blob: 267061acf9b1957d082b382679dc408766bbff69 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
/**
* ============LICENSE_START===================================================
* SPARKY (AAI UI service)
* ============================================================================
* Copyright © 2017 AT&T Intellectual Property.
* Copyright © 2017 Amdocs
* All rights reserved.
* ============================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ============LICENSE_END=====================================================
*
* ECOMP and OpenECOMP are trademarks
* and service marks of AT&T Intellectual Property.
*/
package org.openecomp.sparky.dal.rest;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import org.openecomp.sparky.security.SecurityContextFactory;
import org.openecomp.sparky.security.SecurityContextFactoryImpl;
/**
* This is a generic REST Client builder with flexible security validation. Sometimes it's nice to
* be able to disable server chain cert validation and hostname validation to work-around lab
* issues, but at the same time be able to provide complete validation with client cert + hostname +
* server cert chain validation.
* I used the ModelLoader REST client as a base and merged in the TSUI client I wrote which also
* validates the server hostname and server certificate chain.
*
* @author DAVEA
*
*/
public class RestClientBuilder {
/*
* TODO: implement fluent interface?
*/
private boolean useHttps;
private boolean validateServerHostname;
private int connectTimeoutInMs;
private int readTimeoutInMs;
protected SecurityContextFactory sslContextFactory;
/**
* Instantiates a new rest client builder.
*/
public RestClientBuilder() {
validateServerHostname = false;
connectTimeoutInMs = 60000;
readTimeoutInMs = 60000;
useHttps = true;
sslContextFactory = new SecurityContextFactoryImpl();
}
public SecurityContextFactory getSslContextFactory() {
return sslContextFactory;
}
public void setSslContextFactory(SecurityContextFactory sslContextFactory) {
this.sslContextFactory = sslContextFactory;
}
public boolean isUseHttps() {
return useHttps;
}
public void setUseHttps(boolean useHttps) {
this.useHttps = useHttps;
}
public int getConnectTimeoutInMs() {
return connectTimeoutInMs;
}
public void setConnectTimeoutInMs(int connectTimeoutInMs) {
this.connectTimeoutInMs = connectTimeoutInMs;
}
public int getReadTimeoutInMs() {
return readTimeoutInMs;
}
public void setReadTimeoutInMs(int readTimeoutInMs) {
this.readTimeoutInMs = readTimeoutInMs;
}
public boolean isValidateServerHostname() {
return validateServerHostname;
}
public void setValidateServerHostname(boolean validateServerHostname) {
this.validateServerHostname = validateServerHostname;
}
public Client getClient() throws Exception {
Client client = null;
ClientConfig clientConfig = new DefaultClientConfig();
if (useHttps) {
SSLContext sslContext = sslContextFactory.getSecureContext();
if (validateServerHostname) {
clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties(null, sslContext));
} else {
clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties(new HostnameVerifier() {
@Override
public boolean verify(String string, SSLSession sslSession) {
return true;
}
}, sslContext));
}
}
client = Client.create(clientConfig);
client.setConnectTimeout(connectTimeoutInMs);
client.setReadTimeout(readTimeoutInMs);
return client;
}
}
|
