diff options
Diffstat (limited to 'appc-core')
-rw-r--r-- | appc-core/appc-common-bundle/src/main/java/org/onap/appc/rest/client/RestClientInvoker.java | 107 | ||||
-rw-r--r-- | appc-core/appc-common-bundle/src/main/java/org/onap/appc/util/HttpClientUtil.java | 132 |
2 files changed, 138 insertions, 101 deletions
diff --git a/appc-core/appc-common-bundle/src/main/java/org/onap/appc/rest/client/RestClientInvoker.java b/appc-core/appc-common-bundle/src/main/java/org/onap/appc/rest/client/RestClientInvoker.java index 41a0a85a9..cfae1f10f 100644 --- a/appc-core/appc-common-bundle/src/main/java/org/onap/appc/rest/client/RestClientInvoker.java +++ b/appc-core/appc-common-bundle/src/main/java/org/onap/appc/rest/client/RestClientInvoker.java @@ -6,6 +6,8 @@ * ================================================================================ * Copyright (C) 2017 Amdocs * ============================================================================= + * Modifications Copyright (C) 2019 Ericsson + * ============================================================================= * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -26,40 +28,18 @@ package org.onap.appc.rest.client; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.MalformedURLException; -import java.net.Socket; import java.net.URL; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; import org.apache.commons.codec.binary.Base64; import org.apache.http.HttpHeaders; import org.apache.http.HttpResponse; -import org.apache.http.HttpVersion; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPut; -import org.apache.http.conn.ClientConnectionManager; -import org.apache.http.conn.scheme.PlainSocketFactory; -import org.apache.http.conn.scheme.Scheme; -import org.apache.http.conn.scheme.SchemeRegistry; -import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.DefaultHttpClient; -import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager; -import org.apache.http.params.BasicHttpParams; -import org.apache.http.params.HttpParams; -import org.apache.http.params.HttpProtocolParams; -import org.apache.http.protocol.HTTP; import org.onap.appc.exceptions.APPCException; +import org.onap.appc.util.HttpClientUtil; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; @@ -67,7 +47,6 @@ import com.att.eelf.configuration.EELFManager; public class RestClientInvoker { private static final EELFLogger LOG = EELFManager.getInstance().getLogger(RestClientInvoker.class); - private static final String OPERATION_HTTPS = "https"; private static final String OPERATION_APPLICATION_JSON = " application/json"; private static final String BASIC = "Basic "; @@ -112,7 +91,7 @@ public class RestClientInvoker { } catch (MalformedURLException | UnsupportedEncodingException e) { throw new APPCException(e); } - HttpClient client = getHttpClient(); + HttpClient client = HttpClientUtil.getHttpClient(url.getProtocol()); try { return client.execute(post); @@ -148,7 +127,7 @@ public class RestClientInvoker { throw new APPCException(e); } - HttpClient client = getHttpClient(); + HttpClient client = HttpClientUtil.getHttpClient(url.getProtocol()); try { return client.execute(put); @@ -173,86 +152,12 @@ public class RestClientInvoker { throw new APPCException(e); } - try (CloseableHttpClient client = getHttpClient()) { + try (CloseableHttpClient client = HttpClientUtil.getHttpClient(url.getProtocol())) { return client.execute(get); } catch (IOException e) { throw new APPCException(e); } } - private CloseableHttpClient getHttpClient() throws APPCException { - switch (url.getProtocol()) { - case OPERATION_HTTPS: - return createHttpsClient(); - case "http": - return new DefaultHttpClient(); - default: - throw new APPCException("The url did not start with http[s]"); - } - } - - - private CloseableHttpClient createHttpsClient() { - try { - KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - trustStore.load(null, null); - MySSLSocketFactory sf = new MySSLSocketFactory(trustStore); - sf.setHostnameVerifier(MySSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - - HttpParams params = new BasicHttpParams(); - HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); - HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); - - SchemeRegistry registry = new SchemeRegistry(); - registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); - registry.register(new Scheme(OPERATION_HTTPS, sf, 443)); - registry.register(new Scheme(OPERATION_HTTPS, sf, 8443)); - registry.register(new Scheme("http", sf, 8181)); - - ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); - return new DefaultHttpClient(ccm, params); - } catch (Exception e) { - LOG.error("Error creating HTTPs Client. Creating default client.", e); - return new DefaultHttpClient(); - } - } - - private static class MySSLSocketFactory extends SSLSocketFactory { - private SSLContext sslContext = SSLContext.getInstance("TLS"); - - private MySSLSocketFactory(KeyStore truststore) - throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { - super(truststore); - - TrustManager tm = new X509TrustManager() { - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { - LOG.debug("Inside checkClientTrusted"); - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { - LOG.debug("Inside checkServerTrusted"); - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[1]; - } - }; - - sslContext.init(null, new TrustManager[] {tm}, null); - } - - @Override - public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException { - return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); - } - - @Override - public Socket createSocket() throws IOException { - return sslContext.getSocketFactory().createSocket(); - } - } } diff --git a/appc-core/appc-common-bundle/src/main/java/org/onap/appc/util/HttpClientUtil.java b/appc-core/appc-common-bundle/src/main/java/org/onap/appc/util/HttpClientUtil.java new file mode 100644 index 000000000..00003290e --- /dev/null +++ b/appc-core/appc-common-bundle/src/main/java/org/onap/appc/util/HttpClientUtil.java @@ -0,0 +1,132 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this + * file except in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.appc.util; + +import java.io.IOException; +import java.net.Socket; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import org.apache.http.HttpVersion; +import org.apache.http.conn.ClientConnectionManager; +import org.apache.http.conn.scheme.PlainSocketFactory; +import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.scheme.SchemeRegistry; +import org.apache.http.conn.ssl.SSLSocketFactory; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.DefaultHttpClient; +import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager; +import org.apache.http.params.BasicHttpParams; +import org.apache.http.params.HttpParams; +import org.apache.http.params.HttpProtocolParams; +import org.apache.http.protocol.HTTP; +import org.onap.appc.exceptions.APPCException; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + +@SuppressWarnings("deprecation") +public class HttpClientUtil { + + private static final EELFLogger LOG = EELFManager.getInstance().getLogger(HttpClientUtil.class); + private static final String OPERATION_HTTPS = "https"; + private static final String OPERATION_HTTP = "http"; + + public static CloseableHttpClient getHttpClient(String protocol) throws APPCException { + switch (protocol) { + case OPERATION_HTTPS: + return createHttpsClient(); + case OPERATION_HTTP: + return new DefaultHttpClient(); + default: + throw new APPCException("The url did not start with http[s]"); + } + } + + + private static CloseableHttpClient createHttpsClient() { + try { + KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); + trustStore.load(null, null); + MySSLSocketFactory sf = new MySSLSocketFactory(trustStore); + sf.setHostnameVerifier(MySSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); + + HttpParams params = new BasicHttpParams(); + HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); + HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); + + SchemeRegistry registry = new SchemeRegistry(); + registry.register(new Scheme(OPERATION_HTTP, PlainSocketFactory.getSocketFactory(), 80)); + registry.register(new Scheme(OPERATION_HTTPS, sf, 443)); + registry.register(new Scheme(OPERATION_HTTPS, sf, 8443)); + registry.register(new Scheme(OPERATION_HTTP, sf, 8181)); + + ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); + return new DefaultHttpClient(ccm, params); + } catch (Exception e) { + LOG.error("Error creating HTTPs Client. Creating default client.", e); + return new DefaultHttpClient(); + } + } + + private static class MySSLSocketFactory extends SSLSocketFactory { + private SSLContext sslContext = SSLContext.getInstance("TLS"); + + private MySSLSocketFactory(KeyStore truststore) + throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { + super(truststore); + + TrustManager tm = new X509TrustManager() { + @Override + public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { + LOG.debug("Inside checkClientTrusted"); + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { + LOG.debug("Inside checkServerTrusted"); + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[1]; + } + }; + + sslContext.init(null, new TrustManager[] {tm}, null); + } + + @Override + public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException { + return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); + } + + @Override + public Socket createSocket() throws IOException { + return sslContext.getSocketFactory().createSocket(); + } + } + +} |