From fa337c7571edf97800fc47cdb404160f7da97c8b Mon Sep 17 00:00:00 2001 From: "dave.adams (da490c)" Date: Tue, 12 Sep 2017 12:14:02 -0400 Subject: Expose ssl protocol config Issue-ID: AAI-127 Change-Id: I657144887df8ec36b73d0506902ca4d324dd794a Signed-off-by: dave.adams (da490c) --- .../org/onap/aai/restclient/client/RestClient.java | 15 ++++++++++++- .../aai/restclient/rest/RestClientBuilder.java | 18 ++++++++++----- .../aai/restclient/client/RestfulClientTest.java | 26 ++++++++++++++++++++++ .../aai/restclient/rest/RestClientBuilderTest.java | 10 +++++++++ 4 files changed, 63 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/onap/aai/restclient/client/RestClient.java b/src/main/java/org/onap/aai/restclient/client/RestClient.java index 02f12b1..a98f710 100644 --- a/src/main/java/org/onap/aai/restclient/client/RestClient.java +++ b/src/main/java/org/onap/aai/restclient/client/RestClient.java @@ -236,6 +236,19 @@ public class RestClient { clientBuilder.setReadTimeoutInMs(timeout); return this; } + + /** + * Configures the client for a specific SSL protocol + * + * @param sslProtocol - protocol string constant such as TLS, TLSv1, TLSv1.1, TLSv1.2 + * + * @return The AAIRESTClient instance. + */ + public RestClient sslProtocol(String sslProtocol) { + logger.debug("Set sslProtocol = " + sslProtocol); + clientBuilder.setSslProtocol(sslProtocol); + return this; + } private boolean shouldRetry(OperationResult operationResult) { @@ -595,7 +608,7 @@ public class RestClient { if (headers != null) { for (Entry> header : headers.entrySet()) { - builder.header(header.getKey(), header.getValue()); + builder.header(header.getKey(), String.join(";",header.getValue())); } if (clientBuilder.getAuthenticationMode() == RestAuthenticationMode.SSL_BASIC) { diff --git a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java index f446f27..0272065 100644 --- a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java +++ b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java @@ -39,7 +39,7 @@ import com.sun.jersey.api.client.Client; import com.sun.jersey.api.client.config.ClientConfig; import com.sun.jersey.api.client.config.DefaultClientConfig; import com.sun.jersey.client.urlconnection.HTTPSProperties; - + /** * This is a generic REST Client builder with flexible security validation. Sometimes it's nice to * be able to disable server chain cert validation and hostname validation to work-around lab @@ -59,8 +59,8 @@ public class RestClientBuilder { public static final RestAuthenticationMode DEFAULT_AUTH_MODE = RestAuthenticationMode.SSL_CERT; public static final String DEFAULT_BASIC_AUTH_USERNAME = ""; public static final String DEFAULT_BASIC_AUTH_PASSWORD = ""; + public static final String DEFAULT_SSL_PROTOCOL = "TLS"; - private static final String SSL_PROTOCOL = "TLS"; private static final String KEYSTORE_ALGORITHM = "SunX509"; private static final String KEYSTORE_TYPE = "PKCS12"; private static final String TRUST_STORE_PROPERTY = "javax.net.ssl.trustStore"; @@ -75,6 +75,7 @@ public class RestClientBuilder { private RestAuthenticationMode authenticationMode; private String basicAuthUsername; private String basicAuthPassword; + private String sslProtocol; /** * Rest Client Builder. @@ -90,6 +91,7 @@ public class RestClientBuilder { authenticationMode = DEFAULT_AUTH_MODE; basicAuthUsername = DEFAULT_BASIC_AUTH_USERNAME; basicAuthPassword = DEFAULT_BASIC_AUTH_PASSWORD; + sslProtocol = DEFAULT_SSL_PROTOCOL; } public boolean isValidateServerHostname() { @@ -148,8 +150,6 @@ public class RestClientBuilder { this.readTimeoutInMs = readTimeoutInMs; } - - public RestAuthenticationMode getAuthenticationMode() { return authenticationMode; } @@ -174,6 +174,14 @@ public class RestClientBuilder { this.basicAuthPassword = basicAuthPassword; } + public String getSslProtocol() { + return sslProtocol; + } + + public void setSslProtocol(String sslProtocol) { + this.sslProtocol = sslProtocol; + } + /** * Returns Client configured for SSL */ @@ -219,7 +227,7 @@ public class RestClientBuilder { // Set up the SSL context, keystore, etc. to use for our connection // to the AAI. - SSLContext ctx = SSLContext.getInstance(SSL_PROTOCOL); + SSLContext ctx = SSLContext.getInstance(sslProtocol); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYSTORE_ALGORITHM); KeyStore ks = KeyStore.getInstance(KEYSTORE_TYPE); diff --git a/src/test/java/org/onap/aai/restclient/client/RestfulClientTest.java b/src/test/java/org/onap/aai/restclient/client/RestfulClientTest.java index 0e5c84e..1f528ae 100644 --- a/src/test/java/org/onap/aai/restclient/client/RestfulClientTest.java +++ b/src/test/java/org/onap/aai/restclient/client/RestfulClientTest.java @@ -28,6 +28,7 @@ import javax.ws.rs.core.Response.Status; import org.junit.Before; import org.junit.Test; +import org.mockito.ArgumentCaptor; import org.mockito.Mockito; import org.onap.aai.restclient.client.OperationResult; import org.onap.aai.restclient.client.RestClient; @@ -167,6 +168,31 @@ public class RestfulClientTest { assertNull(result.getResult()); assertNull(result.getFailureCause()); } + + @Test + public void validateSuccessfulPost_withMultivaluedHeader() throws Exception { + RestClient restClient = buildClient(); + + MultivaluedMapImpl headerMap = new MultivaluedMapImpl(); + + headerMap.add("txnId", "123"); + headerMap.add("txnId", "456"); + headerMap.add("txnId", "789"); + + OperationResult result = restClient.post(TEST_URL, "", headerMap, MediaType.APPLICATION_JSON_TYPE, + MediaType.APPLICATION_JSON_TYPE); + + // capture the txnId header from the outgoing request + ArgumentCaptor txnIdHeaderName = ArgumentCaptor.forClass(String.class); + ArgumentCaptor txnIdHeaderValue = ArgumentCaptor.forClass(String.class); + + Mockito.verify(mockedBuilder, Mockito.atLeast(1)).header(txnIdHeaderName.capture(), txnIdHeaderValue.capture()); + assertEquals("123;456;789", txnIdHeaderValue.getValue()); + + assertEquals(Response.Status.OK.getStatusCode(), result.getResultCode()); + assertNotNull(result.getResult()); + assertNull(result.getFailureCause()); + } @Test public void validateSuccessfulGet() throws Exception { diff --git a/src/test/java/org/onap/aai/restclient/rest/RestClientBuilderTest.java b/src/test/java/org/onap/aai/restclient/rest/RestClientBuilderTest.java index 013f817..5e7d8c1 100644 --- a/src/test/java/org/onap/aai/restclient/rest/RestClientBuilderTest.java +++ b/src/test/java/org/onap/aai/restclient/rest/RestClientBuilderTest.java @@ -269,5 +269,15 @@ public class RestClientBuilderTest { } + @Test + public void validateSslProtocolConfiguration() throws Exception { + + RestClientBuilder restClientBuilder = new RestClientBuilder(); + assertEquals(RestClientBuilder.DEFAULT_SSL_PROTOCOL, restClientBuilder.getSslProtocol()); + + restClientBuilder.setSslProtocol("TLSv1.2"); + assertEquals("TLSv1.2", restClientBuilder.getSslProtocol()); + + } } -- cgit 1.2.3-korg