_(std::move(tls)) {}
+      tls_(std::move(tls)),
+      http_proxy_(std::move(http_proxy)) {}
 
 std::chrono::milliseconds HttpProperties::ConnectTimeout() const {
     return connect_timeout_;
@@ -59,11 +60,16 @@ TlsOptions const& HttpProperties::Tls() const {
     return tls_;
 }
 
+std::optional<std::string> HttpProperties::HttpProxy() const {
+    return http_proxy_;
+}
+
 bool operator==(HttpProperties const& lhs, HttpProperties const& rhs) {
     return lhs.ReadTimeout() == rhs.ReadTimeout() &&
            lhs.WriteTimeout() == rhs.WriteTimeout() &&
            lhs.ConnectTimeout() == rhs.ConnectTimeout() &&
-           lhs.BaseHeaders() == rhs.BaseHeaders() && lhs.Tls() == rhs.Tls();
+           lhs.BaseHeaders() == rhs.BaseHeaders() && lhs.Tls() == rhs.Tls() &&
+           lhs.HttpProxy() == rhs.HttpProxy();
 }
 
 bool operator==(TlsOptions const& lhs, TlsOptions const& rhs) {

libs/common/src/config/http_properties_builder.cpp

@@ -1,8 +1,7 @@
-#include <utility>
-
 #include <launchdarkly/config/shared/builders/http_properties_builder.hpp>
 #include <launchdarkly/config/shared/defaults.hpp>
-#include <launchdarkly/config/shared/sdks.hpp>
+
+#include <cstring>
 
 namespace launchdarkly::config::shared::builders {
 
@@ -51,6 +50,7 @@ HttpPropertiesBuilder<SDK>::HttpPropertiesBuilder(
     response_timeout_ = properties.ResponseTimeout();
     base_headers_ = properties.BaseHeaders();
     tls_ = properties.Tls();
+    http_proxy_ = properties.HttpProxy();
 }
 
 template <typename SDK>
@@ -121,17 +121,33 @@ HttpPropertiesBuilder<SDK>& HttpPropertiesBuilder<SDK>::Tls(
     return *this;
 }
 
+static std::optional<std::string> HttpProxyFromEnv() {
+    if (char const* http_proxy = std::getenv("http_proxy")) {
+        if (strlen(http_proxy) > 0) {
+            return http_proxy;
+        }
+    }
+    return std::nullopt;
+}
+
 template <typename SDK>
 built::HttpProperties HttpPropertiesBuilder<SDK>::Build() const {
+    std::map<std::string, std::string> headers = base_headers_;
+
     if (!wrapper_name_.empty()) {
-        std::map<std::string, std::string> headers_with_wrapper(base_headers_);
-        headers_with_wrapper["X-LaunchDarkly-Wrapper"] =
+        headers["X-LaunchDarkly-Wrapper"] =
             wrapper_name_ + "/" + wrapper_version_;
-        return {connect_timeout_,  read_timeout_,        write_timeout_,
-                response_timeout_, headers_with_wrapper, tls_.Build()};
     }
-    return {connect_timeout_,  read_timeout_, write_timeout_,
-            response_timeout_, base_headers_, tls_.Build()};
+
+    std::optional<std::string> http_proxy;
+
+    if constexpr (std::is_same_v<SDK, ClientSDK>) {
+        http_proxy = http_proxy_.has_value() ? http_proxy_ : HttpProxyFromEnv();
+    }
+
+    return {connect_timeout_,  read_timeout_,      write_timeout_,
+            response_timeout_, std::move(headers), tls_.Build(),
+            http_proxy};
 }
 
 template class TlsBuilder<config::shared::ClientSDK>;