[WIP] Support socks proxy with socksio

httpcore/_async/connection.py

@@ -1,6 +1,8 @@
 from ssl import SSLContext
 from typing import List, Optional, Tuple
 
+from socksio import socks5
+
 from .._backends.auto import AsyncBackend, AsyncLock, AsyncSocketStream, AutoBackend
 from .._types import URL, Headers, Origin, TimeoutDict
 from .._utils import get_logger, url_to_origin
@@ -162,3 +164,76 @@ async def aclose(self) -> None:
         async with self.request_lock:
             if self.connection is not None:
                 await self.connection.aclose()
+
+
+class AsyncSOCKSConnection(AsyncHTTPConnection):
+    def __init__(
+        self,
+        origin: Origin,
+        http2: bool = False,
+        uds: str = None,
+        ssl_context: SSLContext = None,
+        socket: AsyncSocketStream = None,
+        local_address: str = None,
+        backend: AsyncBackend = None,
+        *,
+        proxy_origin: Origin,
+    ):
+        assert proxy_origin[0] in (b"socks5",)
+
+        super().__init__(
+            origin, http2, uds, ssl_context, socket, local_address, backend
+        )
+        self.proxy_origin = proxy_origin
+        self.proxy_connection = socks5.SOCKS5Connection()
+
+    async def _open_socket(self, timeout: TimeoutDict = None) -> AsyncSocketStream:
+        _, proxy_hostname, proxy_port = self.proxy_origin
+        scheme, hostname, port = self.origin
+        ssl_context = self.ssl_context if scheme == b"https" else None
+        timeout = timeout or {}
+
+        proxy_socket = await self.backend.open_tcp_stream(
+            proxy_hostname,
+            proxy_port,
+            None,
+            timeout,
+            local_address=self.local_address,
+        )
+
+        auth_request = socks5.SOCKS5AuthMethodsRequest(
+            [
+                socks5.SOCKS5AuthMethod.NO_AUTH_REQUIRED,
+                socks5.SOCKS5AuthMethod.USERNAME_PASSWORD,
+            ]
+        )
+
+        self.proxy_connection.send(auth_request)
+
+        bytes_to_send = self.proxy_connection.data_to_send()
+        await proxy_socket.write(bytes_to_send, timeout)
+
+        data = await proxy_socket.read(1024, timeout)
+        event = self.proxy_connection.receive_data(data)
+
+        # development only assert
+        assert event.method == socks5.SOCKS5AuthMethod.NO_AUTH_REQUIRED  # type: ignore
+
+        connect_request = socks5.SOCKS5CommandRequest.from_address(
+            socks5.SOCKS5Command.CONNECT, (hostname, port)
+        )
+
+        self.proxy_connection.send(connect_request)
+        bytes_to_send = self.proxy_connection.data_to_send()
+
+        await proxy_socket.write(bytes_to_send, timeout)
+        data = await proxy_socket.read(1024, timeout)
+        event = self.proxy_connection.receive_data(data)
+
+        # development only assert
+        assert event.reply_code == socks5.SOCKS5ReplyCode.SUCCEEDED  # type: ignore
+
+        if ssl_context:
+            proxy_socket = await proxy_socket.start_tls(hostname, ssl_context, timeout)
+
+        return proxy_socket

httpcore/_sync/connection.py

@@ -1,6 +1,8 @@
 from ssl import SSLContext
 from typing import List, Optional, Tuple
 
+from socksio import socks5
+
 from .._backends.sync import SyncBackend, SyncLock, SyncSocketStream, SyncBackend
 from .._types import URL, Headers, Origin, TimeoutDict
 from .._utils import get_logger, url_to_origin
@@ -162,3 +164,76 @@ def close(self) -> None:
         with self.request_lock:
             if self.connection is not None:
                 self.connection.close()
+
+
+class SyncSOCKSConnection(SyncHTTPConnection):
+    def __init__(
+        self,
+        origin: Origin,
+        http2: bool = False,
+        uds: str = None,
+        ssl_context: SSLContext = None,
+        socket: SyncSocketStream = None,
+        local_address: str = None,
+        backend: SyncBackend = None,
+        *,
+        proxy_origin: Origin,
+    ):
+        assert proxy_origin[0] in (b"socks5",)
+
+        super().__init__(
+            origin, http2, uds, ssl_context, socket, local_address, backend
+        )
+        self.proxy_origin = proxy_origin
+        self.proxy_connection = socks5.SOCKS5Connection()
+
+    def _open_socket(self, timeout: TimeoutDict = None) -> SyncSocketStream:
+        _, proxy_hostname, proxy_port = self.proxy_origin
+        scheme, hostname, port = self.origin
+        ssl_context = self.ssl_context if scheme == b"https" else None
+        timeout = timeout or {}
+
+        proxy_socket = self.backend.open_tcp_stream(
+            proxy_hostname,
+            proxy_port,
+            None,
+            timeout,
+            local_address=self.local_address,
+        )
+
+        auth_request = socks5.SOCKS5AuthMethodsRequest(
+            [
+                socks5.SOCKS5AuthMethod.NO_AUTH_REQUIRED,
+                socks5.SOCKS5AuthMethod.USERNAME_PASSWORD,
+            ]
+        )
+
+        self.proxy_connection.send(auth_request)
+
+        bytes_to_send = self.proxy_connection.data_to_send()
+        proxy_socket.write(bytes_to_send, timeout)
+
+        data = proxy_socket.read(1024, timeout)
+        event = self.proxy_connection.receive_data(data)
+
+        # development only assert
+        assert event.method == socks5.SOCKS5AuthMethod.NO_AUTH_REQUIRED  # type: ignore
+
+        connect_request = socks5.SOCKS5CommandRequest.from_address(
+            socks5.SOCKS5Command.CONNECT, (hostname, port)
+        )
+
+        self.proxy_connection.send(connect_request)
+        bytes_to_send = self.proxy_connection.data_to_send()
+
+        proxy_socket.write(bytes_to_send, timeout)
+        data = proxy_socket.read(1024, timeout)
+        event = self.proxy_connection.receive_data(data)
+
+        # development only assert
+        assert event.reply_code == socks5.SOCKS5ReplyCode.SUCCEEDED  # type: ignore
+
+        if ssl_context:
+            proxy_socket = proxy_socket.start_tls(hostname, ssl_context, timeout)
+
+        return proxy_socket

requirements.txt

@@ -30,3 +30,5 @@ pytest==6.0.2
 pytest-cov==2.10.1
 trustme==0.6.0
 uvicorn==0.11.8
+pproxy==2.3.5
+socksio==1.0.0

tests/async_tests/test_interfaces.py

@@ -397,3 +397,29 @@ async def test_explicit_backend_name() -> None:
         assert status_code == 200
         assert reason == b"OK"
         assert len(http._connections[url[:3]]) == 1  # type: ignore
+
+
+@pytest.mark.anyio
+@pytest.mark.parametrize(
+    "url",
+    [
+        (b"http", b"example.com", 80, b"/"),
+        (b"https", b"example.com", 443, b"/"),
+    ],
+)
+@pytest.mark.parametrize("http2", [True, False])
+async def test_socks5_proxy_connection_without_auth(socks5_proxy, url, http2):
+    (protocol, hostname, port, path) = url
+    origin = (protocol, hostname, port)
+    headers = [(b"host", hostname)]
+    method = b"GET"
+
+    async with httpcore._async.connection.AsyncSOCKSConnection(
+        origin, http2=http2, proxy_origin=socks5_proxy
+    ) as connection:
+        http_version, status_code, reason, headers, stream = await connection.request(
+            method, url, headers
+        )
+
+        assert status_code == 200
+        assert reason == b"OK"

tests/conftest.py

@@ -2,6 +2,7 @@
 import contextlib
 import os
 import ssl
+import subprocess
 import threading
 import time
 import typing
@@ -141,3 +142,14 @@ def uds_server() -> typing.Iterator[Server]:
             yield server
     finally:
         os.remove(uds)
+
+
+@pytest.fixture(scope="session")
+def socks5_proxy() -> tuple:  # type: ignore
+    proc = subprocess.Popen(["pproxy", "-l", "socks5://localhost:1085"])
+
+    try:
+        time.sleep(0.5)  # a small delay to let the pproxy start to serve
+        yield b"socks5", b"localhost", 1085
+    finally:
+        proc.kill()

tests/sync_tests/test_interfaces.py

@@ -397,3 +397,29 @@ def test_explicit_backend_name() -> None:
         assert status_code == 200
         assert reason == b"OK"
         assert len(http._connections[url[:3]]) == 1  # type: ignore
+
+
+
+@pytest.mark.parametrize(
+    "url",
+    [
+        (b"http", b"example.com", 80, b"/"),
+        (b"https", b"example.com", 443, b"/"),
+    ],
+)
+@pytest.mark.parametrize("http2", [True, False])
+def test_socks5_proxy_connection_without_auth(socks5_proxy, url, http2):
+    (protocol, hostname, port, path) = url
+    origin = (protocol, hostname, port)
+    headers = [(b"host", hostname)]
+    method = b"GET"
+
+    with httpcore._sync.connection.SyncSOCKSConnection(
+        origin, http2=http2, proxy_origin=socks5_proxy
+    ) as connection:
+        http_version, status_code, reason, headers, stream = connection.request(
+            method, url, headers
+        )
+
+        assert status_code == 200
+        assert reason == b"OK"

unasync.py

@@ -7,6 +7,7 @@
     ('AsyncIteratorByteStream', 'IteratorByteStream'),
     ('AsyncIterator', 'Iterator'),
     ('AutoBackend', 'SyncBackend'),
+    ('httpcore._async.connection.AsyncSOCKSConnection', 'httpcore._sync.connection.SyncSOCKSConnection'),
     ('Async([A-Z][A-Za-z0-9_]*)', r'Sync\2'),
     ('async def', 'def'),
     ('async with', 'with'),