Skip to content

Add Java integration tests for phantom proxy tracing#4

Open
epli2 wants to merge 12 commits intomainfrom
claude/add-springboot-tests-ZiHDa
Open

Add Java integration tests for phantom proxy tracing#4
epli2 wants to merge 12 commits intomainfrom
claude/add-springboot-tests-ZiHDa

Conversation

@epli2
Copy link
Owner

@epli2 epli2 commented Mar 7, 2026

Summary

This PR adds comprehensive integration tests for phantom's proxy backend with Java applications, verifying non-invasive HTTP/HTTPS traffic capture without requiring application code changes.

Key Changes

  • Two new integration test suites:

    • proxy_springboot_integration.rs: Tests phantom's proxy tracing with a Spring Boot CommandLineRunner application that makes HTTP and HTTPS requests via JDK HttpClient, reading HTTP_PROXY automatically set by phantom
    • proxy_java_clients_integration.rs: Tests phantom's proxy with four major Java HTTP client libraries (JDK HttpClient, AsyncHttpClient, Jetty HttpClient, Apache HttpClient 5), verifying each client can be transparently traced

  • Test applications:

    • tests/apps/springboot-app/: Spring Boot application with CommandLineRunner that makes HTTP/HTTPS requests to mock backends, demonstrating proxy-aware configuration via environment variables
    • tests/apps/java-http-clients/: Plain Java CLI application testing four different HTTP client libraries with proxy configuration, each adding an x-phantom-client header for trace identification

  • Mock backend infrastructure:

    • HTTP and HTTPS (rustls-based) mock backends in both test files
    • Request routing for /api/health, /api/users (GET), and /api/users (POST) endpoints
    • Self-signed certificate generation for HTTPS testing with MITM interception

  • Test verification:

    • Validates JSONL trace output format with required fields (trace_id, span_id, timestamp_ms, request/response headers)
    • Confirms correct HTTP methods, status codes, and response bodies
    • Verifies both HTTP and HTTPS traffic capture through phantom's proxy
    • Validates per-client identification via request headers

Implementation Details

  • Tests require java (17+) and mvn on PATH; gracefully skip if unavailable
  • Applications use trust-all SSLContext to accept phantom's dynamically-generated MITM CA certificate
  • Proxy configuration is entirely environment-based (HTTP_PROXY env var), demonstrating non-invasive tracing
  • Maven builds produce fat JARs with all dependencies included for easy execution
  • Mock backends use simple TCP socket handling with HTTP/1.1 responses

https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955

epli2 and others added 12 commits March 6, 2026 01:28
@epli2
docs: add CLAUDE.md as symlink to AGENTS.md
2ca241d
@epli2
docs: add MIT and Apache-2.0 dual license
e45fd32
@claude
Add Spring Boot and Java HTTP clients integration tests
5cf9468 
Adds two new integration test suites that verify phantom's proxy backend
captures traffic from JVM-based applications:

1. tests/proxy_springboot_integration.rs — tests a minimal Spring Boot
   CommandLineRunner app (phantom-springboot-client) that reads HTTP_PROXY
   (injected by phantom) and uses java.net.http.HttpClient to make 2 HTTP
   and 2 HTTPS requests. Verifies all 4 traces are captured with correct
   status codes, bodies, and required trace fields.

2. tests/proxy_java_clients_integration.rs — tests four major Java HTTP
   client libraries (JDK HttpClient, AsyncHttpClient, Jetty HttpClient,
   Apache HttpClient 5) in a single plain-Java CLI app. Each client adds
   an x-phantom-client header for trace identification. Verifies 8 traces
   (4 clients × 2 schemes).

Both apps use a trust-all SSLContext for HTTPS MITM capture and are built
with mvn package before the test runs. Tests skip gracefully when java or
mvn are not on PATH.

https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@claude
Remove Spring Boot test in favour of java-http-clients approach
3198783 
Spring Boot adds unnecessary framework overhead. The java-http-clients
integration test covers the same proxy-capture scenarios using four major
Java HTTP client libraries (JDK HttpClient, AsyncHttpClient, Jetty
HttpClient, Apache HttpClient 5) without the Spring Boot dependency.

https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@claude
Apply cargo fmt formatting
eeb8139 
https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@claude
Fix java-http-clients build and test
10b1dcd 
- Use wagon transport for Maven 3.9+ so settings.xml proxy auth works
- Skip mvn package if JAR already built (faster re-runs)
- Fix Java compile errors: add ProxyServer import, remove setSslContext
  from AsyncHttpClient (use setUseInsecureTrustManager only), replace
  TrustAllStrategy.INSTANCE with lambda for HttpClient 5 compatibility

https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@claude
Ignore Maven target/ directories
7600e73 
https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@claude
Transparently inject Java proxy via JAVA_TOOL_OPTIONS
2c35754 
Instead of requiring the Java test app to read HTTP_PROXY and configure
each HTTP client library explicitly, phantom now injects the proxy
settings transparently via JAVA_TOOL_OPTIONS when the child command is
a java/javaw executable.

Changes:
- src/main.rs: add is_java_command() detection; when spawning a Java
  process, append -Dhttp.proxyHost, -Dhttps.proxyHost, -Dhttp.proxyPort,
  -Dhttps.proxyPort and -Dhttp.nonProxyHosts= to JAVA_TOOL_OPTIONS so
  any JVM application is proxied without app-level changes
- Client.java: remove proxyAddress() and all explicit proxy setup;
  remove AsyncHttpClient and Jetty (they bypass JVM ProxySelector);
  keep JDK HttpClient (uses ProxySelector.getDefault() automatically)
  and Apache HttpClient 5 with SystemDefaultRoutePlanner
- pom.xml: remove async-http-client, jetty-client, slf4j-nop deps
- proxy_java_clients_integration.rs: update to 2 clients × 2 schemes
  = 4 traces; update comment to reflect transparent tracing concept

https://claude.ai/code/session_01E3FVEjny7BKfgUeAGTM955
@epli2
Merge branch 'main' into claude/add-springboot-tests-ZiHDa
c3c6376
@epli2
feat(java): implement Java Agent for transparent HTTP/HTTPS capture
36b7fdc 
- Introduce Phantom Java Agent to force global ProxySelector and bypass SSL verification (trust-all).
- Automatically inject -javaagent via JAVA_TOOL_OPTIONS when spawning Java processes in Rust.
- Extend Java integration tests to cover 5 major clients: JDK HttpClient, Apache HC 5, OkHttp, Netty, and Jetty.
- Update documentation with Java usage instructions.
- Update .gitignore to exclude Java build artifacts.
@epli2
feat(java): embed Java Agent JAR into Rust binary
4f23e6d 
- Use include_bytes! to embed phantom-java-agent.jar at compile time.
- Extract JAR to a temporary file at runtime when tracing Java processes.
- Ensure the temporary JAR is cleaned up after the process exits using RAII.
- This enables a single-binary distribution for both Node.js and Java observability.
@epli2
feat(java): integrate Java Agent build into cargo build cycle
8ded14c 
- Add build.rs to automatically compile and package the Java Agent JAR.
- Rerun build.rs only if the Java source code changes.
- This ensures the embedded phantom-java-agent.jar is always up-to-date and included in the binary.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@epli2 @claude