aboutsummaryrefslogtreecommitdiffstats
path: root/rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java
diff options
context:
space:
mode:
Diffstat (limited to 'rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java')
-rw-r--r--rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java99
1 files changed, 91 insertions, 8 deletions
diff --git a/rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java b/rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java
index e3c7d2ea..2fb07501 100644
--- a/rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java
+++ b/rest-services/cbs-client/src/main/java/org/onap/dcaegen2/services/sdk/rest/services/cbs/client/model/CbsClientConfiguration.java
@@ -22,6 +22,17 @@ package org.onap.dcaegen2.services.sdk.rest.services.cbs.client.model;
import org.immutables.value.Value;
import org.jetbrains.annotations.Nullable;
+import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.api.exceptions.CbsClientConfigurationException;
+import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableTrustStoreKeys;
+import org.onap.dcaegen2.services.sdk.security.ssl.Passwords;
+import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeysStore;
+import org.onap.dcaegen2.services.sdk.security.ssl.TrustStoreKeys;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.Optional;
/**
* Immutable object which helps with construction of cloudRequestObject for specified Client. For usage take a look in
@@ -34,6 +45,16 @@ import org.jetbrains.annotations.Nullable;
*/
@Value.Immutable(prehash = true)
public interface CbsClientConfiguration {
+ Logger LOGGER = LoggerFactory.getLogger(CbsClientConfiguration.class);
+
+ String TRUST_JKS = "trust.jks";
+ String TRUST_PASS = "trust.pass";
+ Integer PORT_FOR_CBS_OVER_TLS = 10443;
+
+ /**
+ * Name of environment variable containing path to the cacert.pem file.
+ */
+ String DCAE_CA_CERT_PATH = "DCAE_CA_CERTPATH";
/**
* Name of environment variable containing Config Binding Service network hostname.
@@ -50,6 +71,7 @@ public interface CbsClientConfiguration {
*/
String ENV_APP_NAME = "HOSTNAME";
+
/**
* Name of environment variable containing Consul host name.
*
@@ -80,18 +102,25 @@ public interface CbsClientConfiguration {
@Value.Parameter
String appName();
+ @Value.Parameter
+ @Nullable
+ String protocol();
+
+ @Value.Default
+ default @Nullable TrustStoreKeys trustStoreKeys() {
+ return null;
+ }
+
@Value.Default
@Deprecated
default String consulHost() {
return "consul-server";
}
-
@Value.Default
@Deprecated
default Integer consulPort() {
return 8500;
}
-
@Value.Default
@Deprecated
default String cbsName() {
@@ -102,14 +131,68 @@ public interface CbsClientConfiguration {
* Creates CbsClientConfiguration from system environment variables.
*
* @return an instance of CbsClientConfiguration
- * @throws NullPointerException when at least one of required parameters is missing
+ * @throws CbsClientConfigurationException when at least one of required parameters is missing
*/
static CbsClientConfiguration fromEnvironment() {
- return ImmutableCbsClientConfiguration.builder()
- .consulHost(System.getenv(ENV_CONSUL_HOST))
- .hostname(System.getenv(ENV_CBS_HOSTNAME))
- .port(Integer.valueOf(System.getenv(ENV_CBS_PORT)))
- .appName(System.getenv(ENV_APP_NAME))
+ String pathToCaCert = System.getenv(DCAE_CA_CERT_PATH);
+
+ ImmutableCbsClientConfiguration.Builder configBuilder = ImmutableCbsClientConfiguration.builder()
+ .hostname(getEnv(ENV_CBS_HOSTNAME))
+ .appName(getEnv(ENV_APP_NAME));
+ return Optional.ofNullable(pathToCaCert).filter(certPath -> !"".equals(certPath))
+ .map(certPath -> createSslHttpConfig(configBuilder, certPath))
+ .orElse(createPlainHttpConfig(configBuilder));
+ }
+
+ static CbsClientConfiguration createPlainHttpConfig(ImmutableCbsClientConfiguration.Builder configBuilder) {
+ LOGGER.info("CBS client will use plain http protocol.");
+ return configBuilder
+ .protocol("http")
+ .port(Integer.valueOf(getEnv(ENV_CBS_PORT)))
+ .build();
+ }
+
+ static CbsClientConfiguration createSslHttpConfig(ImmutableCbsClientConfiguration.Builder configBuilder,
+ String pathToCaCert) {
+ LOGGER.info("CBS client will use http over TLS.");
+ return configBuilder
+ .trustStoreKeys(crateSecurityKeysFromEnvironment(createPathToJksFile(pathToCaCert)))
+ .port(PORT_FOR_CBS_OVER_TLS)
+ .protocol("https")
.build();
}
+
+ static TrustStoreKeys crateSecurityKeysFromEnvironment(String pathToCerts) {
+ LOGGER.info("Path to cert files: {}", pathToCerts + "/");
+ validateIfFilesExist(pathToCerts);
+ return ImmutableTrustStoreKeys.builder()
+ .trustStore(SecurityKeysStore.fromPath(Paths.get(pathToCerts + "/" + TRUST_JKS)))
+ .trustStorePassword(Passwords.fromPath(Paths.get(pathToCerts + "/" + TRUST_PASS)))
+ .build();
+ }
+
+ static String createPathToJksFile(String pathToCaCertPemFile) {
+ return pathToCaCertPemFile.substring(0, pathToCaCertPemFile.lastIndexOf("/"));
+ }
+
+ static String getEnv(String envName) {
+ String envValue = System.getenv(envName);
+ validateEnv(envName, envValue);
+ return envValue;
+ }
+
+ static void validateEnv(String envName, String envValue) {
+ if (envValue == null || "".equals(envValue)) {
+ throw new CbsClientConfigurationException("Cannot read " + envName + " from environment.");
+ }
+ }
+
+ static void validateIfFilesExist(String pathToFile) {
+ boolean areFilesExist = Files.exists(Paths.get(pathToFile + "/" + TRUST_JKS)) &&
+ Files.exists(Paths.get(pathToFile + "/" + TRUST_PASS));
+
+ if (!areFilesExist) {
+ throw new CbsClientConfigurationException("Required files do not exist in " + pathToFile + " directory.");
+ }
+ }
}