diff options
author | Remigiusz Janeczek <remigiusz.janeczek@nokia.com> | 2021-07-07 14:28:17 +0200 |
---|---|---|
committer | Remigiusz Janeczek <remigiusz.janeczek@nokia.com> | 2021-07-07 14:28:17 +0200 |
commit | 48669a0063a2298da1c89c6249714dd64ce8bec1 (patch) | |
tree | 01e15719d44a5657ff5cf41da7097f23c07ed74a | |
parent | f19a66a6582396e2ee1297a3e5898afa77484ea9 (diff) |
Fix AAI connection issues
Remove "ECOMP" from http headers
Add loading of AAF TrustStore for SslContext
Issue-ID: DCAEGEN2-2831
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I54dbae61f92361f1a7ecdae5f9dc8f7ab7fee46c
2 files changed, 31 insertions, 3 deletions
diff --git a/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java b/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java index 421e158..17b8cb8 100644 --- a/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java +++ b/dcae-analytics/dcae-analytics-model/src/main/java/org/onap/dcae/analytics/model/AnalyticsHttpConstants.java @@ -26,9 +26,9 @@ package org.onap.dcae.analytics.model; */ public abstract class AnalyticsHttpConstants { - public static final String REQUEST_ID_HEADER_KEY = "X-ECOMP-RequestID"; - public static final String REQUEST_TRANSACTION_ID_HEADER_KEY = "X-ECOMP-TransactionID"; - public static final String REQUEST_APP_NAME_HEADER_KEY = "X-ECOMP-FromAppID"; + public static final String REQUEST_ID_HEADER_KEY = "X-RequestID"; + public static final String REQUEST_TRANSACTION_ID_HEADER_KEY = "X-TransactionID"; + public static final String REQUEST_APP_NAME_HEADER_KEY = "X-FromAppID"; public static final String REQUEST_BEGIN_TS_HEADER_KEY = "X-Begin-Timestamp"; public static final String REQUEST_END_TS_HEADER_KEY = "X-End-Timestamp"; diff --git a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java index c5f66be..73a9539 100644 --- a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java +++ b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java @@ -20,6 +20,7 @@ package org.onap.dcae.analytics.web.http; +import java.io.File; import java.io.IOException; import java.net.URL; import java.security.KeyManagementException; @@ -46,6 +47,8 @@ import org.apache.http.ssl.SSLContextBuilder; import org.onap.dcae.analytics.model.AnalyticsHttpConstants; import org.onap.dcae.analytics.model.util.function.StringToURLFunction; import org.onap.dcae.analytics.web.util.AnalyticsWebUtils; +import org.onap.dcaegen2.services.sdk.security.ssl.Password; +import org.onap.dcaegen2.services.sdk.security.ssl.Passwords; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.boot.web.client.RestTemplateCustomizer; @@ -221,6 +224,7 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im if (!ignoreSSLValidation) { logger.info("SSL Validation will be enforced for Http Client Id: {}", httpClientId); + setSslContextFromEnvironment(httpClientBuilder); return; } @@ -236,6 +240,30 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im } + private void setSslContextFromEnvironment(HttpClientBuilder httpClientBuilder) { + final String caCertPath = System.getenv("DCAE_CA_CERTPATH"); + if (!StringUtils.hasText(caCertPath)) { + return; + } + final SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); + final String truststoreFilename = "trust.jks"; + final String truststorePassFilename = "trust.pass"; + final String certDirPath = caCertPath.substring(0, caCertPath.lastIndexOf("/")); + final File truststoreFile = new File(certDirPath, truststoreFilename); + final File truststorePassFile = new File(certDirPath, truststorePassFilename); + final Password password = Passwords.fromFile(truststorePassFile); + password.use(chars -> { + try { + sslContextBuilder.loadTrustMaterial(truststoreFile, chars); + httpClientBuilder.setSSLContext(sslContextBuilder.build()); + } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException | + KeyManagementException e) { + logger.warn("Could not load trusted certificates from environment"); + } + return null; + }); + } + /** * Header Request Interceptor adds defaults headers if not set explicitly |