Fix http4 component

Fix usage of http4 camel component so that we can use the SSL https connection for any connection Issue-ID: CLAMP-374 Change-Id: Ice982e596f6ac283caef5da48482effa7652add3 Signed-off-by: sebdet <sebastien.determe@intl.att.com>
author: sebdet <sebastien.determe@intl.att.com> 2019-05-09 10:16:51 +0200
committer: sebdet <sebastien.determe@intl.att.com> 2019-05-09 10:48:36 +0200
commit: c87a8c05937361d7d5fd239c75f8bca60f543068 (patch)
tree: 30bd2d25f951488bc33e31bc93a0cd6cd93b841a /src
parent: 70aadbbb9d7f47ffb4f25110e1cf0857d5b82f3c (diff)
2 files changed, 79 insertions, 57 deletions
diff --git a/src/main/java/org/onap/clamp/clds/config/CamelConfiguration.java b/src/main/java/org/onap/clamp/clds/config/CamelConfiguration.java
index 3a98788f..de6e4dcd 100644
--- a/src/main/java/org/onap/clamp/clds/config/CamelConfiguration.java
+++ b/src/main/java/org/onap/clamp/clds/config/CamelConfiguration.java
@@ -22,11 +22,34 @@
 
 package org.onap.clamp.clds.config;
 
+import java.io.IOException;
+import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+
 import org.apache.camel.CamelContext;
 import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.http4.HttpClientConfigurer;
+import org.apache.camel.component.http4.HttpComponent;
 import org.apache.camel.model.rest.RestBindingMode;
+import org.apache.http.config.Registry;
+import org.apache.http.config.RegistryBuilder;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.socket.ConnectionSocketFactory;
+import org.apache.http.conn.socket.PlainConnectionSocketFactory;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
 import org.onap.clamp.clds.util.ClampVersioning;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Component;
 
 @Component
@@ -35,8 +58,60 @@ public class CamelConfiguration extends RouteBuilder {
     @Autowired
     CamelContext camelContext;
 
+    @Autowired
+    private Environment env;
+
+    private void configureDefaultSslProperties() {
+        if (env.getProperty("server.ssl.trust-store") != null) {
+            URL storeResource = CamelConfiguration.class
+                .getResource(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", ""));
+            System.setProperty("javax.net.ssl.trustStore", storeResource.getPath());
+            System.setProperty("javax.net.ssl.trustStorePassword", env.getProperty("server.ssl.trust-store-password"));
+            System.setProperty("javax.net.ssl.trustStoreType", "jks");
+            System.setProperty("ssl.TrustManagerFactory.algorithm", "PKIX");
+            storeResource = CamelConfiguration.class
+                .getResource(env.getProperty("server.ssl.key-store").replaceAll("classpath:", ""));
+            System.setProperty("javax.net.ssl.keyStore", storeResource.getPath());
+            System.setProperty("javax.net.ssl.keyStorePassword", env.getProperty("server.ssl.key-store-password"));
+            System.setProperty("javax.net.ssl.keyStoreType", env.getProperty("server.ssl.key-store-type"));
+        }
+    }
+
+    private void registerTrustStore()
+        throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, CertificateException, IOException {
+        if (env.getProperty("server.ssl.trust-store") != null) {
+            KeyStore truststore = KeyStore.getInstance("JKS");
+            truststore.load(
+                getClass().getClassLoader()
+                    .getResourceAsStream(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", "")),
+                env.getProperty("server.ssl.trust-store-password").toCharArray());
+
+            TrustManagerFactory trustFactory = TrustManagerFactory.getInstance("PKIX");
+            trustFactory.init(truststore);
+            SSLContext sslcontext = SSLContext.getInstance("TLS");
+            sslcontext.init(null, trustFactory.getTrustManagers(), null);
+            SSLSocketFactory factory = new SSLSocketFactory(sslcontext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+            SchemeRegistry registry = new SchemeRegistry();
+            final Scheme scheme = new Scheme("https4", 443, factory);
+            registry.register(scheme);
+            ConnectionSocketFactory plainsf = PlainConnectionSocketFactory.getSocketFactory();
+            HttpComponent http4 = camelContext.getComponent("https4", HttpComponent.class);
+            http4.setHttpClientConfigurer(new HttpClientConfigurer() {
+
+                @Override
+                public void configureHttpClient(HttpClientBuilder builder) {
+                    builder.setSSLSocketFactory(factory);
+                    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
+                        .register("https", factory).register("http", plainsf).build();
+                    builder.setConnectionManager(new BasicHttpClientConnectionManager(registry));
+                }
+            });
+        }
+    }
+
     @Override
-    public void configure() {
+    public void configure()
+        throws KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
         restConfiguration().component("servlet").bindingMode(RestBindingMode.json).jsonDataFormat("clamp-gson")
             .dataFormatProperty("prettyPrint", "true")// .enableCORS(true)
             // turn on swagger api-doc
@@ -45,5 +120,8 @@ public class CamelConfiguration extends RouteBuilder {
             .apiProperty("base.path", "/restservices/clds/");
         // .apiProperty("cors", "true");
         camelContext.setTracing(true);
+
+        configureDefaultSslProperties();
+        registerTrustStore();
     }
 }
diff --git a/src/main/java/org/onap/clamp/clds/config/spring/SSLConfiguration.java b/src/main/java/org/onap/clamp/clds/config/spring/SSLConfiguration.java
deleted file mode 100644
index ac5849b8..00000000
--- a/src/main/java/org/onap/clamp/clds/config/spring/SSLConfiguration.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights
- *                             reserved.
- * ================================================================================
- * ===================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- *
- */
-
-package org.onap.clamp.clds.config.spring;
-
-import java.net.URL;
-
-import javax.annotation.PostConstruct;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.Environment;
-
-@Configuration
-public class SSLConfiguration {
-    @Autowired
-    private Environment env;
-
-    @PostConstruct
-    private void configureSSL() {
-        if (env.getProperty("server.ssl.trust-store") != null) {
-            URL storeResource = SSLConfiguration.class
-                .getResource(env.getProperty("server.ssl.trust-store").replaceAll("classpath:", ""));
-            System.setProperty("javax.net.ssl.trustStore", storeResource.getPath());
-            System.setProperty("javax.net.ssl.trustStorePassword", env.getProperty("server.ssl.trust-store-password"));
-            System.setProperty("javax.net.ssl.trustStoreType", env.getProperty("server.ssl.key-store-type"));
-
-            storeResource = SSLConfiguration.class
-                .getResource(env.getProperty("server.ssl.key-store").replaceAll("classpath:", ""));
-            System.setProperty("javax.net.ssl.keyStore", storeResource.getPath());
-            System.setProperty("javax.net.ssl.keyStorePassword", env.getProperty("server.ssl.key-store-password"));
-            System.setProperty("javax.net.ssl.keyStoreType", env.getProperty("server.ssl.key-store-type"));
-        }
-    }
-}
-\ No newline at end of file
author	sebdet <sebastien.determe@intl.att.com>	2019-05-09 10:16:51 +0200
committer	sebdet <sebastien.determe@intl.att.com>	2019-05-09 10:48:36 +0200
commit	c87a8c05937361d7d5fd239c75f8bca60f543068 (patch)
tree	30bd2d25f951488bc33e31bc93a0cd6cd93b841a /src
parent	70aadbbb9d7f47ffb4f25110e1cf0857d5b82f3c (diff)