1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/**
* ============LICENSE_START=======================================================
* org.onap.aai
* ================================================================================
* Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ============LICENSE_END=========================================================
*/
package org.onap.aai.util;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.api.json.JSONConfiguration;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
public class HttpsAuthExternalClient {
/**
* Gets the client.
*
* @param keystoreFileName the keystore file name
* @param keystorePassword the keystore password
* @return the client
* @throws Exception the exception
*/
public static Client getClient ( String keystoreFileName, String keystorePassword ) throws Exception {
ClientConfig config = new DefaultClientConfig();
config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
config.getClasses().add(org.onap.aai.restcore.CustomJacksonJaxBJsonProvider.class);
Client client = null;
SSLContext ctx = null;
try {
String truststore_path = AAIConstants.AAI_HOME_ETC_AUTH + AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_FILENAME);
String truststore_password = AAIConfig.get(AAIConstants.AAI_TRUSTSTORE_PASSWD);
String keystore_path = AAIConstants.AAI_HOME_ETC_AUTH + keystoreFileName;
String keystore_password = keystorePassword;
//System.setProperty("javax.net.ssl.trustStore", truststore_path);
//System.setProperty("javax.net.ssl.trustStorePassword", truststore_password);
HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){
public boolean verify(String string,SSLSession ssls) {
return true;
}
});
ctx = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = null;
/**** kmf = KeyManagerFactory.getInstance("SunX509");
FileInputStream fin = new FileInputStream(keystore_path);
KeyStore ks = KeyStore.getInstance("PKCS12");
char[] pwd = keystore_password.toCharArray();
ks.load(fin, pwd);
kmf.init(ks, pwd);
***/
String alg = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
FileInputStream tin = new FileInputStream(truststore_path);
KeyStore ts = KeyStore.getInstance("PKCS12");
char[] tpwd = truststore_password.toCharArray();
ts.load(tin, tpwd);
tmf.init(ts);
//ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
// Updating key manager to null, to disable two way SSL
ctx.init(null, tmf.getTrustManagers(), null);
config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties( new HostnameVerifier() {
@Override
public boolean verify( String s, SSLSession sslSession ) {
return true;
}
}, ctx));
client = Client.create(config);
// uncomment this line to get more logging for the request/response
// client.addFilter(new LoggingFilter(System.out));
} catch (Exception e) {
throw e;
}
return client;
}
}
|