diff options
author | pkaras <piotr.karas@nokia.com> | 2018-11-06 15:23:28 +0100 |
---|---|---|
committer | pkaras <piotr.karas@nokia.com> | 2018-11-07 13:32:56 +0100 |
commit | 6fb6c473ea98375ce965aca9f34c431d722c1c04 (patch) | |
tree | eb7694f73ad9a50fd4ab6eb064ab3189135b1d7d /prh-dmaap-client/src/main/java | |
parent | f4f1318b19c90016c70a0af457020361733b69f3 (diff) |
SSL setup for dmaap publisher
Change-Id: I5dbfc551e515a5f3ce23ec9ffc766ae3012a057a
Issue-ID: DCAEGEN2-952
Signed-off-by: piotr.karas <piotr.karas@nokia.com>
Diffstat (limited to 'prh-dmaap-client/src/main/java')
4 files changed, 134 insertions, 13 deletions
diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/ConsumerReactiveHttpClientFactory.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/ConsumerReactiveHttpClientFactory.java index a80f1346..ece7c67b 100644 --- a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/ConsumerReactiveHttpClientFactory.java +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/ConsumerReactiveHttpClientFactory.java @@ -25,16 +25,16 @@ import org.onap.dcaegen2.services.prh.config.DmaapConsumerConfiguration; public class ConsumerReactiveHttpClientFactory { - private final DMaaPReactiveWebClientFactory reactiveWebClient; + private final DMaaPReactiveWebClientFactory reactiveWebClientFactory; - public ConsumerReactiveHttpClientFactory(DMaaPReactiveWebClientFactory reactiveWebClient) { - this.reactiveWebClient = reactiveWebClient; + public ConsumerReactiveHttpClientFactory(DMaaPReactiveWebClientFactory reactiveWebClientFactory) { + this.reactiveWebClientFactory = reactiveWebClientFactory; } public DMaaPConsumerReactiveHttpClient create(DmaapConsumerConfiguration consumerConfiguration) throws SSLException { return new DMaaPConsumerReactiveHttpClient(consumerConfiguration, - reactiveWebClient.build(consumerConfiguration)); + reactiveWebClientFactory.build(consumerConfiguration)); } } diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPPublisherReactiveHttpClient.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPPublisherReactiveHttpClient.java index b262e6e9..2b339775 100644 --- a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPPublisherReactiveHttpClient.java +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPPublisherReactiveHttpClient.java @@ -41,7 +41,6 @@ import org.springframework.web.util.DefaultUriBuilderFactory; import reactor.core.publisher.Mono; - /** * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 7/4/18 */ @@ -53,7 +52,7 @@ public class DMaaPPublisherReactiveHttpClient { private final String dmaapProtocol; private final String dmaapTopicName; private final String dmaapContentType; - private final RestTemplate restTemplate; + private final Mono<RestTemplate> restTemplateMono; /** * Constructor DMaaPPublisherReactiveHttpClient. @@ -61,13 +60,13 @@ public class DMaaPPublisherReactiveHttpClient { * @param dmaapPublisherConfiguration - DMaaP producer configuration object */ DMaaPPublisherReactiveHttpClient(DmaapPublisherConfiguration dmaapPublisherConfiguration, - RestTemplate restTemplate) { + Mono<RestTemplate> restTemplateMono) { this.dmaapHostName = dmaapPublisherConfiguration.dmaapHostName(); this.dmaapProtocol = dmaapPublisherConfiguration.dmaapProtocol(); this.dmaapPortNumber = dmaapPublisherConfiguration.dmaapPortNumber(); this.dmaapTopicName = dmaapPublisherConfiguration.dmaapTopicName(); this.dmaapContentType = dmaapPublisherConfiguration.dmaapContentType(); - this.restTemplate = restTemplate; + this.restTemplateMono = restTemplateMono; } /** @@ -81,8 +80,8 @@ public class DMaaPPublisherReactiveHttpClient { return Mono.defer(() -> { HttpEntity<String> request = new HttpEntity<>(createJsonBody(consumerDmaapModelMono), getAllHeaders()); logger.info("Request: {} {}", getUri(), request); - return Mono.just(restTemplate.exchange(getUri(), HttpMethod.POST, request, String.class)); - + return restTemplateMono.map( + restTemplate -> restTemplate.exchange(getUri(), HttpMethod.POST, request, String.class)); }); } @@ -97,7 +96,7 @@ public class DMaaPPublisherReactiveHttpClient { URI getUri() { return new DefaultUriBuilderFactory().builder().scheme(dmaapProtocol).host(dmaapHostName).port(dmaapPortNumber) - .path(dmaapTopicName).build(); + .path(dmaapTopicName).build(); } } diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DmaaPRestTemplateFactory.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DmaaPRestTemplateFactory.java new file mode 100644 index 00000000..6c1005d6 --- /dev/null +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DmaaPRestTemplateFactory.java @@ -0,0 +1,115 @@ +/* + * ============LICENSE_START======================================================= + * PNF-REGISTRATION-HANDLER + * ================================================================================ + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.dcaegen2.services.prh.service.producer; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import javax.net.ssl.SSLContext; +import org.apache.http.client.HttpClient; +import org.apache.http.conn.ssl.SSLConnectionSocketFactory; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.ssl.SSLContextBuilder; +import org.onap.dcaegen2.services.prh.config.DmaapPublisherConfiguration; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.web.client.RestTemplate; +import reactor.core.publisher.Mono; + +public class DmaaPRestTemplateFactory { + + /** + * Function for creating RestTemplate object. + * + * @param publisherConfiguration - DMaaP publisher configuration object + * @return RestTemplate with correct ssl configuration + */ + public Mono<RestTemplate> build(DmaapPublisherConfiguration publisherConfiguration) { + if (publisherConfiguration.enableDmaapCertAuth()) { + return createRestTemplateWithSslSetup(publisherConfiguration); + } + + return Mono.just(new RestTemplate()); + } + + private Mono<RestTemplate> createRestTemplateWithSslSetup(DmaapPublisherConfiguration publisherConfiguration) { + try { + RestTemplateBuilder builder = new RestTemplateBuilder(); + + SSLContext sslContext = createSslContext(publisherConfiguration, + loadPasswordFromFile(publisherConfiguration.keyStorePasswordPath()), + loadPasswordFromFile(publisherConfiguration.trustStorePasswordPath())); + + return Mono.just(builder + .requestFactory(() -> createRequestFactory(sslContext)).build()); + + } catch (GeneralSecurityException | IOException e) { + return Mono.error(e); + } + } + + private SSLContext createSslContext(DmaapPublisherConfiguration publisherConfiguration, + String keyStorePassword, String trustStorePassword) + throws IOException, GeneralSecurityException { + return new SSLContextBuilder() + .loadKeyMaterial( + keyStore(publisherConfiguration.keyStorePath(), keyStorePassword), + keyStorePassword.toCharArray()) + .loadTrustMaterial( + getFile(publisherConfiguration.trustStorePath()), trustStorePassword.toCharArray()) + .build(); + } + + private HttpComponentsClientHttpRequestFactory createRequestFactory(SSLContext sslContext) { + SSLConnectionSocketFactory socketFactory = + new SSLConnectionSocketFactory(sslContext); + HttpClient httpClient = HttpClients.custom() + .setSSLSocketFactory(socketFactory).build(); + + return new HttpComponentsClientHttpRequestFactory(httpClient); + } + + private KeyStore keyStore(String keyStoreFile, String keyStorePassword) + throws GeneralSecurityException, IOException { + KeyStore ks = KeyStore.getInstance("jks"); + ks.load(getResource(keyStoreFile), keyStorePassword.toCharArray()); + return ks; + } + + private File getFile(String fileName) { + return new File(fileName); + } + + private InputStream getResource(String fileName) throws FileNotFoundException { + return new FileInputStream(fileName); + } + + private String loadPasswordFromFile(String path) throws IOException { + return new String(Files.readAllBytes(Paths.get(path))); + } + +} diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/PublisherReactiveHttpClientFactory.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/PublisherReactiveHttpClientFactory.java index 0fc8f16a..7f97f903 100644 --- a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/PublisherReactiveHttpClientFactory.java +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/PublisherReactiveHttpClientFactory.java @@ -21,12 +21,19 @@ package org.onap.dcaegen2.services.prh.service.producer; import org.onap.dcaegen2.services.prh.config.DmaapPublisherConfiguration; -import org.springframework.web.client.RestTemplate; + public class PublisherReactiveHttpClientFactory { + private final DmaaPRestTemplateFactory restTemplateFactory; + + public PublisherReactiveHttpClientFactory(DmaaPRestTemplateFactory restTemplateFactory) { + this.restTemplateFactory = restTemplateFactory; + } + public DMaaPPublisherReactiveHttpClient create(DmaapPublisherConfiguration publisherConfiguration) { - return new DMaaPPublisherReactiveHttpClient(publisherConfiguration, new RestTemplate()); + return new DMaaPPublisherReactiveHttpClient(publisherConfiguration, + restTemplateFactory.build(publisherConfiguration)); } } |