From aaa9c4a74403dc9eb7e2b7fadf87694d71d02835 Mon Sep 17 00:00:00 2001
From: Cheena Malhotra <13396919+cheenamalhotra@users.noreply.github.com>
Date: Wed, 11 Oct 2023 19:50:07 -0700
Subject: [PATCH] Pass Http proxy URL and strict SSL flag to backend STS
 (#24550)

---
 extensions/mssql/src/constants.ts |  2 ++
 extensions/mssql/src/main.ts      |  4 ++++
 extensions/mssql/src/utils.ts     | 25 +++++++++++++++++++++++++
 3 files changed, 31 insertions(+)

diff --git a/extensions/mssql/src/constants.ts b/extensions/mssql/src/constants.ts
index 10c57a67d3..119e9aa574 100644
--- a/extensions/mssql/src/constants.ts
+++ b/extensions/mssql/src/constants.ts
@@ -33,6 +33,8 @@ export const configObjectExplorerGroupBySchemaFlagName = 'mssql.objectExplorer.g
 export const configAsyncParallelProcessingName = 'mssql.parallelMessageProcessing';
 export const configEnableSqlAuthenticationProviderName = 'mssql.enableSqlAuthenticationProvider';
 export const configEnableConnectionPoolingName = 'mssql.enableConnectionPooling';
+export const configHttpProxy = 'http.proxy';
+export const configHttpProxyStrictSSL = 'http.proxyStrictSSL';
 
 // COMMANDNAMES //////////////////////////////////////////////////////////
 export const cmdObjectExplorerEnableGroupBySchemaCommand = 'mssql.enableGroupBySchema';
diff --git a/extensions/mssql/src/main.ts b/extensions/mssql/src/main.ts
index 0101fe7936..d0bbd8357b 100644
--- a/extensions/mssql/src/main.ts
+++ b/extensions/mssql/src/main.ts
@@ -153,6 +153,10 @@ export async function activate(context: vscode.ExtensionContext): Promise<IExten
 			}
 			await displayReloadAds();
 		}
+		// Prompt to reload ADS as we send the proxy URL to STS to instantiate Http Client instances.
+		if (e.affectsConfiguration(Constants.configHttpProxy) || e.affectsConfiguration(Constants.configHttpProxyStrictSSL)) {
+			await displayReloadAds();
+		}
 	}));
 
 	registerTableDesignerCommands(appContext);
diff --git a/extensions/mssql/src/utils.ts b/extensions/mssql/src/utils.ts
index b04cfd0a08..2e9aa728d9 100644
--- a/extensions/mssql/src/utils.ts
+++ b/extensions/mssql/src/utils.ts
@@ -22,6 +22,9 @@ const parallelMessageProcessingConfig = 'parallelMessageProcessing';
 const enableSqlAuthenticationProviderConfig = 'enableSqlAuthenticationProvider';
 const enableConnectionPoolingConfig = 'enableConnectionPooling';
 const tableDesignerPreloadConfig = 'tableDesigner.preloadDatabaseModel';
+const httpConfig = 'http';
+const configProxy = 'proxy';
+const configProxyStrictSSL = 'proxyStrictSSL';
 
 /**
  *
@@ -85,6 +88,19 @@ export function getConfigLogRetentionSeconds(): number | undefined {
 	}
 }
 
+export function getHttpProxyUrl(): string | undefined {
+	let config = getConfiguration(httpConfig);
+	if (config) {
+		return config[configProxy];
+	} return undefined;
+}
+
+export function getHttpProxyStrictSSL(): boolean {
+	let config = getConfiguration(httpConfig);
+	if (config) {
+		return config.get<boolean>(configProxyStrictSSL, true); // true by default
+	} return true; // true by default.
+}
 /**
  * The tracing level defined in the package.json
  */
@@ -202,6 +218,15 @@ export function getCommonLaunchArgsAndCleanupOldLogFiles(logPath: string, fileNa
 	}
 	// Always enable autoflush so that log entries are written immediately to disk, otherwise we can end up with partial logs
 	launchArgs.push('--autoflush-log');
+
+	let httpProxy = getHttpProxyUrl();
+	if (httpProxy) {
+		launchArgs.push('--http-proxy-url');
+		launchArgs.push(httpProxy);
+		if (getHttpProxyStrictSSL()) {
+			launchArgs.push('--http-proxy-strict-ssl')
+		}
+	}
 	return launchArgs;
 }